Incorrect decoding of PSHUFLW/PSHUFHW

Created by: dvyukov

Describe the bug

Decoding 4d 49 41 f3 f3 f2 4b 0f 70 76 00 ff with drdecode gives:

pshufhw 0x00(%r14)[16byte] $0xff -> %xmm6

executing this instruction with %r14 pointing to memory region with 0x00, 0x01, 0x02, ... bytes should result in: XMM6=0x0f0e0f0e0f0e0f0e706050403020100 But executing it on a CPU gives: XMM6=0x0f0e0d0c0b0a09080706070607060706

Decoding the instruction with other decoders suggests it's a different instruction:

echo -en " 0x4d 0x49 0x41 0xf3 0xf3 0xf2 0x4b 0x0f 0x70 0x76 0x00 0xff" | llvm-mc --disassemble -
	rep
	pshuflw	$255, (%r14), %xmm6             # xmm6 = mem[3,3,3,3,4,5,6,7]

echo -en "\x4d\x49\x41\xf3\xf3\xf2\x4b\x0f\x70\x76\x00\xff" > /tmp/bin | objdump -mi386 -Mx86-64 -b binary -D /tmp/bin
00000000 <.data>:
   0:	4d                   	rex.WRB
   1:	49                   	rex.WB
   2:	41                   	rex.B
   3:	f3 f3 f2 4b 0f 70 76 	repz repz rex.WXB pshuflw $0xff,0x0(%r14),%xmm6
   a:	00 ff 

PSHUFLW would indeed produce the result that agrees with actual CPU execution.

Expected behavior

Decode the instruction as PSHUFLW.

Versions

• What version of DynamoRIO are you using? 6e69f2a9

• Does the latest build from https://github.com/DynamoRIO/dynamorio/releases solve the problem? Did not try, but there are only 3 commits that don't look relevant.