A deep dive into QEMU: The Tiny Code Generator (TCG), part 1This blog post details some internals of the QEMU TCG engine, the machinery responsible for executing target instructions on the host. Generating Intermediate Representation (IR)The QEMU git tree has a README introduction about the TCG which details the IR language. */ tcg_gen_movi_i32 ( imm , 0xdeadbeef ); icount_start_insn = tcg_last_op (); tcg_gen_sub_i32 ( count , count , imm ); tcg_temp_free_i32 ( imm ); } tcg_gen_brcondi_i32 ( TCG_COND_LT , count , 0 , tcg_ctx -> exitreq_label ); if ( tb_cflags ( tb ) & CF_USE_ICOUNT ) { tcg_gen_st16_i32 ( count , cpu_env , - ENV_OFFSET + offsetof ( CPUState , icount_decr . This function makes use of the target CPU opcodes handlers table which implements IR generation for every target native instructions. We only end up with IR code which needs a final translation step to the host architecture.