Challenge
Symptom
Shortly after Veeam Agent for Linux creates a veeamsnap snapshot, the system hangs or crashes with a null pointer dereference:
Example of dmesg:
BUG: kernel NULL pointer dereference, address: 0000000000000000
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 8000000003a47067 P4D 8000000003a47067 PUD 3a48067 PMD 0
Oops: 0000 [#1] SMP PTI
CPU: 0 PID: 396645 Comm: VeeamService se Kdump: loaded Tainted: G OE 5.10.0-17-amd64 #1 Debian 5.10.136-1
Associated Environment Specifications
This issue occurs when all 3 of the following are true:
Linux kernel 5.9 or higher is in use.
Veeam Agent for Linux version 5.0.2.4567 is installed and uses the veeamsnap kernel module.
/proc/kallsyms shows all symbol addresses as zeroes:
$ sudo tail /proc/kallsyms
0000000000000000 t fuse_open_common [fuse]
0000000000000000 t fuse_flush_writepages [fuse]
0000000000000000 t fuse_fill_super_common [fuse]
0000000000000000 t fuse_simple_background [fuse]
0000000000000000 t fuse_getxattr [fuse]
0000000000000000 r fuse_dentry_operations [fuse]
0000000000000000 t fuse_free_conn [fuse]
0000000000000000 t fuse_write_update_size [fuse]
0000000000000000 t fuse_sync_release [fuse]
0000000000000000 t fuse_direct_io [fuse]
Cause
On kernels newer than 5.9, Veeam Agent for Linux 5.0.2.4567 has to retrieve symbols usually exposed through /proc/kallsyms. However, several configuration options may restrict this file, causing zero values to be returned instead of valid addresses. A null pointer dereference occurs when Veeam Agent for Linux attempts to use those zero addresses.
Solution
To resolve this, ensure that /proc/kallsyms returns non-zero addresses.
One of the most common ways those values become restricted is through the use of the following sysctl parameters:
kernel.perf_event_paranoid
kernel.kptr_restrict
More Information
Description of kernel sysctl parameters, including kptr_restrict and perf_event_paranoid
sysctl(8)
