>
>
> On Thu, 13 Nov 1997, Todd Derr wrote:
> >
> > Even with the fix, the PTE for the first page of the IDT has to be in
> > the TLB, otherwise we're right back in the same boat, right? (i.e. the
> > CPU would have to read the PTE from memory...)
>
> No. In fact, it cannot be in the TLB, because the page is not present, and
> the intel TLB doesn't cache non-present pages.
>
[snipped a very plausible explanation]
> But maybe people should start looking for other complex instructions that
> are lockable.. (the only other complex instruction I can think of is the
> bitmap instructions - bt, bts, btc, btr - but they don't actually have an
> illegal addressing mode).
bt is always illegal with a lock prefix (it does not modify any of its
operands), but lock bts/btc/btr with a register in the second operand
faults with #UD. I've just checked it, for example
f0 0f ba ff 00: lock btcl $0,%edi
Probably one of the important differences is that cmpxchg8b is the only
instruction with 8 byte operands which can have a lock prefix.
Gabriel