Java crashes on s390x VM with SIGILL/ILL_PRVOPC at '__kernel_getcpu+0x8'

I just tried the same s390x virtual machine under QEMU version 6.0.0 in the Ubuntu 21.10 Beta release, and the error still occurs. My system information is shown below:

$ qemu-system-s390x --version
QEMU emulator version 6.0.0 (Debian 1:6.0+dfsg-2expubuntu1)
Copyright (c) 2003-2021 Fabrice Bellard and the QEMU Project developers

$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=21.10
DISTRIB_CODENAME=impish
DISTRIB_DESCRIPTION="Ubuntu Impish Indri (development branch)"

$ uname -a
Linux ubuntu 5.13.0-16-generic #16-Ubuntu SMP Fri Sep 3 14:53:27 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

There were some fixes in QEMU v6.1. Please try that one to see whether it solves your problem, too.

The error still occurs on the same s390x virtual machine with QEMU version 6.1.

After building QEMU 6.1, I started the virtual machine as follows:

  $ ../qemu-6.1.0/build/s390x-softmmu/qemu-system-s390x \
    -m 2048 -drive if=virtio,file=s390x-focal.qcow2,cache=none

The QEMU 6.1.0 monitor shows:

  (qemu) info version
  6.1.0

On the guest, I installed the new 'openjdk-17-jre-headless' OpenJDK 17 package in Ubuntu 20.04. Although the installation fails because of this bug, the 'java' command is available after the attempt to install the package.

  $ sudo apt-get install openjdk-17-jre-headless

The error in this bug report still occurs:

  $ /usr/lib/jvm/java-17-openjdk-s390x/bin/java --version
  #
  # A fatal error has been detected by the Java Runtime Environment:
  #
  # SIGILL (0x4) at pc=0x000003ff9e4fe6f4, pid=2883, tid=2884
  #
  # JRE version: (17.0+35) (build )
  # Java VM: OpenJDK 64-Bit Server VM (17+35-Ubuntu-120.04, mixed
  # mode, sharing, tiered, compressed oops, compressed class ptrs,
  # serial gc, linux-s390x)
  # Problematic frame:
  # C [linux-vdso64.so.1+0x6f8] __kernel_getcpu+0x8
  #
  # Core dump will be written. Default location: Core dumps may
  # be processed with "/usr/share/apport/apport %p %s %c %d %P %E"
  # (or dumping to /home/ubuntu/core.2883)
  #
  # An error report file with more information is saved as:
  # /home/ubuntu/hs_err_pid2883.log
  #
  #
  Aborted (core dumped)

I'll also attach the corresponding log file.

For reference, the guest shows the following CPU information under QEMU 6.1.

  $ lscpu
  Architecture: s390x
  CPU op-mode(s): 32-bit, 64-bit
  Byte Order: Big Endian
  CPU(s): 1
  On-line CPU(s) list: 0
  Thread(s) per core: 1
  Core(s) per socket: 1
  Socket(s) per book: 1
  Book(s) per drawer: 1
  Drawer(s): 1
  NUMA node(s): 1
  Vendor ID: IBM/S390
  Machine type: 3906
  BogoMIPS: 13370.00
  Hypervisor: KVM/Linux
  Hypervisor vendor: KVM
  Virtualization type: full
  Dispatching mode: horizontal
  NUMA node0 CPU(s): 0
  ...

Now that I can reproduce the problem on the latest QEMU 6.1, I created the following issue with the upstream project:

Java crashes on s390x VM with SIGILL/ILL_PRVOPC at '__kernel_getcpu+0x8'
https://gitlab.com/qemu-project/qemu/-/issues/655

Thank you John,
emulation on s390x is imperfect at times - the JVM might just use a non emulated instruction or something like that. I've linked your upstream report (thanks) here to that the bug automatically gets updates from there.

Do we already happen to know at which (maybe always the same) instruction sequence this crashes?

For more history on this issue, please see the following Debian bug report created in June 2021:

openjdk-11-jre-headless: running java in qemu s390 gives a SIGILL at C [linux-vdso64.so.1+0x6f8] __kernel_getcpu+0x8
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990417

That report links to a simple C program that can reproduce the error.