From 5364285240737423a4d6368aba803a031d293b95 Mon Sep 17 00:00:00 2001
From: Jan Beulich <jbeulich@suse.com>
Date: Thu, 25 Mar 2021 08:19:21 +0100
Subject: [PATCH] x86: flag as bad AVX512 insns with EVEX.z set but EVEX.aaa
 clear

This combination makes no sense and is documented to cause #UD.
---
 gas/ChangeLog                           | 6 ++++++
 gas/testsuite/gas/i386/avx512f-nondef.d | 4 +++-
 gas/testsuite/gas/i386/avx512f-nondef.s | 2 ++
 opcodes/ChangeLog                       | 5 +++++
 opcodes/i386-dis.c                      | 7 +++++++
 5 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/gas/ChangeLog b/gas/ChangeLog
index 0c99e5179b7..02cef3c5593 100644
--- a/gas/ChangeLog
+++ b/gas/ChangeLog
@@ -1,3 +1,9 @@
+2021-03-25  Jan Beulich  <jbeulich@suse.com>
+
+	* testsuite/gas/i386/avx512f-nondef.s: Add case for EVEX.z
+	without mask register.
+	* testsuite/gas/i386/avx512f-nondef.d: Adjust expectations.
+
 2021-03-25  Jan Beulich  <jbeulich@suse.com>
 
 	* config/tc-i386.c (md_assemble): Widen set of insns to avoid
diff --git a/gas/testsuite/gas/i386/avx512f-nondef.d b/gas/testsuite/gas/i386/avx512f-nondef.d
index d768b7c27e4..6a9c5d375ac 100644
--- a/gas/testsuite/gas/i386/avx512f-nondef.d
+++ b/gas/testsuite/gas/i386/avx512f-nondef.d
@@ -1,6 +1,6 @@
 #as: 
 #objdump: -dw
-#name: i386 AVX512F insns with nondefault values in ignored bits
+#name: i386 AVX512F insns with nondefault values in ignored / reserved bits
 
 .*: +file format .*
 
@@ -16,4 +16,6 @@ Disassembly of section .text:
 [ 	]*[a-f0-9]+:	62                   	vpmovdb %zmm6,\(bad\)
 [ 	]*[a-f0-9]+:	f2 7e 58             	bnd jle (0x7d|7d <.text\+0x7d>)
 [ 	]*[a-f0-9]+:	31 72 7f             	xor    %esi,0x7f\(%edx\)
+[ 	]*[a-f0-9]+:	62 f1 7c 88 58       	\(bad\)
+[ 	]*[a-f0-9]+:	c3                   	ret *
 #pass
diff --git a/gas/testsuite/gas/i386/avx512f-nondef.s b/gas/testsuite/gas/i386/avx512f-nondef.s
index 255d2c931f1..b8b14fdf145 100644
--- a/gas/testsuite/gas/i386/avx512f-nondef.s
+++ b/gas/testsuite/gas/i386/avx512f-nondef.s
@@ -13,3 +13,5 @@
 .byte 0x62, 0xf2, 0x7e, 0x48, 0x31, 0x72, 0x7f
 # vpmovdb	%zmm6, 2032(%rdx) # with set EVEX.B bit - we should get (bad) operand
 .byte 0x62, 0xf2, 0x7e, 0x58, 0x31, 0x72, 0x7f
+# vaddps xmm0, xmm0, xmm3 # with EVEX.z set
+.byte 0x62, 0xf1, 0x7c, 0x88, 0x58, 0xc3
diff --git a/opcodes/ChangeLog b/opcodes/ChangeLog
index bd02d2bfbfe..a4c880b16dc 100644
--- a/opcodes/ChangeLog
+++ b/opcodes/ChangeLog
@@ -1,3 +1,8 @@
+2021-03-25  Jan Beulich  <jbeulich@suse.com>
+
+	* i386-dis.c (print_insn): Mark as bad EVEX encodings specifying
+	zeroing-masking without masking.
+
 2021-03-25  Jan Beulich  <jbeulich@suse.com>
 
 	* i386-opc.tbl (invlpgb): Fix multi-operand form.
diff --git a/opcodes/i386-dis.c b/opcodes/i386-dis.c
index 9e5c412fa4a..00ed251eca7 100644
--- a/opcodes/i386-dis.c
+++ b/opcodes/i386-dis.c
@@ -9739,6 +9739,13 @@ print_insn (bfd_vma pc, disassemble_info *info)
       return end_codep - priv.the_buffer;
     }
 
+  /* If EVEX.z is set, there must be an actual mask register in use.  */
+  if (vex.zeroing && vex.mask_register_specifier == 0)
+    {
+      (*info->fprintf_func) (info->stream, "(bad)");
+      return end_codep - priv.the_buffer;
+    }
+
   switch (dp->prefix_requirement)
     {
     case PREFIX_DATA:
-- 
2.30.2