mtbro wrote:
works in qemu
QEMU's TCG doesn't enforce segment limits. You're trying to access memory beyond the segment limit.
mtbro wrote:
While I could probably switch to PM before copy and then back to RM afterwards but that doesn't seem like a smart idea.
Actually, it's a pretty good idea. Another option is INT 0x15 AH=0x87, but this function may unconditionally disable A20 before returning, so be careful with that. A third option is to install a #GP handler that switches to unreal mode; you can use your existing copy routine this way, and you don't have to worry about the BIOS changing the segment limits back to 64kB.
mtbro wrote:
I'm wondering why system froze. I'd assume I'd see some sort of exception..
Did you install an exception handler? The BIOS exception handler returns without doing anything, which causes the same exception again.
mtbro wrote:
I wonder how mem extenders worked under DOS then (I only remember that code still had to below 1MB, only data could have been above).
Usually they worked by running in protected mode, with lots of interesting hacks to make it look like everything is still in real mode from a software perspective.