OPERATIONAL DEFECT DATABASE
...
...
Symptom Shortly after Veeam Agent for Linux creates a veeamsnap snapshot, the system hangs or crashes with a null pointer dereference: Example of dmesg: BUG: kernel NULL pointer dereference, address: 0000000000000000 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 8000000003a47067 P4D 8000000003a47067 PUD 3a48067 PMD 0 Oops: 0000 [#1] SMP PTI CPU: 0 PID: 396645 Comm: VeeamService se Kdump: loaded Tainted: G OE 5.10.0-17-amd64 #1 Debian 5.10.136-1 Associated Environment Specifications This issue occurs when all 3 of the following are true: Linux kernel 5.9 or higher is in use. Veeam Agent for Linux version 5.0.2.4567 is installed and uses the veeamsnap kernel module. /proc/kallsyms shows all symbol addresses as zeroes: $ sudo tail /proc/kallsyms 0000000000000000 t fuse_open_common [fuse] 0000000000000000 t fuse_flush_writepages [fuse] 0000000000000000 t fuse_fill_super_common [fuse] 0000000000000000 t fuse_simple_background [fuse] 0000000000000000 t fuse_getxattr [fuse] 0000000000000000 r fuse_dentry_operations [fuse] 0000000000000000 t fuse_free_conn [fuse] 0000000000000000 t fuse_write_update_size [fuse] 0000000000000000 t fuse_sync_release [fuse] 0000000000000000 t fuse_direct_io [fuse]
On kernels newer than 5.9, Veeam Agent for Linux 5.0.2.4567 has to retrieve symbols usually exposed through /proc/kallsyms. However, several configuration options may restrict this file, causing zero values to be returned instead of valid addresses. A null pointer dereference occurs when Veeam Agent for Linux attempts to use those zero addresses.
To resolve this, ensure that /proc/kallsyms returns non-zero addresses. One of the most common ways those values become restricted is through the use of the following sysctl parameters: kernel.perf_event_paranoid kernel.kptr_restrict
Description of kernel sysctl parameters, including kptr_restrict and perf_event_paranoid sysctl(8)
Click on a version to see all relevant bugs
Veeam Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
