At the end of last year, a copy of 86-DOS 0.11 for the Cromemco 4FDC controller surfaced. It is the earliest released version of 86-DOS, the earliest operating system for the x86 architecture. Having done some legacy work dealing with real mode x86 before, I thought I could maybe challenge myself and build a copy of 86-DOS 0.11 from scratch.

Source Code Reconstruction

Clearly, to build 86-DOS from scratch, we need the source code. While the original source code would be preferable, good luck finding a copy. Earlier this year, I began a project to reconstruct the source code of 86-DOS 0.11 through disassembly, and I’ll briefly discuss it here. The goal of the source reconstruction project is to create source files that reassemble back to the original binaries and look indistinguishable from the original source code.

Before I begin, I want to list all the components of 86-DOS 0.11, in case you’re not familiar with them.

• Boot Record (BOOT)
• I/O System (DOSIO)
• 86-DOS Kernel (86DOS)
• Command Interpreter (COMMAND)
• 8086 Assembler (ASM)
• Chess (CHESS)
• Line Editor (EDLIN)
• Intel HEX To Binary Conversion Utility (HEX2BIN)
• CP/M Disk Reader (RDCPM)
• System Transfer Utility (SYS)
• Z80 to 8086 Source Code Translator (TRANS)

This is not a writeup, the port is still WIP. I’m just dumping whatever I’ve done here for people to see, because xmas and new year holidays are now over and I don’t want to devote any more of my very limited free time to projects like this.

A few days ago, Gene Buckle uploaded 86-DOS 0.11 and 0.34 to the Internet Archive. After about 2 hours of coding and debugging, perhaps the oldest surviving piece of x86 software booted on the (emulated) IBM PC:

I wanted to get familiar with the IBM PC INT 1xH BIOS interrupts and explore how they’re actually used in practice, all in preparation for a challenge project. Reverse engineering the BIOS of PC-DOS seemed like the perfect exercise – the DOS BIOS handles all input and output for the DOS kernel and applications, so it naturally relies heavily on the PC BIOS INT 1xH interrupts. Plus, reverse engineering tends to give a much deeper understanding than just reading documentation online. Since I was already going to be digging into the BIOS, I figured I might as well reverse engineer the boot sector too.

So, which version of the PC-DOS BIOS and boot sector should I go with? To keep things simple, it made sense to start with the earliest version – PC-DOS 1.00. Conveniently, there was already a fully annotated disassembly of its BIOS and boot sector by Michael Steil. That said, this was primarily a learning exercise for me, so I avoided referring to his work while doing my own. As an added challenge, I wanted my disassemblies to produce binaries identical to the originals when assembled using the original assembler.

Reversing the BIOS

The first step was extracting the DOS BIOS from the diskette image. I opened the PC-DOS 1.00 disk image in a hex editor and noticed there’s no BIOS Parameter Block (BPB) seen in later FAT filesystems. I could’ve added a BPB, but I took the simpler route and extracted the BIOS directly using the hex editor. It’s the first file after the root directory. This also saved me from having to deal with system and hidden file attributes. I saved the extracted file as IBMBIO.COM and loaded it into IDA Pro.