x86_emulate: Fix handling of RIP-relative addressing.

The handling of SHLD/SHRD introduced in 16696:b5b3e27f1af3f7 was
incorrect; thanks to Gary Grebus @ Virtual Iron for spotting it.
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>

diff --git a/xen/arch/x86/x86_emulate.c b/xen/arch/x86/x86_emulate.c
index 07bc21f4ed2e634fcc945492516c0b01941fca12..679754c7a89900d471482f88833069ba78e104f3 100644 (file)
--- a/xen/arch/x86/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate.c
@@ -1059,12 +1059,12 @@ x86_emulate(
                         ((op_bytes == 8) ? 4 : op_bytes);
                 else if ( (d & SrcMask) == SrcImmByte )
                     ea.mem.off += 1;
-                else if ( ((b == 0xf6) || (b == 0xf7)) &&
+                else if ( !twobyte && ((b & 0xfe) == 0xf6) &&
                           ((modrm_reg & 7) <= 1) )
                     /* Special case in Grp3: test has immediate operand. */
                     ea.mem.off += (d & ByteOp) ? 1
                         : ((op_bytes == 8) ? 4 : op_bytes);
-                else if ( (b == 0xf7) == 0xa4 )
+                else if ( twobyte && ((b & 0xf7) == 0xa4) )
                     /* SHLD/SHRD with immediate byte third operand. */
                     ea.mem.off++;
                 break;