Merge remote-tracking branch 'origin/Ghidra_11.3'

2025-10-03 09:49:23 +02:00 · 2025-02-05 06:55:37 -05:00 · 2025-02-05 06:55:37 -05:00 · 5002de13f4
commit 5002de13f4
parent 17419c57fe 100ba5fd6a
2 changed files with 200 additions and 30 deletions
--- a/Ghidra/Configurations/Public_Release/src/global/docs/ChangeHistory.md
+++ b/Ghidra/Configurations/Public_Release/src/global/docs/ChangeHistory.md
@ -1,3 +1,148 @@
 # Ghidra 11.3 Change History (February 2025)
 ### New Features
 * _Analysis_. Added new logic to export facts and source/sink logic to Datalog. (GP-3443)
 * _Data Types_. Added string translation option to use LibreTranslate to translate strings found in a binary. NOTE: This plugin is not enabled by default; the user needs to configure tool to include it if they want to use it. (GP-4877)
 * _Debugger_. Added TraceRMI connector for JDI (Java/Dalvik targets). (GP-4760)
 * _Debugger_. TraceRMI now supports debugging Java/Dalvik on Android. (GP-4893)
 * _Debugger:Agents_. The deprecated Debugger plugins and connectors (e.g., IN-VM) have been removed. (GP-1978)
 * _Debugger:LLDB_. Added support for debugging macOS kernels with lldb. (GP-5209)
 * _Debugger:Targets_. Added support for local and eXDI-mode kernel debugging (dbgeng/dbgmodel). (GP-5185)
 * _Emulator_. Added a high-performance p-code emulator using Just-in-Time translation to bytecode. (GP-4643)
 * _Graphing_. Added two new __Flow Chart__ layouts for the function graph. These layouts organize code blocks into a tree structure and use orthogonal edge routing. One centers the parent block over the children and the other keeps the parent left aligned with its left most child. (GP-4988, Issue #1406)
 * _GUI_. Updated the File chooser to allow users to edit the path field. (GP-3492, Issue #5291, #7150)
 * _Importer_. Added a `Load Libraries` action that allows the user to load libraries after a program has already been imported. (GP-4919, Issue #396)
 * _Scripting_. Integrated the DoD Cyber Crime Center's Pyhidra tool (renamed to PyGhidra) to provide a native CPython 3 interface to Ghidra. (GP-4816, Issue #6900)
 * _Scripting_. Added a new button to the Script Manager that allows the user to edit scripts in Visual Studio Code.  Additionally, added a new action to the CodeBrowser under __Tools -> Create VSCode Module Project...__ that replaces the old `VSCodeProjectScript.java` script. (GP-5148)
 * _Search_. Added an action to allow users to search Decompiled text from __Search -> Decompiled Text...__. (GP-4839, Issue #6795)
 * _SourceMatching_. Added manager for source code and line number information to the Ghidra database. (GP-3883)
 * _SourceMatching_. Added `SourceFilesTablePlugin` for viewing source file information and managing local paths. (GP-4190)
 ### Improvements
 * _Analysis_. Corrected a vftable naming issue in RTTI Analyzer where programs with PDB information were not naming vftables with associated class name correctly. (GP-4687)
 * _BSim_. Added a `status` command to `bsim_ctl`. (GP-5129, Issue #7102)
 * _BSim_. Added ability to specify user login info with postgres/elastic BSim URLs for the `bsim` command line tool and API.  Updated BSim Server Manager GUI to allow user login name to be specified for postgres/elastic BSim server entries. (GP-5167)
 * _BSim_. Updated BSim bundled postgresql server to 15.10 to resolve incompatibility with `openssl 3.2.2`. (GP-5212, Issue #6115, #7084)
 * _BSim_. Tweaked BSim Dark Mode colors. (GP-5223, Issue #7312)
 * _Build_. Fixed a build issue with Gradle 8.12. (GP-5226)
 * _CodeBrowser_. Users can now apply bookmarks in the Listing to interior data of structures applied to memory. (GP-4820)
 * _Data Types_. The Decompiler now propagates and displays names for enumeration data-types that have been partially truncated. (GP-2470)
 * _Debugger_. Improved the behavior for Android targets. (GP-5034, Issue #6386)
 * _Debugger:Agents_. Removed __raw gdb__ connector. Instead, just leave the __Image__ option blank in the __gdb__ connector. (GP-4906)
 * _Debugger:Agents_. Added __Architecture__ and __Endian__ options to several gdb launchers. (GP-5005)
 * _Debugger:GDB_. Added distinct launchers for qemu-system (vs. qemu-user). Windows only supports qemu-system. (GP-5051, Issue #7095)
 * _Debugger:GDB_. Added __Pull all section mappings__ to the __qemu + gdb__ debug launcher. (GP-5089, Issue #7118)
 * _Debugger:Listing_. __Load Emulator from Programs__ has been removed from the __Auto-Read Memory__ menus. It is now the default behavior for pure emulation, unless __Do Not Read Memory__ is selected. (GP-5134)
 * _Decompiler_. Updated the Decompiler function name colors to match the Listing. (GP-5085, Issue #7053)
 * _Decompiler_. Improved the Decompiler's handling of signed integer comparisons in the presence of the AARCH64 `ccmp` instruction. (GP-5158)
 * _Demangler_. Added ability to process Microsoft C-style mangled function symbols. (GP-4898, Issue #1514)
 * _Demangler_. Improved processing of anonymous namespaces in vxtables. (GP-5101)
 * _Demangler_. The builtin `int` type in Swift binaries has been changed from 8 bytes to 4 bytes.  The Swift Demangler now demangles the `Swift.Int` type to `__int64` (or `__int32` on 32-bit programs) to avoid conflicts with non-Swift structures and functions that may be found in the program. (GP-5182, Issue #6784)
 * _Eclipse Integration_. GhidraDev 5.0.0 has been released which supports creating and launching new Ghidra module and scripting projects with PyGhidra support (using the PyDev Eclipse plugin). (GP-5138)
 * _FileSystems_. Updated to dex2jar-2.4.24 and asm-9.7.1 libraries. (GP-5220)
 * _Function_. Now prevent function auto-storage assignment for DEFAULT (`undefined`) datatype.  Changed Demangler to produce undefined-typedef in place of a DWORD-typedef when producing a default-named datatype.  Demangler will still create an empty named Structure in many cases.  Decompiler will no longer assign the `undefined` datatype to variables. (GP-4886)
 * _Graphing_. Added an action to toggle between the Listing and Function Graph views (`Ctrl-Space`). (GP-4947)
 * _Graphing_. Added options for which corner the Function Graph Satellite view is docked within the main Graph window. (GP-4996)
 * _GUI_. Updated theming to allow users to change the table's base font and monospaced fonts separately. (GP-4873, Issue #6853)
 * _GUI_. Changed the Linux default theme from `Nimbus` to `Flat Light`. (GP-4973)
 * _GUI_. Updated Key Binding assignment to allow users to choose `Backspace` and `Enter`. (GP-5007, Issue #6972)
 * _GUI_. Upgraded FlatLaf to 3.5.4. (GP-5027)
 * _GUI_. Added options to the __Clear With Options...__ action to allow just clearing instructions or data instead of having to do both or neither. (GP-5084, Issue #7082)
 * _GUI_. Users can now pick a language by double-clicking in the Importer Dialog. (GP-5097, Issue #7135)
 * _GUI_. Updated the `Flat Dark` table inactive selection color. (GP-5108, Issue #7134)
 * _GUI_. Users can now press the `Escape` key to close windows that contain only a single component provider. (GP-5114, Issue #7136)
 * _GUI_. Updated table and tree filters to support `Ctrl-F` to place focus on the cursor.  Also added an action to hide and show the filter. (GP-5115, Issue #7136)
 * _GUI_. The Function Call Tree plugin now distinguishes between call references and non-call references. (GP-5116)
 * _GUI_. Changed actions that _show_ a component provider into toggle actions that _hide_ the provider if already visible. (GP-5117, Issue #7136)
 * _GUI_. Added a `Downloads` folder to the File Chooser. (GP-5118, Issue #7121)
 * _GUI_. Added the Unresolved Reference color to the Theme Configuration. (GP-5157)
 * _GUI_. Added support for expressions in address input fields. (GP-5196, Issue #7227)
 * _Importer_. Fixed a performance issue when loading libraries on Windows. (GP-5208)
 * _Importer:COFF_. The MS Common Object File Format (COFF) loader now recognizes AARCH64 binaries. (GP-5153)
 * _Importer:COFF_. Added relocation handlers for ARM and AARCH64 COFF files. (GP-5154)
 * _Importer:ELF_. The ElfLoader imagebase option can now contain a leading `0x`. (GP-4955, Issue #6912)
 * _Languages_. Added support for golang 1.23. (GP-4870)
 * _Listing_. Added ability to copy data values and referenced data values to the clipboard via the copy special action. (GP-5036)
 * _Listing_. Hovering on addresses in the Listing now show offsets in both decimal and hexadecimal. (GP-5176, Issue #7239)
 * _Navigation_. Improved GoTo Dialog to support full namespace paths with wildcards. (GP-4930)
 * _PDB_. Improved PDB composite reconstruction when padding components are required to facilitate proper packing. (GP-5037, Issue #1030)
 * _PDB_. Enabled the processing of some older PDB component versions by fixing up previously written code intended for processing them. (GP-5072, Issue #7100)
 * _PDB_. Improved searching for PDB files. (GP-5174, Issue #7200)
 * _Processors_. Made a number of improvements to the TI_MSP430 compiler spec. (GP-4202)
 * _Scripting_. `GhidraScript.askFile()` no longer throws an `IllegalArgumentException` in headless mode when passing in a valid path argument to a file that does not yet exist. (GP-5010, Issue #7025)
 * _Scripting_. Upgraded Jython to 2.7.4. (GP-5210)
 * _Search_. Added a button to the Instruction Pattern Search dialog that allows users to add more instructions to the current set of patterns. (GP-2418)
 * _SourceMatching_. Added source file mapping for golang. (GP-4196)
 * _SourceMatching_. Added `OpenSourceFileAtLineInVSCodeScript.java` and `OpenSourceFileAtLineInEclipseScript.java` for communicating source map information to vscode and eclipse. (GP-5217)
 * _Terminal_. Added keys to adjust font size. Fixed theme changes should take immediate effect. (GP-5003)
 ### Bugs
 * _Analysis_. Fixed issue in RTTIAnalyzer introduced with previous fix to incorrect anonymous PDB namespaces. Leaving the old name as a secondary label caused RTTI Script to assume two different classes with same Listing contents. (GP-5146, Issue #3213)
 * _Assembler_. Improved `WildcardAssembler` to have less stringent requirements for input `contextreg` values. (GP-5288, Issue #7195)
 * _BSim_. Corrected various bugs related to BSim elasticsearch use. (GP-1830)
 * _BSim_. Corrected various bugs affecting BSim Elasticsearch use. (GP-5207)
 * _BSim_. Corrected BSim apply signature when source calling convention is unknown (e.g., custom) to destination. (GP-5216, Issue #7310)
 * _BSim_. Corrected `NullPointerException` in `BSimFeatureVisualizer`. (GP-5252, Issue #7311)
 * _Byte Viewer_. Fixed bug that cleared the Byte Viewer __Address__ column when changing fonts. (GP-4998)
 * _CParser_. Parsing header files with the CParser will now stop parsing when a `#error` directive is encountered.  Numerous parsing errors involving comment parsing have been fixed. (GP-5025, Issue #7001)
 * _CParser_. Added CParser support for `__vectorcall`, `__rustcall`, and `__pascal` calling conventions. (GP-5150)
 * _Debugger_. Fixed issue toggling and deleting breakpoints and watchpoints in lldb. (GP-5271)
 * _Debugger:dbgeng.dll_. Provided fix for missing stack values for some variants of `dbgmodel.dll`. (GP-5195)
 * _Debugger:GDB_. Added a __Refresh__ action for stack frames other than just the topmost one. (GP-5169)
 * _Debugger:GDB_. Fixed endianness of register value display in Model tree. (GP-5230)
 * _Debugger:Listing_. Fixed issue with obtrusive and spurious auto-seek events. (GP-5266)
 * _Debugger:Mappings_. Fixed issue with registers not displaying because of a conflict in language/compiler opinion between the back and front ends, particularly affecting gdb with Windows x64 targets. (GP-5232)
 * _Debugger:Memory_. Fixed an issue with manually adding a Region from the UI. (GP-5164, Issue #7176)
 * _Debugger:Memory_. Fixed Auto-Read memory when using Force Full View. (GP-5180, Issue #7176)
 * _Debugger:Modules_. Fixed `NullPointerException` from `TraceModule.getBase().getAddressSpace()` commonly seen when launching and mapping Windows targets. (GP-5102, Issue #7153)
 * _Debugger:Objects_. Fixed issue where __Model__ tree pane didn't update after editing a register in the CLI. (GP-5229)
 * _Debugger:Registers_. Fixed issue where registers could not be edited. (GP-5213)
 * _Debugger:Trace_. Fixed unflushed object stream in `Saveable TracePropertyMap`. (GP-5121)
 * _Decompiler_. Fixed occurrence of _"Unable to create datatype associated with symbol"_ exceptions when using the __Override Signature__ action. (GP-5006, Issue #3694)
 * _Decompiler_. Fixed a bug where the Decompiler failed to resolve references into structures that were recursively defined. (GP-5038)
 * _Decompiler_. Fixed a Decompiler bug encountered when renaming a token that caused middle-mouse highlights to persists. (GP-5040, Issue #7077)
 * _Decompiler_. Fixed possible infinite loop when inlining recursive functions in the Decompiler. (GP-5073, Issue #5824)
 * _Decompiler_. Fixed crash in the Decompiler triggered while recovering a heap string written at a negative offset relative to the pointer. (GP-5130)
 * _Decompiler_. Fixed infinite loop in the Decompiler triggered by data-types with a nested structure containing an array. (GP-5184, Issue #7212)
 * _Diff_. Fixed missing parameters in the Diff Tool Listing view. (GP-5155)
 * _Eclipse Integration_. Fixed an issue with the GhidraDev Eclipse plugin's __Import Ghidra Module Source__ feature that prevented the module's extension points from being discovered by Ghidra when launched with the project's run/debug configuration. (GP-5125, Issue #7047)
 * _Framework_. Fixed an exception that occurred when closing the Front End tool. (GP-4962, Issue #6937)
 * _Function_. Corrected Function custom storage editor's handling of compound storage checking for big-endian programs. (GP-5198)
 * _Function Compare_. Fixed bug in LocalBsimQueryScript where showing new function comparison windows would stop working after you closed the comparison window the first time. (GP-5329)
 * _GUI_. Corrected Function custom storage editor datatype selection which failed to properly clone datatype to program's data organization. (GP-4913)
 * _GUI_. Updated the Ghidra Script table so all columns are resizable. (GP-4983, Issue #6918)
 * _GUI_. Fixed table selection bug in the Memory Map provider when a table filter is applied. (GP-4984)
 * _GUI_. Fixed fast scrolling behavior sometimes seen when using the `Flat Light` or `Dark` themes. (GP-4993, Issue #6952)
 * _GUI_. Fixed entropy legend labels to be visible in all themes. (GP-5103)
 * _GUI_. Fixed a bug that caused the table Column Filter Dialog to not update when new columns were added. (GP-5289, Issue #7175)
 * _GUI_. Fixed the Escape key sometimes not working in Tree and Table cell editors. (GP-5313, Issue #7241)
 * _Importer:PE_. Provided a fix related to an incorrect length for Windows PE `IMAGE_DEBUG_MISC` processing. (GP-5199, Issue #7285)
 * _Importer:PE_. Fixed a `NullPointerException` that could occur when processing debug COFF symbol information. (GP-5321, Issue #7411)
 * _Multi-User_. Corrected Ghidra versioning bug where server may not be updated with latest checkout details following a checkout update.  This could allow file versions to be deleted from the repository when they still have corresponding checkout(s).  To correct existing checkout data, all project files should be checked-in, without keeping checked-out, then re-checkout if necessary to correct the repository metadata. (GP-5123)
 * _Multi-User_. Corrected Ghidra Server concurrent modification error which could occur during client repository disposal.   Improved control of java path used by `ghidraSvr` script and other Ghidra launch scripts through the use of `JAVA_HOME` environment variable. (GP-5161)
 * _Processors_. Added EVEX writemask to pcode for x86 AVX-512 instructions. (GP-4660)
 * _Processors_. Corrected ARM VFPv2 instructions which were not disassembling correctly. (GP-5181, Issue #7259)
 * _ProgramDB_. Corrected issue related to locally stored Program user data that may not handle language version upgrades properly. (GP-5205)
 * _ProgramTree_. Fixed `NullPointerException` when restoring a program tree window in which a tab was previously closed. (GP-5279)
 ### Notable API Changes
 * _Debugger:Agents_. (GP-1978) The entirety of `DebuggerObjectModel` and most of its related paraphernalia have been removed. Other parts have been refactored into other components. `DebuggerObjectModel` / `TraceRecorder` is replaced by `TraceRmi` / `Target`. `TargetObject` is replaced by `TraceObject`. Some `TargetObject` interfaces, e.g., `TargetDeletable`, do not have replacement `TraceObject` interfaces. Instead, they are implied by applicable `RemoteMethods`. Others, e.g., `TargetAccessConditioned`, are removed without replacement.  `DataType`- and `Symbol`-related objects are removed. They have not been used. If needed later, the intent is to provide rmi-based access to the trace's symbol table and data type manager. `TargetObjectSchema` is replaced by `TraceObjectSchema`. `TraceObjectKeyPath` is renamed `KeyPath`. `PathUtils` and many uses of `List<String>` have been replaced by `KeyPath`. `AnnotatedSchemaContext` and related are removed. `SshPtyFactory` and related are removed.
 * _Emulator_. (GP-4643) Added `JitPcodeEmulator` and many, many related classes. `PcodeArithmetic`: changed `modBeforeStore` and `modAfterLoad` to include `AddressSpace` and `PcodeOp` parameters.  `SleighInstructionDecoder.decodeInstruction` now returns a `PseudoInstruction`. PcodeExecutor: added `getIntConst`, `getLoadStoreSpace`, `getLoadStoreOffset`, `getStoreValue`, `getBranchTarget`, `getConditionalBranchPredicate`, `getIndirectBranchTarget`, `getUseropName`, `getCallotherOpNumber`.
 * _BSim_. (GP-5167) Changed BSim API to convey non-default username via the `BSimServerInfo` class or the `userinfo` field of postgres/elastic BSim URLs.  The user argument has been dropped to the `FunctionDatabase.changePassword` method which will always change the password for the connected user.   Renamed `FunctionDatabase.Error` class to `FunctionDatabase.BSimError` to avoid naming conflict with `java.lang.Error`.
 * _Data Types_. (GP-3625) Added `FileDataTypeManager` static methods for creating a Data Type Archive with a specific processor and compiler specification.  Improved `CParserUtils` parse methods to separate the cases where parsing into an existing Data Type Manager versus parsing into a new Data Type Archive where a processor and compiler specification may specified.
 * _Debugger:Listing_. (GP-5134) `DebuggerListingProvider#setAutoReadMemorySpec` and related no longer accept `LoadEmulatorAutoReadMemorySpec`. Added `AutoReadMemorySpec#getEffective`.
 * _Decompiler_. (GP-5085) Updated `DecompileOptions` to remove the `getFunctionColor()` method. There is no replacement for this method as the function color is now being set in the Listing Settings menu and is coordinated across the Listing and Decompile panes.
 * _Demangler_. (GP-4898) Within the `Demangler` interface, Ghidra 9.2-deprecated methods were removed, Ghidra 11.3-deprecations were set on other methods, and  new methods were created.  The new methods and much of the Demangler fabric now makes use of a `MangledContext` in place of a `String`.  This allows greater flexibility in controlling how symbols get demangled.  These changes have been reflected in abstract and non-abstract methods in `AbstractDemanglerAnalzyer`.  Users of deprecated methods within `Demangler` and `DemanglerUtil` should migrate to newer methods (see javadoc).
 * _GUI_. (GP-5007) Added a new widget, the `docking.KeyEntryPanel`, as a drop-in replacement for clients using the `docking.KeyEntryTextField`.  This is not a required change.
 * _GUI_. (GP-5196) The static method `evaluateToLong(String s)` in `AddressEvaluator` has been moved to a new class called `ExpressionEvaluator`. Also, the `AddressInput` field component has been changed to accept Programs instead of just an AddressFactory (which is still supported) so that any dialog using an `AddressInput` component can now accept symbol names, memory block names, and mathematical expressions.
 * _Importer_. (GP-5208) GFileSystems now need to implement `lookup(path, comparator)`.   Classes that fail to provide an implementation will fall back to using `lookup(path)`, and an error will be logged.
 * _Search_. (GP-4911) The API script method `findBytes()` no longer supports finding matches that span gaps in the memory blocks. The internal classes for performing memory searches were completely re-written in Ghidra release 11.2. In release 11.3, the old classes were removed and uses of them in the `findBytes()` method were replaced with the new memory search code. The new search API currently does not support matches that span non-contiguous memory and it isn't clear if that is actually useful; so for now, that method was deprecated and no longer finds matches in gaps even if the boolean is true. In the unlikely event someone actually uses this, please contact the Ghidra team.
 * _Assembler_. (GP-5288) Added `AssemblyResolvedPatterns.withContext`.  Added `ContextCommit.getWordIndex` and `getMask`.
 * _BSim_. (GP-1830) Dropped use of `json-simple` library in favor of `gson`.
 * _Debugger_. (GP-5271) Added `TraceBreakpoint.isAlive(long snap)`.  Deprecated `TraceBreakpoint.getLifespan()`.  Added `TraceObject.isAlive(long snap)`.
 * _Debugger:Listing_. (GP-5266) Renamed `DebuggerCoordinates.equalsIgnoreRecorderAndView` to `equalsIgnoreTargetAndView`.  Added `DebuggerCoordinates.differsOnlyByPatch`.  Added `TraceSchedule.differsOnlyByPatch`.  Added `Sequence.differsOnlyByPatch`.
 * _Debugger:Memory_. (GP-5164) Renamed `DebuggerAddRegionDialog#setName` to `setPath`.
 # Ghidra 11.2.1 Change History (November 2024)
 ### New Features
--- a/Ghidra/Configurations/Public_Release/src/global/docs/WhatsNew.md
+++ b/Ghidra/Configurations/Public_Release/src/global/docs/WhatsNew.md
@ -8,30 +8,30 @@ Ghidra 11.3 is fully backward compatible with project data from previous release
 and data type archives which are created or modified in 11.3 will not be usable by an earlier Ghidra
 version.
-__IMPORTANT:__ Ghidra 11.3 requires at minimum JDK 21 to run.
+**IMPORTANT:** Ghidra 11.3 requires at minimum JDK 21 to run.
-__IMPORTANT:__ To use the Debugger or do a full source distribution build, you will need Python3
+**IMPORTANT:** To use the Debugger or do a full source distribution build, you will need Python3
 (3.9 to 3.13 supported) installed on your system.
-__NOTE:__ There have been reports of certain features causing the XWindows server to crash. A fix
+**NOTE:** There have been reports of certain features causing the XWindows server to crash. A fix
 for `CVE-2024-31083` in X.org software in April 2024 introduced a regression, which has been fixed
 in xwayland 23.2.6 and xorg-server 21.1.13.  If you experience any crashing of Ghidra, most likely
 causing a full logout, check if your xorg-server has been updated to at least the noted version.
-__NOTE:__ Each build distribution will include native components (e.g., decompiler) for at least one
+**NOTE:** Each build distribution will include native components (e.g., decompiler) for at least one
 platform (e.g., Windows x86-64). If you have another platform that is not included in the build
 distribution, you can build native components for your platform directly from the distribution.
-See the _Installation Guide_ for additional information. Users running with older shared libraries
+See the*Installation Guide* for additional information. Users running with older shared libraries
 and operating systems (e.g., CentOS 7.x) may also run into compatibility errors when launching 
 native executables such as the Decompiler and GNU Demangler which may necessitate a rebuild of 
 native components.
-__NOTE:__ Ghidra Server: The Ghidra 11.x server is compatible with Ghidra 9.2 and later Ghidra
+**NOTE:** Ghidra Server: The Ghidra 11.x server is compatible with Ghidra 9.2 and later Ghidra
 clients. Ghidra 11.x clients are compatible with all 10.x and 9.x servers.  Although, due to
 potential Java version differences, it is recommended that Ghidra Server installations older than 
 10.2 be upgraded.  Those using 10.2 and newer should not need a server upgrade.
-__NOTE:__ Any programs imported with a Ghidra beta version or code built directly from source code
+**NOTE:** Programs imported with a Ghidra beta version or code built directly from source code
 outside of a release tag may not be compatible, and may have flaws that won't be corrected by using
 this new release.  Any programs analyzed from a beta or other local master source build should be
 considered experimental and re-imported and analyzed with a release version.
@ -50,31 +50,31 @@ up analysis on a given sample and running a Ghidra script locally. It also conta
 to allow the use of CPython 3 from the Ghidra GUI.
 To launch Ghidra in PyGhidra mode, run `./support/pyghidra` (or `support\pyghidra.bat`). See the
-_"PyGhidra Mode"_ section of the _Installation Guide_ and `Ghidra/Features/PyGhidra/README.html`
+*"PyGhidra Mode"* section of the *Installation Guide* and `Ghidra/Features/PyGhidra/README.html`
 for more information.
 ## Visual Studio Code
 Ghidra 11.2 introduced a `VSCodeProjectScript.java` GhidraScript to assist in setting up Visual
 Studio Code project folders for Ghidra module development and debugging. This GhidraScript has been
-replaced in Ghidra 11.3 by 2 new actions, accessible from a _CodeBrowser_ tool:
+replaced in Ghidra 11.3 by 2 new actions, accessible from a *CodeBrowser* tool:
-* _Tools -> Create VSCode Module Project..._
+ *Tools→Create VSCode Module Project...*
-* "_Edit Script with Visual Studio Code_" button in the Script Manager
+ "*Edit Script with Visual Studio Code*" button in the Script Manager
-The "_Create VSCode Module Project..._" action provides the same capability as the old
+The "*Create VSCode Module Project...*" action provides the same capability as the old
 `VSCodeProjectScript.java` GhidraScript, creating a Visual Studio Code project folder that contains
 a skeleton module which can be used to build a variety of different Ghidra extension points
 (Plugins, Analyzers, Loaders, etc). Launchers are also provided to run and debug the module in
 Ghidra, as well as a Gradle task to export the module as a distributable Ghidra extension zip file.
-The "_Edit Script with Visual Studio Code_" button in the Script Manager enables quick editing and
+The "*Edit Script with Visual Studio Code*" button in the Script Manager enables quick editing and
 debugging of the selected script in a Visual Studio Code workspace that is automatically created
 behind the scenes in Ghidra's user settings directory. This provides a much snappier and modern
 alternative to Eclipse, while maintaining all of the core fuctionality you would expect from an IDE
 (auto complete, hover, navigation, etc).
 Ghidra will do its best to automatically locate your Visual Studio Code installation, but if cannot
-find it, it can be set via the Front-End GUI at _Edit -> Tool Options -> Visual Studio Code
+find it, it can be set via the Front-End GUI at *Edit→Tool Options→Visual Studio Code
-Integration_.
+Integration*.
 ## Debugger
 The old "IN-VM" and "GADP" launchers and connectors have been removed, as their replacement
@ -88,37 +88,62 @@ kernel, and our dbgeng connector can now debug a Windows kernel running in a VM
 We have introduced a new accelerated p-code emulator that uses Jit-in-Time translation (JIT). 
 This is *not* currently integrated in the UI but is available for scripting and plugin developers. 
 Its implementation is named `JitPcodeEmulator`, and it's a near drop-in replacement for 
-`PcodeEmulator`. See its javadoc for usage and implementation details. This is very new, so there
+`PcodeEmulator`. See its javadoc for usage and implementation details. The JIT emulator is
-may still be many bugs.
+very new, so there may still be many bugs.
 ## Source File Information
 Source file and line information can now be added to Ghidra using a Program's SourceFileManager. 
 The DWARF, PDB, and Go analyzers now record this information by default. Source information can also
-be added programmatically; see the example scripts in the _SourceMapping_ script category. 
+be added programmatically; see the example scripts in the *SourceMapping* script category. 
-Source information can be viewed in the _"Source Map"_ Listing Field or the 
+Source information can be viewed in the *"Source Map"* Listing Field or the 
 `SourceFilesTablePlugin`, which is accessible from the Code Browser via 
-_Window -> Source Files and Transforms_.
+*Window→Source Files and Transforms*.
-The _"View Source..."_ Listing action, enabled on addresses with source file information, opens a 
+The *"View Source..."* Listing action, enabled on addresses with source file information, opens a 
-source file at the correct line in either Eclipse or Visual Studio Code (there is a _"Source Files 
+source file at the correct line in either Eclipse or Visual Studio Code (there is a *"Source Files 
-and Transforms"_ tool option to determine the viewer). The SourceFilesTablePlugin can be used to 
+and Transforms"* tool option to determine the viewer). The SourceFilesTablePlugin can be used to 
 modify the source file paths stored in the SourceFileManager before sending them to Eclipse or 
 Visual Studio Code.
 ## Function Graph
 The Function Graph has had a number of improvements:
-* Added new _"Flow Chart"_ layouts
+ Added new *"Flow Chart"* layouts
-* Position of the satellite view can be configured
+ Position of the satellite view can be configured
-* Ctrl-Space toggles between the Listing and the Function Graph (starting fully zoomed in vs. fully
+ Ctrl-Space toggles between the Listing and the Function Graph (starting fully zoomed in vs. fully
  zoomed out is controlled by a Function Graph option).
 ## String Translation and Text Search
 * String translation has an additional translator available using the LibreTranslate service.
 The LibreTranslate project (currently hosted at libretranslate.com) is an independent project
 that provides an open source translation package that can be self-hosted, meaning you can translate
 strings without sending them to a second party to translate, using an existing LibreTranslate server.
 For more information search for LibreTranslate in the online Ghidra help pages.
 **NOTE:** The LibreTranslate plugin is not enabled by default, and is added in the *File→Configure* menu.
 * The ability to search the text of all decompiled functions has been added.  Decompilation during search occurs
 on the fly, so the latest decompilation results of all functions are used for the search.  The search can take
 some time depending on the number and size of functions in your binary.  The new action can be found at 
 *Search→Decompiled Text...*.
 ## Processors
 + The x86 EVEX instruction write and read masking has been implemented for all AVX-512 instructions.  The handling of the mask is necessary as semantics are added for individual AVX-512 instructions.
 + TI_MSP430 decompilation has been improved through numerous changes to the processor's compiler specifications file.
 + Corrected ARM VFPv2 instructions which were not disassembling correctly.
 ## Other Improvements 
-* Much of Ghidra's standalone documentation has been modernized to the Markdown format. Generated 
+ Much of Ghidra's standalone documentation has been modernized to the Markdown format. Generated 
  HTML versions are provided alongside the Markdown files for convenience. Converting all relevant
-  documents to Markdown remains an ongoing process.  __NOTE:__ There are no plans to convert the
+  documents to Markdown remains an ongoing process.  **NOTE:** There are no plans to convert the
-  internal Ghidra help system to Mardown, as the Java Help library does not support it.
+  internal Ghidra help system to Markdown, as the Java Help library does not support it.
-* Libraries can now be loaded into an already-imported program with the _File -> Load Libraries..._
+ Libraries can now be loaded into an already-imported program with the *File→Load Libraries...*
  action.
 + The CParser macro pre-processing will now halt on *"#error"* directives.  This change had a ripple effect and uncovered
 a myriad of bugs which have been addressed.  In addition, the interim parsing output has been improved to allow easier
 diagnosis when problems in parsing occur due to incorrect define values or other header file issues.
 Finally, a new `CreateUEFIGDTArchivesScript.java` parsing script has been added to parse UEFI header files available from
 `github.com/tianocore/edk2`.  Using a script vice released pre-parsed GDT files allows the end user to parse the correct
 version with a configuration fitting their needs.
 ## Additional Bug Fixes and Enhancements
 Numerous other new features, improvements, and bug fixes are fully listed in the