freeze occurs just after the "Jumping to boot code at 10000"
> > is displayed.
This looks like the SeaBIOS problem with the latest qemu.
happens because qemu has marked 0xf0000-0x100000 as read only, so after the
payload gets copied there it is read back as zeros.
> I'd still like to know why it's going to
10000. That is not what I
> ever used when I had a LAB payload.
Have you tried a different address, or a different payload at the same