2.2 Virtual Machines

A virtual machine is an executable task consisting of an application, supporting software (such as ROM BIOS and MS-DOS), memory, and CPU registers. The VMM creates a virtual machine for Windows and for each non-Windows application started from Program Manager or other Windows applications.

Applications in a virtual machine run in virtual 8086 mode (also called V86 mode). In V86 mode, applications run as if they were running on an Intel 8086, or compatible microprocessor (or in real mode on an 80286, 80386, or 80486). V86 mode provides the registers, instructions, and 1 megabyte address space that real-mode applications are designed to use. This means an MS-DOS application in a virtual machine will run successfully without modification. V86 mode also permits execution of protected-mode applications in a virtual machine. In Windows, applications switch to protected mode by using the MS-DOS Protected-Mode Interface (DPMI). Such applications run much like DPMI applications in real mode on an 80386. In fact, the Windows kernel, KRNL386.EXE, uses DPMI to run in protected mode.

The VMM can create multiple virtual machines. The first virtual machine created, called the system virtual machine, contains Windows and Windows applications. Other virtual machines are created for non-Windows applications as they are started.

Each virtual machine has its own address space, I/O port space, and interrupt-vector table. The VMM also maps ROM BIOS, MS-DOS, device drivers, and TSRs to the address space of the virtual machine so that the application has access to MS-DOS system functions and ROM BIOS routines. Virtual machines with protected-mode applications also have their own local descriptor table (LDT).

Virtual machines provide memory protection, virtual memory, and privilege checking. If an application in a virtual machine reads or writes memory addresses that have not been mapped into its virtual machine or manipulates I/O ports to which it has not been allowed access, an exception (fault) is generated, and the VMM regains control. The VMM and virtual devices can then provide the requested memory, carry out the intended I/O operation, or terminate the application. In a virtual machine, V86-mode applications run at privilege level 3; protected-mode applications run at privilege level 1, 2, or 3.