TCG (Tiny Code Generator) intermediate representation

Notes: QEMU, binary lifter, ISA specification

Several binary lifter tools use the TCG API from QEMU as an intermediate representation. In effect, they are using QEMU as an ISA specification for the ISA being emulated.

QEMU, reverse engineering tool

  • Rev.Ng: A unified binary analysis framework to recover CFGs and function boundaries [difederico:cc:2017]