Search
lxdream.org :: lxdream/src/sh4/sh4x86.c
lxdream 0.9.1
released Jun 29
Download Now
filename src/sh4/sh4x86.c
changeset 577:a181aeacd6e8
prev571:9bc09948d0f2
next585:371342a39c09
author nkeynes
date Mon Jan 14 10:23:49 2008 +0000 (14 years ago)
branchlxdream-mmu
permissions -rw-r--r--
last change Remove asm file and convert to inline (easier to cope with platform conventions)
Add breakpoint support
Add MMU store-queue support
view annotate diff log raw
     1 /**
     2  * $Id$
     3  * 
     4  * SH4 => x86 translation. This version does no real optimization, it just
     5  * outputs straight-line x86 code - it mainly exists to provide a baseline
     6  * to test the optimizing versions against.
     7  *
     8  * Copyright (c) 2007 Nathan Keynes.
     9  *
    10  * This program is free software; you can redistribute it and/or modify
    11  * it under the terms of the GNU General Public License as published by
    12  * the Free Software Foundation; either version 2 of the License, or
    13  * (at your option) any later version.
    14  *
    15  * This program is distributed in the hope that it will be useful,
    16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    18  * GNU General Public License for more details.
    19  */
    21 #include <assert.h>
    22 #include <math.h>
    24 #ifndef NDEBUG
    25 #define DEBUG_JUMPS 1
    26 #endif
    28 #include "sh4/xltcache.h"
    29 #include "sh4/sh4core.h"
    30 #include "sh4/sh4trans.h"
    31 #include "sh4/sh4mmio.h"
    32 #include "sh4/x86op.h"
    33 #include "clock.h"
    35 #define DEFAULT_BACKPATCH_SIZE 4096
    37 struct backpatch_record {
    38     uint32_t *fixup_addr;
    39     uint32_t fixup_icount;
    40     uint32_t exc_code;
    41 };
    43 #define MAX_RECOVERY_SIZE 2048
    45 /** 
    46  * Struct to manage internal translation state. This state is not saved -
    47  * it is only valid between calls to sh4_translate_begin_block() and
    48  * sh4_translate_end_block()
    49  */
    50 struct sh4_x86_state {
    51     gboolean in_delay_slot;
    52     gboolean priv_checked; /* true if we've already checked the cpu mode. */
    53     gboolean fpuen_checked; /* true if we've already checked fpu enabled. */
    54     gboolean branch_taken; /* true if we branched unconditionally */
    55     uint32_t block_start_pc;
    56     uint32_t stack_posn;   /* Trace stack height for alignment purposes */
    57     int tstate;
    59     /* mode flags */
    60     gboolean tlb_on; /* True if tlb translation is active */
    62     /* Allocated memory for the (block-wide) back-patch list */
    63     struct backpatch_record *backpatch_list;
    64     uint32_t backpatch_posn;
    65     uint32_t backpatch_size;
    66     struct xlat_recovery_record recovery_list[MAX_RECOVERY_SIZE];
    67     uint32_t recovery_posn;
    68 };
    70 #define TSTATE_NONE -1
    71 #define TSTATE_O    0
    72 #define TSTATE_C    2
    73 #define TSTATE_E    4
    74 #define TSTATE_NE   5
    75 #define TSTATE_G    0xF
    76 #define TSTATE_GE   0xD
    77 #define TSTATE_A    7
    78 #define TSTATE_AE   3
    80 /** Branch if T is set (either in the current cflags, or in sh4r.t) */
    81 #define JT_rel8(rel8,label) if( sh4_x86.tstate == TSTATE_NONE ) { \
    82 	CMP_imm8s_sh4r( 1, R_T ); sh4_x86.tstate = TSTATE_E; } \
    83     OP(0x70+sh4_x86.tstate); OP(rel8); \
    84     MARK_JMP(rel8,label)
    85 /** Branch if T is clear (either in the current cflags or in sh4r.t) */
    86 #define JF_rel8(rel8,label) if( sh4_x86.tstate == TSTATE_NONE ) { \
    87 	CMP_imm8s_sh4r( 1, R_T ); sh4_x86.tstate = TSTATE_E; } \
    88     OP(0x70+ (sh4_x86.tstate^1)); OP(rel8); \
    89     MARK_JMP(rel8, label)
    91 static struct sh4_x86_state sh4_x86;
    93 static uint32_t max_int = 0x7FFFFFFF;
    94 static uint32_t min_int = 0x80000000;
    95 static uint32_t save_fcw; /* save value for fpu control word */
    96 static uint32_t trunc_fcw = 0x0F7F; /* fcw value for truncation mode */
    98 void sh4_x86_init()
    99 {
   100     sh4_x86.backpatch_list = malloc(DEFAULT_BACKPATCH_SIZE);
   101     sh4_x86.backpatch_size = DEFAULT_BACKPATCH_SIZE / sizeof(struct backpatch_record);
   102 }
   105 static void sh4_x86_add_backpatch( uint8_t *fixup_addr, uint32_t fixup_pc, uint32_t exc_code )
   106 {
   107     if( sh4_x86.backpatch_posn == sh4_x86.backpatch_size ) {
   108 	sh4_x86.backpatch_size <<= 1;
   109 	sh4_x86.backpatch_list = realloc( sh4_x86.backpatch_list, 
   110 					  sh4_x86.backpatch_size * sizeof(struct backpatch_record));
   111 	assert( sh4_x86.backpatch_list != NULL );
   112     }
   113     if( sh4_x86.in_delay_slot ) {
   114 	fixup_pc -= 2;
   115     }
   116     sh4_x86.backpatch_list[sh4_x86.backpatch_posn].fixup_addr = (uint32_t *)fixup_addr;
   117     sh4_x86.backpatch_list[sh4_x86.backpatch_posn].fixup_icount = (fixup_pc - sh4_x86.block_start_pc)>>1;
   118     sh4_x86.backpatch_list[sh4_x86.backpatch_posn].exc_code = exc_code;
   119     sh4_x86.backpatch_posn++;
   120 }
   122 void sh4_x86_add_recovery( uint32_t pc )
   123 {
   124     xlat_recovery[xlat_recovery_posn].xlat_pc = (uintptr_t)xlat_output;
   125     xlat_recovery[xlat_recovery_posn].sh4_icount = (pc - sh4_x86.block_start_pc)>>1;
   126     xlat_recovery_posn++;
   127 }
   129 /**
   130  * Emit an instruction to load an SH4 reg into a real register
   131  */
   132 static inline void load_reg( int x86reg, int sh4reg ) 
   133 {
   134     /* mov [bp+n], reg */
   135     OP(0x8B);
   136     OP(0x45 + (x86reg<<3));
   137     OP(REG_OFFSET(r[sh4reg]));
   138 }
   140 static inline void load_reg16s( int x86reg, int sh4reg )
   141 {
   142     OP(0x0F);
   143     OP(0xBF);
   144     MODRM_r32_sh4r(x86reg, REG_OFFSET(r[sh4reg]));
   145 }
   147 static inline void load_reg16u( int x86reg, int sh4reg )
   148 {
   149     OP(0x0F);
   150     OP(0xB7);
   151     MODRM_r32_sh4r(x86reg, REG_OFFSET(r[sh4reg]));
   153 }
   155 #define load_spreg( x86reg, regoff ) MOV_sh4r_r32( regoff, x86reg )
   156 #define store_spreg( x86reg, regoff ) MOV_r32_sh4r( x86reg, regoff )
   157 /**
   158  * Emit an instruction to load an immediate value into a register
   159  */
   160 static inline void load_imm32( int x86reg, uint32_t value ) {
   161     /* mov #value, reg */
   162     OP(0xB8 + x86reg);
   163     OP32(value);
   164 }
   166 /**
   167  * Load an immediate 64-bit quantity (note: x86-64 only)
   168  */
   169 static inline void load_imm64( int x86reg, uint32_t value ) {
   170     /* mov #value, reg */
   171     REXW();
   172     OP(0xB8 + x86reg);
   173     OP64(value);
   174 }
   177 /**
   178  * Emit an instruction to store an SH4 reg (RN)
   179  */
   180 void static inline store_reg( int x86reg, int sh4reg ) {
   181     /* mov reg, [bp+n] */
   182     OP(0x89);
   183     OP(0x45 + (x86reg<<3));
   184     OP(REG_OFFSET(r[sh4reg]));
   185 }
   187 #define load_fr_bank(bankreg) load_spreg( bankreg, REG_OFFSET(fr_bank))
   189 /**
   190  * Load an FR register (single-precision floating point) into an integer x86
   191  * register (eg for register-to-register moves)
   192  */
   193 void static inline load_fr( int bankreg, int x86reg, int frm )
   194 {
   195     OP(0x8B); OP(0x40+bankreg+(x86reg<<3)); OP((frm^1)<<2);
   196 }
   198 /**
   199  * Store an FR register (single-precision floating point) into an integer x86
   200  * register (eg for register-to-register moves)
   201  */
   202 void static inline store_fr( int bankreg, int x86reg, int frn )
   203 {
   204     OP(0x89);  OP(0x40+bankreg+(x86reg<<3)); OP((frn^1)<<2);
   205 }
   208 /**
   209  * Load a pointer to the back fp back into the specified x86 register. The
   210  * bankreg must have been previously loaded with FPSCR.
   211  * NB: 12 bytes
   212  */
   213 static inline void load_xf_bank( int bankreg )
   214 {
   215     NOT_r32( bankreg );
   216     SHR_imm8_r32( (21 - 6), bankreg ); // Extract bit 21 then *64 for bank size
   217     AND_imm8s_r32( 0x40, bankreg );    // Complete extraction
   218     OP(0x8D); OP(0x44+(bankreg<<3)); OP(0x28+bankreg); OP(REG_OFFSET(fr)); // LEA [ebp+bankreg+disp], bankreg
   219 }
   221 /**
   222  * Update the fr_bank pointer based on the current fpscr value.
   223  */
   224 static inline void update_fr_bank( int fpscrreg )
   225 {
   226     SHR_imm8_r32( (21 - 6), fpscrreg ); // Extract bit 21 then *64 for bank size
   227     AND_imm8s_r32( 0x40, fpscrreg );    // Complete extraction
   228     OP(0x8D); OP(0x44+(fpscrreg<<3)); OP(0x28+fpscrreg); OP(REG_OFFSET(fr)); // LEA [ebp+fpscrreg+disp], fpscrreg
   229     store_spreg( fpscrreg, REG_OFFSET(fr_bank) );
   230 }
   231 /**
   232  * Push FPUL (as a 32-bit float) onto the FPU stack
   233  */
   234 static inline void push_fpul( )
   235 {
   236     OP(0xD9); OP(0x45); OP(R_FPUL);
   237 }
   239 /**
   240  * Pop FPUL (as a 32-bit float) from the FPU stack
   241  */
   242 static inline void pop_fpul( )
   243 {
   244     OP(0xD9); OP(0x5D); OP(R_FPUL);
   245 }
   247 /**
   248  * Push a 32-bit float onto the FPU stack, with bankreg previously loaded
   249  * with the location of the current fp bank.
   250  */
   251 static inline void push_fr( int bankreg, int frm ) 
   252 {
   253     OP(0xD9); OP(0x40 + bankreg); OP((frm^1)<<2);  // FLD.S [bankreg + frm^1*4]
   254 }
   256 /**
   257  * Pop a 32-bit float from the FPU stack and store it back into the fp bank, 
   258  * with bankreg previously loaded with the location of the current fp bank.
   259  */
   260 static inline void pop_fr( int bankreg, int frm )
   261 {
   262     OP(0xD9); OP(0x58 + bankreg); OP((frm^1)<<2); // FST.S [bankreg + frm^1*4]
   263 }
   265 /**
   266  * Push a 64-bit double onto the FPU stack, with bankreg previously loaded
   267  * with the location of the current fp bank.
   268  */
   269 static inline void push_dr( int bankreg, int frm )
   270 {
   271     OP(0xDD); OP(0x40 + bankreg); OP(frm<<2); // FLD.D [bankreg + frm*4]
   272 }
   274 static inline void pop_dr( int bankreg, int frm )
   275 {
   276     OP(0xDD); OP(0x58 + bankreg); OP(frm<<2); // FST.D [bankreg + frm*4]
   277 }
   279 /* Exception checks - Note that all exception checks will clobber EAX */
   281 #define check_priv( ) \
   282     if( !sh4_x86.priv_checked ) { \
   283 	sh4_x86.priv_checked = TRUE;\
   284 	load_spreg( R_EAX, R_SR );\
   285 	AND_imm32_r32( SR_MD, R_EAX );\
   286 	if( sh4_x86.in_delay_slot ) {\
   287 	    JE_exc( EXC_SLOT_ILLEGAL );\
   288 	} else {\
   289 	    JE_exc( EXC_ILLEGAL );\
   290 	}\
   291     }\
   293 #define check_fpuen( ) \
   294     if( !sh4_x86.fpuen_checked ) {\
   295 	sh4_x86.fpuen_checked = TRUE;\
   296 	load_spreg( R_EAX, R_SR );\
   297 	AND_imm32_r32( SR_FD, R_EAX );\
   298 	if( sh4_x86.in_delay_slot ) {\
   299 	    JNE_exc(EXC_SLOT_FPU_DISABLED);\
   300 	} else {\
   301 	    JNE_exc(EXC_FPU_DISABLED);\
   302 	}\
   303     }
   305 #define check_ralign16( x86reg ) \
   306     TEST_imm32_r32( 0x00000001, x86reg ); \
   307     JNE_exc(EXC_DATA_ADDR_READ)
   309 #define check_walign16( x86reg ) \
   310     TEST_imm32_r32( 0x00000001, x86reg ); \
   311     JNE_exc(EXC_DATA_ADDR_WRITE);
   313 #define check_ralign32( x86reg ) \
   314     TEST_imm32_r32( 0x00000003, x86reg ); \
   315     JNE_exc(EXC_DATA_ADDR_READ)
   317 #define check_walign32( x86reg ) \
   318     TEST_imm32_r32( 0x00000003, x86reg ); \
   319     JNE_exc(EXC_DATA_ADDR_WRITE);
   321 #define UNDEF()
   322 #define MEM_RESULT(value_reg) if(value_reg != R_EAX) { MOV_r32_r32(R_EAX,value_reg); }
   323 #define MEM_READ_BYTE( addr_reg, value_reg ) call_func1(sh4_read_byte, addr_reg ); MEM_RESULT(value_reg)
   324 #define MEM_READ_WORD( addr_reg, value_reg ) call_func1(sh4_read_word, addr_reg ); MEM_RESULT(value_reg)
   325 #define MEM_READ_LONG( addr_reg, value_reg ) call_func1(sh4_read_long, addr_reg ); MEM_RESULT(value_reg)
   326 #define MEM_WRITE_BYTE( addr_reg, value_reg ) call_func2(sh4_write_byte, addr_reg, value_reg)
   327 #define MEM_WRITE_WORD( addr_reg, value_reg ) call_func2(sh4_write_word, addr_reg, value_reg)
   328 #define MEM_WRITE_LONG( addr_reg, value_reg ) call_func2(sh4_write_long, addr_reg, value_reg)
   330 /**
   331  * Perform MMU translation on the address in addr_reg for a read operation, iff the TLB is turned 
   332  * on, otherwise do nothing. Clobbers EAX, ECX and EDX. May raise a TLB exception or address error.
   333  */
   334 #define MMU_TRANSLATE_READ( addr_reg ) if( sh4_x86.tlb_on ) { call_func1(mmu_vma_to_phys_read, addr_reg); CMP_imm32_r32(MMU_VMA_ERROR, R_EAX); JE_exc(-1); MEM_RESULT(addr_reg); }
   335 /**
   336  * Perform MMU translation on the address in addr_reg for a write operation, iff the TLB is turned 
   337  * on, otherwise do nothing. Clobbers EAX, ECX and EDX. May raise a TLB exception or address error.
   338  */
   339 #define MMU_TRANSLATE_WRITE( addr_reg ) if( sh4_x86.tlb_on ) { call_func1(mmu_vma_to_phys_write, addr_reg); CMP_imm32_r32(MMU_VMA_ERROR, R_EAX); JE_exc(-1); MEM_RESULT(addr_reg); }
   341 #define MEM_READ_SIZE (CALL_FUNC1_SIZE)
   342 #define MEM_WRITE_SIZE (CALL_FUNC2_SIZE)
   343 #define MMU_TRANSLATE_SIZE (sh4_x86.tlb_on ? (CALL_FUNC1_SIZE + 12) : 0 )
   345 #define SLOTILLEGAL() JMP_exc(EXC_SLOT_ILLEGAL); sh4_x86.in_delay_slot = FALSE; return 1;
   347 /****** Import appropriate calling conventions ******/
   348 #if SH4_TRANSLATOR == TARGET_X86_64
   349 #include "sh4/ia64abi.h"
   350 #else /* SH4_TRANSLATOR == TARGET_X86 */
   351 #ifdef APPLE_BUILD
   352 #include "sh4/ia32mac.h"
   353 #else
   354 #include "sh4/ia32abi.h"
   355 #endif
   356 #endif
   358 void sh4_translate_emit_breakpoint( sh4vma_t pc )
   359 {
   360     load_imm32( R_EAX, XLAT_EXIT_BREAKPOINT );
   361     call_func1( sh4_translate_exit, R_EAX );
   362 }
   365 /**
   366  * Translate a single instruction. Delayed branches are handled specially
   367  * by translating both branch and delayed instruction as a single unit (as
   368  * 
   369  * The instruction MUST be in the icache (assert check)
   370  *
   371  * @return true if the instruction marks the end of a basic block
   372  * (eg a branch or 
   373  */
   374 uint32_t sh4_translate_instruction( sh4addr_t pc )
   375 {
   376     uint32_t ir;
   377     /* Read instruction from icache */
   378     assert( IS_IN_ICACHE(pc) );
   379     ir = *(uint16_t *)GET_ICACHE_PTR(pc);
   381 	/* PC is not in the current icache - this usually means we're running
   382 	 * with MMU on, and we've gone past the end of the page. And since 
   383 	 * sh4_translate_block is pretty careful about this, it means we're
   384 	 * almost certainly in a delay slot.
   385 	 *
   386 	 * Since we can't assume the page is present (and we can't fault it in
   387 	 * at this point, inline a call to sh4_execute_instruction (with a few
   388 	 * small repairs to cope with the different environment).
   389 	 */
   390 	ir = sh4_read_word(pc);
   392     if( !sh4_x86.in_delay_slot ) {
   393 	sh4_x86_add_recovery(pc);
   394     }
   395         switch( (ir&0xF000) >> 12 ) {
   396             case 0x0:
   397                 switch( ir&0xF ) {
   398                     case 0x2:
   399                         switch( (ir&0x80) >> 7 ) {
   400                             case 0x0:
   401                                 switch( (ir&0x70) >> 4 ) {
   402                                     case 0x0:
   403                                         { /* STC SR, Rn */
   404                                         uint32_t Rn = ((ir>>8)&0xF); 
   405                                         check_priv();
   406                                         call_func0(sh4_read_sr);
   407                                         store_reg( R_EAX, Rn );
   408                                         sh4_x86.tstate = TSTATE_NONE;
   409                                         }
   410                                         break;
   411                                     case 0x1:
   412                                         { /* STC GBR, Rn */
   413                                         uint32_t Rn = ((ir>>8)&0xF); 
   414                                         load_spreg( R_EAX, R_GBR );
   415                                         store_reg( R_EAX, Rn );
   416                                         }
   417                                         break;
   418                                     case 0x2:
   419                                         { /* STC VBR, Rn */
   420                                         uint32_t Rn = ((ir>>8)&0xF); 
   421                                         check_priv();
   422                                         load_spreg( R_EAX, R_VBR );
   423                                         store_reg( R_EAX, Rn );
   424                                         sh4_x86.tstate = TSTATE_NONE;
   425                                         }
   426                                         break;
   427                                     case 0x3:
   428                                         { /* STC SSR, Rn */
   429                                         uint32_t Rn = ((ir>>8)&0xF); 
   430                                         check_priv();
   431                                         load_spreg( R_EAX, R_SSR );
   432                                         store_reg( R_EAX, Rn );
   433                                         sh4_x86.tstate = TSTATE_NONE;
   434                                         }
   435                                         break;
   436                                     case 0x4:
   437                                         { /* STC SPC, Rn */
   438                                         uint32_t Rn = ((ir>>8)&0xF); 
   439                                         check_priv();
   440                                         load_spreg( R_EAX, R_SPC );
   441                                         store_reg( R_EAX, Rn );
   442                                         sh4_x86.tstate = TSTATE_NONE;
   443                                         }
   444                                         break;
   445                                     default:
   446                                         UNDEF();
   447                                         break;
   448                                 }
   449                                 break;
   450                             case 0x1:
   451                                 { /* STC Rm_BANK, Rn */
   452                                 uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm_BANK = ((ir>>4)&0x7); 
   453                                 check_priv();
   454                                 load_spreg( R_EAX, REG_OFFSET(r_bank[Rm_BANK]) );
   455                                 store_reg( R_EAX, Rn );
   456                                 sh4_x86.tstate = TSTATE_NONE;
   457                                 }
   458                                 break;
   459                         }
   460                         break;
   461                     case 0x3:
   462                         switch( (ir&0xF0) >> 4 ) {
   463                             case 0x0:
   464                                 { /* BSRF Rn */
   465                                 uint32_t Rn = ((ir>>8)&0xF); 
   466                                 if( sh4_x86.in_delay_slot ) {
   467                             	SLOTILLEGAL();
   468                                 } else {
   469                             	load_imm32( R_ECX, pc + 4 );
   470                             	store_spreg( R_ECX, R_PR );
   471                             	ADD_sh4r_r32( REG_OFFSET(r[Rn]), R_ECX );
   472                             	store_spreg( R_ECX, REG_OFFSET(pc) );
   473                             	sh4_x86.in_delay_slot = TRUE;
   474                             	sh4_x86.tstate = TSTATE_NONE;
   475                             	sh4_translate_instruction( pc + 2 );
   476                             	exit_block_pcset(pc+2);
   477                             	sh4_x86.branch_taken = TRUE;
   478                             	return 4;
   479                                 }
   480                                 }
   481                                 break;
   482                             case 0x2:
   483                                 { /* BRAF Rn */
   484                                 uint32_t Rn = ((ir>>8)&0xF); 
   485                                 if( sh4_x86.in_delay_slot ) {
   486                             	SLOTILLEGAL();
   487                                 } else {
   488                             	load_reg( R_EAX, Rn );
   489                             	ADD_imm32_r32( pc + 4, R_EAX );
   490                             	store_spreg( R_EAX, REG_OFFSET(pc) );
   491                             	sh4_x86.in_delay_slot = TRUE;
   492                             	sh4_x86.tstate = TSTATE_NONE;
   493                             	sh4_translate_instruction( pc + 2 );
   494                             	exit_block_pcset(pc+2);
   495                             	sh4_x86.branch_taken = TRUE;
   496                             	return 4;
   497                                 }
   498                                 }
   499                                 break;
   500                             case 0x8:
   501                                 { /* PREF @Rn */
   502                                 uint32_t Rn = ((ir>>8)&0xF); 
   503                                 load_reg( R_EAX, Rn );
   504                                 MOV_r32_r32( R_EAX, R_ECX );
   505                                 AND_imm32_r32( 0xFC000000, R_EAX );
   506                                 CMP_imm32_r32( 0xE0000000, R_EAX );
   507                                 JNE_rel8(8+CALL_FUNC1_SIZE, end);
   508                                 call_func1( sh4_flush_store_queue, R_ECX );
   509                                 TEST_r32_r32( R_EAX, R_EAX );
   510                                 JE_exc(-1);
   511                                 JMP_TARGET(end);
   512                                 sh4_x86.tstate = TSTATE_NONE;
   513                                 }
   514                                 break;
   515                             case 0x9:
   516                                 { /* OCBI @Rn */
   517                                 uint32_t Rn = ((ir>>8)&0xF); 
   518                                 }
   519                                 break;
   520                             case 0xA:
   521                                 { /* OCBP @Rn */
   522                                 uint32_t Rn = ((ir>>8)&0xF); 
   523                                 }
   524                                 break;
   525                             case 0xB:
   526                                 { /* OCBWB @Rn */
   527                                 uint32_t Rn = ((ir>>8)&0xF); 
   528                                 }
   529                                 break;
   530                             case 0xC:
   531                                 { /* MOVCA.L R0, @Rn */
   532                                 uint32_t Rn = ((ir>>8)&0xF); 
   533                                 load_reg( R_EAX, Rn );
   534                                 check_walign32( R_EAX );
   535                                 MMU_TRANSLATE_WRITE( R_EAX );
   536                                 load_reg( R_EDX, 0 );
   537                                 MEM_WRITE_LONG( R_EAX, R_EDX );
   538                                 sh4_x86.tstate = TSTATE_NONE;
   539                                 }
   540                                 break;
   541                             default:
   542                                 UNDEF();
   543                                 break;
   544                         }
   545                         break;
   546                     case 0x4:
   547                         { /* MOV.B Rm, @(R0, Rn) */
   548                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   549                         load_reg( R_EAX, 0 );
   550                         load_reg( R_ECX, Rn );
   551                         ADD_r32_r32( R_ECX, R_EAX );
   552                         MMU_TRANSLATE_WRITE( R_EAX );
   553                         load_reg( R_EDX, Rm );
   554                         MEM_WRITE_BYTE( R_EAX, R_EDX );
   555                         sh4_x86.tstate = TSTATE_NONE;
   556                         }
   557                         break;
   558                     case 0x5:
   559                         { /* MOV.W Rm, @(R0, Rn) */
   560                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   561                         load_reg( R_EAX, 0 );
   562                         load_reg( R_ECX, Rn );
   563                         ADD_r32_r32( R_ECX, R_EAX );
   564                         check_walign16( R_EAX );
   565                         MMU_TRANSLATE_WRITE( R_EAX );
   566                         load_reg( R_EDX, Rm );
   567                         MEM_WRITE_WORD( R_EAX, R_EDX );
   568                         sh4_x86.tstate = TSTATE_NONE;
   569                         }
   570                         break;
   571                     case 0x6:
   572                         { /* MOV.L Rm, @(R0, Rn) */
   573                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   574                         load_reg( R_EAX, 0 );
   575                         load_reg( R_ECX, Rn );
   576                         ADD_r32_r32( R_ECX, R_EAX );
   577                         check_walign32( R_EAX );
   578                         MMU_TRANSLATE_WRITE( R_EAX );
   579                         load_reg( R_EDX, Rm );
   580                         MEM_WRITE_LONG( R_EAX, R_EDX );
   581                         sh4_x86.tstate = TSTATE_NONE;
   582                         }
   583                         break;
   584                     case 0x7:
   585                         { /* MUL.L Rm, Rn */
   586                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   587                         load_reg( R_EAX, Rm );
   588                         load_reg( R_ECX, Rn );
   589                         MUL_r32( R_ECX );
   590                         store_spreg( R_EAX, R_MACL );
   591                         sh4_x86.tstate = TSTATE_NONE;
   592                         }
   593                         break;
   594                     case 0x8:
   595                         switch( (ir&0xFF0) >> 4 ) {
   596                             case 0x0:
   597                                 { /* CLRT */
   598                                 CLC();
   599                                 SETC_t();
   600                                 sh4_x86.tstate = TSTATE_C;
   601                                 }
   602                                 break;
   603                             case 0x1:
   604                                 { /* SETT */
   605                                 STC();
   606                                 SETC_t();
   607                                 sh4_x86.tstate = TSTATE_C;
   608                                 }
   609                                 break;
   610                             case 0x2:
   611                                 { /* CLRMAC */
   612                                 XOR_r32_r32(R_EAX, R_EAX);
   613                                 store_spreg( R_EAX, R_MACL );
   614                                 store_spreg( R_EAX, R_MACH );
   615                                 sh4_x86.tstate = TSTATE_NONE;
   616                                 }
   617                                 break;
   618                             case 0x3:
   619                                 { /* LDTLB */
   620                                 call_func0( MMU_ldtlb );
   621                                 }
   622                                 break;
   623                             case 0x4:
   624                                 { /* CLRS */
   625                                 CLC();
   626                                 SETC_sh4r(R_S);
   627                                 sh4_x86.tstate = TSTATE_C;
   628                                 }
   629                                 break;
   630                             case 0x5:
   631                                 { /* SETS */
   632                                 STC();
   633                                 SETC_sh4r(R_S);
   634                                 sh4_x86.tstate = TSTATE_C;
   635                                 }
   636                                 break;
   637                             default:
   638                                 UNDEF();
   639                                 break;
   640                         }
   641                         break;
   642                     case 0x9:
   643                         switch( (ir&0xF0) >> 4 ) {
   644                             case 0x0:
   645                                 { /* NOP */
   646                                 /* Do nothing. Well, we could emit an 0x90, but what would really be the point? */
   647                                 }
   648                                 break;
   649                             case 0x1:
   650                                 { /* DIV0U */
   651                                 XOR_r32_r32( R_EAX, R_EAX );
   652                                 store_spreg( R_EAX, R_Q );
   653                                 store_spreg( R_EAX, R_M );
   654                                 store_spreg( R_EAX, R_T );
   655                                 sh4_x86.tstate = TSTATE_C; // works for DIV1
   656                                 }
   657                                 break;
   658                             case 0x2:
   659                                 { /* MOVT Rn */
   660                                 uint32_t Rn = ((ir>>8)&0xF); 
   661                                 load_spreg( R_EAX, R_T );
   662                                 store_reg( R_EAX, Rn );
   663                                 }
   664                                 break;
   665                             default:
   666                                 UNDEF();
   667                                 break;
   668                         }
   669                         break;
   670                     case 0xA:
   671                         switch( (ir&0xF0) >> 4 ) {
   672                             case 0x0:
   673                                 { /* STS MACH, Rn */
   674                                 uint32_t Rn = ((ir>>8)&0xF); 
   675                                 load_spreg( R_EAX, R_MACH );
   676                                 store_reg( R_EAX, Rn );
   677                                 }
   678                                 break;
   679                             case 0x1:
   680                                 { /* STS MACL, Rn */
   681                                 uint32_t Rn = ((ir>>8)&0xF); 
   682                                 load_spreg( R_EAX, R_MACL );
   683                                 store_reg( R_EAX, Rn );
   684                                 }
   685                                 break;
   686                             case 0x2:
   687                                 { /* STS PR, Rn */
   688                                 uint32_t Rn = ((ir>>8)&0xF); 
   689                                 load_spreg( R_EAX, R_PR );
   690                                 store_reg( R_EAX, Rn );
   691                                 }
   692                                 break;
   693                             case 0x3:
   694                                 { /* STC SGR, Rn */
   695                                 uint32_t Rn = ((ir>>8)&0xF); 
   696                                 check_priv();
   697                                 load_spreg( R_EAX, R_SGR );
   698                                 store_reg( R_EAX, Rn );
   699                                 sh4_x86.tstate = TSTATE_NONE;
   700                                 }
   701                                 break;
   702                             case 0x5:
   703                                 { /* STS FPUL, Rn */
   704                                 uint32_t Rn = ((ir>>8)&0xF); 
   705                                 load_spreg( R_EAX, R_FPUL );
   706                                 store_reg( R_EAX, Rn );
   707                                 }
   708                                 break;
   709                             case 0x6:
   710                                 { /* STS FPSCR, Rn */
   711                                 uint32_t Rn = ((ir>>8)&0xF); 
   712                                 load_spreg( R_EAX, R_FPSCR );
   713                                 store_reg( R_EAX, Rn );
   714                                 }
   715                                 break;
   716                             case 0xF:
   717                                 { /* STC DBR, Rn */
   718                                 uint32_t Rn = ((ir>>8)&0xF); 
   719                                 check_priv();
   720                                 load_spreg( R_EAX, R_DBR );
   721                                 store_reg( R_EAX, Rn );
   722                                 sh4_x86.tstate = TSTATE_NONE;
   723                                 }
   724                                 break;
   725                             default:
   726                                 UNDEF();
   727                                 break;
   728                         }
   729                         break;
   730                     case 0xB:
   731                         switch( (ir&0xFF0) >> 4 ) {
   732                             case 0x0:
   733                                 { /* RTS */
   734                                 if( sh4_x86.in_delay_slot ) {
   735                             	SLOTILLEGAL();
   736                                 } else {
   737                             	load_spreg( R_ECX, R_PR );
   738                             	store_spreg( R_ECX, REG_OFFSET(pc) );
   739                             	sh4_x86.in_delay_slot = TRUE;
   740                             	sh4_translate_instruction(pc+2);
   741                             	exit_block_pcset(pc+2);
   742                             	sh4_x86.branch_taken = TRUE;
   743                             	return 4;
   744                                 }
   745                                 }
   746                                 break;
   747                             case 0x1:
   748                                 { /* SLEEP */
   749                                 check_priv();
   750                                 call_func0( sh4_sleep );
   751                                 sh4_x86.tstate = TSTATE_NONE;
   752                                 sh4_x86.in_delay_slot = FALSE;
   753                                 return 2;
   754                                 }
   755                                 break;
   756                             case 0x2:
   757                                 { /* RTE */
   758                                 if( sh4_x86.in_delay_slot ) {
   759                             	SLOTILLEGAL();
   760                                 } else {
   761                             	check_priv();
   762                             	load_spreg( R_ECX, R_SPC );
   763                             	store_spreg( R_ECX, REG_OFFSET(pc) );
   764                             	load_spreg( R_EAX, R_SSR );
   765                             	call_func1( sh4_write_sr, R_EAX );
   766                             	sh4_x86.in_delay_slot = TRUE;
   767                             	sh4_x86.priv_checked = FALSE;
   768                             	sh4_x86.fpuen_checked = FALSE;
   769                             	sh4_x86.tstate = TSTATE_NONE;
   770                             	sh4_translate_instruction(pc+2);
   771                             	exit_block_pcset(pc+2);
   772                             	sh4_x86.branch_taken = TRUE;
   773                             	return 4;
   774                                 }
   775                                 }
   776                                 break;
   777                             default:
   778                                 UNDEF();
   779                                 break;
   780                         }
   781                         break;
   782                     case 0xC:
   783                         { /* MOV.B @(R0, Rm), Rn */
   784                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   785                         load_reg( R_EAX, 0 );
   786                         load_reg( R_ECX, Rm );
   787                         ADD_r32_r32( R_ECX, R_EAX );
   788                         MMU_TRANSLATE_READ( R_EAX )
   789                         MEM_READ_BYTE( R_EAX, R_EAX );
   790                         store_reg( R_EAX, Rn );
   791                         sh4_x86.tstate = TSTATE_NONE;
   792                         }
   793                         break;
   794                     case 0xD:
   795                         { /* MOV.W @(R0, Rm), Rn */
   796                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   797                         load_reg( R_EAX, 0 );
   798                         load_reg( R_ECX, Rm );
   799                         ADD_r32_r32( R_ECX, R_EAX );
   800                         check_ralign16( R_EAX );
   801                         MMU_TRANSLATE_READ( R_EAX );
   802                         MEM_READ_WORD( R_EAX, R_EAX );
   803                         store_reg( R_EAX, Rn );
   804                         sh4_x86.tstate = TSTATE_NONE;
   805                         }
   806                         break;
   807                     case 0xE:
   808                         { /* MOV.L @(R0, Rm), Rn */
   809                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   810                         load_reg( R_EAX, 0 );
   811                         load_reg( R_ECX, Rm );
   812                         ADD_r32_r32( R_ECX, R_EAX );
   813                         check_ralign32( R_EAX );
   814                         MMU_TRANSLATE_READ( R_EAX );
   815                         MEM_READ_LONG( R_EAX, R_EAX );
   816                         store_reg( R_EAX, Rn );
   817                         sh4_x86.tstate = TSTATE_NONE;
   818                         }
   819                         break;
   820                     case 0xF:
   821                         { /* MAC.L @Rm+, @Rn+ */
   822                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   823                         if( Rm == Rn ) {
   824                     	load_reg( R_EAX, Rm );
   825                     	check_ralign32( R_EAX );
   826                     	MMU_TRANSLATE_READ( R_EAX );
   827                     	PUSH_realigned_r32( R_EAX );
   828                     	load_reg( R_EAX, Rn );
   829                     	ADD_imm8s_r32( 4, R_EAX );
   830                     	MMU_TRANSLATE_READ( R_EAX );
   831                     	ADD_imm8s_sh4r( 8, REG_OFFSET(r[Rn]) );
   832                     	// Note translate twice in case of page boundaries. Maybe worth
   833                     	// adding a page-boundary check to skip the second translation
   834                         } else {
   835                     	load_reg( R_EAX, Rm );
   836                     	check_ralign32( R_EAX );
   837                     	MMU_TRANSLATE_READ( R_EAX );
   838                     	PUSH_realigned_r32( R_EAX );
   839                     	load_reg( R_EAX, Rn );
   840                     	check_ralign32( R_EAX );
   841                     	MMU_TRANSLATE_READ( R_EAX );
   842                     	ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rn]) );
   843                     	ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
   844                         }
   845                         MEM_READ_LONG( R_EAX, R_EAX );
   846                         POP_r32( R_ECX );
   847                         PUSH_r32( R_EAX );
   848                         MEM_READ_LONG( R_ECX, R_EAX );
   849                         POP_realigned_r32( R_ECX );
   851                         IMUL_r32( R_ECX );
   852                         ADD_r32_sh4r( R_EAX, R_MACL );
   853                         ADC_r32_sh4r( R_EDX, R_MACH );
   855                         load_spreg( R_ECX, R_S );
   856                         TEST_r32_r32(R_ECX, R_ECX);
   857                         JE_rel8( CALL_FUNC0_SIZE, nosat );
   858                         call_func0( signsat48 );
   859                         JMP_TARGET( nosat );
   860                         sh4_x86.tstate = TSTATE_NONE;
   861                         }
   862                         break;
   863                     default:
   864                         UNDEF();
   865                         break;
   866                 }
   867                 break;
   868             case 0x1:
   869                 { /* MOV.L Rm, @(disp, Rn) */
   870                 uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); uint32_t disp = (ir&0xF)<<2; 
   871                 load_reg( R_EAX, Rn );
   872                 ADD_imm32_r32( disp, R_EAX );
   873                 check_walign32( R_EAX );
   874                 MMU_TRANSLATE_WRITE( R_EAX );
   875                 load_reg( R_EDX, Rm );
   876                 MEM_WRITE_LONG( R_EAX, R_EDX );
   877                 sh4_x86.tstate = TSTATE_NONE;
   878                 }
   879                 break;
   880             case 0x2:
   881                 switch( ir&0xF ) {
   882                     case 0x0:
   883                         { /* MOV.B Rm, @Rn */
   884                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   885                         load_reg( R_EAX, Rn );
   886                         MMU_TRANSLATE_WRITE( R_EAX );
   887                         load_reg( R_EDX, Rm );
   888                         MEM_WRITE_BYTE( R_EAX, R_EDX );
   889                         sh4_x86.tstate = TSTATE_NONE;
   890                         }
   891                         break;
   892                     case 0x1:
   893                         { /* MOV.W Rm, @Rn */
   894                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   895                         load_reg( R_EAX, Rn );
   896                         check_walign16( R_EAX );
   897                         MMU_TRANSLATE_WRITE( R_EAX )
   898                         load_reg( R_EDX, Rm );
   899                         MEM_WRITE_WORD( R_EAX, R_EDX );
   900                         sh4_x86.tstate = TSTATE_NONE;
   901                         }
   902                         break;
   903                     case 0x2:
   904                         { /* MOV.L Rm, @Rn */
   905                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   906                         load_reg( R_EAX, Rn );
   907                         check_walign32(R_EAX);
   908                         MMU_TRANSLATE_WRITE( R_EAX );
   909                         load_reg( R_EDX, Rm );
   910                         MEM_WRITE_LONG( R_EAX, R_EDX );
   911                         sh4_x86.tstate = TSTATE_NONE;
   912                         }
   913                         break;
   914                     case 0x4:
   915                         { /* MOV.B Rm, @-Rn */
   916                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   917                         load_reg( R_EAX, Rn );
   918                         ADD_imm8s_r32( -1, R_EAX );
   919                         MMU_TRANSLATE_WRITE( R_EAX );
   920                         load_reg( R_EDX, Rm );
   921                         ADD_imm8s_sh4r( -1, REG_OFFSET(r[Rn]) );
   922                         MEM_WRITE_BYTE( R_EAX, R_EDX );
   923                         sh4_x86.tstate = TSTATE_NONE;
   924                         }
   925                         break;
   926                     case 0x5:
   927                         { /* MOV.W Rm, @-Rn */
   928                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   929                         load_reg( R_EAX, Rn );
   930                         ADD_imm8s_r32( -2, R_EAX );
   931                         check_walign16( R_EAX );
   932                         MMU_TRANSLATE_WRITE( R_EAX );
   933                         load_reg( R_EDX, Rm );
   934                         ADD_imm8s_sh4r( -2, REG_OFFSET(r[Rn]) );
   935                         MEM_WRITE_WORD( R_EAX, R_EDX );
   936                         sh4_x86.tstate = TSTATE_NONE;
   937                         }
   938                         break;
   939                     case 0x6:
   940                         { /* MOV.L Rm, @-Rn */
   941                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   942                         load_reg( R_EAX, Rn );
   943                         ADD_imm8s_r32( -4, R_EAX );
   944                         check_walign32( R_EAX );
   945                         MMU_TRANSLATE_WRITE( R_EAX );
   946                         load_reg( R_EDX, Rm );
   947                         ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
   948                         MEM_WRITE_LONG( R_EAX, R_EDX );
   949                         sh4_x86.tstate = TSTATE_NONE;
   950                         }
   951                         break;
   952                     case 0x7:
   953                         { /* DIV0S Rm, Rn */
   954                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   955                         load_reg( R_EAX, Rm );
   956                         load_reg( R_ECX, Rn );
   957                         SHR_imm8_r32( 31, R_EAX );
   958                         SHR_imm8_r32( 31, R_ECX );
   959                         store_spreg( R_EAX, R_M );
   960                         store_spreg( R_ECX, R_Q );
   961                         CMP_r32_r32( R_EAX, R_ECX );
   962                         SETNE_t();
   963                         sh4_x86.tstate = TSTATE_NE;
   964                         }
   965                         break;
   966                     case 0x8:
   967                         { /* TST Rm, Rn */
   968                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   969                         load_reg( R_EAX, Rm );
   970                         load_reg( R_ECX, Rn );
   971                         TEST_r32_r32( R_EAX, R_ECX );
   972                         SETE_t();
   973                         sh4_x86.tstate = TSTATE_E;
   974                         }
   975                         break;
   976                     case 0x9:
   977                         { /* AND Rm, Rn */
   978                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   979                         load_reg( R_EAX, Rm );
   980                         load_reg( R_ECX, Rn );
   981                         AND_r32_r32( R_EAX, R_ECX );
   982                         store_reg( R_ECX, Rn );
   983                         sh4_x86.tstate = TSTATE_NONE;
   984                         }
   985                         break;
   986                     case 0xA:
   987                         { /* XOR Rm, Rn */
   988                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   989                         load_reg( R_EAX, Rm );
   990                         load_reg( R_ECX, Rn );
   991                         XOR_r32_r32( R_EAX, R_ECX );
   992                         store_reg( R_ECX, Rn );
   993                         sh4_x86.tstate = TSTATE_NONE;
   994                         }
   995                         break;
   996                     case 0xB:
   997                         { /* OR Rm, Rn */
   998                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
   999                         load_reg( R_EAX, Rm );
  1000                         load_reg( R_ECX, Rn );
  1001                         OR_r32_r32( R_EAX, R_ECX );
  1002                         store_reg( R_ECX, Rn );
  1003                         sh4_x86.tstate = TSTATE_NONE;
  1005                         break;
  1006                     case 0xC:
  1007                         { /* CMP/STR Rm, Rn */
  1008                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1009                         load_reg( R_EAX, Rm );
  1010                         load_reg( R_ECX, Rn );
  1011                         XOR_r32_r32( R_ECX, R_EAX );
  1012                         TEST_r8_r8( R_AL, R_AL );
  1013                         JE_rel8(13, target1);
  1014                         TEST_r8_r8( R_AH, R_AH ); // 2
  1015                         JE_rel8(9, target2);
  1016                         SHR_imm8_r32( 16, R_EAX ); // 3
  1017                         TEST_r8_r8( R_AL, R_AL ); // 2
  1018                         JE_rel8(2, target3);
  1019                         TEST_r8_r8( R_AH, R_AH ); // 2
  1020                         JMP_TARGET(target1);
  1021                         JMP_TARGET(target2);
  1022                         JMP_TARGET(target3);
  1023                         SETE_t();
  1024                         sh4_x86.tstate = TSTATE_E;
  1026                         break;
  1027                     case 0xD:
  1028                         { /* XTRCT Rm, Rn */
  1029                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1030                         load_reg( R_EAX, Rm );
  1031                         load_reg( R_ECX, Rn );
  1032                         SHL_imm8_r32( 16, R_EAX );
  1033                         SHR_imm8_r32( 16, R_ECX );
  1034                         OR_r32_r32( R_EAX, R_ECX );
  1035                         store_reg( R_ECX, Rn );
  1036                         sh4_x86.tstate = TSTATE_NONE;
  1038                         break;
  1039                     case 0xE:
  1040                         { /* MULU.W Rm, Rn */
  1041                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1042                         load_reg16u( R_EAX, Rm );
  1043                         load_reg16u( R_ECX, Rn );
  1044                         MUL_r32( R_ECX );
  1045                         store_spreg( R_EAX, R_MACL );
  1046                         sh4_x86.tstate = TSTATE_NONE;
  1048                         break;
  1049                     case 0xF:
  1050                         { /* MULS.W Rm, Rn */
  1051                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1052                         load_reg16s( R_EAX, Rm );
  1053                         load_reg16s( R_ECX, Rn );
  1054                         MUL_r32( R_ECX );
  1055                         store_spreg( R_EAX, R_MACL );
  1056                         sh4_x86.tstate = TSTATE_NONE;
  1058                         break;
  1059                     default:
  1060                         UNDEF();
  1061                         break;
  1063                 break;
  1064             case 0x3:
  1065                 switch( ir&0xF ) {
  1066                     case 0x0:
  1067                         { /* CMP/EQ Rm, Rn */
  1068                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1069                         load_reg( R_EAX, Rm );
  1070                         load_reg( R_ECX, Rn );
  1071                         CMP_r32_r32( R_EAX, R_ECX );
  1072                         SETE_t();
  1073                         sh4_x86.tstate = TSTATE_E;
  1075                         break;
  1076                     case 0x2:
  1077                         { /* CMP/HS Rm, Rn */
  1078                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1079                         load_reg( R_EAX, Rm );
  1080                         load_reg( R_ECX, Rn );
  1081                         CMP_r32_r32( R_EAX, R_ECX );
  1082                         SETAE_t();
  1083                         sh4_x86.tstate = TSTATE_AE;
  1085                         break;
  1086                     case 0x3:
  1087                         { /* CMP/GE Rm, Rn */
  1088                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1089                         load_reg( R_EAX, Rm );
  1090                         load_reg( R_ECX, Rn );
  1091                         CMP_r32_r32( R_EAX, R_ECX );
  1092                         SETGE_t();
  1093                         sh4_x86.tstate = TSTATE_GE;
  1095                         break;
  1096                     case 0x4:
  1097                         { /* DIV1 Rm, Rn */
  1098                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1099                         load_spreg( R_ECX, R_M );
  1100                         load_reg( R_EAX, Rn );
  1101                         if( sh4_x86.tstate != TSTATE_C ) {
  1102                     	LDC_t();
  1104                         RCL1_r32( R_EAX );
  1105                         SETC_r8( R_DL ); // Q'
  1106                         CMP_sh4r_r32( R_Q, R_ECX );
  1107                         JE_rel8(5, mqequal);
  1108                         ADD_sh4r_r32( REG_OFFSET(r[Rm]), R_EAX );
  1109                         JMP_rel8(3, end);
  1110                         JMP_TARGET(mqequal);
  1111                         SUB_sh4r_r32( REG_OFFSET(r[Rm]), R_EAX );
  1112                         JMP_TARGET(end);
  1113                         store_reg( R_EAX, Rn ); // Done with Rn now
  1114                         SETC_r8(R_AL); // tmp1
  1115                         XOR_r8_r8( R_DL, R_AL ); // Q' = Q ^ tmp1
  1116                         XOR_r8_r8( R_AL, R_CL ); // Q'' = Q' ^ M
  1117                         store_spreg( R_ECX, R_Q );
  1118                         XOR_imm8s_r32( 1, R_AL );   // T = !Q'
  1119                         MOVZX_r8_r32( R_AL, R_EAX );
  1120                         store_spreg( R_EAX, R_T );
  1121                         sh4_x86.tstate = TSTATE_NONE;
  1123                         break;
  1124                     case 0x5:
  1125                         { /* DMULU.L Rm, Rn */
  1126                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1127                         load_reg( R_EAX, Rm );
  1128                         load_reg( R_ECX, Rn );
  1129                         MUL_r32(R_ECX);
  1130                         store_spreg( R_EDX, R_MACH );
  1131                         store_spreg( R_EAX, R_MACL );    
  1132                         sh4_x86.tstate = TSTATE_NONE;
  1134                         break;
  1135                     case 0x6:
  1136                         { /* CMP/HI Rm, Rn */
  1137                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1138                         load_reg( R_EAX, Rm );
  1139                         load_reg( R_ECX, Rn );
  1140                         CMP_r32_r32( R_EAX, R_ECX );
  1141                         SETA_t();
  1142                         sh4_x86.tstate = TSTATE_A;
  1144                         break;
  1145                     case 0x7:
  1146                         { /* CMP/GT Rm, Rn */
  1147                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1148                         load_reg( R_EAX, Rm );
  1149                         load_reg( R_ECX, Rn );
  1150                         CMP_r32_r32( R_EAX, R_ECX );
  1151                         SETG_t();
  1152                         sh4_x86.tstate = TSTATE_G;
  1154                         break;
  1155                     case 0x8:
  1156                         { /* SUB Rm, Rn */
  1157                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1158                         load_reg( R_EAX, Rm );
  1159                         load_reg( R_ECX, Rn );
  1160                         SUB_r32_r32( R_EAX, R_ECX );
  1161                         store_reg( R_ECX, Rn );
  1162                         sh4_x86.tstate = TSTATE_NONE;
  1164                         break;
  1165                     case 0xA:
  1166                         { /* SUBC Rm, Rn */
  1167                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1168                         load_reg( R_EAX, Rm );
  1169                         load_reg( R_ECX, Rn );
  1170                         if( sh4_x86.tstate != TSTATE_C ) {
  1171                     	LDC_t();
  1173                         SBB_r32_r32( R_EAX, R_ECX );
  1174                         store_reg( R_ECX, Rn );
  1175                         SETC_t();
  1176                         sh4_x86.tstate = TSTATE_C;
  1178                         break;
  1179                     case 0xB:
  1180                         { /* SUBV Rm, Rn */
  1181                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1182                         load_reg( R_EAX, Rm );
  1183                         load_reg( R_ECX, Rn );
  1184                         SUB_r32_r32( R_EAX, R_ECX );
  1185                         store_reg( R_ECX, Rn );
  1186                         SETO_t();
  1187                         sh4_x86.tstate = TSTATE_O;
  1189                         break;
  1190                     case 0xC:
  1191                         { /* ADD Rm, Rn */
  1192                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1193                         load_reg( R_EAX, Rm );
  1194                         load_reg( R_ECX, Rn );
  1195                         ADD_r32_r32( R_EAX, R_ECX );
  1196                         store_reg( R_ECX, Rn );
  1197                         sh4_x86.tstate = TSTATE_NONE;
  1199                         break;
  1200                     case 0xD:
  1201                         { /* DMULS.L Rm, Rn */
  1202                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1203                         load_reg( R_EAX, Rm );
  1204                         load_reg( R_ECX, Rn );
  1205                         IMUL_r32(R_ECX);
  1206                         store_spreg( R_EDX, R_MACH );
  1207                         store_spreg( R_EAX, R_MACL );
  1208                         sh4_x86.tstate = TSTATE_NONE;
  1210                         break;
  1211                     case 0xE:
  1212                         { /* ADDC Rm, Rn */
  1213                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1214                         if( sh4_x86.tstate != TSTATE_C ) {
  1215                     	LDC_t();
  1217                         load_reg( R_EAX, Rm );
  1218                         load_reg( R_ECX, Rn );
  1219                         ADC_r32_r32( R_EAX, R_ECX );
  1220                         store_reg( R_ECX, Rn );
  1221                         SETC_t();
  1222                         sh4_x86.tstate = TSTATE_C;
  1224                         break;
  1225                     case 0xF:
  1226                         { /* ADDV Rm, Rn */
  1227                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1228                         load_reg( R_EAX, Rm );
  1229                         load_reg( R_ECX, Rn );
  1230                         ADD_r32_r32( R_EAX, R_ECX );
  1231                         store_reg( R_ECX, Rn );
  1232                         SETO_t();
  1233                         sh4_x86.tstate = TSTATE_O;
  1235                         break;
  1236                     default:
  1237                         UNDEF();
  1238                         break;
  1240                 break;
  1241             case 0x4:
  1242                 switch( ir&0xF ) {
  1243                     case 0x0:
  1244                         switch( (ir&0xF0) >> 4 ) {
  1245                             case 0x0:
  1246                                 { /* SHLL Rn */
  1247                                 uint32_t Rn = ((ir>>8)&0xF); 
  1248                                 load_reg( R_EAX, Rn );
  1249                                 SHL1_r32( R_EAX );
  1250                                 SETC_t();
  1251                                 store_reg( R_EAX, Rn );
  1252                                 sh4_x86.tstate = TSTATE_C;
  1254                                 break;
  1255                             case 0x1:
  1256                                 { /* DT Rn */
  1257                                 uint32_t Rn = ((ir>>8)&0xF); 
  1258                                 load_reg( R_EAX, Rn );
  1259                                 ADD_imm8s_r32( -1, R_EAX );
  1260                                 store_reg( R_EAX, Rn );
  1261                                 SETE_t();
  1262                                 sh4_x86.tstate = TSTATE_E;
  1264                                 break;
  1265                             case 0x2:
  1266                                 { /* SHAL Rn */
  1267                                 uint32_t Rn = ((ir>>8)&0xF); 
  1268                                 load_reg( R_EAX, Rn );
  1269                                 SHL1_r32( R_EAX );
  1270                                 SETC_t();
  1271                                 store_reg( R_EAX, Rn );
  1272                                 sh4_x86.tstate = TSTATE_C;
  1274                                 break;
  1275                             default:
  1276                                 UNDEF();
  1277                                 break;
  1279                         break;
  1280                     case 0x1:
  1281                         switch( (ir&0xF0) >> 4 ) {
  1282                             case 0x0:
  1283                                 { /* SHLR Rn */
  1284                                 uint32_t Rn = ((ir>>8)&0xF); 
  1285                                 load_reg( R_EAX, Rn );
  1286                                 SHR1_r32( R_EAX );
  1287                                 SETC_t();
  1288                                 store_reg( R_EAX, Rn );
  1289                                 sh4_x86.tstate = TSTATE_C;
  1291                                 break;
  1292                             case 0x1:
  1293                                 { /* CMP/PZ Rn */
  1294                                 uint32_t Rn = ((ir>>8)&0xF); 
  1295                                 load_reg( R_EAX, Rn );
  1296                                 CMP_imm8s_r32( 0, R_EAX );
  1297                                 SETGE_t();
  1298                                 sh4_x86.tstate = TSTATE_GE;
  1300                                 break;
  1301                             case 0x2:
  1302                                 { /* SHAR Rn */
  1303                                 uint32_t Rn = ((ir>>8)&0xF); 
  1304                                 load_reg( R_EAX, Rn );
  1305                                 SAR1_r32( R_EAX );
  1306                                 SETC_t();
  1307                                 store_reg( R_EAX, Rn );
  1308                                 sh4_x86.tstate = TSTATE_C;
  1310                                 break;
  1311                             default:
  1312                                 UNDEF();
  1313                                 break;
  1315                         break;
  1316                     case 0x2:
  1317                         switch( (ir&0xF0) >> 4 ) {
  1318                             case 0x0:
  1319                                 { /* STS.L MACH, @-Rn */
  1320                                 uint32_t Rn = ((ir>>8)&0xF); 
  1321                                 load_reg( R_EAX, Rn );
  1322                                 check_walign32( R_EAX );
  1323                                 ADD_imm8s_r32( -4, R_EAX );
  1324                                 MMU_TRANSLATE_WRITE( R_EAX );
  1325                                 load_spreg( R_EDX, R_MACH );
  1326                                 ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
  1327                                 MEM_WRITE_LONG( R_EAX, R_EDX );
  1328                                 sh4_x86.tstate = TSTATE_NONE;
  1330                                 break;
  1331                             case 0x1:
  1332                                 { /* STS.L MACL, @-Rn */
  1333                                 uint32_t Rn = ((ir>>8)&0xF); 
  1334                                 load_reg( R_EAX, Rn );
  1335                                 check_walign32( R_EAX );
  1336                                 ADD_imm8s_r32( -4, R_EAX );
  1337                                 MMU_TRANSLATE_WRITE( R_EAX );
  1338                                 load_spreg( R_EDX, R_MACL );
  1339                                 ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
  1340                                 MEM_WRITE_LONG( R_EAX, R_EDX );
  1341                                 sh4_x86.tstate = TSTATE_NONE;
  1343                                 break;
  1344                             case 0x2:
  1345                                 { /* STS.L PR, @-Rn */
  1346                                 uint32_t Rn = ((ir>>8)&0xF); 
  1347                                 load_reg( R_EAX, Rn );
  1348                                 check_walign32( R_EAX );
  1349                                 ADD_imm8s_r32( -4, R_EAX );
  1350                                 MMU_TRANSLATE_WRITE( R_EAX );
  1351                                 load_spreg( R_EDX, R_PR );
  1352                                 ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
  1353                                 MEM_WRITE_LONG( R_EAX, R_EDX );
  1354                                 sh4_x86.tstate = TSTATE_NONE;
  1356                                 break;
  1357                             case 0x3:
  1358                                 { /* STC.L SGR, @-Rn */
  1359                                 uint32_t Rn = ((ir>>8)&0xF); 
  1360                                 check_priv();
  1361                                 load_reg( R_EAX, Rn );
  1362                                 check_walign32( R_EAX );
  1363                                 ADD_imm8s_r32( -4, R_EAX );
  1364                                 MMU_TRANSLATE_WRITE( R_EAX );
  1365                                 load_spreg( R_EDX, R_SGR );
  1366                                 ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
  1367                                 MEM_WRITE_LONG( R_EAX, R_EDX );
  1368                                 sh4_x86.tstate = TSTATE_NONE;
  1370                                 break;
  1371                             case 0x5:
  1372                                 { /* STS.L FPUL, @-Rn */
  1373                                 uint32_t Rn = ((ir>>8)&0xF); 
  1374                                 load_reg( R_EAX, Rn );
  1375                                 check_walign32( R_EAX );
  1376                                 ADD_imm8s_r32( -4, R_EAX );
  1377                                 MMU_TRANSLATE_WRITE( R_EAX );
  1378                                 load_spreg( R_EDX, R_FPUL );
  1379                                 ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
  1380                                 MEM_WRITE_LONG( R_EAX, R_EDX );
  1381                                 sh4_x86.tstate = TSTATE_NONE;
  1383                                 break;
  1384                             case 0x6:
  1385                                 { /* STS.L FPSCR, @-Rn */
  1386                                 uint32_t Rn = ((ir>>8)&0xF); 
  1387                                 load_reg( R_EAX, Rn );
  1388                                 check_walign32( R_EAX );
  1389                                 ADD_imm8s_r32( -4, R_EAX );
  1390                                 MMU_TRANSLATE_WRITE( R_EAX );
  1391                                 load_spreg( R_EDX, R_FPSCR );
  1392                                 ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
  1393                                 MEM_WRITE_LONG( R_EAX, R_EDX );
  1394                                 sh4_x86.tstate = TSTATE_NONE;
  1396                                 break;
  1397                             case 0xF:
  1398                                 { /* STC.L DBR, @-Rn */
  1399                                 uint32_t Rn = ((ir>>8)&0xF); 
  1400                                 check_priv();
  1401                                 load_reg( R_EAX, Rn );
  1402                                 check_walign32( R_EAX );
  1403                                 ADD_imm8s_r32( -4, R_EAX );
  1404                                 MMU_TRANSLATE_WRITE( R_EAX );
  1405                                 load_spreg( R_EDX, R_DBR );
  1406                                 ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
  1407                                 MEM_WRITE_LONG( R_EAX, R_EDX );
  1408                                 sh4_x86.tstate = TSTATE_NONE;
  1410                                 break;
  1411                             default:
  1412                                 UNDEF();
  1413                                 break;
  1415                         break;
  1416                     case 0x3:
  1417                         switch( (ir&0x80) >> 7 ) {
  1418                             case 0x0:
  1419                                 switch( (ir&0x70) >> 4 ) {
  1420                                     case 0x0:
  1421                                         { /* STC.L SR, @-Rn */
  1422                                         uint32_t Rn = ((ir>>8)&0xF); 
  1423                                         check_priv();
  1424                                         load_reg( R_EAX, Rn );
  1425                                         check_walign32( R_EAX );
  1426                                         ADD_imm8s_r32( -4, R_EAX );
  1427                                         MMU_TRANSLATE_WRITE( R_EAX );
  1428                                         PUSH_realigned_r32( R_EAX );
  1429                                         call_func0( sh4_read_sr );
  1430                                         POP_realigned_r32( R_ECX );
  1431                                         ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
  1432                                         MEM_WRITE_LONG( R_ECX, R_EAX );
  1433                                         sh4_x86.tstate = TSTATE_NONE;
  1435                                         break;
  1436                                     case 0x1:
  1437                                         { /* STC.L GBR, @-Rn */
  1438                                         uint32_t Rn = ((ir>>8)&0xF); 
  1439                                         load_reg( R_EAX, Rn );
  1440                                         check_walign32( R_EAX );
  1441                                         ADD_imm8s_r32( -4, R_EAX );
  1442                                         MMU_TRANSLATE_WRITE( R_EAX );
  1443                                         load_spreg( R_EDX, R_GBR );
  1444                                         ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
  1445                                         MEM_WRITE_LONG( R_EAX, R_EDX );
  1446                                         sh4_x86.tstate = TSTATE_NONE;
  1448                                         break;
  1449                                     case 0x2:
  1450                                         { /* STC.L VBR, @-Rn */
  1451                                         uint32_t Rn = ((ir>>8)&0xF); 
  1452                                         check_priv();
  1453                                         load_reg( R_EAX, Rn );
  1454                                         check_walign32( R_EAX );
  1455                                         ADD_imm8s_r32( -4, R_EAX );
  1456                                         MMU_TRANSLATE_WRITE( R_EAX );
  1457                                         load_spreg( R_EDX, R_VBR );
  1458                                         ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
  1459                                         MEM_WRITE_LONG( R_EAX, R_EDX );
  1460                                         sh4_x86.tstate = TSTATE_NONE;
  1462                                         break;
  1463                                     case 0x3:
  1464                                         { /* STC.L SSR, @-Rn */
  1465                                         uint32_t Rn = ((ir>>8)&0xF); 
  1466                                         check_priv();
  1467                                         load_reg( R_EAX, Rn );
  1468                                         check_walign32( R_EAX );
  1469                                         ADD_imm8s_r32( -4, R_EAX );
  1470                                         MMU_TRANSLATE_WRITE( R_EAX );
  1471                                         load_spreg( R_EDX, R_SSR );
  1472                                         ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
  1473                                         MEM_WRITE_LONG( R_EAX, R_EDX );
  1474                                         sh4_x86.tstate = TSTATE_NONE;
  1476                                         break;
  1477                                     case 0x4:
  1478                                         { /* STC.L SPC, @-Rn */
  1479                                         uint32_t Rn = ((ir>>8)&0xF); 
  1480                                         check_priv();
  1481                                         load_reg( R_EAX, Rn );
  1482                                         check_walign32( R_EAX );
  1483                                         ADD_imm8s_r32( -4, R_EAX );
  1484                                         MMU_TRANSLATE_WRITE( R_EAX );
  1485                                         load_spreg( R_EDX, R_SPC );
  1486                                         ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
  1487                                         MEM_WRITE_LONG( R_EAX, R_EDX );
  1488                                         sh4_x86.tstate = TSTATE_NONE;
  1490                                         break;
  1491                                     default:
  1492                                         UNDEF();
  1493                                         break;
  1495                                 break;
  1496                             case 0x1:
  1497                                 { /* STC.L Rm_BANK, @-Rn */
  1498                                 uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm_BANK = ((ir>>4)&0x7); 
  1499                                 check_priv();
  1500                                 load_reg( R_EAX, Rn );
  1501                                 check_walign32( R_EAX );
  1502                                 ADD_imm8s_r32( -4, R_EAX );
  1503                                 MMU_TRANSLATE_WRITE( R_EAX );
  1504                                 load_spreg( R_EDX, REG_OFFSET(r_bank[Rm_BANK]) );
  1505                                 ADD_imm8s_sh4r( -4, REG_OFFSET(r[Rn]) );
  1506                                 MEM_WRITE_LONG( R_EAX, R_EDX );
  1507                                 sh4_x86.tstate = TSTATE_NONE;
  1509                                 break;
  1511                         break;
  1512                     case 0x4:
  1513                         switch( (ir&0xF0) >> 4 ) {
  1514                             case 0x0:
  1515                                 { /* ROTL Rn */
  1516                                 uint32_t Rn = ((ir>>8)&0xF); 
  1517                                 load_reg( R_EAX, Rn );
  1518                                 ROL1_r32( R_EAX );
  1519                                 store_reg( R_EAX, Rn );
  1520                                 SETC_t();
  1521                                 sh4_x86.tstate = TSTATE_C;
  1523                                 break;
  1524                             case 0x2:
  1525                                 { /* ROTCL Rn */
  1526                                 uint32_t Rn = ((ir>>8)&0xF); 
  1527                                 load_reg( R_EAX, Rn );
  1528                                 if( sh4_x86.tstate != TSTATE_C ) {
  1529                             	LDC_t();
  1531                                 RCL1_r32( R_EAX );
  1532                                 store_reg( R_EAX, Rn );
  1533                                 SETC_t();
  1534                                 sh4_x86.tstate = TSTATE_C;
  1536                                 break;
  1537                             default:
  1538                                 UNDEF();
  1539                                 break;
  1541                         break;
  1542                     case 0x5:
  1543                         switch( (ir&0xF0) >> 4 ) {
  1544                             case 0x0:
  1545                                 { /* ROTR Rn */
  1546                                 uint32_t Rn = ((ir>>8)&0xF); 
  1547                                 load_reg( R_EAX, Rn );
  1548                                 ROR1_r32( R_EAX );
  1549                                 store_reg( R_EAX, Rn );
  1550                                 SETC_t();
  1551                                 sh4_x86.tstate = TSTATE_C;
  1553                                 break;
  1554                             case 0x1:
  1555                                 { /* CMP/PL Rn */
  1556                                 uint32_t Rn = ((ir>>8)&0xF); 
  1557                                 load_reg( R_EAX, Rn );
  1558                                 CMP_imm8s_r32( 0, R_EAX );
  1559                                 SETG_t();
  1560                                 sh4_x86.tstate = TSTATE_G;
  1562                                 break;
  1563                             case 0x2:
  1564                                 { /* ROTCR Rn */
  1565                                 uint32_t Rn = ((ir>>8)&0xF); 
  1566                                 load_reg( R_EAX, Rn );
  1567                                 if( sh4_x86.tstate != TSTATE_C ) {
  1568                             	LDC_t();
  1570                                 RCR1_r32( R_EAX );
  1571                                 store_reg( R_EAX, Rn );
  1572                                 SETC_t();
  1573                                 sh4_x86.tstate = TSTATE_C;
  1575                                 break;
  1576                             default:
  1577                                 UNDEF();
  1578                                 break;
  1580                         break;
  1581                     case 0x6:
  1582                         switch( (ir&0xF0) >> 4 ) {
  1583                             case 0x0:
  1584                                 { /* LDS.L @Rm+, MACH */
  1585                                 uint32_t Rm = ((ir>>8)&0xF); 
  1586                                 load_reg( R_EAX, Rm );
  1587                                 check_ralign32( R_EAX );
  1588                                 MMU_TRANSLATE_READ( R_EAX );
  1589                                 ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  1590                                 MEM_READ_LONG( R_EAX, R_EAX );
  1591                                 store_spreg( R_EAX, R_MACH );
  1592                                 sh4_x86.tstate = TSTATE_NONE;
  1594                                 break;
  1595                             case 0x1:
  1596                                 { /* LDS.L @Rm+, MACL */
  1597                                 uint32_t Rm = ((ir>>8)&0xF); 
  1598                                 load_reg( R_EAX, Rm );
  1599                                 check_ralign32( R_EAX );
  1600                                 MMU_TRANSLATE_READ( R_EAX );
  1601                                 ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  1602                                 MEM_READ_LONG( R_EAX, R_EAX );
  1603                                 store_spreg( R_EAX, R_MACL );
  1604                                 sh4_x86.tstate = TSTATE_NONE;
  1606                                 break;
  1607                             case 0x2:
  1608                                 { /* LDS.L @Rm+, PR */
  1609                                 uint32_t Rm = ((ir>>8)&0xF); 
  1610                                 load_reg( R_EAX, Rm );
  1611                                 check_ralign32( R_EAX );
  1612                                 MMU_TRANSLATE_READ( R_EAX );
  1613                                 ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  1614                                 MEM_READ_LONG( R_EAX, R_EAX );
  1615                                 store_spreg( R_EAX, R_PR );
  1616                                 sh4_x86.tstate = TSTATE_NONE;
  1618                                 break;
  1619                             case 0x3:
  1620                                 { /* LDC.L @Rm+, SGR */
  1621                                 uint32_t Rm = ((ir>>8)&0xF); 
  1622                                 check_priv();
  1623                                 load_reg( R_EAX, Rm );
  1624                                 check_ralign32( R_EAX );
  1625                                 MMU_TRANSLATE_READ( R_EAX );
  1626                                 ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  1627                                 MEM_READ_LONG( R_EAX, R_EAX );
  1628                                 store_spreg( R_EAX, R_SGR );
  1629                                 sh4_x86.tstate = TSTATE_NONE;
  1631                                 break;
  1632                             case 0x5:
  1633                                 { /* LDS.L @Rm+, FPUL */
  1634                                 uint32_t Rm = ((ir>>8)&0xF); 
  1635                                 load_reg( R_EAX, Rm );
  1636                                 check_ralign32( R_EAX );
  1637                                 MMU_TRANSLATE_READ( R_EAX );
  1638                                 ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  1639                                 MEM_READ_LONG( R_EAX, R_EAX );
  1640                                 store_spreg( R_EAX, R_FPUL );
  1641                                 sh4_x86.tstate = TSTATE_NONE;
  1643                                 break;
  1644                             case 0x6:
  1645                                 { /* LDS.L @Rm+, FPSCR */
  1646                                 uint32_t Rm = ((ir>>8)&0xF); 
  1647                                 load_reg( R_EAX, Rm );
  1648                                 check_ralign32( R_EAX );
  1649                                 MMU_TRANSLATE_READ( R_EAX );
  1650                                 ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  1651                                 MEM_READ_LONG( R_EAX, R_EAX );
  1652                                 store_spreg( R_EAX, R_FPSCR );
  1653                                 update_fr_bank( R_EAX );
  1654                                 sh4_x86.tstate = TSTATE_NONE;
  1656                                 break;
  1657                             case 0xF:
  1658                                 { /* LDC.L @Rm+, DBR */
  1659                                 uint32_t Rm = ((ir>>8)&0xF); 
  1660                                 check_priv();
  1661                                 load_reg( R_EAX, Rm );
  1662                                 check_ralign32( R_EAX );
  1663                                 MMU_TRANSLATE_READ( R_EAX );
  1664                                 ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  1665                                 MEM_READ_LONG( R_EAX, R_EAX );
  1666                                 store_spreg( R_EAX, R_DBR );
  1667                                 sh4_x86.tstate = TSTATE_NONE;
  1669                                 break;
  1670                             default:
  1671                                 UNDEF();
  1672                                 break;
  1674                         break;
  1675                     case 0x7:
  1676                         switch( (ir&0x80) >> 7 ) {
  1677                             case 0x0:
  1678                                 switch( (ir&0x70) >> 4 ) {
  1679                                     case 0x0:
  1680                                         { /* LDC.L @Rm+, SR */
  1681                                         uint32_t Rm = ((ir>>8)&0xF); 
  1682                                         if( sh4_x86.in_delay_slot ) {
  1683                                     	SLOTILLEGAL();
  1684                                         } else {
  1685                                     	check_priv();
  1686                                     	load_reg( R_EAX, Rm );
  1687                                     	check_ralign32( R_EAX );
  1688                                     	MMU_TRANSLATE_READ( R_EAX );
  1689                                     	ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  1690                                     	MEM_READ_LONG( R_EAX, R_EAX );
  1691                                     	call_func1( sh4_write_sr, R_EAX );
  1692                                     	sh4_x86.priv_checked = FALSE;
  1693                                     	sh4_x86.fpuen_checked = FALSE;
  1694                                     	sh4_x86.tstate = TSTATE_NONE;
  1697                                         break;
  1698                                     case 0x1:
  1699                                         { /* LDC.L @Rm+, GBR */
  1700                                         uint32_t Rm = ((ir>>8)&0xF); 
  1701                                         load_reg( R_EAX, Rm );
  1702                                         check_ralign32( R_EAX );
  1703                                         MMU_TRANSLATE_READ( R_EAX );
  1704                                         ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  1705                                         MEM_READ_LONG( R_EAX, R_EAX );
  1706                                         store_spreg( R_EAX, R_GBR );
  1707                                         sh4_x86.tstate = TSTATE_NONE;
  1709                                         break;
  1710                                     case 0x2:
  1711                                         { /* LDC.L @Rm+, VBR */
  1712                                         uint32_t Rm = ((ir>>8)&0xF); 
  1713                                         check_priv();
  1714                                         load_reg( R_EAX, Rm );
  1715                                         check_ralign32( R_EAX );
  1716                                         MMU_TRANSLATE_READ( R_EAX );
  1717                                         ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  1718                                         MEM_READ_LONG( R_EAX, R_EAX );
  1719                                         store_spreg( R_EAX, R_VBR );
  1720                                         sh4_x86.tstate = TSTATE_NONE;
  1722                                         break;
  1723                                     case 0x3:
  1724                                         { /* LDC.L @Rm+, SSR */
  1725                                         uint32_t Rm = ((ir>>8)&0xF); 
  1726                                         check_priv();
  1727                                         load_reg( R_EAX, Rm );
  1728                                         check_ralign32( R_EAX );
  1729                                         MMU_TRANSLATE_READ( R_EAX );
  1730                                         ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  1731                                         MEM_READ_LONG( R_EAX, R_EAX );
  1732                                         store_spreg( R_EAX, R_SSR );
  1733                                         sh4_x86.tstate = TSTATE_NONE;
  1735                                         break;
  1736                                     case 0x4:
  1737                                         { /* LDC.L @Rm+, SPC */
  1738                                         uint32_t Rm = ((ir>>8)&0xF); 
  1739                                         check_priv();
  1740                                         load_reg( R_EAX, Rm );
  1741                                         check_ralign32( R_EAX );
  1742                                         MMU_TRANSLATE_READ( R_EAX );
  1743                                         ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  1744                                         MEM_READ_LONG( R_EAX, R_EAX );
  1745                                         store_spreg( R_EAX, R_SPC );
  1746                                         sh4_x86.tstate = TSTATE_NONE;
  1748                                         break;
  1749                                     default:
  1750                                         UNDEF();
  1751                                         break;
  1753                                 break;
  1754                             case 0x1:
  1755                                 { /* LDC.L @Rm+, Rn_BANK */
  1756                                 uint32_t Rm = ((ir>>8)&0xF); uint32_t Rn_BANK = ((ir>>4)&0x7); 
  1757                                 check_priv();
  1758                                 load_reg( R_EAX, Rm );
  1759                                 check_ralign32( R_EAX );
  1760                                 MMU_TRANSLATE_READ( R_EAX );
  1761                                 ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  1762                                 MEM_READ_LONG( R_EAX, R_EAX );
  1763                                 store_spreg( R_EAX, REG_OFFSET(r_bank[Rn_BANK]) );
  1764                                 sh4_x86.tstate = TSTATE_NONE;
  1766                                 break;
  1768                         break;
  1769                     case 0x8:
  1770                         switch( (ir&0xF0) >> 4 ) {
  1771                             case 0x0:
  1772                                 { /* SHLL2 Rn */
  1773                                 uint32_t Rn = ((ir>>8)&0xF); 
  1774                                 load_reg( R_EAX, Rn );
  1775                                 SHL_imm8_r32( 2, R_EAX );
  1776                                 store_reg( R_EAX, Rn );
  1777                                 sh4_x86.tstate = TSTATE_NONE;
  1779                                 break;
  1780                             case 0x1:
  1781                                 { /* SHLL8 Rn */
  1782                                 uint32_t Rn = ((ir>>8)&0xF); 
  1783                                 load_reg( R_EAX, Rn );
  1784                                 SHL_imm8_r32( 8, R_EAX );
  1785                                 store_reg( R_EAX, Rn );
  1786                                 sh4_x86.tstate = TSTATE_NONE;
  1788                                 break;
  1789                             case 0x2:
  1790                                 { /* SHLL16 Rn */
  1791                                 uint32_t Rn = ((ir>>8)&0xF); 
  1792                                 load_reg( R_EAX, Rn );
  1793                                 SHL_imm8_r32( 16, R_EAX );
  1794                                 store_reg( R_EAX, Rn );
  1795                                 sh4_x86.tstate = TSTATE_NONE;
  1797                                 break;
  1798                             default:
  1799                                 UNDEF();
  1800                                 break;
  1802                         break;
  1803                     case 0x9:
  1804                         switch( (ir&0xF0) >> 4 ) {
  1805                             case 0x0:
  1806                                 { /* SHLR2 Rn */
  1807                                 uint32_t Rn = ((ir>>8)&0xF); 
  1808                                 load_reg( R_EAX, Rn );
  1809                                 SHR_imm8_r32( 2, R_EAX );
  1810                                 store_reg( R_EAX, Rn );
  1811                                 sh4_x86.tstate = TSTATE_NONE;
  1813                                 break;
  1814                             case 0x1:
  1815                                 { /* SHLR8 Rn */
  1816                                 uint32_t Rn = ((ir>>8)&0xF); 
  1817                                 load_reg( R_EAX, Rn );
  1818                                 SHR_imm8_r32( 8, R_EAX );
  1819                                 store_reg( R_EAX, Rn );
  1820                                 sh4_x86.tstate = TSTATE_NONE;
  1822                                 break;
  1823                             case 0x2:
  1824                                 { /* SHLR16 Rn */
  1825                                 uint32_t Rn = ((ir>>8)&0xF); 
  1826                                 load_reg( R_EAX, Rn );
  1827                                 SHR_imm8_r32( 16, R_EAX );
  1828                                 store_reg( R_EAX, Rn );
  1829                                 sh4_x86.tstate = TSTATE_NONE;
  1831                                 break;
  1832                             default:
  1833                                 UNDEF();
  1834                                 break;
  1836                         break;
  1837                     case 0xA:
  1838                         switch( (ir&0xF0) >> 4 ) {
  1839                             case 0x0:
  1840                                 { /* LDS Rm, MACH */
  1841                                 uint32_t Rm = ((ir>>8)&0xF); 
  1842                                 load_reg( R_EAX, Rm );
  1843                                 store_spreg( R_EAX, R_MACH );
  1845                                 break;
  1846                             case 0x1:
  1847                                 { /* LDS Rm, MACL */
  1848                                 uint32_t Rm = ((ir>>8)&0xF); 
  1849                                 load_reg( R_EAX, Rm );
  1850                                 store_spreg( R_EAX, R_MACL );
  1852                                 break;
  1853                             case 0x2:
  1854                                 { /* LDS Rm, PR */
  1855                                 uint32_t Rm = ((ir>>8)&0xF); 
  1856                                 load_reg( R_EAX, Rm );
  1857                                 store_spreg( R_EAX, R_PR );
  1859                                 break;
  1860                             case 0x3:
  1861                                 { /* LDC Rm, SGR */
  1862                                 uint32_t Rm = ((ir>>8)&0xF); 
  1863                                 check_priv();
  1864                                 load_reg( R_EAX, Rm );
  1865                                 store_spreg( R_EAX, R_SGR );
  1866                                 sh4_x86.tstate = TSTATE_NONE;
  1868                                 break;
  1869                             case 0x5:
  1870                                 { /* LDS Rm, FPUL */
  1871                                 uint32_t Rm = ((ir>>8)&0xF); 
  1872                                 load_reg( R_EAX, Rm );
  1873                                 store_spreg( R_EAX, R_FPUL );
  1875                                 break;
  1876                             case 0x6:
  1877                                 { /* LDS Rm, FPSCR */
  1878                                 uint32_t Rm = ((ir>>8)&0xF); 
  1879                                 load_reg( R_EAX, Rm );
  1880                                 store_spreg( R_EAX, R_FPSCR );
  1881                                 update_fr_bank( R_EAX );
  1882                                 sh4_x86.tstate = TSTATE_NONE;
  1884                                 break;
  1885                             case 0xF:
  1886                                 { /* LDC Rm, DBR */
  1887                                 uint32_t Rm = ((ir>>8)&0xF); 
  1888                                 check_priv();
  1889                                 load_reg( R_EAX, Rm );
  1890                                 store_spreg( R_EAX, R_DBR );
  1891                                 sh4_x86.tstate = TSTATE_NONE;
  1893                                 break;
  1894                             default:
  1895                                 UNDEF();
  1896                                 break;
  1898                         break;
  1899                     case 0xB:
  1900                         switch( (ir&0xF0) >> 4 ) {
  1901                             case 0x0:
  1902                                 { /* JSR @Rn */
  1903                                 uint32_t Rn = ((ir>>8)&0xF); 
  1904                                 if( sh4_x86.in_delay_slot ) {
  1905                             	SLOTILLEGAL();
  1906                                 } else {
  1907                             	load_imm32( R_EAX, pc + 4 );
  1908                             	store_spreg( R_EAX, R_PR );
  1909                             	load_reg( R_ECX, Rn );
  1910                             	store_spreg( R_ECX, REG_OFFSET(pc) );
  1911                             	sh4_x86.in_delay_slot = TRUE;
  1912                             	sh4_translate_instruction(pc+2);
  1913                             	exit_block_pcset(pc+2);
  1914                             	sh4_x86.branch_taken = TRUE;
  1915                             	return 4;
  1918                                 break;
  1919                             case 0x1:
  1920                                 { /* TAS.B @Rn */
  1921                                 uint32_t Rn = ((ir>>8)&0xF); 
  1922                                 load_reg( R_EAX, Rn );
  1923                                 MMU_TRANSLATE_WRITE( R_EAX );
  1924                                 PUSH_realigned_r32( R_EAX );
  1925                                 MEM_READ_BYTE( R_EAX, R_EAX );
  1926                                 TEST_r8_r8( R_AL, R_AL );
  1927                                 SETE_t();
  1928                                 OR_imm8_r8( 0x80, R_AL );
  1929                                 POP_realigned_r32( R_ECX );
  1930                                 MEM_WRITE_BYTE( R_ECX, R_EAX );
  1931                                 sh4_x86.tstate = TSTATE_NONE;
  1933                                 break;
  1934                             case 0x2:
  1935                                 { /* JMP @Rn */
  1936                                 uint32_t Rn = ((ir>>8)&0xF); 
  1937                                 if( sh4_x86.in_delay_slot ) {
  1938                             	SLOTILLEGAL();
  1939                                 } else {
  1940                             	load_reg( R_ECX, Rn );
  1941                             	store_spreg( R_ECX, REG_OFFSET(pc) );
  1942                             	sh4_x86.in_delay_slot = TRUE;
  1943                             	sh4_translate_instruction(pc+2);
  1944                             	exit_block_pcset(pc+2);
  1945                             	sh4_x86.branch_taken = TRUE;
  1946                             	return 4;
  1949                                 break;
  1950                             default:
  1951                                 UNDEF();
  1952                                 break;
  1954                         break;
  1955                     case 0xC:
  1956                         { /* SHAD Rm, Rn */
  1957                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1958                         /* Annoyingly enough, not directly convertible */
  1959                         load_reg( R_EAX, Rn );
  1960                         load_reg( R_ECX, Rm );
  1961                         CMP_imm32_r32( 0, R_ECX );
  1962                         JGE_rel8(16, doshl);
  1964                         NEG_r32( R_ECX );      // 2
  1965                         AND_imm8_r8( 0x1F, R_CL ); // 3
  1966                         JE_rel8( 4, emptysar);     // 2
  1967                         SAR_r32_CL( R_EAX );       // 2
  1968                         JMP_rel8(10, end);          // 2
  1970                         JMP_TARGET(emptysar);
  1971                         SAR_imm8_r32(31, R_EAX );  // 3
  1972                         JMP_rel8(5, end2);
  1974                         JMP_TARGET(doshl);
  1975                         AND_imm8_r8( 0x1F, R_CL ); // 3
  1976                         SHL_r32_CL( R_EAX );       // 2
  1977                         JMP_TARGET(end);
  1978                         JMP_TARGET(end2);
  1979                         store_reg( R_EAX, Rn );
  1980                         sh4_x86.tstate = TSTATE_NONE;
  1982                         break;
  1983                     case 0xD:
  1984                         { /* SHLD Rm, Rn */
  1985                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  1986                         load_reg( R_EAX, Rn );
  1987                         load_reg( R_ECX, Rm );
  1988                         CMP_imm32_r32( 0, R_ECX );
  1989                         JGE_rel8(15, doshl);
  1991                         NEG_r32( R_ECX );      // 2
  1992                         AND_imm8_r8( 0x1F, R_CL ); // 3
  1993                         JE_rel8( 4, emptyshr );
  1994                         SHR_r32_CL( R_EAX );       // 2
  1995                         JMP_rel8(9, end);          // 2
  1997                         JMP_TARGET(emptyshr);
  1998                         XOR_r32_r32( R_EAX, R_EAX );
  1999                         JMP_rel8(5, end2);
  2001                         JMP_TARGET(doshl);
  2002                         AND_imm8_r8( 0x1F, R_CL ); // 3
  2003                         SHL_r32_CL( R_EAX );       // 2
  2004                         JMP_TARGET(end);
  2005                         JMP_TARGET(end2);
  2006                         store_reg( R_EAX, Rn );
  2007                         sh4_x86.tstate = TSTATE_NONE;
  2009                         break;
  2010                     case 0xE:
  2011                         switch( (ir&0x80) >> 7 ) {
  2012                             case 0x0:
  2013                                 switch( (ir&0x70) >> 4 ) {
  2014                                     case 0x0:
  2015                                         { /* LDC Rm, SR */
  2016                                         uint32_t Rm = ((ir>>8)&0xF); 
  2017                                         if( sh4_x86.in_delay_slot ) {
  2018                                     	SLOTILLEGAL();
  2019                                         } else {
  2020                                     	check_priv();
  2021                                     	load_reg( R_EAX, Rm );
  2022                                     	call_func1( sh4_write_sr, R_EAX );
  2023                                     	sh4_x86.priv_checked = FALSE;
  2024                                     	sh4_x86.fpuen_checked = FALSE;
  2025                                     	sh4_x86.tstate = TSTATE_NONE;
  2028                                         break;
  2029                                     case 0x1:
  2030                                         { /* LDC Rm, GBR */
  2031                                         uint32_t Rm = ((ir>>8)&0xF); 
  2032                                         load_reg( R_EAX, Rm );
  2033                                         store_spreg( R_EAX, R_GBR );
  2035                                         break;
  2036                                     case 0x2:
  2037                                         { /* LDC Rm, VBR */
  2038                                         uint32_t Rm = ((ir>>8)&0xF); 
  2039                                         check_priv();
  2040                                         load_reg( R_EAX, Rm );
  2041                                         store_spreg( R_EAX, R_VBR );
  2042                                         sh4_x86.tstate = TSTATE_NONE;
  2044                                         break;
  2045                                     case 0x3:
  2046                                         { /* LDC Rm, SSR */
  2047                                         uint32_t Rm = ((ir>>8)&0xF); 
  2048                                         check_priv();
  2049                                         load_reg( R_EAX, Rm );
  2050                                         store_spreg( R_EAX, R_SSR );
  2051                                         sh4_x86.tstate = TSTATE_NONE;
  2053                                         break;
  2054                                     case 0x4:
  2055                                         { /* LDC Rm, SPC */
  2056                                         uint32_t Rm = ((ir>>8)&0xF); 
  2057                                         check_priv();
  2058                                         load_reg( R_EAX, Rm );
  2059                                         store_spreg( R_EAX, R_SPC );
  2060                                         sh4_x86.tstate = TSTATE_NONE;
  2062                                         break;
  2063                                     default:
  2064                                         UNDEF();
  2065                                         break;
  2067                                 break;
  2068                             case 0x1:
  2069                                 { /* LDC Rm, Rn_BANK */
  2070                                 uint32_t Rm = ((ir>>8)&0xF); uint32_t Rn_BANK = ((ir>>4)&0x7); 
  2071                                 check_priv();
  2072                                 load_reg( R_EAX, Rm );
  2073                                 store_spreg( R_EAX, REG_OFFSET(r_bank[Rn_BANK]) );
  2074                                 sh4_x86.tstate = TSTATE_NONE;
  2076                                 break;
  2078                         break;
  2079                     case 0xF:
  2080                         { /* MAC.W @Rm+, @Rn+ */
  2081                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2082                         if( Rm == Rn ) {
  2083                     	load_reg( R_EAX, Rm );
  2084                     	check_ralign16( R_EAX );
  2085                     	MMU_TRANSLATE_READ( R_EAX );
  2086                     	PUSH_realigned_r32( R_EAX );
  2087                     	load_reg( R_EAX, Rn );
  2088                     	ADD_imm8s_r32( 2, R_EAX );
  2089                     	MMU_TRANSLATE_READ( R_EAX );
  2090                     	ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rn]) );
  2091                     	// Note translate twice in case of page boundaries. Maybe worth
  2092                     	// adding a page-boundary check to skip the second translation
  2093                         } else {
  2094                     	load_reg( R_EAX, Rm );
  2095                     	check_ralign16( R_EAX );
  2096                     	MMU_TRANSLATE_READ( R_EAX );
  2097                     	PUSH_realigned_r32( R_EAX );
  2098                     	load_reg( R_EAX, Rn );
  2099                     	check_ralign16( R_EAX );
  2100                     	MMU_TRANSLATE_READ( R_EAX );
  2101                     	ADD_imm8s_sh4r( 2, REG_OFFSET(r[Rn]) );
  2102                     	ADD_imm8s_sh4r( 2, REG_OFFSET(r[Rm]) );
  2104                         MEM_READ_WORD( R_EAX, R_EAX );
  2105                         POP_r32( R_ECX );
  2106                         PUSH_r32( R_EAX );
  2107                         MEM_READ_WORD( R_ECX, R_EAX );
  2108                         POP_realigned_r32( R_ECX );
  2109                         IMUL_r32( R_ECX );
  2111                         load_spreg( R_ECX, R_S );
  2112                         TEST_r32_r32( R_ECX, R_ECX );
  2113                         JE_rel8( 47, nosat );
  2115                         ADD_r32_sh4r( R_EAX, R_MACL );  // 6
  2116                         JNO_rel8( 51, end );            // 2
  2117                         load_imm32( R_EDX, 1 );         // 5
  2118                         store_spreg( R_EDX, R_MACH );   // 6
  2119                         JS_rel8( 13, positive );        // 2
  2120                         load_imm32( R_EAX, 0x80000000 );// 5
  2121                         store_spreg( R_EAX, R_MACL );   // 6
  2122                         JMP_rel8( 25, end2 );           // 2
  2124                         JMP_TARGET(positive);
  2125                         load_imm32( R_EAX, 0x7FFFFFFF );// 5
  2126                         store_spreg( R_EAX, R_MACL );   // 6
  2127                         JMP_rel8( 12, end3);            // 2
  2129                         JMP_TARGET(nosat);
  2130                         ADD_r32_sh4r( R_EAX, R_MACL );  // 6
  2131                         ADC_r32_sh4r( R_EDX, R_MACH );  // 6
  2132                         JMP_TARGET(end);
  2133                         JMP_TARGET(end2);
  2134                         JMP_TARGET(end3);
  2135                         sh4_x86.tstate = TSTATE_NONE;
  2137                         break;
  2139                 break;
  2140             case 0x5:
  2141                 { /* MOV.L @(disp, Rm), Rn */
  2142                 uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); uint32_t disp = (ir&0xF)<<2; 
  2143                 load_reg( R_EAX, Rm );
  2144                 ADD_imm8s_r32( disp, R_EAX );
  2145                 check_ralign32( R_EAX );
  2146                 MMU_TRANSLATE_READ( R_EAX );
  2147                 MEM_READ_LONG( R_EAX, R_EAX );
  2148                 store_reg( R_EAX, Rn );
  2149                 sh4_x86.tstate = TSTATE_NONE;
  2151                 break;
  2152             case 0x6:
  2153                 switch( ir&0xF ) {
  2154                     case 0x0:
  2155                         { /* MOV.B @Rm, Rn */
  2156                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2157                         load_reg( R_EAX, Rm );
  2158                         MMU_TRANSLATE_READ( R_EAX );
  2159                         MEM_READ_BYTE( R_EAX, R_EAX );
  2160                         store_reg( R_EAX, Rn );
  2161                         sh4_x86.tstate = TSTATE_NONE;
  2163                         break;
  2164                     case 0x1:
  2165                         { /* MOV.W @Rm, Rn */
  2166                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2167                         load_reg( R_EAX, Rm );
  2168                         check_ralign16( R_EAX );
  2169                         MMU_TRANSLATE_READ( R_EAX );
  2170                         MEM_READ_WORD( R_EAX, R_EAX );
  2171                         store_reg( R_EAX, Rn );
  2172                         sh4_x86.tstate = TSTATE_NONE;
  2174                         break;
  2175                     case 0x2:
  2176                         { /* MOV.L @Rm, Rn */
  2177                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2178                         load_reg( R_EAX, Rm );
  2179                         check_ralign32( R_EAX );
  2180                         MMU_TRANSLATE_READ( R_EAX );
  2181                         MEM_READ_LONG( R_EAX, R_EAX );
  2182                         store_reg( R_EAX, Rn );
  2183                         sh4_x86.tstate = TSTATE_NONE;
  2185                         break;
  2186                     case 0x3:
  2187                         { /* MOV Rm, Rn */
  2188                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2189                         load_reg( R_EAX, Rm );
  2190                         store_reg( R_EAX, Rn );
  2192                         break;
  2193                     case 0x4:
  2194                         { /* MOV.B @Rm+, Rn */
  2195                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2196                         load_reg( R_EAX, Rm );
  2197                         MMU_TRANSLATE_READ( R_EAX );
  2198                         ADD_imm8s_sh4r( 1, REG_OFFSET(r[Rm]) );
  2199                         MEM_READ_BYTE( R_EAX, R_EAX );
  2200                         store_reg( R_EAX, Rn );
  2201                         sh4_x86.tstate = TSTATE_NONE;
  2203                         break;
  2204                     case 0x5:
  2205                         { /* MOV.W @Rm+, Rn */
  2206                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2207                         load_reg( R_EAX, Rm );
  2208                         check_ralign16( R_EAX );
  2209                         MMU_TRANSLATE_READ( R_EAX );
  2210                         ADD_imm8s_sh4r( 2, REG_OFFSET(r[Rm]) );
  2211                         MEM_READ_WORD( R_EAX, R_EAX );
  2212                         store_reg( R_EAX, Rn );
  2213                         sh4_x86.tstate = TSTATE_NONE;
  2215                         break;
  2216                     case 0x6:
  2217                         { /* MOV.L @Rm+, Rn */
  2218                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2219                         load_reg( R_EAX, Rm );
  2220                         check_ralign32( R_EAX );
  2221                         MMU_TRANSLATE_READ( R_EAX );
  2222                         ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  2223                         MEM_READ_LONG( R_EAX, R_EAX );
  2224                         store_reg( R_EAX, Rn );
  2225                         sh4_x86.tstate = TSTATE_NONE;
  2227                         break;
  2228                     case 0x7:
  2229                         { /* NOT Rm, Rn */
  2230                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2231                         load_reg( R_EAX, Rm );
  2232                         NOT_r32( R_EAX );
  2233                         store_reg( R_EAX, Rn );
  2234                         sh4_x86.tstate = TSTATE_NONE;
  2236                         break;
  2237                     case 0x8:
  2238                         { /* SWAP.B Rm, Rn */
  2239                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2240                         load_reg( R_EAX, Rm );
  2241                         XCHG_r8_r8( R_AL, R_AH );
  2242                         store_reg( R_EAX, Rn );
  2244                         break;
  2245                     case 0x9:
  2246                         { /* SWAP.W Rm, Rn */
  2247                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2248                         load_reg( R_EAX, Rm );
  2249                         MOV_r32_r32( R_EAX, R_ECX );
  2250                         SHL_imm8_r32( 16, R_ECX );
  2251                         SHR_imm8_r32( 16, R_EAX );
  2252                         OR_r32_r32( R_EAX, R_ECX );
  2253                         store_reg( R_ECX, Rn );
  2254                         sh4_x86.tstate = TSTATE_NONE;
  2256                         break;
  2257                     case 0xA:
  2258                         { /* NEGC Rm, Rn */
  2259                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2260                         load_reg( R_EAX, Rm );
  2261                         XOR_r32_r32( R_ECX, R_ECX );
  2262                         LDC_t();
  2263                         SBB_r32_r32( R_EAX, R_ECX );
  2264                         store_reg( R_ECX, Rn );
  2265                         SETC_t();
  2266                         sh4_x86.tstate = TSTATE_C;
  2268                         break;
  2269                     case 0xB:
  2270                         { /* NEG Rm, Rn */
  2271                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2272                         load_reg( R_EAX, Rm );
  2273                         NEG_r32( R_EAX );
  2274                         store_reg( R_EAX, Rn );
  2275                         sh4_x86.tstate = TSTATE_NONE;
  2277                         break;
  2278                     case 0xC:
  2279                         { /* EXTU.B Rm, Rn */
  2280                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2281                         load_reg( R_EAX, Rm );
  2282                         MOVZX_r8_r32( R_EAX, R_EAX );
  2283                         store_reg( R_EAX, Rn );
  2285                         break;
  2286                     case 0xD:
  2287                         { /* EXTU.W Rm, Rn */
  2288                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2289                         load_reg( R_EAX, Rm );
  2290                         MOVZX_r16_r32( R_EAX, R_EAX );
  2291                         store_reg( R_EAX, Rn );
  2293                         break;
  2294                     case 0xE:
  2295                         { /* EXTS.B Rm, Rn */
  2296                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2297                         load_reg( R_EAX, Rm );
  2298                         MOVSX_r8_r32( R_EAX, R_EAX );
  2299                         store_reg( R_EAX, Rn );
  2301                         break;
  2302                     case 0xF:
  2303                         { /* EXTS.W Rm, Rn */
  2304                         uint32_t Rn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2305                         load_reg( R_EAX, Rm );
  2306                         MOVSX_r16_r32( R_EAX, R_EAX );
  2307                         store_reg( R_EAX, Rn );
  2309                         break;
  2311                 break;
  2312             case 0x7:
  2313                 { /* ADD #imm, Rn */
  2314                 uint32_t Rn = ((ir>>8)&0xF); int32_t imm = SIGNEXT8(ir&0xFF); 
  2315                 load_reg( R_EAX, Rn );
  2316                 ADD_imm8s_r32( imm, R_EAX );
  2317                 store_reg( R_EAX, Rn );
  2318                 sh4_x86.tstate = TSTATE_NONE;
  2320                 break;
  2321             case 0x8:
  2322                 switch( (ir&0xF00) >> 8 ) {
  2323                     case 0x0:
  2324                         { /* MOV.B R0, @(disp, Rn) */
  2325                         uint32_t Rn = ((ir>>4)&0xF); uint32_t disp = (ir&0xF); 
  2326                         load_reg( R_EAX, Rn );
  2327                         ADD_imm32_r32( disp, R_EAX );
  2328                         MMU_TRANSLATE_WRITE( R_EAX );
  2329                         load_reg( R_EDX, 0 );
  2330                         MEM_WRITE_BYTE( R_EAX, R_EDX );
  2331                         sh4_x86.tstate = TSTATE_NONE;
  2333                         break;
  2334                     case 0x1:
  2335                         { /* MOV.W R0, @(disp, Rn) */
  2336                         uint32_t Rn = ((ir>>4)&0xF); uint32_t disp = (ir&0xF)<<1; 
  2337                         load_reg( R_EAX, Rn );
  2338                         ADD_imm32_r32( disp, R_EAX );
  2339                         check_walign16( R_EAX );
  2340                         MMU_TRANSLATE_WRITE( R_EAX );
  2341                         load_reg( R_EDX, 0 );
  2342                         MEM_WRITE_WORD( R_EAX, R_EDX );
  2343                         sh4_x86.tstate = TSTATE_NONE;
  2345                         break;
  2346                     case 0x4:
  2347                         { /* MOV.B @(disp, Rm), R0 */
  2348                         uint32_t Rm = ((ir>>4)&0xF); uint32_t disp = (ir&0xF); 
  2349                         load_reg( R_EAX, Rm );
  2350                         ADD_imm32_r32( disp, R_EAX );
  2351                         MMU_TRANSLATE_READ( R_EAX );
  2352                         MEM_READ_BYTE( R_EAX, R_EAX );
  2353                         store_reg( R_EAX, 0 );
  2354                         sh4_x86.tstate = TSTATE_NONE;
  2356                         break;
  2357                     case 0x5:
  2358                         { /* MOV.W @(disp, Rm), R0 */
  2359                         uint32_t Rm = ((ir>>4)&0xF); uint32_t disp = (ir&0xF)<<1; 
  2360                         load_reg( R_EAX, Rm );
  2361                         ADD_imm32_r32( disp, R_EAX );
  2362                         check_ralign16( R_EAX );
  2363                         MMU_TRANSLATE_READ( R_EAX );
  2364                         MEM_READ_WORD( R_EAX, R_EAX );
  2365                         store_reg( R_EAX, 0 );
  2366                         sh4_x86.tstate = TSTATE_NONE;
  2368                         break;
  2369                     case 0x8:
  2370                         { /* CMP/EQ #imm, R0 */
  2371                         int32_t imm = SIGNEXT8(ir&0xFF); 
  2372                         load_reg( R_EAX, 0 );
  2373                         CMP_imm8s_r32(imm, R_EAX);
  2374                         SETE_t();
  2375                         sh4_x86.tstate = TSTATE_E;
  2377                         break;
  2378                     case 0x9:
  2379                         { /* BT disp */
  2380                         int32_t disp = SIGNEXT8(ir&0xFF)<<1; 
  2381                         if( sh4_x86.in_delay_slot ) {
  2382                     	SLOTILLEGAL();
  2383                         } else {
  2384                     	sh4vma_t target = disp + pc + 4;
  2385                     	JF_rel8( EXIT_BLOCK_REL_SIZE(target), nottaken );
  2386                     	exit_block_rel(target, pc+2 );
  2387                     	JMP_TARGET(nottaken);
  2388                     	return 2;
  2391                         break;
  2392                     case 0xB:
  2393                         { /* BF disp */
  2394                         int32_t disp = SIGNEXT8(ir&0xFF)<<1; 
  2395                         if( sh4_x86.in_delay_slot ) {
  2396                     	SLOTILLEGAL();
  2397                         } else {
  2398                     	sh4vma_t target = disp + pc + 4;
  2399                     	JT_rel8( EXIT_BLOCK_REL_SIZE(target), nottaken );
  2400                     	exit_block_rel(target, pc+2 );
  2401                     	JMP_TARGET(nottaken);
  2402                     	return 2;
  2405                         break;
  2406                     case 0xD:
  2407                         { /* BT/S disp */
  2408                         int32_t disp = SIGNEXT8(ir&0xFF)<<1; 
  2409                         if( sh4_x86.in_delay_slot ) {
  2410                     	SLOTILLEGAL();
  2411                         } else {
  2412                     	sh4_x86.in_delay_slot = TRUE;
  2413                     	if( sh4_x86.tstate == TSTATE_NONE ) {
  2414                     	    CMP_imm8s_sh4r( 1, R_T );
  2415                     	    sh4_x86.tstate = TSTATE_E;
  2417                     	OP(0x0F); OP(0x80+(sh4_x86.tstate^1)); uint32_t *patch = (uint32_t *)xlat_output; OP32(0); // JE rel32
  2418                     	sh4_translate_instruction(pc+2);
  2419                     	exit_block_rel( disp + pc + 4, pc+4 );
  2420                     	// not taken
  2421                     	*patch = (xlat_output - ((uint8_t *)patch)) - 4;
  2422                     	sh4_translate_instruction(pc+2);
  2423                     	return 4;
  2426                         break;
  2427                     case 0xF:
  2428                         { /* BF/S disp */
  2429                         int32_t disp = SIGNEXT8(ir&0xFF)<<1; 
  2430                         if( sh4_x86.in_delay_slot ) {
  2431                     	SLOTILLEGAL();
  2432                         } else {
  2433                     	sh4vma_t target = disp + pc + 4;
  2434                     	sh4_x86.in_delay_slot = TRUE;
  2435                     	if( sh4_x86.tstate == TSTATE_NONE ) {
  2436                     	    CMP_imm8s_sh4r( 1, R_T );
  2437                     	    sh4_x86.tstate = TSTATE_E;
  2439                     	OP(0x0F); OP(0x80+sh4_x86.tstate); uint32_t *patch = (uint32_t *)xlat_output; OP32(0); // JNE rel32
  2440                     	sh4_translate_instruction(pc+2);
  2441                     	exit_block_rel( target, pc+4 );
  2442                     	// not taken
  2443                     	*patch = (xlat_output - ((uint8_t *)patch)) - 4;
  2444                     	sh4_translate_instruction(pc+2);
  2445                     	return 4;
  2448                         break;
  2449                     default:
  2450                         UNDEF();
  2451                         break;
  2453                 break;
  2454             case 0x9:
  2455                 { /* MOV.W @(disp, PC), Rn */
  2456                 uint32_t Rn = ((ir>>8)&0xF); uint32_t disp = (ir&0xFF)<<1; 
  2457                 if( sh4_x86.in_delay_slot ) {
  2458             	SLOTILLEGAL();
  2459                 } else {
  2460             	// See comments for MOV.L @(disp, PC), Rn
  2461             	uint32_t target = pc + disp + 4;
  2462             	if( IS_IN_ICACHE(target) ) {
  2463             	    sh4ptr_t ptr = GET_ICACHE_PTR(target);
  2464             	    MOV_moff32_EAX( ptr );
  2465             	    MOVSX_r16_r32( R_EAX, R_EAX );
  2466             	} else {
  2467             	    load_imm32( R_EAX, (pc - sh4_x86.block_start_pc) + disp + 4 );
  2468             	    ADD_sh4r_r32( R_PC, R_EAX );
  2469             	    MMU_TRANSLATE_READ( R_EAX );
  2470             	    MEM_READ_WORD( R_EAX, R_EAX );
  2471             	    sh4_x86.tstate = TSTATE_NONE;
  2473             	store_reg( R_EAX, Rn );
  2476                 break;
  2477             case 0xA:
  2478                 { /* BRA disp */
  2479                 int32_t disp = SIGNEXT12(ir&0xFFF)<<1; 
  2480                 if( sh4_x86.in_delay_slot ) {
  2481             	SLOTILLEGAL();
  2482                 } else {
  2483             	sh4_x86.in_delay_slot = TRUE;
  2484             	sh4_translate_instruction( pc + 2 );
  2485             	exit_block_rel( disp + pc + 4, pc+4 );
  2486             	sh4_x86.branch_taken = TRUE;
  2487             	return 4;
  2490                 break;
  2491             case 0xB:
  2492                 { /* BSR disp */
  2493                 int32_t disp = SIGNEXT12(ir&0xFFF)<<1; 
  2494                 if( sh4_x86.in_delay_slot ) {
  2495             	SLOTILLEGAL();
  2496                 } else {
  2497             	load_imm32( R_EAX, pc + 4 );
  2498             	store_spreg( R_EAX, R_PR );
  2499             	sh4_x86.in_delay_slot = TRUE;
  2500             	sh4_translate_instruction( pc + 2 );
  2501             	exit_block_rel( disp + pc + 4, pc+4 );
  2502             	sh4_x86.branch_taken = TRUE;
  2503             	return 4;
  2506                 break;
  2507             case 0xC:
  2508                 switch( (ir&0xF00) >> 8 ) {
  2509                     case 0x0:
  2510                         { /* MOV.B R0, @(disp, GBR) */
  2511                         uint32_t disp = (ir&0xFF); 
  2512                         load_spreg( R_EAX, R_GBR );
  2513                         ADD_imm32_r32( disp, R_EAX );
  2514                         MMU_TRANSLATE_WRITE( R_EAX );
  2515                         load_reg( R_EDX, 0 );
  2516                         MEM_WRITE_BYTE( R_EAX, R_EDX );
  2517                         sh4_x86.tstate = TSTATE_NONE;
  2519                         break;
  2520                     case 0x1:
  2521                         { /* MOV.W R0, @(disp, GBR) */
  2522                         uint32_t disp = (ir&0xFF)<<1; 
  2523                         load_spreg( R_EAX, R_GBR );
  2524                         ADD_imm32_r32( disp, R_EAX );
  2525                         check_walign16( R_EAX );
  2526                         MMU_TRANSLATE_WRITE( R_EAX );
  2527                         load_reg( R_EDX, 0 );
  2528                         MEM_WRITE_WORD( R_EAX, R_EDX );
  2529                         sh4_x86.tstate = TSTATE_NONE;
  2531                         break;
  2532                     case 0x2:
  2533                         { /* MOV.L R0, @(disp, GBR) */
  2534                         uint32_t disp = (ir&0xFF)<<2; 
  2535                         load_spreg( R_EAX, R_GBR );
  2536                         ADD_imm32_r32( disp, R_EAX );
  2537                         check_walign32( R_EAX );
  2538                         MMU_TRANSLATE_WRITE( R_EAX );
  2539                         load_reg( R_EDX, 0 );
  2540                         MEM_WRITE_LONG( R_EAX, R_EDX );
  2541                         sh4_x86.tstate = TSTATE_NONE;
  2543                         break;
  2544                     case 0x3:
  2545                         { /* TRAPA #imm */
  2546                         uint32_t imm = (ir&0xFF); 
  2547                         if( sh4_x86.in_delay_slot ) {
  2548                     	SLOTILLEGAL();
  2549                         } else {
  2550                     	load_imm32( R_ECX, pc+2 );
  2551                     	store_spreg( R_ECX, REG_OFFSET(pc) );
  2552                     	load_imm32( R_EAX, imm );
  2553                     	call_func1( sh4_raise_trap, R_EAX );
  2554                     	sh4_x86.tstate = TSTATE_NONE;
  2555                     	exit_block_pcset(pc);
  2556                     	sh4_x86.branch_taken = TRUE;
  2557                     	return 2;
  2560                         break;
  2561                     case 0x4:
  2562                         { /* MOV.B @(disp, GBR), R0 */
  2563                         uint32_t disp = (ir&0xFF); 
  2564                         load_spreg( R_EAX, R_GBR );
  2565                         ADD_imm32_r32( disp, R_EAX );
  2566                         MMU_TRANSLATE_READ( R_EAX );
  2567                         MEM_READ_BYTE( R_EAX, R_EAX );
  2568                         store_reg( R_EAX, 0 );
  2569                         sh4_x86.tstate = TSTATE_NONE;
  2571                         break;
  2572                     case 0x5:
  2573                         { /* MOV.W @(disp, GBR), R0 */
  2574                         uint32_t disp = (ir&0xFF)<<1; 
  2575                         load_spreg( R_EAX, R_GBR );
  2576                         ADD_imm32_r32( disp, R_EAX );
  2577                         check_ralign16( R_EAX );
  2578                         MMU_TRANSLATE_READ( R_EAX );
  2579                         MEM_READ_WORD( R_EAX, R_EAX );
  2580                         store_reg( R_EAX, 0 );
  2581                         sh4_x86.tstate = TSTATE_NONE;
  2583                         break;
  2584                     case 0x6:
  2585                         { /* MOV.L @(disp, GBR), R0 */
  2586                         uint32_t disp = (ir&0xFF)<<2; 
  2587                         load_spreg( R_EAX, R_GBR );
  2588                         ADD_imm32_r32( disp, R_EAX );
  2589                         check_ralign32( R_EAX );
  2590                         MMU_TRANSLATE_READ( R_EAX );
  2591                         MEM_READ_LONG( R_EAX, R_EAX );
  2592                         store_reg( R_EAX, 0 );
  2593                         sh4_x86.tstate = TSTATE_NONE;
  2595                         break;
  2596                     case 0x7:
  2597                         { /* MOVA @(disp, PC), R0 */
  2598                         uint32_t disp = (ir&0xFF)<<2; 
  2599                         if( sh4_x86.in_delay_slot ) {
  2600                     	SLOTILLEGAL();
  2601                         } else {
  2602                     	load_imm32( R_ECX, (pc - sh4_x86.block_start_pc) + disp + 4 - (pc&0x03) );
  2603                     	ADD_sh4r_r32( R_PC, R_ECX );
  2604                     	store_reg( R_ECX, 0 );
  2605                     	sh4_x86.tstate = TSTATE_NONE;
  2608                         break;
  2609                     case 0x8:
  2610                         { /* TST #imm, R0 */
  2611                         uint32_t imm = (ir&0xFF); 
  2612                         load_reg( R_EAX, 0 );
  2613                         TEST_imm32_r32( imm, R_EAX );
  2614                         SETE_t();
  2615                         sh4_x86.tstate = TSTATE_E;
  2617                         break;
  2618                     case 0x9:
  2619                         { /* AND #imm, R0 */
  2620                         uint32_t imm = (ir&0xFF); 
  2621                         load_reg( R_EAX, 0 );
  2622                         AND_imm32_r32(imm, R_EAX); 
  2623                         store_reg( R_EAX, 0 );
  2624                         sh4_x86.tstate = TSTATE_NONE;
  2626                         break;
  2627                     case 0xA:
  2628                         { /* XOR #imm, R0 */
  2629                         uint32_t imm = (ir&0xFF); 
  2630                         load_reg( R_EAX, 0 );
  2631                         XOR_imm32_r32( imm, R_EAX );
  2632                         store_reg( R_EAX, 0 );
  2633                         sh4_x86.tstate = TSTATE_NONE;
  2635                         break;
  2636                     case 0xB:
  2637                         { /* OR #imm, R0 */
  2638                         uint32_t imm = (ir&0xFF); 
  2639                         load_reg( R_EAX, 0 );
  2640                         OR_imm32_r32(imm, R_EAX);
  2641                         store_reg( R_EAX, 0 );
  2642                         sh4_x86.tstate = TSTATE_NONE;
  2644                         break;
  2645                     case 0xC:
  2646                         { /* TST.B #imm, @(R0, GBR) */
  2647                         uint32_t imm = (ir&0xFF); 
  2648                         load_reg( R_EAX, 0);
  2649                         load_reg( R_ECX, R_GBR);
  2650                         ADD_r32_r32( R_ECX, R_EAX );
  2651                         MMU_TRANSLATE_READ( R_EAX );
  2652                         MEM_READ_BYTE( R_EAX, R_EAX );
  2653                         TEST_imm8_r8( imm, R_AL );
  2654                         SETE_t();
  2655                         sh4_x86.tstate = TSTATE_E;
  2657                         break;
  2658                     case 0xD:
  2659                         { /* AND.B #imm, @(R0, GBR) */
  2660                         uint32_t imm = (ir&0xFF); 
  2661                         load_reg( R_EAX, 0 );
  2662                         load_spreg( R_ECX, R_GBR );
  2663                         ADD_r32_r32( R_ECX, R_EAX );
  2664                         MMU_TRANSLATE_WRITE( R_EAX );
  2665                         PUSH_realigned_r32(R_EAX);
  2666                         MEM_READ_BYTE( R_EAX, R_EAX );
  2667                         POP_realigned_r32(R_ECX);
  2668                         AND_imm32_r32(imm, R_EAX );
  2669                         MEM_WRITE_BYTE( R_ECX, R_EAX );
  2670                         sh4_x86.tstate = TSTATE_NONE;
  2672                         break;
  2673                     case 0xE:
  2674                         { /* XOR.B #imm, @(R0, GBR) */
  2675                         uint32_t imm = (ir&0xFF); 
  2676                         load_reg( R_EAX, 0 );
  2677                         load_spreg( R_ECX, R_GBR );
  2678                         ADD_r32_r32( R_ECX, R_EAX );
  2679                         MMU_TRANSLATE_WRITE( R_EAX );
  2680                         PUSH_realigned_r32(R_EAX);
  2681                         MEM_READ_BYTE(R_EAX, R_EAX);
  2682                         POP_realigned_r32(R_ECX);
  2683                         XOR_imm32_r32( imm, R_EAX );
  2684                         MEM_WRITE_BYTE( R_ECX, R_EAX );
  2685                         sh4_x86.tstate = TSTATE_NONE;
  2687                         break;
  2688                     case 0xF:
  2689                         { /* OR.B #imm, @(R0, GBR) */
  2690                         uint32_t imm = (ir&0xFF); 
  2691                         load_reg( R_EAX, 0 );
  2692                         load_spreg( R_ECX, R_GBR );
  2693                         ADD_r32_r32( R_ECX, R_EAX );
  2694                         MMU_TRANSLATE_WRITE( R_EAX );
  2695                         PUSH_realigned_r32(R_EAX);
  2696                         MEM_READ_BYTE( R_EAX, R_EAX );
  2697                         POP_realigned_r32(R_ECX);
  2698                         OR_imm32_r32(imm, R_EAX );
  2699                         MEM_WRITE_BYTE( R_ECX, R_EAX );
  2700                         sh4_x86.tstate = TSTATE_NONE;
  2702                         break;
  2704                 break;
  2705             case 0xD:
  2706                 { /* MOV.L @(disp, PC), Rn */
  2707                 uint32_t Rn = ((ir>>8)&0xF); uint32_t disp = (ir&0xFF)<<2; 
  2708                 if( sh4_x86.in_delay_slot ) {
  2709             	SLOTILLEGAL();
  2710                 } else {
  2711             	uint32_t target = (pc & 0xFFFFFFFC) + disp + 4;
  2712             	if( IS_IN_ICACHE(target) ) {
  2713             	    // If the target address is in the same page as the code, it's
  2714             	    // pretty safe to just ref it directly and circumvent the whole
  2715             	    // memory subsystem. (this is a big performance win)
  2717             	    // FIXME: There's a corner-case that's not handled here when
  2718             	    // the current code-page is in the ITLB but not in the UTLB.
  2719             	    // (should generate a TLB miss although need to test SH4 
  2720             	    // behaviour to confirm) Unlikely to be anyone depending on this
  2721             	    // behaviour though.
  2722             	    sh4ptr_t ptr = GET_ICACHE_PTR(target);
  2723             	    MOV_moff32_EAX( ptr );
  2724             	} else {
  2725             	    // Note: we use sh4r.pc for the calc as we could be running at a
  2726             	    // different virtual address than the translation was done with,
  2727             	    // but we can safely assume that the low bits are the same.
  2728             	    load_imm32( R_EAX, (pc-sh4_x86.block_start_pc) + disp + 4 - (pc&0x03) );
  2729             	    ADD_sh4r_r32( R_PC, R_EAX );
  2730             	    MMU_TRANSLATE_READ( R_EAX );
  2731             	    MEM_READ_LONG( R_EAX, R_EAX );
  2732             	    sh4_x86.tstate = TSTATE_NONE;
  2734             	store_reg( R_EAX, Rn );
  2737                 break;
  2738             case 0xE:
  2739                 { /* MOV #imm, Rn */
  2740                 uint32_t Rn = ((ir>>8)&0xF); int32_t imm = SIGNEXT8(ir&0xFF); 
  2741                 load_imm32( R_EAX, imm );
  2742                 store_reg( R_EAX, Rn );
  2744                 break;
  2745             case 0xF:
  2746                 switch( ir&0xF ) {
  2747                     case 0x0:
  2748                         { /* FADD FRm, FRn */
  2749                         uint32_t FRn = ((ir>>8)&0xF); uint32_t FRm = ((ir>>4)&0xF); 
  2750                         check_fpuen();
  2751                         load_spreg( R_ECX, R_FPSCR );
  2752                         TEST_imm32_r32( FPSCR_PR, R_ECX );
  2753                         load_fr_bank( R_EDX );
  2754                         JNE_rel8(13,doubleprec);
  2755                         push_fr(R_EDX, FRm);
  2756                         push_fr(R_EDX, FRn);
  2757                         FADDP_st(1);
  2758                         pop_fr(R_EDX, FRn);
  2759                         JMP_rel8(11,end);
  2760                         JMP_TARGET(doubleprec);
  2761                         push_dr(R_EDX, FRm);
  2762                         push_dr(R_EDX, FRn);
  2763                         FADDP_st(1);
  2764                         pop_dr(R_EDX, FRn);
  2765                         JMP_TARGET(end);
  2766                         sh4_x86.tstate = TSTATE_NONE;
  2768                         break;
  2769                     case 0x1:
  2770                         { /* FSUB FRm, FRn */
  2771                         uint32_t FRn = ((ir>>8)&0xF); uint32_t FRm = ((ir>>4)&0xF); 
  2772                         check_fpuen();
  2773                         load_spreg( R_ECX, R_FPSCR );
  2774                         TEST_imm32_r32( FPSCR_PR, R_ECX );
  2775                         load_fr_bank( R_EDX );
  2776                         JNE_rel8(13, doubleprec);
  2777                         push_fr(R_EDX, FRn);
  2778                         push_fr(R_EDX, FRm);
  2779                         FSUBP_st(1);
  2780                         pop_fr(R_EDX, FRn);
  2781                         JMP_rel8(11, end);
  2782                         JMP_TARGET(doubleprec);
  2783                         push_dr(R_EDX, FRn);
  2784                         push_dr(R_EDX, FRm);
  2785                         FSUBP_st(1);
  2786                         pop_dr(R_EDX, FRn);
  2787                         JMP_TARGET(end);
  2788                         sh4_x86.tstate = TSTATE_NONE;
  2790                         break;
  2791                     case 0x2:
  2792                         { /* FMUL FRm, FRn */
  2793                         uint32_t FRn = ((ir>>8)&0xF); uint32_t FRm = ((ir>>4)&0xF); 
  2794                         check_fpuen();
  2795                         load_spreg( R_ECX, R_FPSCR );
  2796                         TEST_imm32_r32( FPSCR_PR, R_ECX );
  2797                         load_fr_bank( R_EDX );
  2798                         JNE_rel8(13, doubleprec);
  2799                         push_fr(R_EDX, FRm);
  2800                         push_fr(R_EDX, FRn);
  2801                         FMULP_st(1);
  2802                         pop_fr(R_EDX, FRn);
  2803                         JMP_rel8(11, end);
  2804                         JMP_TARGET(doubleprec);
  2805                         push_dr(R_EDX, FRm);
  2806                         push_dr(R_EDX, FRn);
  2807                         FMULP_st(1);
  2808                         pop_dr(R_EDX, FRn);
  2809                         JMP_TARGET(end);
  2810                         sh4_x86.tstate = TSTATE_NONE;
  2812                         break;
  2813                     case 0x3:
  2814                         { /* FDIV FRm, FRn */
  2815                         uint32_t FRn = ((ir>>8)&0xF); uint32_t FRm = ((ir>>4)&0xF); 
  2816                         check_fpuen();
  2817                         load_spreg( R_ECX, R_FPSCR );
  2818                         TEST_imm32_r32( FPSCR_PR, R_ECX );
  2819                         load_fr_bank( R_EDX );
  2820                         JNE_rel8(13, doubleprec);
  2821                         push_fr(R_EDX, FRn);
  2822                         push_fr(R_EDX, FRm);
  2823                         FDIVP_st(1);
  2824                         pop_fr(R_EDX, FRn);
  2825                         JMP_rel8(11, end);
  2826                         JMP_TARGET(doubleprec);
  2827                         push_dr(R_EDX, FRn);
  2828                         push_dr(R_EDX, FRm);
  2829                         FDIVP_st(1);
  2830                         pop_dr(R_EDX, FRn);
  2831                         JMP_TARGET(end);
  2832                         sh4_x86.tstate = TSTATE_NONE;
  2834                         break;
  2835                     case 0x4:
  2836                         { /* FCMP/EQ FRm, FRn */
  2837                         uint32_t FRn = ((ir>>8)&0xF); uint32_t FRm = ((ir>>4)&0xF); 
  2838                         check_fpuen();
  2839                         load_spreg( R_ECX, R_FPSCR );
  2840                         TEST_imm32_r32( FPSCR_PR, R_ECX );
  2841                         load_fr_bank( R_EDX );
  2842                         JNE_rel8(8, doubleprec);
  2843                         push_fr(R_EDX, FRm);
  2844                         push_fr(R_EDX, FRn);
  2845                         JMP_rel8(6, end);
  2846                         JMP_TARGET(doubleprec);
  2847                         push_dr(R_EDX, FRm);
  2848                         push_dr(R_EDX, FRn);
  2849                         JMP_TARGET(end);
  2850                         FCOMIP_st(1);
  2851                         SETE_t();
  2852                         FPOP_st();
  2853                         sh4_x86.tstate = TSTATE_NONE;
  2855                         break;
  2856                     case 0x5:
  2857                         { /* FCMP/GT FRm, FRn */
  2858                         uint32_t FRn = ((ir>>8)&0xF); uint32_t FRm = ((ir>>4)&0xF); 
  2859                         check_fpuen();
  2860                         load_spreg( R_ECX, R_FPSCR );
  2861                         TEST_imm32_r32( FPSCR_PR, R_ECX );
  2862                         load_fr_bank( R_EDX );
  2863                         JNE_rel8(8, doubleprec);
  2864                         push_fr(R_EDX, FRm);
  2865                         push_fr(R_EDX, FRn);
  2866                         JMP_rel8(6, end);
  2867                         JMP_TARGET(doubleprec);
  2868                         push_dr(R_EDX, FRm);
  2869                         push_dr(R_EDX, FRn);
  2870                         JMP_TARGET(end);
  2871                         FCOMIP_st(1);
  2872                         SETA_t();
  2873                         FPOP_st();
  2874                         sh4_x86.tstate = TSTATE_NONE;
  2876                         break;
  2877                     case 0x6:
  2878                         { /* FMOV @(R0, Rm), FRn */
  2879                         uint32_t FRn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2880                         check_fpuen();
  2881                         load_reg( R_EAX, Rm );
  2882                         ADD_sh4r_r32( REG_OFFSET(r[0]), R_EAX );
  2883                         check_ralign32( R_EAX );
  2884                         MMU_TRANSLATE_READ( R_EAX );
  2885                         load_spreg( R_EDX, R_FPSCR );
  2886                         TEST_imm32_r32( FPSCR_SZ, R_EDX );
  2887                         JNE_rel8(8 + MEM_READ_SIZE, doublesize);
  2888                         MEM_READ_LONG( R_EAX, R_EAX );
  2889                         load_fr_bank( R_EDX );
  2890                         store_fr( R_EDX, R_EAX, FRn );
  2891                         if( FRn&1 ) {
  2892                     	JMP_rel8(21 + MEM_READ_DOUBLE_SIZE, end);
  2893                     	JMP_TARGET(doublesize);
  2894                     	MEM_READ_DOUBLE( R_EAX, R_ECX, R_EAX );
  2895                     	load_spreg( R_EDX, R_FPSCR ); // assume read_long clobbered it
  2896                     	load_xf_bank( R_EDX );
  2897                     	store_fr( R_EDX, R_ECX, FRn&0x0E );
  2898                     	store_fr( R_EDX, R_EAX, FRn|0x01 );
  2899                     	JMP_TARGET(end);
  2900                         } else {
  2901                     	JMP_rel8(9 + MEM_READ_DOUBLE_SIZE, end);
  2902                     	JMP_TARGET(doublesize);
  2903                     	MEM_READ_DOUBLE( R_EAX, R_ECX, R_EAX );
  2904                     	load_fr_bank( R_EDX );
  2905                     	store_fr( R_EDX, R_ECX, FRn&0x0E );
  2906                     	store_fr( R_EDX, R_EAX, FRn|0x01 );
  2907                     	JMP_TARGET(end);
  2909                         sh4_x86.tstate = TSTATE_NONE;
  2911                         break;
  2912                     case 0x7:
  2913                         { /* FMOV FRm, @(R0, Rn) */
  2914                         uint32_t Rn = ((ir>>8)&0xF); uint32_t FRm = ((ir>>4)&0xF); 
  2915                         check_fpuen();
  2916                         load_reg( R_EAX, Rn );
  2917                         ADD_sh4r_r32( REG_OFFSET(r[0]), R_EAX );
  2918                         check_walign32( R_EAX );
  2919                         MMU_TRANSLATE_WRITE( R_EAX );
  2920                         load_spreg( R_EDX, R_FPSCR );
  2921                         TEST_imm32_r32( FPSCR_SZ, R_EDX );
  2922                         JNE_rel8(8 + MEM_WRITE_SIZE, doublesize);
  2923                         load_fr_bank( R_EDX );
  2924                         load_fr( R_EDX, R_ECX, FRm );
  2925                         MEM_WRITE_LONG( R_EAX, R_ECX ); // 12
  2926                         if( FRm&1 ) {
  2927                     	JMP_rel8( 18 + MEM_WRITE_DOUBLE_SIZE, end );
  2928                     	JMP_TARGET(doublesize);
  2929                     	load_xf_bank( R_EDX );
  2930                     	load_fr( R_EDX, R_ECX, FRm&0x0E );
  2931                     	load_fr( R_EDX, R_EDX, FRm|0x01 );
  2932                     	MEM_WRITE_DOUBLE( R_EAX, R_ECX, R_EDX );
  2933                     	JMP_TARGET(end);
  2934                         } else {
  2935                     	JMP_rel8( 9 + MEM_WRITE_DOUBLE_SIZE, end );
  2936                     	JMP_TARGET(doublesize);
  2937                     	load_fr_bank( R_EDX );
  2938                     	load_fr( R_EDX, R_ECX, FRm&0x0E );
  2939                     	load_fr( R_EDX, R_EDX, FRm|0x01 );
  2940                     	MEM_WRITE_DOUBLE( R_EAX, R_ECX, R_EDX );
  2941                     	JMP_TARGET(end);
  2943                         sh4_x86.tstate = TSTATE_NONE;
  2945                         break;
  2946                     case 0x8:
  2947                         { /* FMOV @Rm, FRn */
  2948                         uint32_t FRn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2949                         check_fpuen();
  2950                         load_reg( R_EAX, Rm );
  2951                         check_ralign32( R_EAX );
  2952                         MMU_TRANSLATE_READ( R_EAX );
  2953                         load_spreg( R_EDX, R_FPSCR );
  2954                         TEST_imm32_r32( FPSCR_SZ, R_EDX );
  2955                         JNE_rel8(8 + MEM_READ_SIZE, doublesize);
  2956                         MEM_READ_LONG( R_EAX, R_EAX );
  2957                         load_fr_bank( R_EDX );
  2958                         store_fr( R_EDX, R_EAX, FRn );
  2959                         if( FRn&1 ) {
  2960                     	JMP_rel8(21 + MEM_READ_DOUBLE_SIZE, end);
  2961                     	JMP_TARGET(doublesize);
  2962                     	MEM_READ_DOUBLE( R_EAX, R_ECX, R_EAX );
  2963                     	load_spreg( R_EDX, R_FPSCR ); // assume read_long clobbered it
  2964                     	load_xf_bank( R_EDX );
  2965                     	store_fr( R_EDX, R_ECX, FRn&0x0E );
  2966                     	store_fr( R_EDX, R_EAX, FRn|0x01 );
  2967                     	JMP_TARGET(end);
  2968                         } else {
  2969                     	JMP_rel8(9 + MEM_READ_DOUBLE_SIZE, end);
  2970                     	JMP_TARGET(doublesize);
  2971                     	MEM_READ_DOUBLE( R_EAX, R_ECX, R_EAX );
  2972                     	load_fr_bank( R_EDX );
  2973                     	store_fr( R_EDX, R_ECX, FRn&0x0E );
  2974                     	store_fr( R_EDX, R_EAX, FRn|0x01 );
  2975                     	JMP_TARGET(end);
  2977                         sh4_x86.tstate = TSTATE_NONE;
  2979                         break;
  2980                     case 0x9:
  2981                         { /* FMOV @Rm+, FRn */
  2982                         uint32_t FRn = ((ir>>8)&0xF); uint32_t Rm = ((ir>>4)&0xF); 
  2983                         check_fpuen();
  2984                         load_reg( R_EAX, Rm );
  2985                         check_ralign32( R_EAX );
  2986                         MMU_TRANSLATE_READ( R_EAX );
  2987                         load_spreg( R_EDX, R_FPSCR );
  2988                         TEST_imm32_r32( FPSCR_SZ, R_EDX );
  2989                         JNE_rel8(12 + MEM_READ_SIZE, doublesize);
  2990                         ADD_imm8s_sh4r( 4, REG_OFFSET(r[Rm]) );
  2991                         MEM_READ_LONG( R_EAX, R_EAX );
  2992                         load_fr_bank( R_EDX );
  2993                         store_fr( R_EDX, R_EAX, FRn );
  2994                         if( FRn&1 ) {
  2995                     	JMP_rel8(25 + MEM_READ_DOUBLE_SIZE, end);
  2996                     	JMP_TARGET(doublesize);
  2997                     	ADD_imm8s_sh4r( 8, REG_OFFSET(r[Rm]) );
  2998                     	MEM_READ_DOUBLE( R_EAX, R_ECX, R_EAX );
  2999                     	load_spreg( R_EDX, R_FPSCR ); // assume read_long clobbered it
  3000                     	load_xf_bank( R_EDX );
  3001                     	store_fr( R_EDX, R_ECX, FRn&0x0E );
  3002                     	store_fr( R_EDX, R_EAX, FRn|0x01 );
  3003                     	JMP_TARGET(end);
  3004                         } else {
  3005                     	JMP_rel8(13 + MEM_READ_DOUBLE_SIZE, end);
  3006                     	ADD_imm8s_sh4r( 8, REG_OFFSET(r[Rm]) );
  3007                     	MEM_READ_DOUBLE( R_EAX, R_ECX, R_EAX );
  3008                     	load_fr_bank( R_EDX );
  3009                     	store_fr( R_EDX, R_ECX, FRn&0x0E );
  3010                     	store_fr( R_EDX, R_EAX, FRn|0x01 );
  3011                     	JMP_TARGET(end);
  3013                         sh4_x86.tstate = TSTATE_NONE;
  3015                         break;
  3016                     case 0xA:
  3017                         { /* FMOV FRm, @Rn */
  3018                         uint32_t Rn = ((ir>>8)&0xF); uint32_t FRm = ((ir>>4)&0xF); 
  3019                         check_fpuen();
  3020                         load_reg( R_EAX, Rn );
  3021                         check_walign32( R_EAX );
  3022                         MMU_TRANSLATE_WRITE( R_EAX );
  3023                         load_spreg( R_EDX, R_FPSCR );
  3024                         TEST_imm32_r32( FPSCR_SZ, R_EDX );
  3025                         JNE_rel8(8 + MEM_WRITE_SIZE, doublesize);
  3026                         load_fr_bank( R_EDX );
  3027                         load_fr( R_EDX, R_ECX, FRm );
  3028                         MEM_WRITE_LONG( R_EAX, R_ECX ); // 12
  3029                         if( FRm&1 ) {
  3030                     	JMP_rel8( 18 + MEM_WRITE_DOUBLE_SIZE, end );
  3031                     	JMP_TARGET(doublesize);
  3032                     	load_xf_bank( R_EDX );
  3033                     	load_fr( R_EDX, R_ECX, FRm&0x0E );
  3034                     	load_fr( R_EDX, R_EDX, FRm|0x01 );
  3035                     	MEM_WRITE_DOUBLE( R_EAX, R_ECX, R_EDX );
  3036                     	JMP_TARGET(end);
  3037                         } else {
  3038                     	JMP_rel8( 9 + MEM_WRITE_DOUBLE_SIZE, end );
  3039                     	JMP_TARGET(doublesize);
  3040                     	load_fr_bank( R_EDX );
  3041                     	load_fr( R_EDX, R_ECX, FRm&0x0E );
  3042                     	load_fr( R_EDX, R_EDX, FRm|0x01 );
  3043                     	MEM_WRITE_DOUBLE( R_EAX, R_ECX, R_EDX );
  3044                     	JMP_TARGET(end);
  3046                         sh4_x86.tstate = TSTATE_NONE;
  3048                         break;
  3049                     case 0xB:
  3050                         { /* FMOV FRm, @-Rn */
  3051                         uint32_t Rn = ((ir>>8)&0xF); uint32_t FRm = ((ir>>4)&0xF); 
  3052                         check_fpuen();
  3053                         load_reg( R_EAX, Rn );
  3054                         check_walign32( R_EAX );
  3055                         load_spreg( R_EDX, R_FPSCR );
  3056                         TEST_imm32_r32( FPSCR_SZ, R_EDX );
  3057                         JNE_rel8(15 + MEM_WRITE_SIZE + MMU_TRANSLATE_SIZE, doublesize);
  3058                         ADD_imm8s_r32( -4, R_EAX );
  3059                         MMU_TRANSLATE_WRITE( R_EAX );
  3060                         load_fr_bank( R_EDX );
  3061                         load_fr( R_EDX, R_ECX, FRm );
  3062                         ADD_imm8s_sh4r(-4,REG_OFFSET(r[Rn]));
  3063                         MEM_WRITE_LONG( R_EAX, R_ECX ); // 12
  3064                         if( FRm&1 ) {
  3065                     	JMP_rel8( 25 + MEM_WRITE_DOUBLE_SIZE + MMU_TRANSLATE_SIZE, end );
  3066                     	JMP_TARGET(doublesize);
  3067                     	ADD_imm8s_r32(-8,R_EAX);
  3068                     	MMU_TRANSLATE_WRITE( R_EAX );
  3069                     	load_xf_bank( R_EDX );
  3070                     	load_fr( R_EDX, R_ECX, FRm&0x0E );
  3071                     	load_fr( R_EDX, R_EDX, FRm|0x01 );
  3072                     	ADD_imm8s_sh4r(-8,REG_OFFSET(r[Rn]));
  3073                     	MEM_WRITE_DOUBLE( R_EAX, R_ECX, R_EDX );
  3074                     	JMP_TARGET(end);
  3075                         } else {
  3076                     	JMP_rel8( 16 + MEM_WRITE_DOUBLE_SIZE + MMU_TRANSLATE_SIZE, end );
  3077                     	JMP_TARGET(doublesize);
  3078                     	ADD_imm8s_r32(-8,R_EAX);
  3079                     	MMU_TRANSLATE_WRITE( R_EAX );
  3080                     	load_fr_bank( R_EDX );
  3081                     	load_fr( R_EDX, R_ECX, FRm&0x0E );
  3082                     	load_fr( R_EDX, R_EDX, FRm|0x01 );
  3083                     	ADD_imm8s_sh4r(-8,REG_OFFSET(r[Rn]));
  3084                     	MEM_WRITE_DOUBLE( R_EAX, R_ECX, R_EDX );
  3085                     	JMP_TARGET(end);
  3087                         sh4_x86.tstate = TSTATE_NONE;
  3089                         break;
  3090                     case 0xC:
  3091                         { /* FMOV FRm, FRn */
  3092                         uint32_t FRn = ((ir>>8)&0xF); uint32_t FRm = ((ir>>4)&0xF); 
  3093                         /* As horrible as this looks, it's actually covering 5 separate cases:
  3094                          * 1. 32-bit fr-to-fr (PR=0)
  3095                          * 2. 64-bit dr-to-dr (PR=1, FRm&1 == 0, FRn&1 == 0 )
  3096                          * 3. 64-bit dr-to-xd (PR=1, FRm&1 == 0, FRn&1 == 1 )
  3097                          * 4. 64-bit xd-to-dr (PR=1, FRm&1 == 1, FRn&1 == 0 )
  3098                          * 5. 64-bit xd-to-xd (PR=1, FRm&1 == 1, FRn&1 == 1 )
  3099                          */
  3100                         check_fpuen();
  3101                         load_spreg( R_ECX, R_FPSCR );
  3102                         load_fr_bank( R_EDX );
  3103                         TEST_imm32_r32( FPSCR_SZ, R_ECX );
  3104                         JNE_rel8(8, doublesize);
  3105                         load_fr( R_EDX, R_EAX, FRm ); // PR=0 branch
  3106                         store_fr( R_EDX, R_EAX, FRn );
  3107                         if( FRm&1 ) {
  3108                     	JMP_rel8(24, end);
  3109                     	JMP_TARGET(doublesize);
  3110                     	load_xf_bank( R_ECX ); 
  3111                     	load_fr( R_ECX, R_EAX, FRm-1 );
  3112                     	if( FRn&1 ) {
  3113                     	    load_fr( R_ECX, R_EDX, FRm );
  3114                     	    store_fr( R_ECX, R_EAX, FRn-1 );
  3115                     	    store_fr( R_ECX, R_EDX, FRn );
  3116                     	} else /* FRn&1 == 0 */ {
  3117                     	    load_fr( R_ECX, R_ECX, FRm );
  3118                     	    store_fr( R_EDX, R_EAX, FRn );
  3119                     	    store_fr( R_EDX, R_ECX, FRn+1 );
  3121                     	JMP_TARGET(end);
  3122                         } else /* FRm&1 == 0 */ {
  3123                     	if( FRn&1 ) {
  3124                     	    JMP_rel8(24, end);
  3125                     	    load_xf_bank( R_ECX );
  3126                     	    load_fr( R_EDX, R_EAX, FRm );
  3127                     	    load_fr( R_EDX, R_EDX, FRm+1 );
  3128                     	    store_fr( R_ECX, R_EAX, FRn-1 );
  3129                     	    store_fr( R_ECX, R_EDX, FRn );
  3130                     	    JMP_TARGET(end);
  3131                     	} else /* FRn&1 == 0 */ {
  3132                     	    JMP_rel8(12, end);
  3133                     	    load_fr( R_EDX, R_EAX, FRm );
  3134                     	    load_fr( R_EDX, R_ECX, FRm+1 );
  3135                     	    store_fr( R_EDX, R_EAX, FRn );
  3136                     	    store_fr( R_EDX, R_ECX, FRn+1 );
  3137                     	    JMP_TARGET(end);
  3140                         sh4_x86.tstate = TSTATE_NONE;
  3142                         break;
  3143                     case 0xD:
  3144                         switch( (ir&0xF0) >> 4 ) {
  3145                             case 0x0:
  3146                                 { /* FSTS FPUL, FRn */
  3147                                 uint32_t FRn = ((ir>>8)&0xF); 
  3148                                 check_fpuen();
  3149                                 load_fr_bank( R_ECX );
  3150                                 load_spreg( R_EAX, R_FPUL );
  3151                                 store_fr( R_ECX, R_EAX, FRn );
  3152                                 sh4_x86.tstate = TSTATE_NONE;
  3154                                 break;
  3155                             case 0x1:
  3156                                 { /* FLDS FRm, FPUL */
  3157                                 uint32_t FRm = ((ir>>8)&0xF); 
  3158                                 check_fpuen();
  3159                                 load_fr_bank( R_ECX );
  3160                                 load_fr( R_ECX, R_EAX, FRm );
  3161                                 store_spreg( R_EAX, R_FPUL );
  3162                                 sh4_x86.tstate = TSTATE_NONE;
  3164                                 break;
  3165                             case 0x2:
  3166                                 { /* FLOAT FPUL, FRn */
  3167                                 uint32_t FRn = ((ir>>8)&0xF); 
  3168                                 check_fpuen();
  3169                                 load_spreg( R_ECX, R_FPSCR );
  3170                                 load_spreg(R_EDX, REG_OFFSET(fr_bank));
  3171                                 FILD_sh4r(R_FPUL);
  3172                                 TEST_imm32_r32( FPSCR_PR, R_ECX );
  3173                                 JNE_rel8(5, doubleprec);
  3174                                 pop_fr( R_EDX, FRn );
  3175                                 JMP_rel8(3, end);
  3176                                 JMP_TARGET(doubleprec);
  3177                                 pop_dr( R_EDX, FRn );
  3178                                 JMP_TARGET(end);
  3179                                 sh4_x86.tstate = TSTATE_NONE;
  3181                                 break;
  3182                             case 0x3:
  3183                                 { /* FTRC FRm, FPUL */
  3184                                 uint32_t FRm = ((ir>>8)&0xF); 
  3185                                 check_fpuen();
  3186                                 load_spreg( R_ECX, R_FPSCR );
  3187                                 load_fr_bank( R_EDX );
  3188                                 TEST_imm32_r32( FPSCR_PR, R_ECX );
  3189                                 JNE_rel8(5, doubleprec);
  3190                                 push_fr( R_EDX, FRm );
  3191                                 JMP_rel8(3, doop);
  3192                                 JMP_TARGET(doubleprec);
  3193                                 push_dr( R_EDX, FRm );
  3194                                 JMP_TARGET( doop );
  3195                                 load_imm32( R_ECX, (uint32_t)&max_int );
  3196                                 FILD_r32ind( R_ECX );
  3197                                 FCOMIP_st(1);
  3198                                 JNA_rel8( 32, sat );
  3199                                 load_imm32( R_ECX, (uint32_t)&min_int );  // 5
  3200                                 FILD_r32ind( R_ECX );           // 2
  3201                                 FCOMIP_st(1);                   // 2
  3202                                 JAE_rel8( 21, sat2 );            // 2
  3203                                 load_imm32( R_EAX, (uint32_t)&save_fcw );
  3204                                 FNSTCW_r32ind( R_EAX );
  3205                                 load_imm32( R_EDX, (uint32_t)&trunc_fcw );
  3206                                 FLDCW_r32ind( R_EDX );
  3207                                 FISTP_sh4r(R_FPUL);             // 3
  3208                                 FLDCW_r32ind( R_EAX );
  3209                                 JMP_rel8( 9, end );             // 2
  3211                                 JMP_TARGET(sat);
  3212                                 JMP_TARGET(sat2);
  3213                                 MOV_r32ind_r32( R_ECX, R_ECX ); // 2
  3214                                 store_spreg( R_ECX, R_FPUL );
  3215                                 FPOP_st();
  3216                                 JMP_TARGET(end);
  3217                                 sh4_x86.tstate = TSTATE_NONE;
  3219                                 break;
  3220                             case 0x4:
  3221                                 { /* FNEG FRn */
  3222                                 uint32_t FRn = ((ir>>8)&0xF); 
  3223                                 check_fpuen();
  3224                                 load_spreg( R_ECX, R_FPSCR );
  3225                                 TEST_imm32_r32( FPSCR_PR, R_ECX );
  3226                                 load_fr_bank( R_EDX );
  3227                                 JNE_rel8(10, doubleprec);
  3228                                 push_fr(R_EDX, FRn);
  3229                                 FCHS_st0();
  3230                                 pop_fr(R_EDX, FRn);
  3231                                 JMP_rel8(8, end);
  3232                                 JMP_TARGET(doubleprec);
  3233                                 push_dr(R_EDX, FRn);
  3234                                 FCHS_st0();
  3235                                 pop_dr(R_EDX, FRn);
  3236                                 JMP_TARGET(end);
  3237                                 sh4_x86.tstate = TSTATE_NONE;
  3239                                 break;
  3240                             case 0x5:
  3241                                 { /* FABS FRn */
  3242                                 uint32_t FRn = ((ir>>8)&0xF); 
  3243                                 check_fpuen();
  3244                                 load_spreg( R_ECX, R_FPSCR );
  3245                                 load_fr_bank( R_EDX );
  3246                                 TEST_imm32_r32( FPSCR_PR, R_ECX );
  3247                                 JNE_rel8(10, doubleprec);
  3248                                 push_fr(R_EDX, FRn); // 3
  3249                                 FABS_st0(); // 2
  3250                                 pop_fr( R_EDX, FRn); //3
  3251                                 JMP_rel8(8,end); // 2
  3252                                 JMP_TARGET(doubleprec);
  3253                                 push_dr(R_EDX, FRn);
  3254                                 FABS_st0();
  3255                                 pop_dr(R_EDX, FRn);
  3256                                 JMP_TARGET(end);
  3257                                 sh4_x86.tstate = TSTATE_NONE;
  3259                                 break;
  3260                             case 0x6:
  3261                                 { /* FSQRT FRn */
  3262                                 uint32_t FRn = ((ir>>8)&0xF); 
  3263                                 check_fpuen();
  3264                                 load_spreg( R_ECX, R_FPSCR );
  3265                                 TEST_imm32_r32( FPSCR_PR, R_ECX );
  3266                                 load_fr_bank( R_EDX );
  3267                                 JNE_rel8(10, doubleprec);
  3268                                 push_fr(R_EDX, FRn);
  3269                                 FSQRT_st0();
  3270                                 pop_fr(R_EDX, FRn);
  3271                                 JMP_rel8(8, end);
  3272                                 JMP_TARGET(doubleprec);
  3273                                 push_dr(R_EDX, FRn);
  3274                                 FSQRT_st0();
  3275                                 pop_dr(R_EDX, FRn);
  3276                                 JMP_TARGET(end);
  3277                                 sh4_x86.tstate = TSTATE_NONE;
  3279                                 break;
  3280                             case 0x7:
  3281                                 { /* FSRRA FRn */
  3282                                 uint32_t FRn = ((ir>>8)&0xF); 
  3283                                 check_fpuen();
  3284                                 load_spreg( R_ECX, R_FPSCR );
  3285                                 TEST_imm32_r32( FPSCR_PR, R_ECX );
  3286                                 load_fr_bank( R_EDX );
  3287                                 JNE_rel8(12, end); // PR=0 only
  3288                                 FLD1_st0();
  3289                                 push_fr(R_EDX, FRn);
  3290                                 FSQRT_st0();
  3291                                 FDIVP_st(1);
  3292                                 pop_fr(R_EDX, FRn);
  3293                                 JMP_TARGET(end);
  3294                                 sh4_x86.tstate = TSTATE_NONE;
  3296                                 break;
  3297                             case 0x8:
  3298                                 { /* FLDI0 FRn */
  3299                                 uint32_t FRn = ((ir>>8)&0xF); 
  3300                                 /* IFF PR=0 */
  3301                                   check_fpuen();
  3302                                   load_spreg( R_ECX, R_FPSCR );
  3303                                   TEST_imm32_r32( FPSCR_PR, R_ECX );
  3304                                   JNE_rel8(8, end);
  3305                                   XOR_r32_r32( R_EAX, R_EAX );
  3306                                   load_spreg( R_ECX, REG_OFFSET(fr_bank) );
  3307                                   store_fr( R_ECX, R_EAX, FRn );
  3308                                   JMP_TARGET(end);
  3309                                   sh4_x86.tstate = TSTATE_NONE;
  3311                                 break;
  3312                             case 0x9:
  3313                                 { /* FLDI1 FRn */
  3314                                 uint32_t FRn = ((ir>>8)&0xF); 
  3315                                 /* IFF PR=0 */
  3316                                   check_fpuen();
  3317                                   load_spreg( R_ECX, R_FPSCR );
  3318                                   TEST_imm32_r32( FPSCR_PR, R_ECX );
  3319                                   JNE_rel8(11, end);
  3320                                   load_imm32(R_EAX, 0x3F800000);
  3321                                   load_spreg( R_ECX, REG_OFFSET(fr_bank) );
  3322                                   store_fr( R_ECX, R_EAX, FRn );
  3323                                   JMP_TARGET(end);
  3324                                   sh4_x86.tstate = TSTATE_NONE;
  3326                                 break;
  3327                             case 0xA:
  3328                                 { /* FCNVSD FPUL, FRn */
  3329                                 uint32_t FRn = ((ir>>8)&0xF); 
  3330                                 check_fpuen();
  3331                                 load_spreg( R_ECX, R_FPSCR );
  3332                                 TEST_imm32_r32( FPSCR_PR, R_ECX );
  3333                                 JE_rel8(9, end); // only when PR=1
  3334                                 load_fr_bank( R_ECX );
  3335                                 push_fpul();
  3336                                 pop_dr( R_ECX, FRn );
  3337                                 JMP_TARGET(end);
  3338                                 sh4_x86.tstate = TSTATE_NONE;
  3340                                 break;
  3341                             case 0xB:
  3342                                 { /* FCNVDS FRm, FPUL */
  3343                                 uint32_t FRm = ((ir>>8)&0xF); 
  3344                                 check_fpuen();
  3345                                 load_spreg( R_ECX, R_FPSCR );
  3346                                 TEST_imm32_r32( FPSCR_PR, R_ECX );
  3347                                 JE_rel8(9, end); // only when PR=1
  3348                                 load_fr_bank( R_ECX );
  3349                                 push_dr( R_ECX, FRm );
  3350                                 pop_fpul();
  3351                                 JMP_TARGET(end);
  3352                                 sh4_x86.tstate = TSTATE_NONE;
  3354                                 break;
  3355                             case 0xE:
  3356                                 { /* FIPR FVm, FVn */
  3357                                 uint32_t FVn = ((ir>>10)&0x3); uint32_t FVm = ((ir>>8)&0x3); 
  3358                                 check_fpuen();
  3359                                 load_spreg( R_ECX, R_FPSCR );
  3360                                 TEST_imm32_r32( FPSCR_PR, R_ECX );
  3361                                 JNE_rel8(44, doubleprec);
  3363                                 load_fr_bank( R_ECX );
  3364                                 push_fr( R_ECX, FVm<<2 );
  3365                                 push_fr( R_ECX, FVn<<2 );
  3366                                 FMULP_st(1);
  3367                                 push_fr( R_ECX, (FVm<<2)+1);
  3368                                 push_fr( R_ECX, (FVn<<2)+1);
  3369                                 FMULP_st(1);
  3370                                 FADDP_st(1);
  3371                                 push_fr( R_ECX, (FVm<<2)+2);
  3372                                 push_fr( R_ECX, (FVn<<2)+2);
  3373                                 FMULP_st(1);
  3374                                 FADDP_st(1);
  3375                                 push_fr( R_ECX, (FVm<<2)+3);
  3376                                 push_fr( R_ECX, (FVn<<2)+3);
  3377                                 FMULP_st(1);
  3378                                 FADDP_st(1);
  3379                                 pop_fr( R_ECX, (FVn<<2)+3);
  3380                                 JMP_TARGET(doubleprec);
  3381                                 sh4_x86.tstate = TSTATE_NONE;
  3383                                 break;
  3384                             case 0xF:
  3385                                 switch( (ir&0x100) >> 8 ) {
  3386                                     case 0x0:
  3387                                         { /* FSCA FPUL, FRn */
  3388                                         uint32_t FRn = ((ir>>9)&0x7)<<1; 
  3389                                         check_fpuen();
  3390                                         load_spreg( R_ECX, R_FPSCR );
  3391                                         TEST_imm32_r32( FPSCR_PR, R_ECX );
  3392                                         JNE_rel8( CALL_FUNC2_SIZE + 9, doubleprec );
  3393                                         load_fr_bank( R_ECX );
  3394                                         ADD_imm8s_r32( (FRn&0x0E)<<2, R_ECX );
  3395                                         load_spreg( R_EDX, R_FPUL );
  3396                                         call_func2( sh4_fsca, R_EDX, R_ECX );
  3397                                         JMP_TARGET(doubleprec);
  3398                                         sh4_x86.tstate = TSTATE_NONE;
  3400                                         break;
  3401                                     case 0x1:
  3402                                         switch( (ir&0x200) >> 9 ) {
  3403                                             case 0x0:
  3404                                                 { /* FTRV XMTRX, FVn */
  3405                                                 uint32_t FVn = ((ir>>10)&0x3); 
  3406                                                 check_fpuen();
  3407                                                 load_spreg( R_ECX, R_FPSCR );
  3408                                                 TEST_imm32_r32( FPSCR_PR, R_ECX );
  3409                                                 JNE_rel8( 18 + CALL_FUNC2_SIZE, doubleprec );
  3410                                                 load_fr_bank( R_EDX );                 // 3
  3411                                                 ADD_imm8s_r32( FVn<<4, R_EDX );        // 3
  3412                                                 load_xf_bank( R_ECX );                 // 12
  3413                                                 call_func2( sh4_ftrv, R_EDX, R_ECX );  // 12
  3414                                                 JMP_TARGET(doubleprec);
  3415                                                 sh4_x86.tstate = TSTATE_NONE;
  3417                                                 break;
  3418                                             case 0x1:
  3419                                                 switch( (ir&0xC00) >> 10 ) {
  3420                                                     case 0x0:
  3421                                                         { /* FSCHG */
  3422                                                         check_fpuen();
  3423                                                         load_spreg( R_ECX, R_FPSCR );
  3424                                                         XOR_imm32_r32( FPSCR_SZ, R_ECX );
  3425                                                         store_spreg( R_ECX, R_FPSCR );
  3426                                                         sh4_x86.tstate = TSTATE_NONE;
  3428                                                         break;
  3429                                                     case 0x2:
  3430                                                         { /* FRCHG */
  3431                                                         check_fpuen();
  3432                                                         load_spreg( R_ECX, R_FPSCR );
  3433                                                         XOR_imm32_r32( FPSCR_FR, R_ECX );
  3434                                                         store_spreg( R_ECX, R_FPSCR );
  3435                                                         update_fr_bank( R_ECX );
  3436                                                         sh4_x86.tstate = TSTATE_NONE;
  3438                                                         break;
  3439                                                     case 0x3:
  3440                                                         { /* UNDEF */
  3441                                                         if( sh4_x86.in_delay_slot ) {
  3442                                                     	SLOTILLEGAL();
  3443                                                         } else {
  3444                                                     	JMP_exc(EXC_ILLEGAL);
  3445                                                     	return 2;
  3448                                                         break;
  3449                                                     default:
  3450                                                         UNDEF();
  3451                                                         break;
  3453                                                 break;
  3455                                         break;
  3457                                 break;
  3458                             default:
  3459                                 UNDEF();
  3460                                 break;
  3462                         break;
  3463                     case 0xE:
  3464                         { /* FMAC FR0, FRm, FRn */
  3465                         uint32_t FRn = ((ir>>8)&0xF); uint32_t FRm = ((ir>>4)&0xF); 
  3466                         check_fpuen();
  3467                         load_spreg( R_ECX, R_FPSCR );
  3468                         load_spreg( R_EDX, REG_OFFSET(fr_bank));
  3469                         TEST_imm32_r32( FPSCR_PR, R_ECX );
  3470                         JNE_rel8(18, doubleprec);
  3471                         push_fr( R_EDX, 0 );
  3472                         push_fr( R_EDX, FRm );
  3473                         FMULP_st(1);
  3474                         push_fr( R_EDX, FRn );
  3475                         FADDP_st(1);
  3476                         pop_fr( R_EDX, FRn );
  3477                         JMP_rel8(16, end);
  3478                         JMP_TARGET(doubleprec);
  3479                         push_dr( R_EDX, 0 );
  3480                         push_dr( R_EDX, FRm );
  3481                         FMULP_st(1);
  3482                         push_dr( R_EDX, FRn );
  3483                         FADDP_st(1);
  3484                         pop_dr( R_EDX, FRn );
  3485                         JMP_TARGET(end);
  3486                         sh4_x86.tstate = TSTATE_NONE;
  3488                         break;
  3489                     default:
  3490                         UNDEF();
  3491                         break;
  3493                 break;
  3496     sh4_x86.in_delay_slot = FALSE;
  3497     return 0;
.