Andrew Case

Could you please git pull to update to the latest version of Volatility and then test again? I added support for Linux 4.9+

@eve-mem I got back to this today, it is the needed symbol being paged out.

> @eve-mem I got back to this today, it is the needed symbol being paged out. I hardcoded it to 0x10 to match your disasm as a test, and I...

@ikelos @eve-mem for this fix, can we go with catching that exception when the SAR decoding fails and then: 1) Emit a warning print that it could not be decoded...

yes that would be nice as eventually there will be 5+

@Abyss-W4tcher @gcmoreira what is the latest on this one?

What is the latest on this @eve-mem ?

What is the status of this @eve-mem ?

RE: importing classes by name, currently we are at: ``` volatility3/framework/symbols/linux/__init__.py:import volatility3.framework.symbols.linux.utilities.modules as linux_utilities_modules volatility3/framework/plugins/linux/keyboard_notifiers.py:import volatility3.framework.symbols.linux.utilities.modules as linux_utilities_modules volatility3/framework/plugins/linux/tty_check.py:import volatility3.framework.symbols.linux.utilities.modules as linux_utilities_modules volatility3/framework/plugins/linux/tracing/tracepoints.py:import volatility3.framework.symbols.linux.utilities.modules as linux_utilities_modules volatility3/framework/plugins/linux/tracing/ftrace.py:import volatility3.framework.symbols.linux.utilities.modules as linux_utilities_modules...

@ikelos are these okay? They are very new so I assume it is, but we will need to document it as an exception and have the github action skip them:...