/**

 * $Id$

 * 

 * SH4 => x86 translation. This version does no real optimization, it just

 * outputs straight-line x86 code - it mainly exists to provide a baseline

 * to test the optimizing versions against.

 *

 * Copyright (c) 2007 Nathan Keynes.

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation; either version 2 of the License, or

 * (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 */

#include <assert.h>

#include <math.h>

#ifndef NDEBUG

#define DEBUG_JUMPS 1

#endif

#include "lxdream.h"

#include "sh4/sh4core.h"

#include "sh4/sh4dasm.h"

#include "sh4/sh4trans.h"

#include "sh4/sh4stat.h"

#include "sh4/sh4mmio.h"

#include "sh4/mmu.h"

#include "xlat/xltcache.h"

#include "xlat/x86/x86op.h"

#include "x86dasm/x86dasm.h"

#include "clock.h"

#define DEFAULT_BACKPATCH_SIZE 4096

/* Offset of a reg relative to the sh4r structure */

#define REG_OFFSET(reg)  (((char *)&sh4r.reg) - ((char *)&sh4r) - 128)

#define R_T      REG_OFFSET(t)

#define R_Q      REG_OFFSET(q)

#define R_S      REG_OFFSET(s)

#define R_M      REG_OFFSET(m)

#define R_SR     REG_OFFSET(sr)

#define R_GBR    REG_OFFSET(gbr)

#define R_SSR    REG_OFFSET(ssr)

#define R_SPC    REG_OFFSET(spc)

#define R_VBR    REG_OFFSET(vbr)

#define R_MACH   REG_OFFSET(mac)+4

#define R_MACL   REG_OFFSET(mac)

#define R_PC     REG_OFFSET(pc)

#define R_NEW_PC REG_OFFSET(new_pc)

#define R_PR     REG_OFFSET(pr)

#define R_SGR    REG_OFFSET(sgr)

#define R_FPUL   REG_OFFSET(fpul)

#define R_FPSCR  REG_OFFSET(fpscr)

#define R_DBR    REG_OFFSET(dbr)

#define R_R(rn)  REG_OFFSET(r[rn])

#define R_FR(f)  REG_OFFSET(fr[0][(f)^1])

#define R_XF(f)  REG_OFFSET(fr[1][(f)^1])

#define R_DR(f)  REG_OFFSET(fr[(f)&1][(f)&0x0E])

#define R_DRL(f) REG_OFFSET(fr[(f)&1][(f)|0x01])

#define R_DRH(f) REG_OFFSET(fr[(f)&1][(f)&0x0E])

#define DELAY_NONE 0

#define DELAY_PC 1

#define DELAY_PC_PR 2

#define SH4_MODE_UNKNOWN -1

struct backpatch_record {

    uint32_t fixup_offset;

    uint32_t fixup_icount;

    int32_t exc_code;

};

/** 

 * Struct to manage internal translation state. This state is not saved -

 * it is only valid between calls to sh4_translate_begin_block() and

 * sh4_translate_end_block()

 */

struct sh4_x86_state {

    int in_delay_slot;

    uint8_t *code;

    gboolean fpuen_checked; /* true if we've already checked fpu enabled. */

    gboolean branch_taken; /* true if we branched unconditionally */

    gboolean double_prec; /* true if FPU is in double-precision mode */

    gboolean double_size; /* true if FPU is in double-size mode */

    gboolean sse3_enabled; /* true if host supports SSE3 instructions */

    uint32_t block_start_pc;

    uint32_t stack_posn;   /* Trace stack height for alignment purposes */

    uint32_t sh4_mode;     /* Mirror of sh4r.xlat_sh4_mode */

    int tstate;

    /* mode settings */

    gboolean tlb_on; /* True if tlb translation is active */

    struct mem_region_fn **priv_address_space;

    struct mem_region_fn **user_address_space;

    /* Instrumentation */

    xlat_block_begin_callback_t begin_callback;

    xlat_block_end_callback_t end_callback;

    gboolean fastmem;

    gboolean profile_blocks;

    /* Allocated memory for the (block-wide) back-patch list */

    struct backpatch_record *backpatch_list;

    uint32_t backpatch_posn;

    uint32_t backpatch_size;

};

static struct sh4_x86_state sh4_x86;

static uint32_t max_int = 0x7FFFFFFF;

static uint32_t min_int = 0x80000000;

static uint32_t save_fcw; /* save value for fpu control word */

static uint32_t trunc_fcw = 0x0F7F; /* fcw value for truncation mode */

static struct x86_symbol x86_symbol_table[] = {

    { "sh4r+128", ((char *)&sh4r)+128 },

    { "sh4_cpu_period", &sh4_cpu_period },

    { "sh4_address_space", NULL },

    { "sh4_user_address_space", NULL },

    { "sh4_translate_breakpoint_hit", sh4_translate_breakpoint_hit },

    { "sh4_write_fpscr", sh4_write_fpscr },

    { "sh4_write_sr", sh4_write_sr },

    { "sh4_read_sr", sh4_read_sr },

    { "sh4_raise_exception", sh4_raise_exception },

    { "sh4_sleep", sh4_sleep },

    { "sh4_fsca", sh4_fsca },

    { "sh4_ftrv", sh4_ftrv },

    { "sh4_switch_fr_banks", sh4_switch_fr_banks },

    { "sh4_execute_instruction", sh4_execute_instruction },

    { "signsat48", signsat48 },

    { "xlat_get_code_by_vma", xlat_get_code_by_vma },

    { "xlat_get_code", xlat_get_code }

};

gboolean is_sse3_supported()

{

    uint32_t features;

    __asm__ __volatile__(

        "mov $0x01, %%eax\n\t"

        "cpuid\n\t" : "=c" (features) : : "eax", "edx", "ebx");

    return (features & 1) ? TRUE : FALSE;

}

void sh4_translate_set_address_space( struct mem_region_fn **priv, struct mem_region_fn **user )

{

    sh4_x86.priv_address_space = priv;

    sh4_x86.user_address_space = user;

    x86_symbol_table[2].ptr = priv;

    x86_symbol_table[3].ptr = user;

}

void sh4_translate_init(void)

{

    sh4_x86.backpatch_list = malloc(DEFAULT_BACKPATCH_SIZE);

    sh4_x86.backpatch_size = DEFAULT_BACKPATCH_SIZE / sizeof(struct backpatch_record);

    sh4_x86.begin_callback = NULL;

    sh4_x86.end_callback = NULL;

    sh4_translate_set_address_space( sh4_address_space, sh4_user_address_space );

    sh4_x86.fastmem = TRUE;

    sh4_x86.profile_blocks = FALSE;

    sh4_x86.sse3_enabled = is_sse3_supported();

    x86_disasm_init();

    x86_set_symtab( x86_symbol_table, sizeof(x86_symbol_table)/sizeof(struct x86_symbol) );

}

void sh4_translate_set_callbacks( xlat_block_begin_callback_t begin, xlat_block_end_callback_t end )

{

    sh4_x86.begin_callback = begin;

    sh4_x86.end_callback = end;

}

void sh4_translate_set_fastmem( gboolean flag )

{

    sh4_x86.fastmem = flag;

}

void sh4_translate_set_profile_blocks( gboolean flag )

{

    sh4_x86.profile_blocks = flag;

}

gboolean sh4_translate_get_profile_blocks()

{

    return sh4_x86.profile_blocks;

}

/**

 * Disassemble the given translated code block, and it's source SH4 code block

 * side-by-side. The current native pc will be marked if non-null.

 */

void sh4_translate_disasm_block( FILE *out, void *code, sh4addr_t source_start, void *native_pc )

{

    char buf[256];

    char op[256];

    uintptr_t target_start = (uintptr_t)code, target_pc;

    uintptr_t target_end = target_start + xlat_get_code_size(code);

    uint32_t source_pc = source_start;

    uint32_t source_end = source_pc;

    xlat_recovery_record_t source_recov_table = XLAT_RECOVERY_TABLE(code);

    xlat_recovery_record_t source_recov_end = source_recov_table + XLAT_BLOCK_FOR_CODE(code)->recover_table_size - 1;

    for( target_pc = target_start; target_pc < target_end;  ) {

        uintptr_t pc2 = x86_disasm_instruction( target_pc, buf, sizeof(buf), op );

#if SIZEOF_VOID_P == 8

        fprintf( out, "%c%016lx: %-30s %-40s", (target_pc == (uintptr_t)native_pc ? '*' : ' '),

                      target_pc, op, buf );

#else

        fprintf( out, "%c%08lx: %-30s %-40s", (target_pc == (uintptr_t)native_pc ? '*' : ' '),

                      target_pc, op, buf );

#endif        

        if( source_recov_table < source_recov_end && 

            target_pc >= (target_start + source_recov_table->xlat_offset) ) {

            source_recov_table++;

            if( source_end < (source_start + (source_recov_table->sh4_icount)*2) )

                source_end = source_start + (source_recov_table->sh4_icount)*2;

        }

        if( source_pc < source_end ) {

            uint32_t source_pc2 = sh4_disasm_instruction( source_pc, buf, sizeof(buf), op );

            fprintf( out, " %08X: %s  %s\n", source_pc, op, buf );

            source_pc = source_pc2;

        } else {

            fprintf( out, "\n" );

        }

        target_pc = pc2;

    }

    while( source_pc < source_end ) {

        uint32_t source_pc2 = sh4_disasm_instruction( source_pc, buf, sizeof(buf), op );

        fprintf( out, "%*c %08X: %s  %s\n", 72,' ', source_pc, op, buf );

        source_pc = source_pc2;

    }

}

static void sh4_x86_add_backpatch( uint8_t *fixup_addr, uint32_t fixup_pc, uint32_t exc_code )

{

    int reloc_size = 4;

    if( exc_code == -2 ) {

        reloc_size = sizeof(void *);

    }

    if( sh4_x86.backpatch_posn == sh4_x86.backpatch_size ) {

	sh4_x86.backpatch_size <<= 1;

	sh4_x86.backpatch_list = realloc( sh4_x86.backpatch_list, 

					  sh4_x86.backpatch_size * sizeof(struct backpatch_record));

	assert( sh4_x86.backpatch_list != NULL );

    }

    if( sh4_x86.in_delay_slot ) {

	fixup_pc -= 2;

    }

    sh4_x86.backpatch_list[sh4_x86.backpatch_posn].fixup_offset = 

	(((uint8_t *)fixup_addr) - ((uint8_t *)xlat_current_block->code)) - reloc_size;

    sh4_x86.backpatch_list[sh4_x86.backpatch_posn].fixup_icount = (fixup_pc - sh4_x86.block_start_pc)>>1;

    sh4_x86.backpatch_list[sh4_x86.backpatch_posn].exc_code = exc_code;

    sh4_x86.backpatch_posn++;

}

#define TSTATE_NONE -1

#define TSTATE_O    X86_COND_O

#define TSTATE_C    X86_COND_C

#define TSTATE_E    X86_COND_E

#define TSTATE_NE   X86_COND_NE

#define TSTATE_G    X86_COND_G

#define TSTATE_GE   X86_COND_GE

#define TSTATE_A    X86_COND_A

#define TSTATE_AE   X86_COND_AE

#define MARK_JMP8(x) uint8_t *_mark_jmp_##x = (xlat_output-1)

#define JMP_TARGET(x) *_mark_jmp_##x += (xlat_output - _mark_jmp_##x)

/* Convenience instructions */

#define LDC_t()          CMPB_imms_rbpdisp(1,R_T); CMC()

#define SETE_t()         SETCCB_cc_rbpdisp(X86_COND_E,R_T)

#define SETA_t()         SETCCB_cc_rbpdisp(X86_COND_A,R_T)

#define SETAE_t()        SETCCB_cc_rbpdisp(X86_COND_AE,R_T)

#define SETG_t()         SETCCB_cc_rbpdisp(X86_COND_G,R_T)

#define SETGE_t()        SETCCB_cc_rbpdisp(X86_COND_GE,R_T)

#define SETC_t()         SETCCB_cc_rbpdisp(X86_COND_C,R_T)

#define SETO_t()         SETCCB_cc_rbpdisp(X86_COND_O,R_T)

#define SETNE_t()        SETCCB_cc_rbpdisp(X86_COND_NE,R_T)

#define SETC_r8(r1)      SETCCB_cc_r8(X86_COND_C, r1)

#define JAE_label(label) JCC_cc_rel8(X86_COND_AE,-1); MARK_JMP8(label)

#define JBE_label(label) JCC_cc_rel8(X86_COND_BE,-1); MARK_JMP8(label)

#define JE_label(label)  JCC_cc_rel8(X86_COND_E,-1); MARK_JMP8(label)

#define JGE_label(label) JCC_cc_rel8(X86_COND_GE,-1); MARK_JMP8(label)

#define JNA_label(label) JCC_cc_rel8(X86_COND_NA,-1); MARK_JMP8(label)

#define JNE_label(label) JCC_cc_rel8(X86_COND_NE,-1); MARK_JMP8(label)

#define JNO_label(label) JCC_cc_rel8(X86_COND_NO,-1); MARK_JMP8(label)

#define JS_label(label)  JCC_cc_rel8(X86_COND_S,-1); MARK_JMP8(label)

#define JMP_label(label) JMP_rel8(-1); MARK_JMP8(label)

#define JNE_exc(exc)     JCC_cc_rel32(X86_COND_NE,0); sh4_x86_add_backpatch(xlat_output, pc, exc)

/** Branch if T is set (either in the current cflags, or in sh4r.t) */

#define JT_label(label) if( sh4_x86.tstate == TSTATE_NONE ) { \

	CMPL_imms_rbpdisp( 1, R_T ); sh4_x86.tstate = TSTATE_E; } \

    JCC_cc_rel8(sh4_x86.tstate,-1); MARK_JMP8(label)

/** Branch if T is clear (either in the current cflags or in sh4r.t) */

#define JF_label(label) if( sh4_x86.tstate == TSTATE_NONE ) { \

	CMPL_imms_rbpdisp( 1, R_T ); sh4_x86.tstate = TSTATE_E; } \

    JCC_cc_rel8(sh4_x86.tstate^1, -1); MARK_JMP8(label)

#define load_reg(x86reg,sh4reg)     MOVL_rbpdisp_r32( REG_OFFSET(r[sh4reg]), x86reg )

#define store_reg(x86reg,sh4reg)    MOVL_r32_rbpdisp( x86reg, REG_OFFSET(r[sh4reg]) )

/**

 * Load an FR register (single-precision floating point) into an integer x86

 * register (eg for register-to-register moves)

 */

#define load_fr(reg,frm)  MOVL_rbpdisp_r32( REG_OFFSET(fr[0][(frm)^1]), reg )

#define load_xf(reg,frm)  MOVL_rbpdisp_r32( REG_OFFSET(fr[1][(frm)^1]), reg )

/**

 * Load the low half of a DR register (DR or XD) into an integer x86 register 

 */

#define load_dr0(reg,frm) MOVL_rbpdisp_r32( REG_OFFSET(fr[frm&1][frm|0x01]), reg )

#define load_dr1(reg,frm) MOVL_rbpdisp_r32( REG_OFFSET(fr[frm&1][frm&0x0E]), reg )

/**

 * Store an FR register (single-precision floating point) from an integer x86+

 * register (eg for register-to-register moves)

 */

#define store_fr(reg,frm) MOVL_r32_rbpdisp( reg, REG_OFFSET(fr[0][(frm)^1]) )

#define store_xf(reg,frm) MOVL_r32_rbpdisp( reg, REG_OFFSET(fr[1][(frm)^1]) )

#define store_dr0(reg,frm) MOVL_r32_rbpdisp( reg, REG_OFFSET(fr[frm&1][frm|0x01]) )

#define store_dr1(reg,frm) MOVL_r32_rbpdisp( reg, REG_OFFSET(fr[frm&1][frm&0x0E]) )

#define push_fpul()  FLDF_rbpdisp(R_FPUL)

#define pop_fpul()   FSTPF_rbpdisp(R_FPUL)

#define push_fr(frm) FLDF_rbpdisp( REG_OFFSET(fr[0][(frm)^1]) )

#define pop_fr(frm)  FSTPF_rbpdisp( REG_OFFSET(fr[0][(frm)^1]) )

#define push_xf(frm) FLDF_rbpdisp( REG_OFFSET(fr[1][(frm)^1]) )

#define pop_xf(frm)  FSTPF_rbpdisp( REG_OFFSET(fr[1][(frm)^1]) )

#define push_dr(frm) FLDD_rbpdisp( REG_OFFSET(fr[0][(frm)&0x0E]) )

#define pop_dr(frm)  FSTPD_rbpdisp( REG_OFFSET(fr[0][(frm)&0x0E]) )

#define push_xdr(frm) FLDD_rbpdisp( REG_OFFSET(fr[1][(frm)&0x0E]) )

#define pop_xdr(frm)  FSTPD_rbpdisp( REG_OFFSET(fr[1][(frm)&0x0E]) )

#ifdef ENABLE_SH4STATS

#define COUNT_INST(id) MOVL_imm32_r32( id, REG_EAX ); CALL1_ptr_r32(sh4_stats_add, REG_EAX); sh4_x86.tstate = TSTATE_NONE

#else

#define COUNT_INST(id)

#endif

/* Exception checks - Note that all exception checks will clobber EAX */

#define check_priv( ) \

    if( (sh4_x86.sh4_mode & SR_MD) == 0 ) { \

        if( sh4_x86.in_delay_slot ) { \

            exit_block_exc(EXC_SLOT_ILLEGAL, (pc-2), 4 ); \

        } else { \

            exit_block_exc(EXC_ILLEGAL, pc, 2); \

        } \

        sh4_x86.branch_taken = TRUE; \

        sh4_x86.in_delay_slot = DELAY_NONE; \

        return 2; \

    }

#define check_fpuen( ) \

    if( !sh4_x86.fpuen_checked ) {\

	sh4_x86.fpuen_checked = TRUE;\

	MOVL_rbpdisp_r32( R_SR, REG_EAX );\

	ANDL_imms_r32( SR_FD, REG_EAX );\

	if( sh4_x86.in_delay_slot ) {\

	    JNE_exc(EXC_SLOT_FPU_DISABLED);\

	} else {\

	    JNE_exc(EXC_FPU_DISABLED);\

	}\

	sh4_x86.tstate = TSTATE_NONE; \

    }

#define check_ralign16( x86reg ) \

    TESTL_imms_r32( 0x00000001, x86reg ); \

    JNE_exc(EXC_DATA_ADDR_READ)

#define check_walign16( x86reg ) \

    TESTL_imms_r32( 0x00000001, x86reg ); \

    JNE_exc(EXC_DATA_ADDR_WRITE);

#define check_ralign32( x86reg ) \

    TESTL_imms_r32( 0x00000003, x86reg ); \

    JNE_exc(EXC_DATA_ADDR_READ)

#define check_walign32( x86reg ) \

    TESTL_imms_r32( 0x00000003, x86reg ); \

    JNE_exc(EXC_DATA_ADDR_WRITE);

#define check_ralign64( x86reg ) \

    TESTL_imms_r32( 0x00000007, x86reg ); \

    JNE_exc(EXC_DATA_ADDR_READ)

#define check_walign64( x86reg ) \

    TESTL_imms_r32( 0x00000007, x86reg ); \

    JNE_exc(EXC_DATA_ADDR_WRITE);

#define address_space() ((sh4_x86.sh4_mode&SR_MD) ? (uintptr_t)sh4_x86.priv_address_space : (uintptr_t)sh4_x86.user_address_space)

#define UNDEF(ir)

/* Note: For SR.MD == 1 && MMUCR.AT == 0, there are no memory exceptions, so 

 * don't waste the cycles expecting them. Otherwise we need to save the exception pointer.

 */

#ifdef HAVE_FRAME_ADDRESS

static void call_read_func(int addr_reg, int value_reg, int offset, int pc)

{

    decode_address(address_space(), addr_reg);

    if( !sh4_x86.tlb_on && (sh4_x86.sh4_mode & SR_MD) ) { 

        CALL1_r32disp_r32(REG_ECX, offset, addr_reg);

    } else {

        if( addr_reg != REG_ARG1 ) {

            MOVL_r32_r32( addr_reg, REG_ARG1 );

        }

        MOVP_immptr_rptr( 0, REG_ARG2 );

        sh4_x86_add_backpatch( xlat_output, pc, -2 );

        CALL2_r32disp_r32_r32(REG_ECX, offset, REG_ARG1, REG_ARG2);

    }

    if( value_reg != REG_RESULT1 ) { 

        MOVL_r32_r32( REG_RESULT1, value_reg );

    }

}

static void call_write_func(int addr_reg, int value_reg, int offset, int pc)

{

    decode_address(address_space(), addr_reg);

    if( !sh4_x86.tlb_on && (sh4_x86.sh4_mode & SR_MD) ) { 

        CALL2_r32disp_r32_r32(REG_ECX, offset, addr_reg, value_reg);

    } else {

        if( value_reg != REG_ARG2 ) {

            MOVL_r32_r32( value_reg, REG_ARG2 );

	}        

        if( addr_reg != REG_ARG1 ) {

            MOVL_r32_r32( addr_reg, REG_ARG1 );

        }

#if MAX_REG_ARG > 2        

        MOVP_immptr_rptr( 0, REG_ARG3 );

        sh4_x86_add_backpatch( xlat_output, pc, -2 );

        CALL3_r32disp_r32_r32_r32(REG_ECX, offset, REG_ARG1, REG_ARG2, REG_ARG3);

#else

        MOVL_imm32_rspdisp( 0, 0 );

        sh4_x86_add_backpatch( xlat_output, pc, -2 );

        CALL3_r32disp_r32_r32_r32(REG_ECX, offset, REG_ARG1, REG_ARG2, 0);

#endif

    }

}

#else

static void call_read_func(int addr_reg, int value_reg, int offset, int pc)

{

    decode_address(address_space(), addr_reg);

    CALL1_r32disp_r32(REG_ECX, offset, addr_reg);

    if( value_reg != REG_RESULT1 ) {

        MOVL_r32_r32( REG_RESULT1, value_reg );

    }

}     

static void call_write_func(int addr_reg, int value_reg, int offset, int pc)

{

    decode_address(address_space(), addr_reg);

    CALL2_r32disp_r32_r32(REG_ECX, offset, addr_reg, value_reg);

}

#endif

#define MEM_REGION_PTR(name) offsetof( struct mem_region_fn, name )

#define MEM_READ_BYTE( addr_reg, value_reg ) call_read_func(addr_reg, value_reg, MEM_REGION_PTR(read_byte), pc)

#define MEM_READ_BYTE_FOR_WRITE( addr_reg, value_reg ) call_read_func( addr_reg, value_reg, MEM_REGION_PTR(read_byte_for_write), pc) 

#define MEM_READ_WORD( addr_reg, value_reg ) call_read_func(addr_reg, value_reg, MEM_REGION_PTR(read_word), pc)

#define MEM_READ_LONG( addr_reg, value_reg ) call_read_func(addr_reg, value_reg, MEM_REGION_PTR(read_long), pc)

#define MEM_WRITE_BYTE( addr_reg, value_reg ) call_write_func(addr_reg, value_reg, MEM_REGION_PTR(write_byte), pc)

#define MEM_WRITE_WORD( addr_reg, value_reg ) call_write_func(addr_reg, value_reg, MEM_REGION_PTR(write_word), pc)

#define MEM_WRITE_LONG( addr_reg, value_reg ) call_write_func(addr_reg, value_reg, MEM_REGION_PTR(write_long), pc)

#define MEM_PREFETCH( addr_reg ) call_read_func(addr_reg, REG_RESULT1, MEM_REGION_PTR(prefetch), pc)

#define SLOTILLEGAL() exit_block_exc(EXC_SLOT_ILLEGAL, pc-2, 4); sh4_x86.in_delay_slot = DELAY_NONE; return 2;

/** Offset of xlat_sh4_mode field relative to the code pointer */ 

#define XLAT_SH4_MODE_CODE_OFFSET  (int32_t)(offsetof(struct xlat_cache_block, xlat_sh4_mode) - offsetof(struct xlat_cache_block,code) )

#define XLAT_CHAIN_CODE_OFFSET (int32_t)(offsetof(struct xlat_cache_block, chain) - offsetof(struct xlat_cache_block,code) )

#define XLAT_ACTIVE_CODE_OFFSET (int32_t)(offsetof(struct xlat_cache_block, active) - offsetof(struct xlat_cache_block,code) )

void sh4_translate_begin_block( sh4addr_t pc ) 

{

	sh4_x86.code = xlat_output;

    sh4_x86.in_delay_slot = FALSE;

    sh4_x86.fpuen_checked = FALSE;

    sh4_x86.branch_taken = FALSE;

    sh4_x86.backpatch_posn = 0;

    sh4_x86.block_start_pc = pc;

    sh4_x86.tlb_on = IS_TLB_ENABLED();

    sh4_x86.tstate = TSTATE_NONE;

    sh4_x86.double_prec = sh4r.fpscr & FPSCR_PR;

    sh4_x86.double_size = sh4r.fpscr & FPSCR_SZ;

    sh4_x86.sh4_mode = sh4r.xlat_sh4_mode;

    emit_prologue();

    if( sh4_x86.begin_callback ) {

        CALL_ptr( sh4_x86.begin_callback );

    }

    if( sh4_x86.profile_blocks ) {

    	MOVP_immptr_rptr( sh4_x86.code + XLAT_ACTIVE_CODE_OFFSET, REG_EAX );

    	ADDL_imms_r32disp( 1, REG_EAX, 0 );

    }  

}

uint32_t sh4_translate_end_block_size()

{

    if( sh4_x86.backpatch_posn <= 3 ) {

        return EPILOGUE_SIZE + (sh4_x86.backpatch_posn*(12+CALL1_PTR_MIN_SIZE));

    } else {

        return EPILOGUE_SIZE + (3*(12+CALL1_PTR_MIN_SIZE)) + (sh4_x86.backpatch_posn-3)*(15+CALL1_PTR_MIN_SIZE);

    }

}

/**

 * Embed a breakpoint into the generated code

 */

void sh4_translate_emit_breakpoint( sh4vma_t pc )

{

    MOVL_imm32_r32( pc, REG_EAX );

    CALL1_ptr_r32( sh4_translate_breakpoint_hit, REG_EAX );

    sh4_x86.tstate = TSTATE_NONE;

}

#define UNTRANSLATABLE(pc) !IS_IN_ICACHE(pc)

/**

 * Test if the loaded target code pointer in %eax is valid, and if so jump

 * directly into it, bypassing the normal exit.

 */

static void jump_next_block()

{

	uint8_t *ptr = xlat_output;

	TESTP_rptr_rptr(REG_EAX, REG_EAX);

	JE_label(nocode);

	if( sh4_x86.sh4_mode == SH4_MODE_UNKNOWN ) {

	    /* sr/fpscr was changed, possibly updated xlat_sh4_mode, so reload it */

	    MOVL_rbpdisp_r32( REG_OFFSET(xlat_sh4_mode), REG_ECX );

	    CMPL_r32_r32disp( REG_ECX, REG_EAX, XLAT_SH4_MODE_CODE_OFFSET );

	} else {

	    CMPL_imms_r32disp( sh4_x86.sh4_mode, REG_EAX, XLAT_SH4_MODE_CODE_OFFSET );

	}

	JNE_label(wrongmode);

	LEAP_rptrdisp_rptr(REG_EAX, PROLOGUE_SIZE,REG_EAX);

	if( sh4_x86.end_callback ) {

	    /* Note this does leave the stack out of alignment, but doesn't matter

	     * for what we're currently using it for.

	     */

	    PUSH_r32(REG_EAX);

	    MOVP_immptr_rptr(sh4_x86.end_callback, REG_ECX);

	    JMP_rptr(REG_ECX);

	} else {

	    JMP_rptr(REG_EAX);

	}

	JMP_TARGET(wrongmode);

	MOVP_rptrdisp_rptr( REG_EAX, XLAT_CHAIN_CODE_OFFSET, REG_EAX );

	int rel = ptr - xlat_output;

    JMP_prerel(rel);

	JMP_TARGET(nocode); 

}

/**

 * 

 */

static void FASTCALL sh4_translate_get_code_and_backpatch( uint32_t pc )

{

    uint8_t *target = (uint8_t *)xlat_get_code_by_vma(pc);

    while( target != NULL && sh4r.xlat_sh4_mode != XLAT_BLOCK_MODE(target) ) {

        target = XLAT_BLOCK_CHAIN(target);

	}

    if( target == NULL ) {

        target = sh4_translate_basic_block( pc );

    }

    uint8_t *backpatch = ((uint8_t *)__builtin_return_address(0)) - (CALL1_PTR_MIN_SIZE);

    *backpatch = 0xE9;

    *(uint32_t *)(backpatch+1) = (uint32_t)(target-backpatch)+PROLOGUE_SIZE-5;

    *(void **)(backpatch+5) = XLAT_BLOCK_FOR_CODE(target)->use_list;

    XLAT_BLOCK_FOR_CODE(target)->use_list = backpatch; 

    uint8_t **retptr = ((uint8_t **)__builtin_frame_address(0))+1;

    assert( *retptr == ((uint8_t *)__builtin_return_address(0)) );

	*retptr = backpatch;

}

static void emit_translate_and_backpatch()

{

    /* NB: this is either 7 bytes (i386) or 12 bytes (x86-64) */

    CALL1_ptr_r32(sh4_translate_get_code_and_backpatch, REG_ARG1);

    /* When patched, the jmp instruction will be 5 bytes (either platform) -

     * we need to reserve sizeof(void*) bytes for the use-list

	 * pointer

	 */ 

    if( sizeof(void*) == 8 ) {

        NOP();

    } else {

        NOP2();

    }

}

/**

 * If we're jumping to a fixed address (or at least fixed relative to the

 * current PC, then we can do a direct branch. REG_ARG1 should contain

 * the PC at this point.

 */

static void jump_next_block_fixed_pc( sh4addr_t pc )

{

	if( IS_IN_ICACHE(pc) ) {

	    if( sh4_x86.sh4_mode != SH4_MODE_UNKNOWN ) {

	        /* Fixed address, in cache, and fixed SH4 mode - generate a call to the

	         * fetch-and-backpatch routine, which will replace the call with a branch */

           emit_translate_and_backpatch();	         

           return;

		} else {

            MOVP_moffptr_rax( xlat_get_lut_entry(GET_ICACHE_PHYS(pc)) );

            ANDP_imms_rptr( -4, REG_EAX );

        }

	} else if( sh4_x86.tlb_on ) {

        CALL1_ptr_r32(xlat_get_code_by_vma, REG_ARG1);

    } else {

        CALL1_ptr_r32(xlat_get_code, REG_ARG1);

    }

    jump_next_block();

}

void sh4_translate_unlink_block( void *use_list )

{

	uint8_t *tmp = xlat_output; /* In case something is active, which should never happen */

	void *next = use_list;

	while( next != NULL ) {

    	xlat_output = (uint8_t *)next;

 	    next = *(void **)(xlat_output+5);

 		emit_translate_and_backpatch();

 	}

 	xlat_output = tmp;

}

static void exit_block()

{

	emit_epilogue();

	if( sh4_x86.end_callback ) {

	    MOVP_immptr_rptr(sh4_x86.end_callback, REG_ECX);

	    JMP_rptr(REG_ECX);

	} else {

	    RET();

	}

}

/**

 * Exit the block with sh4r.pc already written

 */

void exit_block_pcset( sh4addr_t pc )

{

    MOVL_imm32_r32( ((pc - sh4_x86.block_start_pc)>>1)*sh4_cpu_period, REG_ECX );

    ADDL_rbpdisp_r32( REG_OFFSET(slice_cycle), REG_ECX );

    MOVL_r32_rbpdisp( REG_ECX, REG_OFFSET(slice_cycle) );

    CMPL_r32_rbpdisp( REG_ECX, REG_OFFSET(event_pending) );

    JBE_label(exitloop);

    MOVL_rbpdisp_r32( R_PC, REG_ARG1 );

    if( sh4_x86.tlb_on ) {

        CALL1_ptr_r32(xlat_get_code_by_vma,REG_ARG1);

    } else {

        CALL1_ptr_r32(xlat_get_code,REG_ARG1);

    }

    jump_next_block();

    JMP_TARGET(exitloop);

    exit_block();

}

/**

 * Exit the block with sh4r.new_pc written with the target pc

 */

void exit_block_newpcset( sh4addr_t pc )

{

    MOVL_imm32_r32( ((pc - sh4_x86.block_start_pc)>>1)*sh4_cpu_period, REG_ECX );

    ADDL_rbpdisp_r32( REG_OFFSET(slice_cycle), REG_ECX );

    MOVL_r32_rbpdisp( REG_ECX, REG_OFFSET(slice_cycle) );

    MOVL_rbpdisp_r32( R_NEW_PC, REG_ARG1 );

    MOVL_r32_rbpdisp( REG_ARG1, R_PC );

    CMPL_r32_rbpdisp( REG_ECX, REG_OFFSET(event_pending) );

    JBE_label(exitloop);

    if( sh4_x86.tlb_on ) {

        CALL1_ptr_r32(xlat_get_code_by_vma,REG_ARG1);

    } else {

        CALL1_ptr_r32(xlat_get_code,REG_ARG1);

    }

	jump_next_block();

    JMP_TARGET(exitloop);

    exit_block();

}

/**

 * Exit the block to an absolute PC

 */

void exit_block_abs( sh4addr_t pc, sh4addr_t endpc )

{

    MOVL_imm32_r32( ((endpc - sh4_x86.block_start_pc)>>1)*sh4_cpu_period, REG_ECX );

    ADDL_rbpdisp_r32( REG_OFFSET(slice_cycle), REG_ECX );

    MOVL_r32_rbpdisp( REG_ECX, REG_OFFSET(slice_cycle) );

    MOVL_imm32_r32( pc, REG_ARG1 );

    MOVL_r32_rbpdisp( REG_ARG1, R_PC );

    CMPL_r32_rbpdisp( REG_ECX, REG_OFFSET(event_pending) );

    JBE_label(exitloop);

    jump_next_block_fixed_pc(pc);    

    JMP_TARGET(exitloop);

    exit_block();

}

/**

 * Exit the block to a relative PC

 */

void exit_block_rel( sh4addr_t pc, sh4addr_t endpc )

{

    MOVL_imm32_r32( ((endpc - sh4_x86.block_start_pc)>>1)*sh4_cpu_period, REG_ECX );

    ADDL_rbpdisp_r32( REG_OFFSET(slice_cycle), REG_ECX );

    MOVL_r32_rbpdisp( REG_ECX, REG_OFFSET(slice_cycle) );

	if( pc == sh4_x86.block_start_pc && sh4_x86.sh4_mode == sh4r.xlat_sh4_mode ) {

	    /* Special case for tight loops - the PC doesn't change, and

	     * we already know the target address. Just check events pending before

	     * looping.

	     */

        CMPL_r32_rbpdisp( REG_ECX, REG_OFFSET(event_pending) );

        uint32_t backdisp = ((uintptr_t)(sh4_x86.code - xlat_output)) + PROLOGUE_SIZE;

        JCC_cc_prerel(X86_COND_A, backdisp);

	} else {

        MOVL_imm32_r32( pc - sh4_x86.block_start_pc, REG_ARG1 );

        ADDL_rbpdisp_r32( R_PC, REG_ARG1 );

        MOVL_r32_rbpdisp( REG_ARG1, R_PC );

        CMPL_r32_rbpdisp( REG_ECX, REG_OFFSET(event_pending) );

        JBE_label(exitloop2);

        jump_next_block_fixed_pc(pc);

        JMP_TARGET(exitloop2);

    }

    exit_block();

}

/**

 * Exit unconditionally with a general exception

 */

void exit_block_exc( int code, sh4addr_t pc, int inst_adjust )

{

    MOVL_imm32_r32( pc - sh4_x86.block_start_pc, REG_ECX );

    ADDL_r32_rbpdisp( REG_ECX, R_PC );

    MOVL_imm32_r32( ((pc - sh4_x86.block_start_pc + inst_adjust)>>1)*sh4_cpu_period, REG_ECX );

    ADDL_r32_rbpdisp( REG_ECX, REG_OFFSET(slice_cycle) );

    MOVL_imm32_r32( code, REG_ARG1 );

    CALL1_ptr_r32( sh4_raise_exception, REG_ARG1 );

    exit_block();

}    

/**

 * Embed a call to sh4_execute_instruction for situations that we

 * can't translate (just page-crossing delay slots at the moment).

 * Caller is responsible for setting new_pc before calling this function.

 *

 * Performs:

 *   Set PC = endpc

 *   Set sh4r.in_delay_slot = sh4_x86.in_delay_slot

 *   Update slice_cycle for endpc+2 (single step doesn't update slice_cycle)

 *   Call sh4_execute_instruction

 *   Call xlat_get_code_by_vma / xlat_get_code as for normal exit

 */

void exit_block_emu( sh4vma_t endpc )

{

    MOVL_imm32_r32( endpc - sh4_x86.block_start_pc, REG_ECX );   // 5

    ADDL_r32_rbpdisp( REG_ECX, R_PC );

    MOVL_imm32_r32( (((endpc - sh4_x86.block_start_pc)>>1)+1)*sh4_cpu_period, REG_ECX ); // 5

    ADDL_r32_rbpdisp( REG_ECX, REG_OFFSET(slice_cycle) );     // 6

    MOVL_imm32_r32( sh4_x86.in_delay_slot ? 1 : 0, REG_ECX );

    MOVL_r32_rbpdisp( REG_ECX, REG_OFFSET(in_delay_slot) );

    CALL_ptr( sh4_execute_instruction );

    exit_block();

} 

/**

 * Write the block trailer (exception handling block)

 */

void sh4_translate_end_block( sh4addr_t pc ) {

    if( sh4_x86.branch_taken == FALSE ) {

        // Didn't exit unconditionally already, so write the termination here

        exit_block_rel( pc, pc );

    }

    if( sh4_x86.backpatch_posn != 0 ) {

        unsigned int i;

        // Exception raised - cleanup and exit

        uint8_t *end_ptr = xlat_output;

        MOVL_r32_r32( REG_EDX, REG_ECX );

        ADDL_r32_r32( REG_EDX, REG_ECX );

        ADDL_r32_rbpdisp( REG_ECX, R_SPC );

        MOVL_moffptr_eax( &sh4_cpu_period );

        INC_r32( REG_EDX );  /* Add 1 for the aborting instruction itself */ 

        MULL_r32( REG_EDX );

        ADDL_r32_rbpdisp( REG_EAX, REG_OFFSET(slice_cycle) );

        exit_block();

        for( i=0; i< sh4_x86.backpatch_posn; i++ ) {

            uint32_t *fixup_addr = (uint32_t *)&xlat_current_block->code[sh4_x86.backpatch_list[i].fixup_offset];

            if( sh4_x86.backpatch_list[i].exc_code < 0 ) {

                if( sh4_x86.backpatch_list[i].exc_code == -2 ) {

                    *((uintptr_t *)fixup_addr) = (uintptr_t)xlat_output; 

                } else {

                    *fixup_addr += xlat_output - (uint8_t *)&xlat_current_block->code[sh4_x86.backpatch_list[i].fixup_offset] - 4;

                }

                MOVL_imm32_r32( sh4_x86.backpatch_list[i].fixup_icount, REG_EDX );

                int rel = end_ptr - xlat_output;

                JMP_prerel(rel);

            } else {

                *fixup_addr += xlat_output - (uint8_t *)&xlat_current_block->code[sh4_x86.backpatch_list[i].fixup_offset] - 4;

                MOVL_imm32_r32( sh4_x86.backpatch_list[i].exc_code, REG_ARG1 );

                CALL1_ptr_r32( sh4_raise_exception, REG_ARG1 );

                MOVL_imm32_r32( sh4_x86.backpatch_list[i].fixup_icount, REG_EDX );

                int rel = end_ptr - xlat_output;

                JMP_prerel(rel);

            }

        }

    }

}

/**

 * Translate a single instruction. Delayed branches are handled specially

 * by translating both branch and delayed instruction as a single unit (as

 * 

 * The instruction MUST be in the icache (assert check)

 *

 * @return true if the instruction marks the end of a basic block

 * (eg a branch or 

 */

uint32_t sh4_translate_instruction( sh4vma_t pc )

{

    uint32_t ir;

    /* Read instruction from icache */

    assert( IS_IN_ICACHE(pc) );

    ir = *(uint16_t *)GET_ICACHE_PTR(pc);

    if( !sh4_x86.in_delay_slot ) {

	sh4_translate_add_recovery( (pc - sh4_x86.block_start_pc)>>1 );

    }

    /* check for breakpoints at this pc */

    for( int i=0; i<sh4_breakpoint_count; i++ ) {

        if( sh4_breakpoints[i].address == pc ) {

            sh4_translate_emit_breakpoint(pc);

            break;

        }

    }

%%

/* ALU operations */

ADD Rm, Rn {:

    COUNT_INST(I_ADD);

    load_reg( REG_EAX, Rm );

    load_reg( REG_ECX, Rn );

    ADDL_r32_r32( REG_EAX, REG_ECX );

    store_reg( REG_ECX, Rn );

    sh4_x86.tstate = TSTATE_NONE;

:}

ADD #imm, Rn {:  

    COUNT_INST(I_ADDI);

    ADDL_imms_rbpdisp( imm, REG_OFFSET(r[Rn]) );

    sh4_x86.tstate = TSTATE_NONE;

:}

ADDC Rm, Rn {:

    COUNT_INST(I_ADDC);

    if( sh4_x86.tstate != TSTATE_C ) {

        LDC_t();

    }

    load_reg( REG_EAX, Rm );

    load_reg( REG_ECX, Rn );

    ADCL_r32_r32( REG_EAX, REG_ECX );

    store_reg( REG_ECX, Rn );

    SETC_t();

    sh4_x86.tstate = TSTATE_C;

:}

ADDV Rm, Rn {:

    COUNT_INST(I_ADDV);

    load_reg( REG_EAX, Rm );

    load_reg( REG_ECX, Rn );

    ADDL_r32_r32( REG_EAX, REG_ECX );

    store_reg( REG_ECX, Rn );

    SETO_t();

    sh4_x86.tstate = TSTATE_O;

:}

AND Rm, Rn {:

    COUNT_INST(I_AND);

    load_reg( REG_EAX, Rm );

    load_reg( REG_ECX, Rn );

    ANDL_r32_r32( REG_EAX, REG_ECX );

    store_reg( REG_ECX, Rn );

    sh4_x86.tstate = TSTATE_NONE;

:}

AND #imm, R0 {:  

    COUNT_INST(I_ANDI);

    load_reg( REG_EAX, 0 );

    ANDL_imms_r32(imm, REG_EAX); 

    store_reg( REG_EAX, 0 );

    sh4_x86.tstate = TSTATE_NONE;

:}

AND.B #imm, @(R0, GBR) {: 

    COUNT_INST(I_ANDB);

    load_reg( REG_EAX, 0 );

    ADDL_rbpdisp_r32( R_GBR, REG_EAX );

    MOVL_r32_rspdisp(REG_EAX, 0);

    MEM_READ_BYTE_FOR_WRITE( REG_EAX, REG_EDX );

    MOVL_rspdisp_r32(0, REG_EAX);

    ANDL_imms_r32(imm, REG_EDX );

    MEM_WRITE_BYTE( REG_EAX, REG_EDX );

    sh4_x86.tstate = TSTATE_NONE;

:}

CMP/EQ Rm, Rn {:  

    COUNT_INST(I_CMPEQ);

    load_reg( REG_EAX, Rm );

    load_reg( REG_ECX, Rn );

    CMPL_r32_r32( REG_EAX, REG_ECX );

    SETE_t();

    sh4_x86.tstate = TSTATE_E;

:}

CMP/EQ #imm, R0 {:  

    COUNT_INST(I_CMPEQI);

    load_reg( REG_EAX, 0 );

    CMPL_imms_r32(imm, REG_EAX);

    SETE_t();

    sh4_x86.tstate = TSTATE_E;

:}

CMP/GE Rm, Rn {:  

    COUNT_INST(I_CMPGE);

    load_reg( REG_EAX, Rm );

    load_reg( REG_ECX, Rn );

    CMPL_r32_r32( REG_EAX, REG_ECX );

    SETGE_t();

    sh4_x86.tstate = TSTATE_GE;

:}

CMP/GT Rm, Rn {: 

    COUNT_INST(I_CMPGT);

    load_reg( REG_EAX, Rm );

    load_reg( REG_ECX, Rn );

    CMPL_r32_r32( REG_EAX, REG_ECX );

    SETG_t();

    sh4_x86.tstate = TSTATE_G;

:}

CMP/HI Rm, Rn {:  

    COUNT_INST(I_CMPHI);

    load_reg( REG_EAX, Rm );

    load_reg( REG_ECX, Rn );

    CMPL_r32_r32( REG_EAX, REG_ECX );

    SETA_t();

    sh4_x86.tstate = TSTATE_A;

:}

CMP/HS Rm, Rn {: 

    COUNT_INST(I_CMPHS);

    load_reg( REG_EAX, Rm );

    load_reg( REG_ECX, Rn );

    CMPL_r32_r32( REG_EAX, REG_ECX );

    SETAE_t();

    sh4_x86.tstate = TSTATE_AE;

 :}

CMP/PL Rn {: 

    COUNT_INST(I_CMPPL);

    load_reg( REG_EAX, Rn );