| > QEMU hasn't got round to pointer-authentication yet either, so that's pretty good going. Thanks very much! I do however note we're not trying for full system emulation for v8; we're primarily interested in userspace emulation since that's our primary usecase, so system instructions aren't necessary for us, which does reduce our workload! While we're on that topic, we make a few simplifying assumptions for performance reasons (e.g. no self-modifying code). Thinking about it, I feel like I should document these assumptions somewhere; I'll do that when I can. > That's quite similar to how we test QEMU against real hardware That's great! I love semi-automated testing. An emulator vs emulator fuzz test has some advantages: You can test more instructions than you are able to on hardware. For example, you can test arbitrary jump instructions and memory instructions (assuming the emulations have sufficient instrumentation to catch arbitrary memory reads/writes and jumps off into the ether). We fuzz against unicorn here: https://github.com/MerryMage/dynarmic/blob/master/tests/A64/.... This uses our instruction table (https://github.com/MerryMage/dynarmic/blob/master/src/fronte...) to generate instructions. |