Fix bug in cmpxchg instruction emulation. From Andreas Gustafsson via

https://bugs.launchpad.net/qemu/+bug/569760

emulators/qemu/patches/patch-target-i386_translate_c

@@ -0,0 +1,33 @@
+$OpenBSD: patch-target-i386_translate_c,v 1.1 2010/05/27 19:03:07 fgsch Exp $
+--- target-i386/translate.c.orig	2010-02-23 22:54:38.000000000 +0200
++++ target-i386/translate.c
+@@ -4876,20 +4876,24 @@ static target_ulong disas_insn(DisasCont
+             tcg_gen_sub_tl(t2, cpu_regs[R_EAX], t0);
+             gen_extu(ot, t2);
+             tcg_gen_brcondi_tl(TCG_COND_EQ, t2, 0, label1);
++	    label2 = gen_new_label();
+             if (mod == 3) {
+-                label2 = gen_new_label();
+                 gen_op_mov_reg_v(ot, R_EAX, t0);
+                 tcg_gen_br(label2);
+                 gen_set_label(label1);
+                 gen_op_mov_reg_v(ot, rm, t1);
+-                gen_set_label(label2);
+             } else {
+-                tcg_gen_mov_tl(t1, t0);
++                /* perform no-op store cycle like physical cpu; must be
++		   before changing accumulator to ensure idempotency if
++		   the store faults and the instruction is restarted
++		*/
++                gen_op_st_v(ot + s->mem_index, t0, a0);
+                 gen_op_mov_reg_v(ot, R_EAX, t0);
++                tcg_gen_br(label2);		
+                 gen_set_label(label1);
+-                /* always store */
+-                gen_op_st_v(ot + s->mem_index, t1, a0);
++                gen_op_st_v(ot + s->mem_index, t1, a0);		
+             }
++	    gen_set_label(label2);
+             tcg_gen_mov_tl(cpu_cc_src, t0);
+             tcg_gen_mov_tl(cpu_cc_dst, t2);
+             s->cc_op = CC_OP_SUBB + ot;