diff --git a/0025-linux-user-lock-tcg.patch.patch b/0025-linux-user-lock-tcg.patch.patch
new file mode 100644
index 0000000..25f6387
--- /dev/null
+++ b/0025-linux-user-lock-tcg.patch.patch
@@ -0,0 +1,147 @@
+From 84d6bd737ce0dd9471aa9d589d918406f2c3c6e8 Mon Sep 17 00:00:00 2001
+From: Alexander Graf <agraf@suse.de>
+Date: Thu, 5 Jul 2012 17:31:39 +0200
+Subject: [PATCH] linux-user: lock tcg
+
+The tcg code generator is not thread safe. Lock its generation between
+different threads.
+
+Signed-off-by: Alexander Graf <agraf@suse.de>
+---
+ linux-user/mmap.c |    3 +++
+ tcg/tcg.c         |   29 +++++++++++++++++++++++++++--
+ tcg/tcg.h         |    6 ++++++
+ 3 files changed, 36 insertions(+), 2 deletions(-)
+
+diff --git a/linux-user/mmap.c b/linux-user/mmap.c
+index 3f5e1d7..a669b3a 100644
+--- a/linux-user/mmap.c
++++ b/linux-user/mmap.c
+@@ -30,6 +30,7 @@
+ 
+ #include "qemu.h"
+ #include "qemu-common.h"
++#include "tcg.h"
+ 
+ //#define DEBUG_MMAP
+ 
+@@ -42,6 +43,7 @@ void mmap_lock(void)
+     if (mmap_lock_count++ == 0) {
+         pthread_mutex_lock(&mmap_mutex);
+     }
++    tcg_lock();
+ }
+ 
+ void mmap_unlock(void)
+@@ -49,6 +51,7 @@ void mmap_unlock(void)
+     if (--mmap_lock_count == 0) {
+         pthread_mutex_unlock(&mmap_mutex);
+     }
++    tcg_unlock();
+ }
+ 
+ /* Grab lock to make sure things are in a consistent state after fork().  */
+diff --git a/tcg/tcg.c b/tcg/tcg.c
+index ab589c7..c315e2a 100644
+--- a/tcg/tcg.c
++++ b/tcg/tcg.c
+@@ -40,6 +40,8 @@
+ #include "cache-utils.h"
+ #include "host-utils.h"
+ #include "qemu-timer.h"
++#include "config-host.h"
++#include "qemu-thread.h"
+ 
+ /* Note: the long term plan is to reduce the dependancies on the QEMU
+    CPU definitions. Currently they are used for qemu_ld/st
+@@ -105,6 +107,22 @@ static TCGRegSet tcg_target_call_clobber_regs;
+ uint16_t *gen_opc_ptr;
+ TCGArg *gen_opparam_ptr;
+ 
++void tcg_lock(void)
++{
++#ifdef CONFIG_USER_ONLY
++    TCGContext *s = &tcg_ctx;
++    qemu_mutex_lock(&s->lock);
++#endif
++}
++
++void tcg_unlock(void)
++{
++#ifdef CONFIG_USER_ONLY
++    TCGContext *s = &tcg_ctx;
++    qemu_mutex_unlock(&s->lock);
++#endif
++}
++
+ static inline void tcg_out8(TCGContext *s, uint8_t v)
+ {
+     *s->code_ptr++ = v;
+@@ -245,7 +263,8 @@ void tcg_context_init(TCGContext *s)
+     memset(s, 0, sizeof(*s));
+     s->temps = s->static_temps;
+     s->nb_globals = 0;
+-    
++    qemu_mutex_init(&s->lock);
++
+     /* Count total number of arguments and allocate the corresponding
+        space */
+     total_args = 0;
+@@ -2182,11 +2201,13 @@ int tcg_gen_code(TCGContext *s, uint8_t *gen_code_buf)
+     }
+ #endif
+ 
++    tcg_lock();
+     tcg_gen_code_common(s, gen_code_buf, -1);
+ 
+     /* flush instruction cache */
+     flush_icache_range((tcg_target_ulong)gen_code_buf,
+                        (tcg_target_ulong)s->code_ptr);
++    tcg_unlock();
+ 
+     return s->code_ptr -  gen_code_buf;
+ }
+@@ -2197,7 +2218,11 @@ int tcg_gen_code(TCGContext *s, uint8_t *gen_code_buf)
+    Return -1 if not found. */
+ int tcg_gen_code_search_pc(TCGContext *s, uint8_t *gen_code_buf, long offset)
+ {
+-    return tcg_gen_code_common(s, gen_code_buf, offset);
++    int r;
++    tcg_lock();
++    r = tcg_gen_code_common(s, gen_code_buf, offset);
++    tcg_unlock();
++    return r;
+ }
+ 
+ #ifdef CONFIG_PROFILER
+diff --git a/tcg/tcg.h b/tcg/tcg.h
+index a83bddd..e20fc82 100644
+--- a/tcg/tcg.h
++++ b/tcg/tcg.h
+@@ -46,6 +46,8 @@ typedef uint64_t tcg_target_ulong;
+ #error unsupported
+ #endif
+ 
++#include "config-host.h"
++#include "qemu-thread.h"
+ #include "tcg-target.h"
+ #include "tcg-runtime.h"
+ 
+@@ -389,6 +391,7 @@ struct TCGContext {
+ #ifdef CONFIG_DEBUG_TCG
+     int temps_in_use;
+ #endif
++    QemuMutex lock;
+ };
+ 
+ extern TCGContext tcg_ctx;
+@@ -568,6 +571,9 @@ void tcg_gen_shifti_i64(TCGv_i64 ret, TCGv_i64 arg1,
+ TCGArg *tcg_optimize(TCGContext *s, uint16_t *tcg_opc_ptr, TCGArg *args,
+                      TCGOpDef *tcg_op_def);
+ 
++extern void tcg_lock(void);
++extern void tcg_unlock(void);
++
+ /* only used for debugging purposes */
+ void tcg_register_helper(void *func, const char *name);
+ const char *tcg_helper_get_name(TCGContext *s, void *func);
diff --git a/qemu.changes b/qemu.changes
index 6561964..94a07b6 100644
--- a/qemu.changes
+++ b/qemu.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Thu Jul  5 15:37:05 UTC 2012 - agraf@suse.com
+
+- linux-user: add tcg lock for multi-threaded guest programs
+
 -------------------------------------------------------------------
 Wed Jun 25 19:29:05 UTC 2012 - afaerber@suse.de
 
diff --git a/qemu.spec b/qemu.spec
index 9f141bd..0ce9bc5 100644
--- a/qemu.spec
+++ b/qemu.spec
@@ -48,6 +48,7 @@ Patch0021:      0021-linux-user-fix-multi-threaded-proc-.patch
 Patch0022:      0022-use-libexecdir-instead-of-ignoring-.patch
 Patch0023:      0023-linux-user-Ignore-broken-loop-ioctl.patch
 Patch0024:      0024-linux-user-fix-segmentation-fault-p.patch
+Patch0025:      0025-linux-user-lock-tcg.patch.patch
 # this is to make lint happy
 Source300:      rpmlintrc
 Source302:      bridge.conf
@@ -179,6 +180,7 @@ run cross-architecture builds.
 %patch0022 -p1
 %patch0023 -p1
 %patch0024 -p1
+%patch0025 -p1
 
 %build
 # build QEMU