Let's say you're deploying to a random cloud VM that may or may not have the latest microcode/BIOS. How do you know if TSX is safe to use? Can it be determined in software by looking at CPUID values? (If so, do all TSX-using libraries/compilers insert such checks?)
The risk of subtle locking bugs in multi threaded applications due to CPU bugs makes me want to shy away from the entire feature.
CPUID values would be sufficient. TSX should be correct on Haswell-EX (Xeon E7), Broadwell except for the tablet SoCs (Core M), and all Skaylake, Kaby Lake and newer.
Note that most Linux distros put the latest microcode updates into all of their kernels for any supported version. That means that an updated box with an "old" distro is still going to be OK.
The risk of subtle locking bugs in multi threaded applications due to CPU bugs makes me want to shy away from the entire feature.