diff --git a/.gitignore b/.gitignore
index 9650dd3e..020dbfed 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,6 +10,7 @@ windows_libs_other/
 ~*
 *.lock~
 *.lock
+.venv
 
 ACP_Ray2/
 build/
diff --git a/.vscode/settings.json b/.vscode/settings.json
new file mode 100644
index 00000000..fb2c36dd
--- /dev/null
+++ b/.vscode/settings.json
@@ -0,0 +1,59 @@
+{
+  // "java.jdt.ls.vmargs": "-XX:+UseParallelGC -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90 -Dsun.zip.disableMemoryMapping=true -Xmx1G -Xms100m -Xlog:disable -jar C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\Base\\lib\\Base.jar"
+  // "java.configuration.runtimes": [
+  //   {
+  //     "name": "JavaSE-1.8",
+  //     "path": "C:\\Program Files\\Microsoft\\jdk-17.0.11.9-hotspot\\",
+  //     "sources": "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\Base\\lib\\Base.jar"
+  //   }
+  // ],
+  "java.project.referencedLibraries": [
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\Base\\lib\\Base.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\Decompiler\\lib\\Decompiler.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\BSim\\lib\\BSim.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\BSimFeatureVisualizer\\lib\\BSimFeatureVisualizer.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\Base\\lib\\Base.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\BytePatterns\\lib\\BytePatterns.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\ByteViewer\\lib\\ByteViewer.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\CodeCompare\\lib\\CodeCompare.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\DebugUtils\\lib\\DebugUtils.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\Decompiler\\lib\\Decompiler.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\DecompilerDependent\\lib\\DecompilerDependent.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\FileFormats\\lib\\FileFormats.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\FunctionGraph\\lib\\FunctionGraph.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\FunctionGraphDecompilerExtension\\lib\\FunctionGraphDecompilerExtension.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\FunctionID\\lib\\FunctionID.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\GhidraGo\\lib\\GhidraGo.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\GhidraServer\\lib\\GhidraServer.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\GnuDemangler\\lib\\GnuDemangler.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\GraphFunctionCalls\\lib\\GraphFunctionCalls.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\GraphServices\\lib\\GraphServices.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\MicrosoftCodeAnalyzer\\lib\\MicrosoftCodeAnalyzer.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\MicrosoftDemangler\\lib\\MicrosoftDemangler.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\MicrosoftDmang\\lib\\MicrosoftDmang.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\PDB\\lib\\PDB.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\ProgramDiff\\lib\\ProgramDiff.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\ProgramGraph\\lib\\ProgramGraph.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\Python\\lib\\Python.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\Recognizers\\lib\\Recognizers.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\Sarif\\lib\\Sarif.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\SourceCodeLookup\\lib\\SourceCodeLookup.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\SwiftDemangler\\lib\\SwiftDemangler.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\SystemEmulation\\lib\\SystemEmulation.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\VersionTracking\\lib\\VersionTracking.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\VersionTrackingBSim\\lib\\VersionTrackingBSim.jar",
+    "C:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Features\\WildcardAssembler\\lib\\WildcardAssembler.jar",
+    "c:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Framework\\DB\\lib\\DB.jar",
+    "c:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Framework\\Docking\\lib\\Docking.jar",
+    "c:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Framework\\Emulation\\lib\\Emulation.jar",
+    "c:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Framework\\FileSystem\\lib\\FileSystem.jar",
+    "c:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Framework\\Generic\\lib\\Generic.jar",
+    "c:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Framework\\Graph\\lib\\Graph.jar",
+    "c:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Framework\\Gui\\lib\\Gui.jar",
+    "c:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Framework\\Help\\lib\\Help.jar",
+    "c:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Framework\\Project\\lib\\Project.jar",
+    "c:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Framework\\Pty\\lib\\Pty.jar",
+    "c:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Framework\\SoftwareModeling\\lib\\SoftwareModeling.jar",
+    "c:\\Projects\\ghidra_11.1.2_PUBLIC\\Ghidra\\Framework\\Utility\\lib\\Utility.jar"
+  ]
+}
diff --git a/ghidra.rep/projectState b/ghidra.rep/projectState
index 11eed53f..19190bbb 100644
--- a/ghidra.rep/projectState
+++ b/ghidra.rep/projectState
@@ -9,7 +9,327 @@
         </SAVE_STATE>
     </PROJECT_DATA_XML_NAME>
     <TOOL_MANAGER ACTIVE_WORKSPACE="Workspace">
-        <WORKSPACE NAME="Workspace" ACTIVE="true" />
+        <WORKSPACE NAME="Workspace" ACTIVE="true">
+            <RUNNING_TOOL TOOL_NAME="CodeBrowser">
+                <ROOT_NODE X_POS="97" Y_POS="111" WIDTH="1637" HEIGHT="936" EX_STATE="0">
+                    <SPLIT_NODE WIDTH="100" HEIGHT="100" DIVIDER_LOCATION="0" ORIENTATION="VERTICAL">
+                        <SPLIT_NODE WIDTH="1621" HEIGHT="816" DIVIDER_LOCATION="148" ORIENTATION="VERTICAL">
+                            <COMPONENT_NODE TOP_INFO="0">
+                                <COMPONENT_INFO NAME="Entropy" OWNER="EntropyPlugin" TITLE="Entropy" ACTIVE="false" GROUP="Header" INSTANCE_ID="3207819926581772885" />
+                                <COMPONENT_INFO NAME="Overview" OWNER="OverviewPlugin" TITLE="Overview" ACTIVE="false" GROUP="Header" INSTANCE_ID="3207819926581772883" />
+                            </COMPONENT_NODE>
+                            <SPLIT_NODE WIDTH="1623" HEIGHT="820" DIVIDER_LOCATION="148" ORIENTATION="HORIZONTAL">
+                                <SPLIT_NODE WIDTH="239" HEIGHT="820" DIVIDER_LOCATION="507" ORIENTATION="VERTICAL">
+                                    <SPLIT_NODE WIDTH="239" HEIGHT="414" DIVIDER_LOCATION="281" ORIENTATION="VERTICAL">
+                                        <COMPONENT_NODE TOP_INFO="0">
+                                            <COMPONENT_INFO NAME="Program Tree" OWNER="ProgramTreePlugin" TITLE="Program Trees" ACTIVE="true" GROUP="Default" INSTANCE_ID="3620485577874802217" />
+                                        </COMPONENT_NODE>
+                                        <COMPONENT_NODE TOP_INFO="0">
+                                            <COMPONENT_INFO NAME="Symbol Tree" OWNER="SymbolTreePlugin" TITLE="Symbol Tree" ACTIVE="true" GROUP="Default" INSTANCE_ID="3620485577874802212" />
+                                        </COMPONENT_NODE>
+                                    </SPLIT_NODE>
+                                    <COMPONENT_NODE TOP_INFO="0">
+                                        <COMPONENT_INFO NAME="DataTypes Provider" OWNER="DataTypeManagerPlugin" TITLE="Data Type Manager" ACTIVE="true" GROUP="Default" INSTANCE_ID="3620486708508165683" />
+                                    </COMPONENT_NODE>
+                                </SPLIT_NODE>
+                                <SPLIT_NODE WIDTH="1380" HEIGHT="820" DIVIDER_LOCATION="285" ORIENTATION="VERTICAL">
+                                    <SPLIT_NODE WIDTH="1386" HEIGHT="638" DIVIDER_LOCATION="705" ORIENTATION="VERTICAL">
+                                        <SPLIT_NODE WIDTH="1380" HEIGHT="233" DIVIDER_LOCATION="550" ORIENTATION="HORIZONTAL">
+                                            <COMPONENT_NODE TOP_INFO="0">
+                                                <COMPONENT_INFO NAME="Listing" OWNER="CodeBrowserPlugin" TITLE="Listing:  Rayman3.exe" ACTIVE="true" GROUP="Core" INSTANCE_ID="3620485577874802225" />
+                                            </COMPONENT_NODE>
+                                            <COMPONENT_NODE TOP_INFO="0">
+                                                <COMPONENT_INFO NAME="Decompiler" OWNER="DecompilePlugin" TITLE="Decompile: FUN_00471aa0" ACTIVE="true" GROUP="Default" INSTANCE_ID="3620485577874802218" />
+                                                <COMPONENT_INFO NAME="Bytes" OWNER="ByteViewerPlugin" TITLE="Bytes: Rayman3.exe" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620485577874802220" />
+                                                <COMPONENT_INFO NAME="Data Window" OWNER="DataWindowPlugin" TITLE="Defined Data" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620486708508165687" />
+                                                <COMPONENT_INFO NAME="Defined Strings" OWNER="ViewStringsPlugin" TITLE="Defined Strings" ACTIVE="true" GROUP="Default" INSTANCE_ID="3620486708508165691" />
+                                                <COMPONENT_INFO NAME="Equates Table" OWNER="EquateTablePlugin" TITLE="Equates Table" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620485577874802223" />
+                                                <COMPONENT_INFO NAME="External Programs" OWNER="ReferencesPlugin" TITLE="External Programs" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620485577874802226" />
+                                                <COMPONENT_INFO NAME="Functions Window" OWNER="FunctionWindowPlugin" TITLE="Functions" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620485577874802228" />
+                                                <COMPONENT_INFO NAME="Relocation Table" OWNER="RelocationTablePlugin" TITLE="Relocation Table" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620486708508165690" />
+                                            </COMPONENT_NODE>
+                                        </SPLIT_NODE>
+                                        <SPLIT_NODE WIDTH="1386" HEIGHT="189" DIVIDER_LOCATION="495" ORIENTATION="HORIZONTAL">
+                                            <COMPONENT_NODE TOP_INFO="0">
+                                                <COMPONENT_INFO NAME="Data Type Preview" OWNER="DataTypePreviewPlugin" TITLE="Data Type Preview" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620486708508165681" />
+                                            </COMPONENT_NODE>
+                                            <COMPONENT_NODE TOP_INFO="0">
+                                                <COMPONENT_INFO NAME="Virtual Disassembler - Current Instruction" OWNER="DisassembledViewPlugin" TITLE="Disassembled View" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620485577874802222" />
+                                            </COMPONENT_NODE>
+                                        </SPLIT_NODE>
+                                    </SPLIT_NODE>
+                                    <COMPONENT_NODE TOP_INFO="0">
+                                        <COMPONENT_INFO NAME="Console" OWNER="ConsolePlugin" TITLE="Console" ACTIVE="true" GROUP="Default" INSTANCE_ID="3620485577874802219" />
+                                        <COMPONENT_INFO NAME="Bookmarks" OWNER="BookmarkPlugin" TITLE="Bookmarks" ACTIVE="false" GROUP="Core.Bookmarks" INSTANCE_ID="3620485577874802216" />
+                                    </COMPONENT_NODE>
+                                </SPLIT_NODE>
+                            </SPLIT_NODE>
+                        </SPLIT_NODE>
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="Function Call Trees" OWNER="CallTreePlugin" TITLE="Function Call Trees" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620485577874802213" />
+                        </COMPONENT_NODE>
+                    </SPLIT_NODE>
+                    <WINDOW_NODE X_POS="90" Y_POS="47" WIDTH="1349" HEIGHT="689">
+                        <SPLIT_NODE WIDTH="1335" HEIGHT="606" DIVIDER_LOCATION="614" ORIENTATION="HORIZONTAL">
+                            <COMPONENT_NODE TOP_INFO="0">
+                                <COMPONENT_INFO NAME="Script Manager" OWNER="GhidraScriptMgrPlugin" TITLE="Script Manager" ACTIVE="true" GROUP="Script Group" INSTANCE_ID="3620485577874802214" />
+                            </COMPONENT_NODE>
+                            <COMPONENT_NODE TOP_INFO="0">
+                                <COMPONENT_INFO NAME="Script Editor" OWNER="GhidraScriptMgrPlugin" TITLE="QueryFunction.java (Read-Only) " ACTIVE="false" GROUP="Script Group" INSTANCE_ID="3620488154236519979" />
+                            </COMPONENT_NODE>
+                        </SPLIT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="423" Y_POS="144" WIDTH="927" HEIGHT="370">
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="Memory Map" OWNER="MemoryMapPlugin" TITLE="Memory Map" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620485577874802210" />
+                        </COMPONENT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="383" Y_POS="7" WIDTH="1020" HEIGHT="1038">
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="Function Graph" OWNER="FunctionGraphPlugin" TITLE="Function Graph" ACTIVE="false" GROUP="Function Graph" INSTANCE_ID="3620486708508165692" />
+                        </COMPONENT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="550" Y_POS="206" WIDTH="655" HEIGHT="509">
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="Register Manager" OWNER="RegisterPlugin" TITLE="Register Manager" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620485577874802227" />
+                        </COMPONENT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="280" Y_POS="190" WIDTH="1424" HEIGHT="666">
+                        <SPLIT_NODE WIDTH="1408" HEIGHT="559" DIVIDER_LOCATION="573" ORIENTATION="HORIZONTAL">
+                            <COMPONENT_NODE TOP_INFO="0">
+                                <COMPONENT_INFO NAME="Symbol Table" OWNER="SymbolTablePlugin" TITLE="Symbol Table" ACTIVE="false" GROUP="symbolTable" INSTANCE_ID="3620486708508165688" />
+                            </COMPONENT_NODE>
+                            <COMPONENT_NODE TOP_INFO="0">
+                                <COMPONENT_INFO NAME="Symbol References" OWNER="SymbolTablePlugin" TITLE="Symbol References" ACTIVE="false" GROUP="symbolTable" INSTANCE_ID="3620486708508165689" />
+                            </COMPONENT_NODE>
+                        </SPLIT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="-1" Y_POS="-1" WIDTH="0" HEIGHT="0">
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="Checksum Generator" OWNER="ComputeChecksumsPlugin" TITLE="Checksum Generator" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620485577874802224" />
+                        </COMPONENT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="-1" Y_POS="-1" WIDTH="0" HEIGHT="0">
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="Function Tags" OWNER="FunctionTagPlugin" TITLE="Function Tags" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620486708508165684" />
+                        </COMPONENT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="-1" Y_POS="-1" WIDTH="0" HEIGHT="0">
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="Comment Window" OWNER="CommentWindowPlugin" TITLE="Comments" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620486708508165686" />
+                        </COMPONENT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="-1" Y_POS="-1" WIDTH="0" HEIGHT="0">
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="Python" OWNER="InterpreterPanelPlugin" TITLE="Python" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620486708508165685" />
+                        </COMPONENT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="615" Y_POS="311" WIDTH="818" HEIGHT="483">
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="BundleManager" OWNER="GhidraScriptMgrPlugin" TITLE="Bundle Manager" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620485577874802215" />
+                        </COMPONENT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="0" Y_POS="0" WIDTH="0" HEIGHT="0">
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="Function Call Graph" OWNER="FunctionCallGraphPlugin" TITLE="Function Call Graph" ACTIVE="false" GROUP="Function Call Graph" INSTANCE_ID="3620486708508165682" />
+                        </COMPONENT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="453" Y_POS="295" WIDTH="717" HEIGHT="488">
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="Location References Provider" OWNER="LocationReferencesPlugin" TITLE="Uses of &quot;ShiftedAddress&quot; (DataType) - 0 locations" ACTIVE="false" GROUP="Default" INSTANCE_ID="3619653749708868586" />
+                        </COMPONENT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="324" Y_POS="314" WIDTH="1105" HEIGHT="586">
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="Structure Editor" OWNER="DataTypeManagerPlugin" TITLE="Structure Editor - Unk0 (Rayman3.exe)" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620311772701109768" />
+                        </COMPONENT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="926" Y_POS="439" WIDTH="487" HEIGHT="536">
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="Xrefs" OWNER="TableServicePlugin" TITLE="XRefs to 007eba24" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620304753589988880" />
+                        </COMPONENT_NODE>
+                    </WINDOW_NODE>
+                    <WINDOW_NODE X_POS="817" Y_POS="402" WIDTH="714" HEIGHT="300">
+                        <COMPONENT_NODE TOP_INFO="0">
+                            <COMPONENT_INFO NAME="Enum Editor" OWNER="DataTypeManagerPlugin" TITLE="Enum Editor - define_STD_INPUT_HANDLE (Rayman3.exe)" ACTIVE="false" GROUP="Default" INSTANCE_ID="3620313134618881561" />
+                        </COMPONENT_NODE>
+                    </WINDOW_NODE>
+                </ROOT_NODE>
+                <DATA_STATE>
+                    <PLUGIN NAME="NavigationHistoryPlugin">
+                        <XML NAME="HISTORY_LIST_0">
+                            <SAVE_STATE>
+                                <STATE NAME="CURRENT_LOC_INDEX" TYPE="int" VALUE="1" />
+                                <STATE NAME="LOCATION_COUNT" TYPE="int" VALUE="2" />
+                                <STATE NAME="MEMENTO_CLASS0" TYPE="string" VALUE="ghidra.app.plugin.core.gotoquery.DefaultNavigatableLocationMemento" />
+                                <STATE NAME="MEMENTO_CLASS1" TYPE="string" VALUE="ghidra.app.plugin.core.gotoquery.DefaultNavigatableLocationMemento" />
+                                <XML NAME="MEMENTO_DATA0">
+                                    <SAVE_STATE>
+                                        <XML NAME="MEMENTO0">
+                                            <SAVE_STATE>
+                                                <STATE NAME="CURSOR_OFFSET" TYPE="int" VALUE="0" />
+                                                <STATE NAME="MEMENTO_CLASS" TYPE="string" VALUE="ghidra.app.plugin.core.codebrowser.CodeViewerLocationMemento" />
+                                                <STATE NAME="NAV_ID" TYPE="long" VALUE="3620485577874802225" />
+                                                <STATE NAME="PROGRAM_ID" TYPE="long" VALUE="3619474555372751854" />
+                                                <STATE NAME="PROGRAM_PATH_" TYPE="string" VALUE="ghidra:/Rayman3.exe" />
+                                                <STATE NAME="_ADDRESS" TYPE="string" VALUE="00400000" />
+                                                <STATE NAME="_BYTE_ADDR" TYPE="string" VALUE="00400000" />
+                                                <STATE NAME="_CHAR_OFFSET" TYPE="int" VALUE="0" />
+                                                <STATE NAME="_CLASSNAME" TYPE="string" VALUE="ghidra.program.util.MemoryBlockStartFieldLocation" />
+                                                <STATE NAME="_COLUMN" TYPE="int" VALUE="0" />
+                                                <ARRAY NAME="_COMMENT" TYPE="string">
+                                                    <A VALUE="//" />
+                                                    <A VALUE="// Headers " />
+                                                    <A VALUE="// ram:00400000-ram:00400fff" />
+                                                    <A VALUE="//" />
+                                                </ARRAY>
+                                                <STATE NAME="_ROW" TYPE="int" VALUE="0" />
+                                                <STATE NAME="_TYPE" TYPE="int" VALUE="-1" />
+                                            </SAVE_STATE>
+                                        </XML>
+                                        <STATE NAME="MEMENTO_CLASS" TYPE="string" VALUE="ghidra.app.plugin.core.gotoquery.DefaultNavigatableLocationMemento" />
+                                        <STATE NAME="NUM_MEMENTOS" TYPE="int" VALUE="1" />
+                                        <STATE NAME="PROGRAM_ID" TYPE="long" VALUE="3619474555372751854" />
+                                        <STATE NAME="PROGRAM_PATH_" TYPE="string" VALUE="ghidra:/Rayman3.exe" />
+                                        <STATE NAME="_ADDRESS" TYPE="string" VALUE="00400000" />
+                                        <STATE NAME="_BYTE_ADDR" TYPE="string" VALUE="00400000" />
+                                        <STATE NAME="_CHAR_OFFSET" TYPE="int" VALUE="0" />
+                                        <STATE NAME="_CLASSNAME" TYPE="string" VALUE="ghidra.program.util.MemoryBlockStartFieldLocation" />
+                                        <STATE NAME="_COLUMN" TYPE="int" VALUE="0" />
+                                        <ARRAY NAME="_COMMENT" TYPE="string">
+                                            <A VALUE="//" />
+                                            <A VALUE="// Headers " />
+                                            <A VALUE="// ram:00400000-ram:00400fff" />
+                                            <A VALUE="//" />
+                                        </ARRAY>
+                                        <STATE NAME="_ROW" TYPE="int" VALUE="0" />
+                                        <STATE NAME="_TYPE" TYPE="int" VALUE="-1" />
+                                    </SAVE_STATE>
+                                </XML>
+                                <XML NAME="MEMENTO_DATA1">
+                                    <SAVE_STATE>
+                                        <XML NAME="MEMENTO0">
+                                            <SAVE_STATE>
+                                                <STATE NAME="CURSOR_OFFSET" TYPE="int" VALUE="303" />
+                                                <STATE NAME="MEMENTO_CLASS" TYPE="string" VALUE="ghidra.app.plugin.core.codebrowser.CodeViewerLocationMemento" />
+                                                <STATE NAME="NAV_ID" TYPE="long" VALUE="3620485577874802225" />
+                                                <STATE NAME="PROGRAM_ID" TYPE="long" VALUE="3619474555372751854" />
+                                                <STATE NAME="PROGRAM_PATH_" TYPE="string" VALUE="ghidra:/Rayman3.exe" />
+                                                <STATE NAME="_ADDRESS" TYPE="string" VALUE="00471c4b" />
+                                                <STATE NAME="_ADDR_REP" TYPE="string" VALUE="00471c4b" />
+                                                <STATE NAME="_BYTE_ADDR" TYPE="string" VALUE="00471c4b" />
+                                                <STATE NAME="_CHAR_OFFSET" TYPE="int" VALUE="0" />
+                                                <STATE NAME="_CLASSNAME" TYPE="string" VALUE="ghidra.program.util.AddressFieldLocation" />
+                                                <STATE NAME="_COLUMN" TYPE="int" VALUE="0" />
+                                                <STATE NAME="_ROW" TYPE="int" VALUE="0" />
+                                            </SAVE_STATE>
+                                        </XML>
+                                        <STATE NAME="MEMENTO_CLASS" TYPE="string" VALUE="ghidra.app.plugin.core.gotoquery.DefaultNavigatableLocationMemento" />
+                                        <STATE NAME="NUM_MEMENTOS" TYPE="int" VALUE="1" />
+                                        <STATE NAME="PROGRAM_ID" TYPE="long" VALUE="3619474555372751854" />
+                                        <STATE NAME="PROGRAM_PATH_" TYPE="string" VALUE="ghidra:/Rayman3.exe" />
+                                        <STATE NAME="_ADDRESS" TYPE="string" VALUE="00471c4b" />
+                                        <STATE NAME="_BYTE_ADDR" TYPE="string" VALUE="00471c4b" />
+                                        <STATE NAME="_CHAR_OFFSET" TYPE="int" VALUE="0" />
+                                        <STATE NAME="_CHAR_POS" TYPE="int" VALUE="1" />
+                                        <STATE NAME="_CLASSNAME" TYPE="string" VALUE="ghidra.app.decompiler.DecompilerLocation" />
+                                        <STATE NAME="_COLUMN" TYPE="int" VALUE="0" />
+                                        <STATE NAME="_FUNCTION_ENTRY" TYPE="string" VALUE="00471aa0" />
+                                        <STATE NAME="_LINE_NUM" TYPE="int" VALUE="58" />
+                                        <STATE NAME="_ROW" TYPE="int" VALUE="0" />
+                                        <STATE NAME="_TOKEN_TEXT" TYPE="string" VALUE="}" />
+                                    </SAVE_STATE>
+                                </XML>
+                                <STATE NAME="NAV_ID" TYPE="long" VALUE="-1" />
+                            </SAVE_STATE>
+                        </XML>
+                        <STATE NAME="LIST_COUNT" TYPE="int" VALUE="1" />
+                    </PLUGIN>
+                    <PLUGIN NAME="ProgramTreePlugin">
+                        <STATE NAME="Current Viewname" TYPE="string" VALUE="Program Tree" />
+                        <ARRAY NAME="GroupNameProgram Tree0" TYPE="string">
+                            <A VALUE="Rayman3.exe" />
+                        </ARRAY>
+                        <STATE NAME="NavigationToggleState" TYPE="boolean" VALUE="false" />
+                        <STATE NAME="NumberOfGroupsProgram Tree" TYPE="int" VALUE="1" />
+                        <STATE NAME="NumberOfViews" TYPE="int" VALUE="1" />
+                        <STATE NAME="TreeName-0" TYPE="string" VALUE="Program Tree" />
+                    </PLUGIN>
+                    <PLUGIN NAME="DecompilePlugin">
+                        <STATE NAME="INDEX" TYPE="int" VALUE="39" />
+                        <STATE NAME="NAV_ID" TYPE="long" VALUE="3620485577874802218" />
+                        <STATE NAME="Num Disconnected" TYPE="int" VALUE="0" />
+                        <STATE NAME="Y_OFFSET" TYPE="int" VALUE="-7" />
+                        <STATE NAME="_ADDRESS" TYPE="string" VALUE="00471c4b" />
+                        <STATE NAME="_BYTE_ADDR" TYPE="string" VALUE="00471c4b" />
+                        <STATE NAME="_CHAR_OFFSET" TYPE="int" VALUE="0" />
+                        <STATE NAME="_CHAR_POS" TYPE="int" VALUE="1" />
+                        <STATE NAME="_CLASSNAME" TYPE="string" VALUE="ghidra.app.decompiler.DecompilerLocation" />
+                        <STATE NAME="_COLUMN" TYPE="int" VALUE="0" />
+                        <STATE NAME="_FUNCTION_ENTRY" TYPE="string" VALUE="00471aa0" />
+                        <STATE NAME="_LINE_NUM" TYPE="int" VALUE="58" />
+                        <STATE NAME="_ROW" TYPE="int" VALUE="0" />
+                        <STATE NAME="_TOKEN_TEXT" TYPE="string" VALUE="}" />
+                    </PLUGIN>
+                    <PLUGIN NAME="ByteViewerPlugin">
+                        <STATE NAME="Block Column" TYPE="int" VALUE="0" />
+                        <STATE NAME="Block Num" TYPE="int" VALUE="0" />
+                        <STATE NAME="Block Offset" TYPE="string" VALUE="0" />
+                        <STATE NAME="Index" TYPE="int" VALUE="0" />
+                        <STATE NAME="NAV_ID" TYPE="long" VALUE="3620485577874802220" />
+                        <STATE NAME="Num Disconnected" TYPE="int" VALUE="0" />
+                        <STATE NAME="X Offset" TYPE="int" VALUE="0" />
+                        <STATE NAME="Y Offset" TYPE="int" VALUE="0" />
+                    </PLUGIN>
+                    <PLUGIN NAME="ProgramManagerPlugin">
+                        <STATE NAME="CURRENT_FILE" TYPE="string" VALUE="Rayman3.exe" />
+                        <STATE NAME="LOCATION_0" TYPE="string" VALUE="/C:/Projects/R3/" />
+                        <STATE NAME="NUM_PROGRAMS" TYPE="int" VALUE="1" />
+                        <STATE NAME="PATHNAME_0" TYPE="string" VALUE="/Rayman3.exe" />
+                        <STATE NAME="PROJECT_NAME_0" TYPE="string" VALUE="ghidra" />
+                        <STATE NAME="VERSION_0" TYPE="int" VALUE="-1" />
+                        <STATE NAME="_ADDRESS" TYPE="string" VALUE="00471c4b" />
+                        <STATE NAME="_BYTE_ADDR" TYPE="string" VALUE="00471c4b" />
+                        <STATE NAME="_CHAR_OFFSET" TYPE="int" VALUE="0" />
+                        <STATE NAME="_CHAR_POS" TYPE="int" VALUE="1" />
+                        <STATE NAME="_CLASSNAME" TYPE="string" VALUE="ghidra.app.decompiler.DecompilerLocation" />
+                        <STATE NAME="_COLUMN" TYPE="int" VALUE="0" />
+                        <STATE NAME="_FUNCTION_ENTRY" TYPE="string" VALUE="00471aa0" />
+                        <STATE NAME="_LINE_NUM" TYPE="int" VALUE="58" />
+                        <STATE NAME="_ROW" TYPE="int" VALUE="0" />
+                        <STATE NAME="_TOKEN_TEXT" TYPE="string" VALUE="}" />
+                    </PLUGIN>
+                    <PLUGIN NAME="FunctionGraphPlugin">
+                        <SAVE_STATE NAME="COMPLEX_LAYOUT_NAME" TYPE="SaveState">
+                            <COMPLEX_LAYOUT_NAME>
+                                <STATE NAME="LAYOUT_CLASS_NAME" TYPE="string" VALUE="ghidra.app.plugin.core.functiongraph.graph.layout.DecompilerNestedLayoutProvider" />
+                                <STATE NAME="LAYOUT_NAME" TYPE="string" VALUE="Nested Code Layout" />
+                            </COMPLEX_LAYOUT_NAME>
+                        </SAVE_STATE>
+                        <STATE NAME="DISPLAY_POPUPS" TYPE="boolean" VALUE="true" />
+                        <STATE NAME="DISPLAY_SATELLITE" TYPE="boolean" VALUE="true" />
+                        <STATE NAME="DOCK_SATELLITE" TYPE="boolean" VALUE="true" />
+                        <STATE NAME="Disconnected Count" TYPE="int" VALUE="0" />
+                        <ENUM NAME="EDGE_HOVER_HIGHLIGHT" TYPE="enum" CLASS="ghidra.app.plugin.core.functiongraph.EdgeDisplayType" VALUE="ScopedFlowsFromVertex" />
+                        <ENUM NAME="EDGE_SELECTION_HIGHLIGHT" TYPE="enum" CLASS="ghidra.app.plugin.core.functiongraph.EdgeDisplayType" VALUE="AllCycles" />
+                        <STATE NAME="NAV_ID" TYPE="long" VALUE="3620486708508165692" />
+                    </PLUGIN>
+                    <PLUGIN NAME="CodeBrowserPlugin">
+                        <STATE NAME="INDEX" TYPE="int" VALUE="465962" />
+                        <STATE NAME="NAV_ID" TYPE="long" VALUE="3620485577874802225" />
+                        <STATE NAME="Num Disconnected" TYPE="int" VALUE="0" />
+                        <STATE NAME="Y_OFFSET" TYPE="int" VALUE="-3" />
+                        <STATE NAME="_ADDRESS" TYPE="string" VALUE="00471c4b" />
+                        <STATE NAME="_ADDR_REP" TYPE="string" VALUE="00471c4b" />
+                        <STATE NAME="_BYTE_ADDR" TYPE="string" VALUE="00471c4b" />
+                        <STATE NAME="_CHAR_OFFSET" TYPE="int" VALUE="0" />
+                        <STATE NAME="_CLASSNAME" TYPE="string" VALUE="ghidra.program.util.AddressFieldLocation" />
+                        <STATE NAME="_COLUMN" TYPE="int" VALUE="0" />
+                        <STATE NAME="_ROW" TYPE="int" VALUE="0" />
+                    </PLUGIN>
+                </DATA_STATE>
+            </RUNNING_TOOL>
+        </WORKSPACE>
     </TOOL_MANAGER>
 </PROJECT>
 
diff --git a/ghidra.rep/user/00/00000003.prp b/ghidra.rep/user/00/00000003.prp
new file mode 100644
index 00000000..6bfcac4f
--- /dev/null
+++ b/ghidra.rep/user/00/00000003.prp
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<FILE_INFO>
+    <BASIC_INFO>
+        <STATE NAME="CONTENT_TYPE" TYPE="string" VALUE="ProgramUserData" />
+        <STATE NAME="PARENT" TYPE="string" VALUE="/" />
+        <STATE NAME="FILE_ID" TYPE="string" VALUE="c0a83818dbb350040493591800" />
+        <STATE NAME="FILE_TYPE" TYPE="int" VALUE="0" />
+        <STATE NAME="READ_ONLY" TYPE="boolean" VALUE="false" />
+        <STATE NAME="NAME" TYPE="string" VALUE="udf_c0a83817db8269551491389699" />
+    </BASIC_INFO>
+</FILE_INFO>
diff --git a/scripts/DecompileC.java b/scripts/DecompileC.java
new file mode 100644
index 00000000..098ba63c
--- /dev/null
+++ b/scripts/DecompileC.java
@@ -0,0 +1,145 @@
+
+// Test script
+import java.io.File;
+import java.io.PrintWriter;
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.Dictionary;
+import java.util.Hashtable;
+import java.util.Iterator;
+import java.util.List;
+
+import ghidra.app.decompiler.DecompInterface;
+import ghidra.app.decompiler.DecompileResults;
+import ghidra.app.script.GhidraScript;
+import ghidra.app.script.GhidraScriptUtil;
+import ghidra.program.model.address.GlobalSymbol;
+import ghidra.program.model.data.DataType;
+import ghidra.program.model.listing.Function;
+import ghidra.program.model.listing.Variable;
+import ghidra.program.model.pcode.HighSymbol;
+import ghidra.program.model.symbol.SourceType;
+import ghidra.program.model.symbol.Symbol;
+
+public class DecompileC extends GhidraScript {
+	private static final String OUTPUT_DIR = "game_re";
+	private static final int TIMEOUT = 10000;
+
+	// Auto rename invalid symbols
+	private static final boolean AUTO_RENAME_SYMBOLS = true;
+
+	@Override
+	public void run() throws Exception {
+		if (currentProgram == null) {
+			return;
+		}
+
+		// Make sure to create OUTPUT_PATH
+		File rootDir = new File(sourceFile.getAbsolutePath()).getParentFile().getParentFile();
+		File outputDir = new File(rootDir, OUTPUT_DIR);
+
+		if (!outputDir.exists()) {
+			throw new Exception("Output directory does not exist: " + outputDir.getCanonicalPath());
+		}
+
+		File dirDecompAuto = new File(outputDir, "gh_auto");
+		File dirDecompFix = new File(outputDir, "gh_fix");
+
+		println("Output path: " + outputDir.getCanonicalPath());
+
+		DecompInterface decomp = new DecompInterface();
+		decomp.openProgram(currentProgram);
+
+		List<Function> functions = new ArrayList<>();
+		List<Variable> uniqueVars = new ArrayList<>();
+
+		Iterator<Function> functionsIt = currentProgram.getFunctionManager().getFunctions(true).iterator();
+		while (functionsIt.hasNext()) {
+			Function function = functionsIt.next();
+			String comment = function.getComment();
+			if (comment != null && comment.contains("TODO")) {
+				println("Function: " + function.getName() + " - " + comment);
+			}
+			functions.add(function);
+
+			for (Variable var : function.getAllVariables()) {
+				uniqueVars.add(var);
+			}
+		}
+
+		Hashtable<String, HighSymbol> globalSymbols = new Hashtable<>();
+
+		File functionList = new File(outputDir, "functions.txt");
+		PrintWriter writer = new PrintWriter(functionList, "UTF-8");
+		for (Function function : functions) {
+			String fileName = sanitizeFunctionName(function.getName()) + ".c";
+
+			File f1 = new File(dirDecompFix, fileName);
+			if (f1.exists()) {
+				println("Func " + function.getName() + " skipped (gh_fix)");
+				continue;
+			}
+
+			File f0 = new File(dirDecompAuto, fileName);
+			if (f0.exists()) {
+				f0.delete();
+			}
+
+			DecompileResults decompRes = decomp.decompileFunction(function, TIMEOUT, monitor);
+			PrintWriter writer2 = new PrintWriter(f0, "UTF-8");
+			writer2.println(decompRes.getDecompiledFunction().getC());
+			writer2.close();
+
+			Iterator<HighSymbol> smyIt = decompRes.getHighFunction().getGlobalSymbolMap().getSymbols();
+			while (smyIt.hasNext()) {
+				HighSymbol gsym = smyIt.next();
+				if (globalSymbols.containsKey(gsym.getName()))
+					continue;
+				println("GLOBAL: " + gsym.getName());
+				String sanitizedName = sanitizeFunctionName(gsym.getName());
+				if (!sanitizedName.equals(gsym.getName())) {
+					if (AUTO_RENAME_SYMBOLS) {
+						println("Renaming global symbol: " + gsym.getName() + " -> " + sanitizedName);
+						Symbol symbol = gsym.getSymbol();// currentProgram.getSymbolTable().getSymbol(gsym.getName());
+						if (symbol != null) {
+							try {
+								symbol.setName(sanitizedName, SourceType.USER_DEFINED);
+								println("Renamed global symbol: " + gsym.getName() + " -> " + sanitizedName);
+							} catch (Exception e) {
+								println("Error renaming symbol: " + e.getMessage());
+							}
+						} else {
+							println("Could not find symbol to rename: " + gsym.getName());
+						}
+					}
+					println("Invalid global symbol name: " + gsym.getName() + " - " + function.getName());
+				}
+				globalSymbols.put(gsym.getName(), gsym);
+			}
+		}
+		writer.close();
+
+		File uniqueVarsList = new File(outputDir, "unique_vars.txt");
+		writer = new PrintWriter(uniqueVarsList, "UTF-8");
+		for (Variable var : uniqueVars) {
+			writer.println(var.getName());
+		}
+		writer.close();
+
+		File globalSymbolsListH = new File(outputDir, "global.h");
+		File globalSymbolsListC = new File(outputDir, "global.c");
+		PrintWriter hwriter = new PrintWriter(globalSymbolsListH, "UTF-8");
+		PrintWriter cwriter = new PrintWriter(globalSymbolsListC, "UTF-8");
+		for (HighSymbol sym : globalSymbols.values()) {
+			DataType dt = sym.getDataType();
+			hwriter.println("extern " + dt.toString() + " " + sym.getName() + ";");
+			cwriter.println(sym.getDataType().toString() + " " + sym.getName() + " {}");
+		}
+		hwriter.close();
+		cwriter.close();
+	}
+
+	String sanitizeFunctionName(String name) {
+		return name.replaceAll("[^a-zA-Z0-9_]", "_");
+	}
+}
diff --git a/scripts/LICENSE b/scripts/LICENSE
new file mode 100644
index 00000000..a3427dfb
--- /dev/null
+++ b/scripts/LICENSE
@@ -0,0 +1,23 @@
+Parts used from https://github.com/tenable/ghidra_tools
+
+MIT License
+
+Copyright (c) 2022 Tenable
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/scripts/readme.md b/scripts/readme.md
new file mode 100644
index 00000000..e2d20dae
--- /dev/null
+++ b/scripts/readme.md
@@ -0,0 +1,3 @@
+# Ghidra Scripts
+
+Add this to your scripts folder and run to generate c code for all functions in the project
\ No newline at end of file