From 089965fa8dd36307e27dbd6dae2f8f477ac4f020 Mon Sep 17 00:00:00 2001
From: "Emilio G. Cota" <cota@braap.org>
Date: Tue, 27 Feb 2018 23:05:50 -0500
Subject: [PATCH] target-i386: emulate LOCK'ed XADD using atomic helper

Backports commit f53b01817f95781d2bcc8a82e057d1416601e13b from qemu
---
 qemu/target-i386/translate.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/qemu/target-i386/translate.c b/qemu/target-i386/translate.c
index 2dde92be..ec038a38 100644
--- a/qemu/target-i386/translate.c
+++ b/qemu/target-i386/translate.c
@@ -5784,19 +5784,24 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
         modrm = cpu_ldub_code(env, s->pc++);
         reg = ((modrm >> 3) & 7) | rex_r;
         mod = (modrm >> 6) & 3;
+        gen_op_mov_v_reg(tcg_ctx, ot, cpu_T0, reg);
         if (mod == 3) {
             rm = (modrm & 7) | REX_B(s);
-            gen_op_mov_v_reg(tcg_ctx, ot, cpu_T0, reg);
             gen_op_mov_v_reg(tcg_ctx, ot, cpu_T1, rm);
             tcg_gen_add_tl(tcg_ctx, cpu_T0, cpu_T0, cpu_T1);
             gen_op_mov_reg_v(tcg_ctx, ot, reg, cpu_T1);
             gen_op_mov_reg_v(tcg_ctx, ot, rm, cpu_T0);
         } else {
             gen_lea_modrm(env, s, modrm);
-            gen_op_mov_v_reg(tcg_ctx, ot, cpu_T0, reg);
-            gen_op_ld_v(s, ot, cpu_T1, cpu_A0);
-            tcg_gen_add_tl(tcg_ctx, cpu_T0, cpu_T0, cpu_T1);
-            gen_op_st_v(s, ot, cpu_T0, cpu_A0);
+            if (s->prefix & PREFIX_LOCK) {
+                tcg_gen_atomic_fetch_add_tl(tcg_ctx, cpu_T1, cpu_A0, cpu_T0,
+                                            s->mem_index, ot | MO_LE);
+                tcg_gen_add_tl(tcg_ctx, cpu_T0, cpu_T0, cpu_T1);
+            } else {
+                gen_op_ld_v(s, ot, cpu_T1, cpu_A0);
+                tcg_gen_add_tl(tcg_ctx, cpu_T0, cpu_T0, cpu_T1);
+                gen_op_st_v(s, ot, cpu_T0, cpu_A0);
+            }
             gen_op_mov_reg_v(tcg_ctx, ot, reg, cpu_T1);
         }
         gen_op_update2_cc(tcg_ctx);