Re: [REGRESSION] x86_32 boot hang in 6.19-rc7 caused by b505f1944535 ("x86/kfence: avoid writing L1TF-vulnerable PTEs")

[Borislav Petkov]

On Tue, Jan 27, 2026 at 04:07:04AM +0900, Ryusuke Konishi wrote:
> Hi All,
> 
> I am reporting a boot regression in v6.19-rc7 on an x86_32
> environment. The kernel hangs immediately after "Booting the kernel"
> and does not produce any early console output.
> 
> A git bisect identified the following commit as the first bad commit:
> b505f1944535 ("x86/kfence: avoid writing L1TF-vulnerable PTEs")

I can confirm the same - my 32-bit laptop experiences the same. The guest
splat looks like this:

[    0.173437] rcu: srcu_init: Setting srcu_struct sizes based on contention.
[    0.175172] ------------[ cut here ]------------
[    0.176066] kernel BUG at arch/x86/mm/physaddr.c:70!
[    0.177037] Oops: invalid opcode: 0000 [#1] SMP
[    0.177914] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.19.0-rc7+ #1 PREEMPT(full) 
[    0.179509] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[    0.181363] EIP: __phys_addr+0x78/0x90
[    0.182089] Code: 89 c8 5b 5d c3 2e 8d 74 26 00 0f 0b 8d b6 00 00 00 00 89 45 f8 e8 08 a4 1d 00 84 c0 8b 55 f8 74 b0 0f 0b 8d b4 26 00 00 00 00 <0f> 0b 8d b6 00 00 00 00 0f 0b 66 90 8d 74 26 00 2e 8d b4 26 00 00
[    0.185723] EAX: ce383000 EBX: 00031c7c ECX: 31c7c000 EDX: 034ec000
[    0.186972] ESI: c1ed3eec EDI: f21fd101 EBP: c2055f78 ESP: c2055f70
[    0.188182] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00210086
[    0.189503] CR0: 80050033 CR2: ffd98000 CR3: 029cf000 CR4: 00000090
[    0.191045] Call Trace:
[    0.191518]  kfence_init+0x3a/0x94
[    0.192177]  start_kernel+0x4ea/0x62c
[    0.192894]  i386_start_kernel+0x65/0x68
[    0.193653]  startup_32_smp+0x151/0x154
[    0.194397] Modules linked in:
[    0.194987] ---[ end trace 0000000000000000 ]---
[    0.195879] EIP: __phys_addr+0x78/0x90
[    0.196610] Code: 89 c8 5b 5d c3 2e 8d 74 26 00 0f 0b 8d b6 00 00 00 00 89 45 f8 e8 08 a4 1d 00 84 c0 8b 55 f8 74 b0 0f 0b 8d b4 26 00 00 00 00 <0f> 0b 8d b6 00 00 00 00 0f 0b 66 90 8d 74 26 00 2e 8d b4 26 00 00
[    0.200231] EAX: ce383000 EBX: 00031c7c ECX: 31c7c000 EDX: 034ec000
[    0.201452] ESI: c1ed3eec EDI: f21fd101 EBP: c2055f78 ESP: c2055f70
[    0.202693] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00210086
[    0.204011] CR0: 80050033 CR2: ffd98000 CR3: 029cf000 CR4: 00000090
[    0.205235] Kernel panic - not syncing: Attempted to kill the idle task!
[    0.206897] ---[ end Kernel panic - not syncing: Attempted to: kill the idle task! ]---

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette