Index: head/sys/amd64/vmm/vmm_host.c
===================================================================
--- head/sys/amd64/vmm/vmm_host.c
+++ head/sys/amd64/vmm/vmm_host.c
@@ -61,7 +61,16 @@
 	 */
 	vmm_host_cr0 = rcr0() | CR0_TS;
 
-	vmm_host_cr4 = rcr4();
+	/*
+	 * On non-PCID or PCID but without INVPCID support machines,
+	 * we flush kernel i.e. global TLB entries, by temporary
+	 * clearing the CR4.PGE bit, see invltlb_glob().  If
+	 * preemption occurs at the wrong time, cached vmm_host_cr4
+	 * might store the value with CR4.PGE cleared.  Since FreeBSD
+	 * requires support for PG_G on amd64, just set it
+	 * unconditionally.
+	 */
+	vmm_host_cr4 = rcr4() | CR4_PGE;
 
 	/*
 	 * Only permit a guest to use XSAVE if the host is using