Fixed mask handling for instructions without masks

mappzor · mappzor · commit 9780bc3cdc82 · 2026-05-30T20:44:19.000+02:00
diff --git a/src/Decoder.c b/src/Decoder.c
@@ -2809,7 +2809,7 @@ static void ZydisSetAVXInformation(ZydisDecoderContext* context,
         }
 
         // Mask
-        instruction->avx.mask.reg = ZYDIS_REGISTER_K0 + instruction->raw.evex.aaa;
+        instruction->avx.mask.reg = ZYDIS_REGISTER_K0 + context->vector_unified.mask;
         switch (def->mask_override)
         {
         case ZYDIS_MASK_OVERRIDE_DEFAULT:
@@ -2824,7 +2824,7 @@ static void ZydisSetAVXInformation(ZydisDecoderContext* context,
         default:
             ZYAN_UNREACHABLE;
         }
-        if (!instruction->raw.evex.aaa)
+        if (!context->vector_unified.mask)
         {
             instruction->avx.mask.mode = ZYDIS_MASK_MODE_DISABLED;
         }
@@ -3129,8 +3129,17 @@ static void ZydisSetAVXInformation(ZydisDecoderContext* context,
         }
 
         // Mask
-        instruction->avx.mask.mode = ZYDIS_MASK_MODE_MERGING;
-        instruction->avx.mask.reg = ZYDIS_REGISTER_K0 + instruction->raw.mvex.kkk;
+        if (def->mask_policy == ZYDIS_MASK_POLICY_ALLOWED)
+        {
+            instruction->avx.mask.mode = ZYDIS_MASK_MODE_MERGING;
+            instruction->avx.mask.reg = ZYDIS_REGISTER_K0 + context->vector_unified.mask;
+        }
+        else
+        {
+            ZYAN_ASSERT(def->mask_policy == ZYDIS_MASK_POLICY_INVALID);
+            instruction->avx.mask.mode = ZYDIS_MASK_MODE_NONE;
+            instruction->avx.mask.reg = ZYDIS_REGISTER_K0;
+        }
 #else
         ZYAN_UNREACHABLE;
 #endif
@@ -4379,6 +4388,8 @@ static ZyanStatus ZydisNodeHandlerEvexNF(ZydisDecoderContext* context,
         return ZYDIS_STATUS_DECODING_ERROR;
     }
 
+    context->vector_unified.mask = 0;
+
     *index = instruction->raw.evex.NF;
     return ZYAN_STATUS_SUCCESS;
 }
@@ -4409,6 +4420,7 @@ static ZyanStatus ZydisNodeHandlerEvexSCC(ZydisDecoderContext* context,
 
     context->vector_unified.vvvv = (~context->vector_unified.vvvv) & 0x0F;
     context->vector_unified.V4   = 0;
+    context->vector_unified.mask = 0;
 
     instruction->apx.scc = ZYDIS_SCC_O + instruction->raw.evex.SCC;
 
diff --git a/tests/cases/default_054.in b/tests/cases/default_054.in
@@ -0,0 +1 @@
+-64 62ECFC1444CA
diff --git a/tests/cases/default_054.out b/tests/cases/default_054.out
@@ -0,0 +1,53 @@
+== [    BASIC ] ============================================================================================
+   MNEMONIC: ccmpz [ENC: EVEX, MAP: MAP4, OPC: 0x39]
+     LENGTH:  6
+        SSZ: 64
+       EOSZ: 64
+       EASZ: 64
+   CATEGORY: APX
+    ISA-SET: APX_F
+    ISA-EXT: APXEVEX
+ EXCEPTIONS: APX_EVEX_CCMP
+ ATTRIBUTES: HAS_MODRM HAS_EVEX CPUFLAG_ACCESS HAS_EEVEX 
+  OPTIMIZED: 62 EC AC 04 39 C8 
+
+== [ OPERANDS ] ============================================================================================
+##       TYPE  VISIBILITY  ACTION      ENCODING   SIZE  NELEM  ELEMSZ  ELEMTYPE                        VALUE
+--  ---------  ----------  ------  ------------   ----  -----  ------  --------  ---------------------------
+ 0   REGISTER    EXPLICIT       R      MODRM_RM     64      1      64       INT                          r16
+ 1   REGISTER    EXPLICIT       R     MODRM_REG     64      1      64       INT                          r17
+ 2   REGISTER      HIDDEN       W          NONE     64     64       1       INT                       rflags
+--  ---------  ----------  ------  ------------   ----  -----  ------  --------  ---------------------------
+
+== [    FLAGS ] ============================================================================================
+    ACTIONS: [CF  : M  ] [PF  : M  ] [AF  : M  ] [ZF  : M  ] [SF  : M  ] [OF  : M  ] 
+       READ: 0x00000000
+    WRITTEN: 0x000008D5
+
+== [      AVX ] ============================================================================================
+  VECTORLEN: 128
+  BROADCAST: NONE
+   ROUNDING: NONE
+        SAE: N
+       MASK: k0 [DISABLED]
+
+== [      APX ] ============================================================================================
+  USES_EGPR: Y
+     HAS_NF: N
+     HAS_ZU: N
+        SCC: Z
+        DFV: CF SF 
+
+== [      ATT ] ============================================================================================
+   ABSOLUTE: ccmpz $5, %r17, %r16
+   RELATIVE: ccmpz $5, %r17, %r16
+
+== [    INTEL ] ============================================================================================
+   ABSOLUTE: ccmpz {dfv=cf, sf} r16, r17
+   RELATIVE: ccmpz {dfv=cf, sf} r16, r17
+
+== [ SEGMENTS ] ============================================================================================
+62 EC AC 04 39 C8 
+:           :  :..MODRM
+:           :..OPCODE
+:..EVEX
diff --git a/tests/cases/default_055.in b/tests/cases/default_055.in
@@ -0,0 +1 @@
+-64 6274FC0C01D0
diff --git a/tests/cases/default_055.out b/tests/cases/default_055.out
@@ -0,0 +1,53 @@
+== [    BASIC ] ============================================================================================
+   MNEMONIC: cfcmovz [ENC: EVEX, MAP: MAP4, OPC: 0x44]
+     LENGTH:  6
+        SSZ: 64
+       EOSZ: 64
+       EASZ: 64
+   CATEGORY: APX
+    ISA-SET: APX_F
+    ISA-EXT: APXEVEX
+ EXCEPTIONS: APX_EVEX_CFCMOV
+ ATTRIBUTES: HAS_MODRM HAS_EVEX CPUFLAG_ACCESS HAS_EEVEX 
+  OPTIMIZED: 62 EC FC 14 44 CA 
+
+== [ OPERANDS ] ============================================================================================
+##       TYPE  VISIBILITY  ACTION      ENCODING   SIZE  NELEM  ELEMSZ  ELEMTYPE                        VALUE
+--  ---------  ----------  ------  ------------   ----  -----  ------  --------  ---------------------------
+ 0   REGISTER    EXPLICIT       W        NDSNDD     64      1      64       INT                          r16
+ 1   REGISTER    EXPLICIT       R     MODRM_REG     64      1      64       INT                          r17
+ 2   REGISTER    EXPLICIT       R      MODRM_RM     64      1      64       INT                          r18
+ 3   REGISTER      HIDDEN       R          NONE     64     64       1       INT                       rflags
+--  ---------  ----------  ------  ------------   ----  -----  ------  --------  ---------------------------
+
+== [    FLAGS ] ============================================================================================
+    ACTIONS: [ZF  : T  ] 
+       READ: 0x00000040
+    WRITTEN: 0x00000000
+
+== [      AVX ] ============================================================================================
+  VECTORLEN: 128
+  BROADCAST: NONE
+   ROUNDING: NONE
+        SAE: N
+       MASK: k0 [DISABLED]
+
+== [      APX ] ============================================================================================
+  USES_EGPR: Y
+     HAS_NF: N
+     HAS_ZU: N
+        SCC: NONE
+
+== [      ATT ] ============================================================================================
+   ABSOLUTE: cfcmovz %r18, %r17, %r16
+   RELATIVE: cfcmovz %r18, %r17, %r16
+
+== [    INTEL ] ============================================================================================
+   ABSOLUTE: cfcmovz r16, r17, r18
+   RELATIVE: cfcmovz r16, r17, r18
+
+== [ SEGMENTS ] ============================================================================================
+62 EC FC 14 44 CA 
+:           :  :..MODRM
+:           :..OPCODE
+:..EVEX
diff --git a/tests/cases/default_056.in b/tests/cases/default_056.in
@@ -0,0 +1 @@
+-64 6272FC0CF2C3
diff --git a/tests/cases/default_056.out b/tests/cases/default_056.out
@@ -0,0 +1,46 @@
+== [    BASIC ] ============================================================================================
+   MNEMONIC: add [ENC: EVEX, MAP: MAP4, OPC: 0x01]
+     LENGTH:  6
+        SSZ: 64
+       EOSZ: 64
+       EASZ: 64
+   CATEGORY: BINARY
+    ISA-SET: APX_F
+    ISA-EXT: APXEVEX
+ EXCEPTIONS: APX_EVEX_INT
+ ATTRIBUTES: HAS_MODRM HAS_EVEX HAS_EEVEX 
+  OPTIMIZED: 62 74 FC 0C 01 D0 
+
+== [ OPERANDS ] ============================================================================================
+##       TYPE  VISIBILITY  ACTION      ENCODING   SIZE  NELEM  ELEMSZ  ELEMTYPE                        VALUE
+--  ---------  ----------  ------  ------------   ----  -----  ------  --------  ---------------------------
+ 0   REGISTER    EXPLICIT      RW      MODRM_RM     64      1      64       INT                          rax
+ 1   REGISTER    EXPLICIT       R     MODRM_REG     64      1      64       INT                          r10
+--  ---------  ----------  ------  ------------   ----  -----  ------  --------  ---------------------------
+
+== [      AVX ] ============================================================================================
+  VECTORLEN: 128
+  BROADCAST: NONE
+   ROUNDING: NONE
+        SAE: N
+       MASK: k0 [DISABLED]
+
+== [      APX ] ============================================================================================
+  USES_EGPR: N
+     HAS_NF: Y
+     HAS_ZU: N
+        SCC: NONE
+
+== [      ATT ] ============================================================================================
+   ABSOLUTE: addnf %r10, %rax
+   RELATIVE: addnf %r10, %rax
+
+== [    INTEL ] ============================================================================================
+   ABSOLUTE: {nf} add rax, r10
+   RELATIVE: {nf} add rax, r10
+
+== [ SEGMENTS ] ============================================================================================
+62 74 FC 0C 01 D0 
+:           :  :..MODRM
+:           :..OPCODE
+:..EVEX
diff --git a/tests/cases/default_057.in b/tests/cases/default_057.in
@@ -0,0 +1 @@
+-64 6272FC0CF2C3
diff --git a/tests/cases/default_057.out b/tests/cases/default_057.out
@@ -0,0 +1,47 @@
+== [    BASIC ] ============================================================================================
+   MNEMONIC: andn [ENC: EVEX, MAP: 0F38, OPC: 0xF2]
+     LENGTH:  6
+        SSZ: 64
+       EOSZ: 64
+       EASZ: 64
+   CATEGORY: BMI1
+    ISA-SET: APX_F_BMI1
+    ISA-EXT: APXEVEX
+ EXCEPTIONS: APX_EVEX_BMI
+ ATTRIBUTES: HAS_MODRM HAS_EVEX HAS_EEVEX 
+  OPTIMIZED: 62 72 FC 0C F2 C3 
+
+== [ OPERANDS ] ============================================================================================
+##       TYPE  VISIBILITY  ACTION      ENCODING   SIZE  NELEM  ELEMSZ  ELEMTYPE                        VALUE
+--  ---------  ----------  ------  ------------   ----  -----  ------  --------  ---------------------------
+ 0   REGISTER    EXPLICIT       W     MODRM_REG     64      1      64       INT                           r8
+ 1   REGISTER    EXPLICIT       R        NDSNDD     64      1      64       INT                          rax
+ 2   REGISTER    EXPLICIT       R      MODRM_RM     64      1      64       INT                          rbx
+--  ---------  ----------  ------  ------------   ----  -----  ------  --------  ---------------------------
+
+== [      AVX ] ============================================================================================
+  VECTORLEN: 128
+  BROADCAST: NONE
+   ROUNDING: NONE
+        SAE: N
+       MASK: k0 [DISABLED]
+
+== [      APX ] ============================================================================================
+  USES_EGPR: N
+     HAS_NF: Y
+     HAS_ZU: N
+        SCC: NONE
+
+== [      ATT ] ============================================================================================
+   ABSOLUTE: andnnf %rbx, %rax, %r8
+   RELATIVE: andnnf %rbx, %rax, %r8
+
+== [    INTEL ] ============================================================================================
+   ABSOLUTE: {nf} andn r8, rax, rbx
+   RELATIVE: {nf} andn r8, rax, rbx
+
+== [ SEGMENTS ] ============================================================================================
+62 72 FC 0C F2 C3 
+:           :  :..MODRM
+:           :..OPCODE
+:..EVEX
diff --git a/tests/cases/default_058.in b/tests/cases/default_058.in
@@ -0,0 +1 @@
+-64 -64 -knc 6241780A1800
diff --git a/tests/cases/default_058.out b/tests/cases/default_058.out
@@ -0,0 +1,47 @@
+== [    BASIC ] ============================================================================================
+   MNEMONIC: vprefetchnta [ENC: MVEX, MAP: 0F, OPC: 0x18]
+     LENGTH:  6
+        SSZ: 64
+       EOSZ: 32
+       EASZ: 64
+   CATEGORY: PREFETCH
+    ISA-SET: KNCE
+    ISA-EXT: KNCE
+ EXCEPTIONS: NONE
+ ATTRIBUTES: HAS_MODRM HAS_MVEX ACCEPTS_SEGMENT 
+  OPTIMIZED: 62 D1 78 08 18 00 
+
+== [ OPERANDS ] ============================================================================================
+##       TYPE  VISIBILITY  ACTION      ENCODING   SIZE  NELEM  ELEMSZ  ELEMTYPE                        VALUE
+--  ---------  ----------  ------  ------------   ----  -----  ------  --------  ---------------------------
+ 0     MEMORY    EXPLICIT       R      MODRM_RM      8      0      64       INT  TYPE  =                 MEM
+                                                                                 SEG   =                  ds
+                                                                                 BASE  =                  r8
+                                                                                 INDEX =                none
+                                                                                 SCALE =                   0
+                                                                                 DISP  =  0x0000000000000000
+--  ---------  ----------  ------  ------------   ----  -----  ------  --------  ---------------------------
+
+== [      AVX ] ============================================================================================
+  VECTORLEN: 512
+  BROADCAST: NONE
+   ROUNDING: NONE
+        SAE: N
+       MASK: k0 [NONE]
+         EH: N
+    SWIZZLE: NONE
+    CONVERT: NONE
+
+== [      ATT ] ============================================================================================
+   ABSOLUTE: vprefetchnta (%r8)
+   RELATIVE: vprefetchnta (%r8)
+
+== [    INTEL ] ============================================================================================
+   ABSOLUTE: vprefetchnta byte ptr ds:[r8]
+   RELATIVE: vprefetchnta byte ptr ds:[r8]
+
+== [ SEGMENTS ] ============================================================================================
+62 41 78 0A 18 00 
+:           :  :..MODRM
+:           :..OPCODE
+:..MVEX
diff --git a/tools/ZydisFuzzShared.c b/tools/ZydisFuzzShared.c
@@ -278,7 +278,8 @@ void ZydisValidateInstructionIdentity(const ZydisDecodedInstruction* insn1,
         (insn1->mnemonic != insn2->mnemonic) ||
         (insn1->stack_width != insn2->stack_width) ||
         (insn1->operand_count != insn2->operand_count) ||
-        //(insn1->avx.mask.mode != insn2->avx.mask.mode) || // TODO: APX breaks mask mode
+        (insn1->avx.mask.mode != insn2->avx.mask.mode) ||
+        (insn1->avx.mask.reg != insn2->avx.mask.reg) ||
         (insn1->avx.broadcast.is_static != insn2->avx.broadcast.is_static) ||
         (insn1->avx.broadcast.mode != insn2->avx.broadcast.mode) ||
         (insn1->avx.conversion.mode != insn2->avx.conversion.mode) ||
diff --git a/tools/ZydisInfo.c b/tools/ZydisInfo.c
@@ -809,23 +809,20 @@ static void PrintAVXInfo(const ZydisDecodedInstruction* instruction)
     switch (instruction->encoding)
     {
     case ZYDIS_INSTRUCTION_ENCODING_EVEX:
+    case ZYDIS_INSTRUCTION_ENCODING_MVEX:
         PRINT_VALUE_B("ROUNDING", "%s", strings_rounding_mode[instruction->avx.rounding.mode]);
         PRINT_VALUE_B("SAE", "%s", instruction->avx.has_sae ? "Y" : "N");
         PRINT_VALUE_R("MASK", "%s %s[%s%s%s]",
             ZydisRegisterGetString(instruction->avx.mask.reg),
             CVT100_OUT(COLOR_VALUE_LABEL), CVT100_OUT(COLOR_VALUE_B),
             strings_mask_mode[instruction->avx.mask.mode], CVT100_OUT(COLOR_VALUE_LABEL));
-        break;
-    case ZYDIS_INSTRUCTION_ENCODING_MVEX:
-        PRINT_VALUE_B("ROUNDING", "%s", strings_rounding_mode[instruction->avx.rounding.mode]);
-        PRINT_VALUE_B("SAE", "%s", instruction->avx.has_sae ? "Y" : "N");
-        PRINT_VALUE_R("MASK", "%s %s[%sMERGING%s]",
-            ZydisRegisterGetString(instruction->avx.mask.reg),
-            CVT100_OUT(COLOR_VALUE_LABEL), CVT100_OUT(COLOR_VALUE_B),
-            CVT100_OUT(COLOR_VALUE_LABEL));
-        PRINT_VALUE_B("EH", "%s", instruction->avx.has_eviction_hint ? "Y" : "N");
-        PRINT_VALUE_B("SWIZZLE", "%s", strings_swizzle_mode[instruction->avx.swizzle.mode]);
-        PRINT_VALUE_B("CONVERT", "%s", strings_conversion_mode[instruction->avx.conversion.mode]);
+        if (instruction->encoding == ZYDIS_INSTRUCTION_ENCODING_MVEX)
+        {
+            PRINT_VALUE_B("EH", "%s", instruction->avx.has_eviction_hint ? "Y" : "N");
+            PRINT_VALUE_B("SWIZZLE", "%s", strings_swizzle_mode[instruction->avx.swizzle.mode]);
+            PRINT_VALUE_B("CONVERT", "%s",
+                strings_conversion_mode[instruction->avx.conversion.mode]);
+        }
         break;
     default:
         break;
