x86 decoder bug: data prefix on crc32 mis-parsed into illegal instr
First reported under Dr. Memory: https://github.com/DynamoRIO/drmemory/issues/1921
(gdb) set {unsigned char[400]}0x04311a0d = { 66, f2, f, 38, f1, c8, 90, 90, 90, 90 }
(gdb) x/3i 0x04311a0d
0x4311a0d: crc32w %ax,%ecx
0x4311a13: nop
0x00000000004016f8 f2 0f 38 f1 c8 crc32 %eax %ecx -> %ecx
0x00000000004016fd 66 f2 0f 38 f1 c8...?? <INVALID>
interp: invalid instr at 0x00000000004016fd
read_prefix_ext() tries to do the right thing wrt a data prefix as a modifier vs an opcode specifier (the Intel docs are vague in some cases there) there, but its initial index is constructed in what looks like the wrong order where it should consider repne_prefix before data_prefix:
int idx = (di->rep_prefix?1 :(di->data_prefix?2 :(di->repne_prefix?3 :0)));
It ends up thinking this is OP_movbe which has to take a memory dst and that's why it calls it invalid.