Problems booting KERNEL.SYS

Hi,

First, I'd like to say what an awesome job you're doing by keeping DOS alive!

I'm implementing a FreeDOS plugin for my boot manager. I've tried to reverse engineer the boot protocol with a debugger and also studied the boot sector sources. With my current implementation, FreeDOS starts, it prints copyright and - InitDisk but then it hangs. What am I missing?

freedosbooterr.png

This is what I do ATM:

  • loading from LBA HDD (BIOS drive code 0x80, non-CHS)
  • disk image has GPT partitioning table, however the ESP also mapped in the legacy MBR with type 0x0C (uses FAT32 file system)
  • KERNEL.SYS loaded to linear address 0x600
  • VBE turned off, video mode set to teletype VGA 80x25
  • IDT set to real mode IVT (0:0x3ff)
  • DS, ES, SS set to 0x1FE0
  • BP, SP set to 0x7C00
  • DL, BL contains the BIOS drive code (0x80)
  • CS:IP set to 0x60:0
Device     Boot Start    End Sectors   Size Id Type
disk.img1  *     2048 129023  126976    62M  c W95 FAT32 (LBA)
disk.img2           1    255     255 127.5K ee GPT

rax: 00000000_00000030
rbx: 00000000_00000080
rcx: 00000000_00000000
rdx: 00000000_00000080
rsp: 00000000_00007c00
rbp: 00000000_00007c00
rsi: 00000000_0000ab57
rdi: 00000000_0000b157
r8 : 00000000_00000000
r9 : 00000000_00000c98
r10: 00000000_00000000
r11: 00000000_00000000
r12: 00000000_00000000
r13: 00000000_00000000
r14: 00000000_00000000
r15: 00000000_00000000
rip: 00000000_000005eb

es:0x1fe0, dh=0x00cf9301, dl=0xfe00ffff, valid=1
	Data segment, base=0x0001fe00, limit=0xffffffff, Read/Write, Accessed
cs:0x0060, dh=0x00009300, dl=0x0600ffff, valid=1
	Data segment, base=0x00000600, limit=0x0000ffff, Read/Write, Accessed
ss:0x1fe0, dh=0x00cf9301, dl=0xfe00ffff, valid=7
	Data segment, base=0x0001fe00, limit=0xffffffff, Read/Write, Accessed
ds:0x1fe0, dh=0x00cf9301, dl=0xfe00ffff, valid=1
	Data segment, base=0x0001fe00, limit=0xffffffff, Read/Write, Accessed
fs:0x0000, dh=0x00009300, dl=0x0000ffff, valid=1
	Data segment, base=0x00000000, limit=0x0000ffff, Read/Write, Accessed
gs:0x0000, dh=0x00009300, dl=0x0000ffff, valid=1
	Data segment, base=0x00000000, limit=0x0000ffff, Read/Write, Accessed
ldtr:0x0000, dh=0x00008200, dl=0x0000ffff, valid=1
tr:0x0030, dh=0x00008b01, dl=0x55f00068, valid=1
gdtr:base=0x00000000000155b0, limit=0x40
idtr:base=0x0000000000000000, limit=0x3ff

I'm testing with the latest FreeDOS image downloaded from your website (build 2043), however it seems to me that's not the same as github/FDOS/kernel. That source has this in kernel.asm:

entry:
                jmp short realentry
...
realentry:                              ; execution continues here
        push cs
        pop ds
...

However debugger outputs:

(0) [0x000000000600] 0060:0000 (unk. ctxt): jmp .+27  (0x0000061d)    ; eb1b           this is the first byte of KERNEL.SYS
(0) [0x00000000061d] 0060:001d (unk. ctxt): jmp .-21739  (0x0000b135) ; e915ab         this is address "realentry", not "push cs"
(0) [0x00000000b135] 0060:ab35 (unk. ctxt): mov cx, 0xab35            ; b935ab
...

This makes matching the debugger's output with the source rather difficult, so I cannot figure out what's wrong with my boot protocol implementation.

What am I missing? Do I need something special on the stack before handover? I would appreciate any help!

Thanks, bzt