From 6e1c90b7f5d60aedc547dd84873d1c9291eefcdc Mon Sep 17 00:00:00 2001
From: "H.J. Lu" <hjl.tools@gmail.com>
Date: Mon, 17 Jun 2019 10:20:04 -0700
Subject: [PATCH] i386: Check vector length for vshufXXX/vinsertXXX/vextractXXX

Since not all vector lengths are supported by vshufXXX, vinsertXXX and
vextractXXX, decode them only with supported vector lengths.

gas/

	PR binutils/24691
	* testsuite/gas/i386/disassem.s: Add test for vshuff32x4 with
	invalid vector length.
	* testsuite/gas/i386/x86-64-disassem.s: Likewise.
	* testsuite/gas/i386/disassem.d: Updated.
	* testsuite/gas/i386/x86-64-disassem.d: Likewise.

opcodes/

	PR binutils/24691
	* i386-dis-evex.h (evex_table): Update EVEX_W_0F3A23_P_2,
	EVEX_W_0F3A38_P_2, EVEX_W_0F3A39_P_2, EVEX_W_0F3A3A_P_2,
	EVEX_W_0F3A3B_P_2 and EVEX_W_0F3A43_P_2.
	(evex_len_table): Add EVEX_LEN_0F3A23_P_2_W_0,
	EVEX_LEN_0F3A23_P_2_W_1, EVEX_LEN_0F3A38_P_2_W_0,
	EVEX_LEN_0F3A38_P_2_W_1, EVEX_LEN_0F3A39_P_2_W_0,
	EVEX_LEN_0F3A39_P_2_W_1, EVEX_LEN_0F3A3A_P_2_W_0,
	EVEX_LEN_0F3A3A_P_2_W_1, EVEX_LEN_0F3A3B_P_2_W_0,
	EVEX_LEN_0F3A3B_P_2_W_1, EVEX_LEN_0F3A43_P_2_W_0 and
	EVEX_LEN_0F3A43_P_2_W_1.
	* i386-dis.c (EVEX_LEN_0F3A23_P_2_W_0): New enum.
	(EVEX_LEN_0F3A23_P_2_W_1): Likewise.
	(EVEX_LEN_0F3A38_P_2_W_0): Likewise.
	(EVEX_LEN_0F3A38_P_2_W_1): Likewise.
	(EVEX_LEN_0F3A39_P_2_W_0): Likewise.
	(EVEX_LEN_0F3A39_P_2_W_1): Likewise.
	(EVEX_LEN_0F3A3A_P_2_W_0): Likewise.
	(EVEX_LEN_0F3A3A_P_2_W_1): Likewise.
	(EVEX_LEN_0F3A3B_P_2_W_0): Likewise.
	(EVEX_LEN_0F3A3B_P_2_W_1): Likewise.
	(EVEX_LEN_0F3A43_P_2_W_0): Likewise.
	(EVEX_LEN_0F3A43_P_2_W_1): Likewise.
---
 gas/ChangeLog                            |   9 +++
 gas/testsuite/gas/i386/disassem.d        |   4 +-
 gas/testsuite/gas/i386/disassem.s        |   2 +
 gas/testsuite/gas/i386/x86-64-disassem.d |   4 +-
 gas/testsuite/gas/i386/x86-64-disassem.s |   2 +
 opcodes/ChangeLog                        |  26 ++++++++
 opcodes/i386-dis-evex.h                  | 108 +++++++++++++++++++++++++++----
 opcodes/i386-dis.c                       |  14 +++-
 8 files changed, 154 insertions(+), 15 deletions(-)

diff --git a/gas/ChangeLog b/gas/ChangeLog
index 0cf119d..c7ed06e 100644
--- a/gas/ChangeLog
+++ b/gas/ChangeLog
@@ -1,3 +1,12 @@
+2019-06-17  H.J. Lu  <hongjiu.lu@intel.com>
+
+	PR binutils/24691
+	* testsuite/gas/i386/disassem.s: Add test for vshuff32x4 with
+	invalid vector length.
+	* testsuite/gas/i386/x86-64-disassem.s: Likewise.
+	* testsuite/gas/i386/disassem.d: Updated.
+	* testsuite/gas/i386/x86-64-disassem.d: Likewise.
+
 2019-06-14  Alan Modra  <amodra@gmail.com>
 
 	* Makefile.in: Regenerate.
diff --git a/gas/testsuite/gas/i386/disassem.d b/gas/testsuite/gas/i386/disassem.d
index 530e3a1..27f37b6 100644
--- a/gas/testsuite/gas/i386/disassem.d
+++ b/gas/testsuite/gas/i386/disassem.d
@@ -347,6 +347,8 @@ Disassembly of section \.text:
 [ 	]*[a-f0-9]+:[ 	]*62 f2 ad 08 1c[ 	]*\(bad\)[ ]*
 [ 	]*[a-f0-9]+:[ 	]*01 01[ 	]*add[ 	]*%eax,\(%ecx\)
 [ 	]*[a-f0-9]+:[ 	]*62 f3 7d 28 1b[ 	]*\(bad\)[ ]*
-[ 	]*[a-f0-9]+:[ 	]*c8[ 	]*.byte[ 	]*0xc8
+[ 	]*[a-f0-9]+:[ 	]*c8 25 62 f3[ 	]*enter[ ]*\$0x6225,\$0xf3
+[ 	]*[a-f0-9]+:[ 	]*62 f3 75 08 23[ 	]*\(bad\)[ ]*
+[ 	]*[a-f0-9]+:[ 	]*c2[ 	]*.byte[ 	]*0xc2
 [ 	]*[a-f0-9]+:[ 	]*25[ 	]*.byte[ 	]*0x25
 #pass
diff --git a/gas/testsuite/gas/i386/disassem.s b/gas/testsuite/gas/i386/disassem.s
index 00eeb39..d330018 100644
--- a/gas/testsuite/gas/i386/disassem.s
+++ b/gas/testsuite/gas/i386/disassem.s
@@ -171,3 +171,5 @@
 .byte 0x62, 0xf2, 0xad, 0x08, 0x1c, 0x01
 .byte 0x1
 .byte 0x62, 0xf3, 0x7d, 0x28, 0x1b, 0xc8, 0x25
+.byte 0x62, 0xf3
+.byte 0x62, 0xf3, 0x75, 0x08, 0x23, 0xc2, 0x25
diff --git a/gas/testsuite/gas/i386/x86-64-disassem.d b/gas/testsuite/gas/i386/x86-64-disassem.d
index a7c2c3e..3dcbc10 100644
--- a/gas/testsuite/gas/i386/x86-64-disassem.d
+++ b/gas/testsuite/gas/i386/x86-64-disassem.d
@@ -346,6 +346,8 @@ Disassembly of section \.text:
 [ 	]*[a-f0-9]+:[ 	]*62 72 ad 08 1c[ 	]*\(bad\)[ ]*
 [ 	]*[a-f0-9]+:[ 	]*01 01[ 	]*add[ 	]*%eax,\(%rcx\)
 [ 	]*[a-f0-9]+:[ 	]*62 f3 7d 28 1b[ 	]*\(bad\)[ ]*
-[ 	]*[a-f0-9]+:[ 	]*c8[ 	]*.byte[ 	]*0xc8
+[ 	]*[a-f0-9]+:[ 	]*c8 25 62 f3[ 	]*enterq[ ]*\$0x6225,\$0xf3
+[ 	]*[a-f0-9]+:[ 	]*62 f3 75 08 23[ 	]*\(bad\)[ ]*
+[ 	]*[a-f0-9]+:[ 	]*c2[ 	]*.byte[ 	]*0xc2
 [ 	]*[a-f0-9]+:[ 	]*25[ 	]*.byte[ 	]*0x25
 #pass
diff --git a/gas/testsuite/gas/i386/x86-64-disassem.s b/gas/testsuite/gas/i386/x86-64-disassem.s
index ef4e87d..7535052 100644
--- a/gas/testsuite/gas/i386/x86-64-disassem.s
+++ b/gas/testsuite/gas/i386/x86-64-disassem.s
@@ -171,3 +171,5 @@
 .byte 0x62, 0x72, 0xad, 0x08, 0x1c, 0x01
 .byte 0x1
 .byte 0x62, 0xf3, 0x7d, 0x28, 0x1b, 0xc8, 0x25
+.byte 0x62, 0xf3
+.byte 0x62, 0xf3, 0x75, 0x08, 0x23, 0xc2, 0x25
diff --git a/opcodes/ChangeLog b/opcodes/ChangeLog
index aa9562c..b76a899 100644
--- a/opcodes/ChangeLog
+++ b/opcodes/ChangeLog
@@ -1,3 +1,29 @@
+2019-06-17  H.J. Lu  <hongjiu.lu@intel.com>
+
+	PR binutils/24691
+	* i386-dis-evex.h (evex_table): Update EVEX_W_0F3A23_P_2,
+	EVEX_W_0F3A38_P_2, EVEX_W_0F3A39_P_2, EVEX_W_0F3A3A_P_2,
+	EVEX_W_0F3A3B_P_2 and EVEX_W_0F3A43_P_2.
+	(evex_len_table): Add EVEX_LEN_0F3A23_P_2_W_0,
+	EVEX_LEN_0F3A23_P_2_W_1, EVEX_LEN_0F3A38_P_2_W_0,
+	EVEX_LEN_0F3A38_P_2_W_1, EVEX_LEN_0F3A39_P_2_W_0,
+	EVEX_LEN_0F3A39_P_2_W_1, EVEX_LEN_0F3A3A_P_2_W_0,
+	EVEX_LEN_0F3A3A_P_2_W_1, EVEX_LEN_0F3A3B_P_2_W_0,
+	EVEX_LEN_0F3A3B_P_2_W_1, EVEX_LEN_0F3A43_P_2_W_0 and
+	EVEX_LEN_0F3A43_P_2_W_1.
+	* i386-dis.c (EVEX_LEN_0F3A23_P_2_W_0): New enum.
+	(EVEX_LEN_0F3A23_P_2_W_1): Likewise.
+	(EVEX_LEN_0F3A38_P_2_W_0): Likewise.
+	(EVEX_LEN_0F3A38_P_2_W_1): Likewise.
+	(EVEX_LEN_0F3A39_P_2_W_0): Likewise.
+	(EVEX_LEN_0F3A39_P_2_W_1): Likewise.
+	(EVEX_LEN_0F3A3A_P_2_W_0): Likewise.
+	(EVEX_LEN_0F3A3A_P_2_W_1): Likewise.
+	(EVEX_LEN_0F3A3B_P_2_W_0): Likewise.
+	(EVEX_LEN_0F3A3B_P_2_W_1): Likewise.
+	(EVEX_LEN_0F3A43_P_2_W_0): Likewise.
+	(EVEX_LEN_0F3A43_P_2_W_1): Likewise.
+
 2019-06-14  Nick Clifton  <nickc@redhat.com>
 
 	* po/fr.po; Updated French translation.
diff --git a/opcodes/i386-dis-evex.h b/opcodes/i386-dis-evex.h
index 0003e77..f34f8bc 100644
--- a/opcodes/i386-dis-evex.h
+++ b/opcodes/i386-dis-evex.h
@@ -3940,28 +3940,28 @@ static const struct dis386 evex_table[][256] = {
   },
   /* EVEX_W_0F3A23_P_2 */
   {
-    { "vshuff32x4",	{ XM, Vex, EXx, Ib }, 0 },
-    { "vshuff64x2",	{ XM, Vex, EXx, Ib }, 0 },
+    { EVEX_LEN_TABLE (EVEX_LEN_0F3A23_P_2_W_0) },
+    { EVEX_LEN_TABLE (EVEX_LEN_0F3A23_P_2_W_1) },
   },
   /* EVEX_W_0F3A38_P_2 */
   {
-    { "vinserti32x4",	{ XM, Vex, EXxmm, Ib }, 0 },
-    { "vinserti64x2",	{ XM, Vex, EXxmm, Ib }, 0 },
+    { EVEX_LEN_TABLE (EVEX_LEN_0F3A38_P_2_W_0) },
+    { EVEX_LEN_TABLE (EVEX_LEN_0F3A38_P_2_W_1) },
   },
   /* EVEX_W_0F3A39_P_2 */
   {
-    { "vextracti32x4",	{ EXxmm, XM, Ib }, 0 },
-    { "vextracti64x2",	{ EXxmm, XM, Ib }, 0 },
+    { EVEX_LEN_TABLE (EVEX_LEN_0F3A39_P_2_W_0) },
+    { EVEX_LEN_TABLE (EVEX_LEN_0F3A39_P_2_W_1) },
   },
   /* EVEX_W_0F3A3A_P_2 */
   {
-    { "vinserti32x8",	{ XM, Vex, EXxmmq, Ib }, 0 },
-    { "vinserti64x4",	{ XM, Vex, EXxmmq, Ib }, 0 },
+    { EVEX_LEN_TABLE (EVEX_LEN_0F3A3A_P_2_W_0) },
+    { EVEX_LEN_TABLE (EVEX_LEN_0F3A3A_P_2_W_1) },
   },
   /* EVEX_W_0F3A3B_P_2 */
   {
-    { "vextracti32x8",	{ EXxmmq, XM, Ib }, 0 },
-    { "vextracti64x4",	{ EXxmmq, XM, Ib }, 0 },
+    { EVEX_LEN_TABLE (EVEX_LEN_0F3A3B_P_2_W_0) },
+    { EVEX_LEN_TABLE (EVEX_LEN_0F3A3B_P_2_W_1) },
   },
   /* EVEX_W_0F3A3E_P_2 */
   {
@@ -3979,8 +3979,8 @@ static const struct dis386 evex_table[][256] = {
   },
   /* EVEX_W_0F3A43_P_2 */
   {
-    { "vshufi32x4",	{ XM, Vex, EXx, Ib }, 0 },
-    { "vshufi64x2",	{ XM, Vex, EXx, Ib }, 0 },
+    { EVEX_LEN_TABLE (EVEX_LEN_0F3A43_P_2_W_0) },
+    { EVEX_LEN_TABLE (EVEX_LEN_0F3A43_P_2_W_1) },
   },
   /* EVEX_W_0F3A50_P_2 */
   {
@@ -4185,4 +4185,88 @@ static const struct dis386 evex_table[][256] = {
     { "vextractf64x4",	{ EXxmmq, XM, Ib }, 0 },
   },
 
+  /* EVEX_LEN_0F3A23_P_2_W_0 */
+  {
+    { Bad_Opcode },
+    { "vshuff32x4",	{ XM, Vex, EXx, Ib }, 0 },
+    { "vshuff32x4",	{ XM, Vex, EXx, Ib }, 0 },
+  },
+
+  /* EVEX_LEN_0F3A23_P_2_W_1 */
+  {
+    { Bad_Opcode },
+    { "vshuff64x2",	{ XM, Vex, EXx, Ib }, 0 },
+    { "vshuff64x2",	{ XM, Vex, EXx, Ib }, 0 },
+  },
+
+  /* EVEX_LEN_0F3A38_P_2_W_0 */
+  {
+    { Bad_Opcode },
+    { "vinserti32x4",	{ XM, Vex, EXxmm, Ib }, 0 },
+    { "vinserti32x4",	{ XM, Vex, EXxmm, Ib }, 0 },
+  },
+
+  /* EVEX_LEN_0F3A38_P_2_W_1 */
+  {
+    { Bad_Opcode },
+    { "vinserti64x2",	{ XM, Vex, EXxmm, Ib }, 0 },
+    { "vinserti64x2",	{ XM, Vex, EXxmm, Ib }, 0 },
+  },
+
+  /* EVEX_LEN_0F3A39_P_2_W_0 */
+  {
+    { Bad_Opcode },
+    { "vextracti32x4",	{ EXxmm, XM, Ib }, 0 },
+    { "vextracti32x4",	{ EXxmm, XM, Ib }, 0 },
+  },
+
+  /* EVEX_LEN_0F3A39_P_2_W_1 */
+  {
+    { Bad_Opcode },
+    { "vextracti64x2",	{ EXxmm, XM, Ib }, 0 },
+    { "vextracti64x2",	{ EXxmm, XM, Ib }, 0 },
+  },
+
+  /* EVEX_LEN_0F3A3A_P_2_W_0 */
+  {
+    { Bad_Opcode },
+    { "vinserti32x8",	{ XM, Vex, EXxmmq, Ib }, 0 },
+    { "vinserti32x8",	{ XM, Vex, EXxmmq, Ib }, 0 },
+  },
+
+  /* EVEX_LEN_0F3A3A_P_2_W_1 */
+  {
+    { Bad_Opcode },
+    { "vinserti64x4",	{ XM, Vex, EXxmmq, Ib }, 0 },
+    { "vinserti64x4",	{ XM, Vex, EXxmmq, Ib }, 0 },
+  },
+
+  /* EVEX_LEN_0F3A3B_P_2_W_0 */
+  {
+    { Bad_Opcode },
+    { "vextracti32x8",	{ EXxmmq, XM, Ib }, 0 },
+    { "vextracti32x8",	{ EXxmmq, XM, Ib }, 0 },
+  },
+
+  /* EVEX_LEN_0F3A3B_P_2_W_1 */
+  {
+    { Bad_Opcode },
+    { "vextracti64x4",	{ EXxmmq, XM, Ib }, 0 },
+    { "vextracti64x4",	{ EXxmmq, XM, Ib }, 0 },
+  },
+
+  /* EVEX_LEN_0F3A43_P_2_W_0 */
+  {
+    { Bad_Opcode },
+    { "vshufi32x4",	{ XM, Vex, EXx, Ib }, 0 },
+    { "vshufi32x4",	{ XM, Vex, EXx, Ib }, 0 },
+  },
+
+  /* EVEX_LEN_0F3A43_P_2_W_1 */
+  {
+    { Bad_Opcode },
+    { "vshufi64x2",	{ XM, Vex, EXx, Ib }, 0 },
+    { "vshufi64x2",	{ XM, Vex, EXx, Ib }, 0 },
+  },
+
 #endif /* NEED_EVEX_LEN_TABLE */
diff --git a/opcodes/i386-dis.c b/opcodes/i386-dis.c
index 5d1bd6b..496b8f2 100644
--- a/opcodes/i386-dis.c
+++ b/opcodes/i386-dis.c
@@ -1945,7 +1945,19 @@ enum
   EVEX_LEN_0F3A1A_P_2_W_0,
   EVEX_LEN_0F3A1A_P_2_W_1,
   EVEX_LEN_0F3A1B_P_2_W_0,
-  EVEX_LEN_0F3A1B_P_2_W_1
+  EVEX_LEN_0F3A1B_P_2_W_1,
+  EVEX_LEN_0F3A23_P_2_W_0,
+  EVEX_LEN_0F3A23_P_2_W_1,
+  EVEX_LEN_0F3A38_P_2_W_0,
+  EVEX_LEN_0F3A38_P_2_W_1,
+  EVEX_LEN_0F3A39_P_2_W_0,
+  EVEX_LEN_0F3A39_P_2_W_1,
+  EVEX_LEN_0F3A3A_P_2_W_0,
+  EVEX_LEN_0F3A3A_P_2_W_1,
+  EVEX_LEN_0F3A3B_P_2_W_0,
+  EVEX_LEN_0F3A3B_P_2_W_1,
+  EVEX_LEN_0F3A43_P_2_W_0,
+  EVEX_LEN_0F3A43_P_2_W_1
 };
 
 enum
-- 
2.7.4