Capstone failing to disassemble instruction

[LowLevelSys]

Work environment

I am dissasembling a driver which attempts to detect hypervisors by catching mishandled instructions. Part of this mechanism is to execute an instruction that looks like this: lock sidt fword ptr [rcx]. Notice the lock prefix making the instruction "Invalid". I am not exactly sure whether this instruction should be decodable as it is not executable on any correctly working cpu.

Questions	Answers
System Capstone runs on OS/arch/bits	Windows x64 (latest Win10)
Capstone module affected	x86
Source of Capstone	Vcpkg
Version/git commit	Latest Vcpkg (not sure which one)

Instruction bytes giving faulty results

F0 0F 01 09

Expected results

It should be:

lock sidt fword ptr [rcx] (IDA)

Steps to get the wrong result

Using a compiler compile a binary in which you manually encode a byte sequence that is F0 0F 01 09
This is the assembly sequence I used

__lock_sidt proc
   db 0F0h  ; lock prefix
   sidt qword ptr [rcx]
   ret
__lock_sidt endp

Then just open cs in x86 mode and try to disasm it

    csh handle;
    cs_insn* insn;
    if (cs_open(CS_ARCH_X86, CS_MODE_64, &handle) != CS_ERR_OK) {
        output_error("Failed to initialize Capstone disassembler.");
        return;
    }
    cs_option(handle, CS_OPT_DETAIL, CS_OPT_ON);

[Rot127]

llvm-mc disassembles it. So Capstone should as well.

echo "0xF0,0x0F,0x01,0x09" | llvm-mc --arch x86 --disassemble
	.text
	lock
	sidtl	(%ecx)

[Rot127]

Be aware of #2505 for your use case.