function::kernel_pointer - Linux


The function::kernel_pointer command is a debugging tool used primarily for kernel development and debugging. It allows users to view the virtual address of a kernel function.


function::kernel_pointer [-h] [-v] [FunctionName]


  • -h, --help: Displays the help message and exits.
  • -v, --verbose: Enables verbose output, providing more detailed information.


Simple Example:

Retrieve the virtual address of the do_execveat() function:

$ function::kernel_pointer do_execveat

Verbose Output Example:

Display detailed information about the do_execveat() function:

$ function::kernel_pointer -v do_execveat

Common Issues

  • Invalid Function Name: If the provided function name is not valid, the command will display an error message.
  • Module Not Loaded: If the module containing the specified function is not loaded, the command will fail.


The function::kernel_pointer command can be used in conjunction with other tools for advanced kernel debugging tasks. For example, it can be integrated into scripts to automate the process of finding and verifying kernel function addresses.

Related Commands

  • nm: Lists symbols from object files or shared libraries, including kernel modules.
  • kallsyms: Prints kernel symbols and their virtual addresses.
  • gdb: A powerful debugger used for kernel development.