It will work. I don't think your kernel is flakey. If anything, I think the problem is elsewhere. And I think the fault is in the simulator, but I can't get the Bochs team to agree one way, or the other, with my suggestions regarding this project. Yes, please do.
Oops... It doesn't commit suicide when at 0x04000; it is doing more unpacking. I am now tracing it printing "LinuxBIOS", trying to see where it *does* jump off in to never-never land, eventually tripping bochs out by going over my memory size.
Yes, I figured out why it was giving me that error -- just after returning from the PCI mapping (it prints the string "PCI: pci_scan_bus for bus %d" (I guess I'm in a printf()), it tries jumping to a far pointer but fails. (the pointer points to 0x0000, which (I think) is the GDT, followed by a whole lot of nuthin'. :-) I've included a bit of the trace at the end of this email.
The crash always occured at the 16M mark, where is what I have my RAM size set to. I guess there was enough random data in RAM that got it to jump over the RAM image and continue on to the end of RAM.
Regards, Andrew
(0).[545025] 0010:00007246 (unknown context): 55: push EBP (0).[545026] 0010:00007247 (unknown context): 89e5: mov EBP, ESP (0).[545027] 0010:00007249 (unknown context): ff7514: push SS:[EBP + 14] (0).[545028] 0010:0000724c (unknown context): 0fb64510: movzx EAX, SS:[EBP + 10] (0).[545029] 0010:00007250 (unknown context): 50: push EAX (0).[545030] 0010:00007251 (unknown context): 0fb6450c: movzx EAX, SS:[EBP + 0C] (0).[545031] 0010:00007255 (unknown context): 50: push EAX (0).[545032] 0010:00007256 (unknown context): 0fb64508: movzx EAX, SS:[EBP + 08] (0).[545033] 0010:0000725a (unknown context): 50: push EAX (0).[545034] 0010:0000725b (unknown context): a140b50000: mov EAX, [DS:0000B540] (0).[545035] 0010:00007260 (unknown context): ff5008: call DS:[EAX + 08] (0).[545036] 0010:00000000 (unknown context): 0201: add AL, DS:[ECX] (0).[545037] 0010:00000002 (unknown context): 0000: add DS:[EAX], AL