rdhpr %htstate unimplemented in translator
Description of problem:
I accidentally mixed up a copy of T1 and T2 sun4v firmwares and was able to trigger the following TCG assert ``tcg_reg_alloc_mov: Assertion `ts->val_type == TEMP_VAL_REG' failed.`` upon boot.

Having discovered my mistake I was expecting the guest to crash at some point but without triggering an
assert.
Steps to reproduce:
1. Download the attached file bug.tar.gz and extract it

2. Apply the following diff to update the UART address for the T2 firmware

```
diff --git a/hw/sparc64/niagara.c b/hw/sparc64/niagara.c
index ccad2c43a3..7af64bd50f 100644
--- a/hw/sparc64/niagara.c
+++ b/hw/sparc64/niagara.c
@@ -51,7 +51,7 @@ typedef struct NiagaraBoardState {
 
 #define NIAGARA_PARTITION_RAM_BASE 0x80000000ULL
 
-#define NIAGARA_UART_BASE   0x1f10000000ULL
+#define NIAGARA_UART_BASE   0xfff0c2c000ULL
 
 #define NIAGARA_NVRAM_BASE  0x1f11000000ULL
 #define NIAGARA_NVRAM_SIZE  0x2000
```

3. Run `./qemu-system-sparc64 -M niagara -L ./bug/ -m 256 -nographic`
Additional information: