I have a ballpark on the working principle of the VMM understanding (intercepting privileged instructions from the client operating system), but I still have the following problems

1. How IO device virtualization? First of all, I don't know for sure how the operating system and what are the available I/o device (an instruction? , in addition, I don't understand how the VMM intercepted IO related instructions, because according to my idea, on the I/o operation is access to the corresponding address mapping, the address mapping should not require the client operating system have access (please forgive me for the structure of the computer is too simple),
2. How do you know the host operating system or the VMM privileged instructions if abnormal process for legal client operating system
3. What are the aspects of hardware support for virtualization? In my current concepts, it seems to be the only provide execution status view, such a privileged instructions need privileges can be blocked by the VMM, however, the same problem is that the VMM how to identify a process belongs to what time? It will switch on (which may be related to a same answer)
4. How to simulate the interrupt? The guess is that the host through the internal stack state changed to the corresponding interrupt handlers, to selectively to the client operating system release