diff --git a/qemu/target/i386/ops_sse.h b/qemu/target/i386/ops_sse.h
index 516a6f78..57f818ee 100644
--- a/qemu/target/i386/ops_sse.h
+++ b/qemu/target/i386/ops_sse.h
@@ -2088,10 +2088,10 @@ static inline unsigned pcmpxstrx(CPUX86State *env, Reg *d, Reg *s,
             res = (2 << upper) - 1;
             break;
         }
-        for (j = valids - validd; j >= 0; j--) {
+        for (j = valids == upper ? valids : valids - validd; j >= 0; j--) {
             res <<= 1;
             v = 1;
-            for (i = validd; i >= 0; i--) {
+            for (i = MIN(valids - j, validd); i >= 0; i--) {
                 v &= (pcmp_val(s, ctrl, i + j) == pcmp_val(d, ctrl, i));
             }
             res |= v;