Execution Code by using real CPU! no Emulation!!

Hi every body,

I know there are many CPU emulator free and open source around the web. But I like to execute code by real CPU for its speed. I think I can run code by making a new thread inside my program. Problem is program can not work with making a memory access virtualization and Stack memory virtualization. In on sentence, what should I do for emulation access to memory? How can I detect when Instruction Pointer come to access to memory? Some one said to me I muss play with exception. Is it true? If yes, how can I do?

Vodu,

[bilbo]

Yes, it's true.
Try playing with VirtualProtectEx() using PAGE_GUARD as new access protection.
Any following attempt to read from or write to a guarded page causes the system to raise a STATUS_GUARD_PAGE exception.

Anyway, I don't think that if you raise an exception at every memory access you will be faster than emulating the CPU or single stepping through your code...

Best regards, bilbo

Quote:

Originally Posted by bilbo

Yes, it's true.
Try playing with VirtualProtectEx() using PAGE_GUARD as new access protection.
Any following attempt to read from or write to a guarded page causes the system to raise a STATUS_GUARD_PAGE exception.

Thank you but do you think VMware work on this method?

Quote:

Originally Posted by bilbo

Anyway, I don't think that if you raise an exception at every memory access you will be faster than emulating the CPU or single stepping through your code...

I think at least running all code except Memory access will be fast. What about privilege instruction how I can detect them? with which exception?

[bilbo]

I would love to know how VMWare works, but I don't know...
By the way, I have never tried to reverse it, because it refuses to run on an old AMD K6 I have, and I don't like this...

Quote:

What about privilege instruction how I can detect them? with which exception?

That's another issue. They generate GP (General Protection - handled by interrupt slot 13).

Regards, bilbo

VMWare use ring-0. Do you know how we can make an exception handling process by using a sys file. Is there any sample in DDK? How it detect memory access and privilged commend? VMWARE and VPC2004 both only work on 2000 and XP. they do not work on Win2003 and Win98.!?
It seem they dont use exception handling in ring-3...

Old VirtualPC (before Microsoft buy Conetix) works on every Windows OS. I tested it on a Win98. VMWare never works on Win9x, only NT kernel OS.
Old VirtualPC (version 5 or earlier) uses .vxd or .sys pedending of kernel. I think using full CPU emulation is only one possibilty to create working x86 virtual machine. So operation on Ring0 is required.
And think about target-system-independent mode (real, protected or V86).
BTW why VirtualPC don't work on Win2k3? I didn't test it but if it really don't work - we can use Microsoft Virtual Server 2005, specially designed for 2k3.

VMWare Workstation works with Windows 2000/XP/2003 as well as many flavors of Linux:
http://www.vmware.com/support/ws5/doc/intro_hostreq_ws.html#wp1000805

If you'd like to play around with memory access, in a similar fashion to a virtual machine, you may want to have a look at Bochs, a Free Open Source emulator, which can be found here:
http://bochs.sourceforge.net/

Looking at its source code might help you find what you're looking for