Hi,

Recently I'm testing a situation where highmem is involved, thus I'm 
building the latest 32bit x86 with HIGHMEM and PAE, and run it inside a 
qemu VM.

However the kernel just fails to boot with very early memory management 
crash:

[    0.064551] Built 1 zonelists, mobility grouping on.  Total pages: 786297
[    0.065269] allocated 4198396 bytes of page_ext
[    0.065856] mem auto-init: stack:off, heap alloc:on, heap free:off
[    0.070213] BUG: Bad page state in process swapper  pfn:100001
[    0.070773] page: refcount:0 mapcount:1 mapping:(ptrval) index:0x0 
pfn:0x100001
[    0.071451] aops:0x0 ino:850fc085 invalid dentry:2cc54702
[    0.071962] BUG: kernel NULL pointer dereference, address: 00000400
[    0.072609] #PF: supervisor read access in kernel mode
[    0.073135] #PF: error_code(0x0000) - not-present page
[    0.073621] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[    0.074269] Oops: Oops: 0000 [#1] SMP NOPTI
[    0.074666] CPU: 0 UID: 0 PID: 0 Comm: swapper Not tainted 
6.15.0-rc2-custom+ #5 PREEMPT(undef) 
a4004de2bdc11241c6afe44ab7f6bd7d8e98e3db
[    0.075828] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), 
BIOS Arch Linux 1.16.3-1-1 04/01/2014
[    0.076706] EIP: get_pfnblock_flags_mask+0x40/0x50
[    0.077160] Code: 03 00 00 8b 8e 48 14 33 d7 8b 96 44 14 33 d7 81 e1 
00 fe ff ff 29 c8 c1 e8 09 8d 0c 85 00 00 00 00 c1 e8 03 8d 04 82 83 e1 
1f <8b> 00 d3 e8 21 d8 5b 5e 5d 31 d2 31 c9 c3 66 90 e8 e3 bf d6 ff 55
[    0.078954] EAX: 00000400 EBX: 00000007 ECX: 00000000 EDX: 00000000
[    0.079567] ESI: 00000a80 EDI: d70ebce5 EBP: d71fdd80 ESP: d71fdd78
[    0.080156] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00210046
[    0.080796] CR0: 80050033 CR2: 00000400 CR3: 1749a000 CR4: 000000b0
[    0.081378] Call Trace:
[    0.081602]  __dump_page.cold+0x11d/0x23f
[    0.081977]  ? prb_read_valid+0x29/0x40
[    0.082334]  ? console_unlock+0x56/0x100
[    0.082701]  ? console_unlock+0x56/0x100
[    0.083070]  ? vprintk_emit+0x2d2/0x390
[    0.083458]  ? vprintk_default+0x15/0x20
[    0.083826]  dump_page+0x1b/0x30
[    0.084127]  ? dump_page+0x1b/0x30
[    0.084447]  bad_page.cold+0x62/0x84
[    0.084796]  free_tail_page_prepare+0x134/0x190
[    0.085232]  __free_pages_ok+0x318/0x3c0
[    0.085607]  __free_pages_core+0x4e/0x58
[    0.085982]  memblock_free_pages+0x11/0x34
[    0.086378]  memblock_free_all+0x149/0x1b4
[    0.086766]  mm_core_init+0x103/0x158
[    0.087121]  start_kernel+0x5d2/0x7f8
[    0.087462]  ? load_ucode_bsp+0x53/0xdc
[    0.087832]  i386_start_kernel+0x64/0x64
[    0.088195]  startup_32_smp+0x151/0x154
[    0.088561] Modules linked in:
[    0.088865] CR2: 0000000000000400
[    0.089185] ---[ end trace 0000000000000000 ]---
[    0.089624] EIP: get_pfnblock_flags_mask+0x40/0x50
[    0.090093] Code: 03 00 00 8b 8e 48 14 33 d7 8b 96 44 14 33 d7 81 e1 
00 fe ff ff 29 c8 c1 e8 09 8d 0c 85 00 00 00 00 c1 e8 03 8d 04 82 83 e1 
1f <8b> 00 d3 e8 21 d8 5b 5e 5d 31 d2 31 c9 c3 66 90 e8 e3 bf d6 ff 55
[    0.091910] EAX: 00000400 EBX: 00000007 ECX: 00000000 EDX: 00000000
[    0.092505] ESI: 00000a80 EDI: d70ebce5 EBP: d71fdd80 ESP: d71fdd78
[    0.093111] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00210046
[    0.093788] CR0: 80050033 CR2: 00000400 CR3: 1749a000 CR4: 000000b0
[    0.094415] Kernel panic - not syncing: Attempted to kill the idle task!
[    0.095097] ---[ end Kernel panic - not syncing: Attempted to kill 
the idle task! ]---

The full dmesg is attached (boot.txt).

The crash only happens with PAE enabled. If only HIGHMEM enabled but no 
PAE, the kernel boots without any problem.

Thanks,
Qu