From #5 (@superfury)
I notice something, looking through the arithmetic(EE) tests: you're not testing all memory-related cases of the tested opcodes.
Opcodes 00-3F only seems to test for memory as the destination(being read and written to), not the source(only being read from, destination being the register of the modr/m(opcodes ending in the 0 and 1 nibbles)).
Opcodes 80-83 don't test the memory cases at all.
The same for opcodes F6 and F7, as well as FE&FF INC/DEC(but for register operands).
0FAF isn't tested for memory operands.
And F6/F7 (I)DIV don't verify reads from memory operands.
Also C* and D* shift/rotate instructions aren't tested for memory operands.
Edit: Just found and fixed a bug in the PUSH/POP SegReg instructions that caused it to increase/decrease virtual ESP(for protection checks) by 2 instead of 4 while verifying against 16-bit memory accesses. As well as fixing 16-bit SIDT/SGDT to properly fill the final byte with 0x00(386+) or 0xFF(286+).
Edit: The 80386 also seems to have had errors in loading the IDTR/GDTR with LIDT/LGDT when the operand size was 16-bit, causing it to load the highest byte(92h in the MSB of the IDTR/GDTR) incorrectly.
I eventually found some bugs with the BSF and BSR instructions(ZF flag updated incorrectly(for the r/m16/32 value being 1) and the reg value not being written into the register)
From #5 (@superfury)