viruscamp / luadec Goto Github PK

View Code? Open in Web Editor NEW

1.1K 49.0 324.0 2.67 MB

Lua Decompiler for lua 5.1 , 5.2 and 5.3

Lua 89.33% Ruby 0.57% C 9.76% C++ 0.03% Makefile 0.11% Batchfile 0.20%

lua lua-decompiler decompiler

luadec's Introduction

Overview

LuaDec is a Lua decompiler for lua 5.1 , and experimental for lua 5.2 and 5.3.

It is based on Hisham Muhammad's luadec which targeted lua 5.0.x and LuaDec51 by Zsolt Sz. Sztupak.

LuaDec is free software and uses the same license as the original LuaDec.

Compiling

git clone https://github.com/viruscamp/luadec
cd luadec
git submodule update --init lua-5.1
cd lua-5.1
make linux
cd ../luadec
make LUAVER=5.1

If you want to build it for lua 5.2 or 5.3 , just replace 5.1 above to 5.2 or 5.3.

There are also project files for vc2008, tested for vc2008 and vc2013.
Before compiling, make sure there are correct sources in lua-5.1 , lua-5.2 or lua-5.3.

Usage

decompile lua binary file:
luadec abc.luac
decompile lua source file for testing and comparing:
luadec abc.lua
disassemble lua source or binary
luadec -dis abc.lua
-pn print nested functions structure, could be used by -fn

luadec -pn test.lua
0
  0_0
    0_0_0
  0_1

-f decompile only specific nested function
luadec -f 0_1 test.lua
-ns donot process sub functions
luadec -ns -f 0_1 test.lua
-fc perform a instruction-by-instruction compare for each function
luadec -fc test.lua
outputs:
-- function check pass 0
-- function check fail 0_0 : cannot compile
-- function check fail 0_1 : different code size; sizecode org: 66, decompiled: 67, same: 47;

There are some more options, usually for debug purposes, or for cases where the built in local guesser guesses wrong. Use -h to get a complete list of usable parameters

Credits

Original by Hisham Muhammad (http://luadec.luaforge.net)

Ongoing port to Lua 5.1 by Zsolt Sz. Sztupak (https://github.com/sztupy/luadec51/)

The internals of Lua5.1 was learned from Kein-Hong Man's A No-Frills Introduction to Lua 5.1 VM Instructions

luadec's People

Contributors

Stargazers

Watchers

Forkers

ttgb rainyx tlvruby cydh xubingyue sky6803469 happyasr funny-sultan liuhaochuan79 lshain parhelia512 lilystar icxbb-xx antoinelee geogerli prashant-jonny wxapp2723 samchangme fightx lkmvip 3298021 godka hcg101 bingo235 ta01st alexshilucky enler xmoezzz zhengqiwen hewenhao2008 sunlight2728 pp17 luciouskami zhangf911 beyonddoor mrvon 2007750219 wangyx0055 great90 fbmunguided zoowii sschnitzler liyonglion orglaoying qiuyulong lorel roche-emmanuel sekkit zhuge techlord-rce markjian xjay2007 litecy vault-the yycmmc ezhangle kristoferrobin83 lovoror nandoprates fanyh weimingtom kakakacool wzugang yahao87 gdbobu renatosc sv99 mirror4 chenhongwei1112 commonnet pessimo interfacekun a-new metodn dellsun new9945 mrhamid0077 0xffc2 hengle deelmind zdrobin muhfaizal perfectplug phamminhkha ryuga03 ohmygodlin itfvck thelongestusernameofall hm200958 ntkbob willelis ih8ih8sn0w mirufa1121 moodlimyil gundamc dingmingxin loisude zlxdike minkione gorban8

luadec's Issues

compile for mac

how to compile for mac os?
make osx failed..
thanks!

add a command line option to select string encoding

add a command line option to select string encoding
加一个命令行参数来选择字符串编码

local function of using the same local as upvalue

do
    local z=function() return 1 end
end

do
    local function z() return 1 end
end

do
    local z=function() return z end
end

do
    local function z() return z end
end

local z=function() return z end

>local z=function() return z end
; function [0] definition (level 1) 0
; 0 upvalues, 0 params, is_vararg = 2, 2 stacks
.function  0 0 2 2
.local  "z"  ; 0
[1] closure    0   0        ; R0 := closure(function[0]) 0 upvalues
[2] return     0   1        ; return

; function [0] definition (level 2) 0_0
; 0 upvalues, 0 params, is_vararg = 0, 2 stacks
.function  0 0 0 2
.const  "z"  ; 0
[1] getglobal  0   0        ; R0 := z
[2] return     0   2        ; return R0
[3] return     0   1        ; return

local function z() return z end

>local function z() return z end
; function [0] definition (level 1) 0
; 0 upvalues, 0 params, is_vararg = 2, 2 stacks
.function  0 0 2 2
.local  "z"  ; 0
[1] closure    0   0        ; R0 := closure(function[0]) 1 upvalues
[2] move       0   0        ; R0 := R0
[3] return     0   1        ; return

; function [0] definition (level 2) 0_0
; 1 upvalues, 0 params, is_vararg = 0, 2 stacks
.function  1 0 0 2
.upvalue  "z"  ; 0
[1] getupval   0   0        ; R0 := U0 , z
[2] return     0   2        ; return R0
[3] return     0   1        ; return

local z=function() return 1 end
local function z() return 1 end

>local function z() return 1 end
; function [0] definition (level 1) 0
; 0 upvalues, 0 params, is_vararg = 2, 2 stacks
.function  0 0 2 2
.local  "z"  ; 0
[1] closure    0   0        ; R0 := closure(function[0]) 0 upvalues
[2] return     0   1        ; return

; function [0] definition (level 2) 0_0
; 0 upvalues, 0 params, is_vararg = 0, 2 stacks
.function  0 0 0 2
.const  1  ; 0
[1] loadk      0   0        ; R0 := 1
[2] return     0   2        ; return R0
[3] return     0   1        ; return

膜拜大神

看到repo的wiki才发现你是国人，大神！前来膜拜～
能否mail一份联系方式。我们一起交流～

nested while and if error

see https://code.google.com/p/luadec/issues/detail?id=5

local a,b;

while a and b do
  f()
end

while a do
  if b then
    f()
  end
end

while a do
  while b do
    f()
  end
end

missing a upvalue set nil at start of sub function

local a, b
function f()
    a,b=nil
    return false
end

luadec issue15_fn_upvalue.lua

-- function num : 0
local a, b = nil, nil
f = function()
  -- function num : 0_0 , upvalues : a, b
  a = nil
  return false
end

if-if error

source:

local a,b,c,d,e
if a then
    b()
    if c then
        d()
    end
end
e()

decompiled:

local a, b, c, d, e = nil
if a then
  b()
end
if c then
  d()
end
e()

more info generated by recompile and compare

parent function collect and summarize all info of sub function
more info generated by protos compare
use advanced diff algorithm to compare protos

I get some waring by `make LUAVER=5.2`

I run make LUAVER=5.2, I get some waring, as shown below
I don't know if this will affect luadec normal work
My OS is macOS 10.12.3

╰─➤  make LUAVER=5.2
gcc -O2 -Wall -DSRCVERSION=\"UNKNOWN\" -I../lua-5.2/src    -c -o guess.o guess.c
guess.c:216:7: warning: unused variable 'bc' [-Wunused-variable]
                int bc = GETARG_Bx(instr);
                    ^
1 warning generated.
gcc -O2 -Wall -DSRCVERSION=\"UNKNOWN\" -I../lua-5.2/src    -c -o luadec.o luadec.c
gcc -O2 -Wall -DSRCVERSION=\"UNKNOWN\" -I../lua-5.2/src    -c -o decompile.o decompile.c
decompile.c:168:52: warning: comparison of constant -2147483648 with expression of type 'StatementType' (aka 'enum StatementType_') is always false
      [-Wtautological-constant-out-of-range-compare]
        return ((item->type == match->type)||(match->type == INT_MIN))
                                              ~~~~~~~~~~~ ^  ~~~~~~~
decompile.c:606:8: warning: unused variable 'blockSize' [-Wunused-variable]
                        int blockSize = block->sub->size;
                            ^
decompile.c:591:17: warning: unused variable 'tail' [-Wunused-variable]
                AstStatement* tail = cast(AstStatement*, block->sub->tail);
                              ^
decompile.c:666:8: warning: unused variable 'whileStart' [-Wunused-variable]
                        int whileStart = walk->start;
                            ^
decompile.c:1432:12: warning: enumeration value 'SQUARE_BRACKET' not handled in switch [-Wswitch]
                        switch (type) {
                                ^
decompile.c:1703:24: warning: format specifies type 'unsigned int' but the argument has type 'LoopItem *' (aka 'struct LoopItem_ *') [-Wformat]
                ,stmttype[li->type], li, li->prep, li->start, li->body, li->end, li->out, li->block);
                                     ^~
decompile.c:1703:77: warning: format specifies type 'unsigned int' but the argument has type 'AstStatement *' (aka 'struct AstStatement_ *') [-Wformat]
                ,stmttype[li->type], li, li->prep, li->start, li->body, li->end, li->out, li->block);
                                                                                          ^~~~~~~~~
decompile.c:1836:7: warning: unused variable 'func_check_result' [-Wunused-variable]
                int func_check_result = FunctionCheck(f, funcnumstr, str);
                    ^
decompile.c:2062:12: warning: enumeration value 'iAx' not handled in switch [-Wswitch]
                        switch (getOpMode(o)) {
                                ^
../lua-5.2/src/lopcodes.h:274:22: note: expanded from macro 'getOpMode'
#define getOpMode(m)    (cast(enum OpMode, luaP_opmodes[m] & 3))
                        ^
decompile.c:2211:23: warning: unused variable 'endif' [-Wunused-variable]
                                int thenaddr = 0, endif = 0;
                                                  ^
decompile.c:2614:23: warning: unused variable 'endif' [-Wunused-variable]
                                int thenaddr = 0, endif = 0;
                                                  ^
decompile.c:2755:19: warning: unused variable 'parentStmt' [-Wunused-variable]
                                AstStatement* parentStmt = NULL;
                                              ^
decompile.c:3049:8: warning: unused variable 'cfnum' [-Wunused-variable]
                        int cfnum = functionnum;
                            ^
decompile.c:1792:6: warning: unused variable 'baseIndent' [-Wunused-variable]
        int baseIndent = indent;
            ^
14 warnings generated.
gcc -O2 -Wall -DSRCVERSION=\"UNKNOWN\" -I../lua-5.2/src    -c -o disassemble.o disassemble.c
gcc -O2 -Wall -DSRCVERSION=\"UNKNOWN\" -I../lua-5.2/src    -c -o proto.o proto.c
proto.c:84:14: warning: using the result of an assignment as a condition without parentheses [-Wparentheses]
        while (*p++ = toupper(*p));
               ~~~~~^~~~~~~~~~~~~
proto.c:84:14: note: place parentheses around the assignment to silence this warning
        while (*p++ = toupper(*p));
                    ^
               (                 )
proto.c:84:14: note: use '==' to turn this assignment into an equality comparison
        while (*p++ = toupper(*p));
                    ^
                    ==
proto.c:84:11: warning: unsequenced modification and access to 'p' [-Wunsequenced]
        while (*p++ = toupper(*p));
                 ^             ~
2 warnings generated.
gcc -O2 -Wall -DSRCVERSION=\"UNKNOWN\" -I../lua-5.2/src    -c -o StringBuffer.o StringBuffer.c
gcc -O2 -Wall -DSRCVERSION=\"UNKNOWN\" -I../lua-5.2/src    -c -o structs.o structs.c
gcc -O2 -Wall -DSRCVERSION=\"UNKNOWN\" -I../lua-5.2/src    -c -o statement.o statement.c
statement.c:118:50: warning: data argument not used by format string [-Wformat-extra-args]
                StringBuffer_addPrintf(buff, "do break end\n", stmt->code);
                                             ~~~~~~~~~~~~~~~~  ^
statement.c:121:43: warning: data argument not used by format string [-Wformat-extra-args]
                StringBuffer_addPrintf(buff, "break\n", stmt->code);
                                             ~~~~~~~~~  ^
2 warnings generated.
gcc -O2 -Wall -DSRCVERSION=\"UNKNOWN\" -I../lua-5.2/src    -c -o macro-array.o macro-array.c
gcc -O2 -Wall -DSRCVERSION=\"UNKNOWN\" -I../lua-5.2/src    -c -o expression.o expression.c
gcc -o luadec  guess.o luadec.o decompile.o disassemble.o proto.o StringBuffer.o structs.o statement.o macro-array.o expression.o ../lua-5.2/src/liblua.a -lm 
gcc -O2 -Wall -DSRCVERSION=\"UNKNOWN\" -I../lua-5.2/src    -c -o luareplace.o luareplace.c
gcc -o luareplace  luareplace.o ../lua-5.2/src/liblua.a -lm 
../lua-5.2/src/lua ../bin/bin2c.lua ../bin/allopcodes-5.2.lua allopcodes_lua > allopcodes_lua.h
../lua-5.2/src/luac -o allopcodes.luac ../bin/allopcodes-5.2.lua
../lua-5.2/src/lua ../bin/bin2c.lua allopcodes.luac allopcodes_luac > allopcodes_luac.h
gcc -O2 -Wall -DSRCVERSION=\"UNKNOWN\" -I../lua-5.2/src    -c -o luaopswap.o luaopswap.c
luaopswap.c:323:15: warning: initializing 'const char *' with an expression of type 'unsigned char *' converts between pointers to integer types with different sign
      [-Wpointer-sign]
                const char* buff = cmp_gen_lua ? allopcodes_lua : allopcodes_luac;
                            ^      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
gcc -o luaopswap  luaopswap.o ../lua-5.2/src/liblua.a -lm

try to make expression tree and keep it in ast

try to make expression tree and keep it in ast
just like #7

A standalone program for lua function replacing

A standalone program for lua function replacing.
创建一个独立程序，用于 lua 函数编译并替换。

Inspired by Co0kieMonster's LuaTool

luareplace dest.lua 0_0 src.lua 0_1 -o output.luac
luareplace -rs dest.lua 0 src.lua 0

direct call function output error

(
function()
    print("abc")
end
)()
;-- must output this
(
function(a)
    print(type(a))
end
)(function()
    print("abe")
end)
;
local a = (function() print(1) end)+1

((function() print(1) end)+(function() print(2) end))()
;
(1+(function() print(1) end)+2)()

Try to compile the decompiled code for each function for comparing

Try to compile the decompiled code for each function for comparing.
This issue is base of #10 , and must be fixed after #12 and #13 .
need to generate sub functions like this:

_fucntion_to_be_compare_ = function(arg0)
  local a = 3
  b = function()
    -- sub function stub
    a = nil -- upvalues
  end
  c = 4
end

编译反编译得到的子函数，用于验证正确性，并准备与原始数据对比。
是 #10 的前置条件，此项前置条件包括 #12 和 #13 。
需生成调用 upvalue 的最简子函数。同样可用于 -ns 选项。

char* ProcessCode(const Proto* f, int indent, int func_checking, char* funcnumstr)
现有 int func_checking 用于指示生成用于再次编译的函数

单独的 OP_JMP 跳到 OP_LOADBOOL 且 sbc=2 时，与 #1 相关

单独的 OP_JMP 跳到 OP_LOADBOOL 且 sbc=2 时，与 #1 相关
在 ProcessCode case:OP_JMP 到下列分支

} else if (sbc == 2 && GET_OPCODE(code[pc+2]) == OP_LOADBOOL) {

测试代码

-- or操作符， 不能用 if 表示， 需要中间变量
function debug_or()
  local f,a,b
  fg = ((not a) or b)
  -- if (a) then x = b else x = true end; fg = x
end

-- and操作符，不能用 if 表示， 需要中间变量
function debug_and_call()
  local f,a,b,c
  fg = ((a<b) and c)
  -- if (a<b) then x = c else x = false end; fg = x
end

-- and操作符，可以用 if 表示，已反编译成 if，正常无视了一条 LOADBOOL
function debug_and_set()
  local f,a,b,c
  f = ((a<b) and c)
  -- if (a<b) then f = c else f = false end;
end

The logic is confused when I compile and decompile this code with lua 5.1.5

The origin code

area = "native"
g = {}
local g = g
local a = function(text)
  textCache = textCache or {}
  local tc = textCache
  if area == "native" then
    if sdk_android and sdk_type == 100 then
      require("texttransform")
      local tt = g.texttransform.s[text]
      if tt then
        return tt
      end
    end
    text = string.gsub(text, "\\n", "\n")
    text = string.gsub(text, "<key:.*>", "")
    return text
  end
  if not g.checkChinese(text) then
    if config.chinese_character_forbid then
      string.gsub(text, "。", ".")
    end
    return text
  end
  local key = string.match(text, "<key:(.*)>") or "nil"
  text = string.gsub(text, "<key:.*>", "")
  if area ~= "native" then
    local tfix = string.gsub(text, " ", "")
    tc[tfix] = tc[tfix] or {}
    if tc[tfix][key] then
      return tc[tfix][key]
    else
      if g.textConfig then
        for i,v in ipairs(g.textConfig) do
          if v.text == tfix then
            local id = v.key or "nil"
            if id == key then
              id = v.id
              local tt = g.getDataTable("textconfig")
              local trans = tt[id] or {}
              trans = trans[config.textconfig_translation_key or "TRANSLATION"]
              trans = trans or text
              if trans == "<nil>" then
                trans = ""
              end
              trans = string.gsub(trans, "\\n", "\n")
              if string.match(trans, "^<注释>") then
                trans = ""
              end
              tc[tfix][key] = trans
              return trans
            end
          end
        end
      end
    end
  end
  return text
end

g.formatText = a

and the decompiled code

-- Decompiled using luadec 2.2 rev: 705713f for Lua 5.1 from https://github.com/viruscamp/luadec
-- Command line: test1.lua

-- params : ...
-- function num : 0
area = "native"
g = {}
local g = g
local a = function(text)
  -- function num : 0_0 , upvalues : g
  if not textCache then
    textCache = {}
  end
  local tc = textCache
  if area == "native" then
    if sdk_android and sdk_type == 100 then
      require("texttransform")
      local tt = ((g.texttransform).s)[text]
      if tt then
        return tt
      end
    end
    do
      text = (string.gsub)(text, "\\n", "\n")
      text = (string.gsub)(text, "<key:.*>", "")
      return text
      if not (g.checkChinese)(text) and config.chinese_character_forbid then
        (string.gsub)(text, "。", ".")
      end
      return text
      local key = (string.match)(text, "<key:(.*)>") or "nil"
      text = (string.gsub)(text, "<key:.*>", "")
      if area ~= "native" then
        local tfix = (string.gsub)(text, " ", "")
        if not tc[tfix] then
          tc[tfix] = {}
        end
        if (tc[tfix])[key] then
          return (tc[tfix])[key]
        else
          if g.textConfig then
            for i,v in ipairs(g.textConfig) do
              if not v.key then
                local id = v.text ~= tfix or "nil"
              end
              if id == key then
                id = v.id
                local tt = (g.getDataTable)("textconfig")
                if not tt[id] then
                  local trans = {}
                end
                trans = trans[config.textconfig_translation_key or "TRANSLATION"]
                if not trans then
                  trans = text
                end
                if trans == "<nil>" then
                  trans = ""
                end
                trans = (string.gsub)(trans, "\\n", "\n")
                if (string.match)(trans, "^<注释>") then
                  trans = ""
                end
                -- DECOMPILER ERROR at PC149: Confused about usage of register: R12 in 'UnsetPending'

                ;
                (tc[tfix])[key] = trans
                return trans
              end
            end
          end
          do
            return text
          end
        end
      end
    end
  end
end

g.formatText = a

remove operand swap when processing EQ LT LE

test case

function lt_const(a,b,c)
    b = a>3
    b = 3<a
    b = not (a<=3)
    b = not (3>=a)
end

function lt_if(a,b,c)
    if a>3 then
        b()
    end
    if not (a<=3) then
        c()
    end
end

function eq_const(a,b,c)
    b = a==3
    b = 3==a
end

cannot jmp out else, if next stmt is also if

see https://code.google.com/p/luadec/issues/detail?id=6

local a,b,c,f

function ok1()
    local a,b,c,f
    --ok
    if b==1 then
        c = 11
    elseif b==2 then
        c = 12
    else
        c = 13
    end
    print(f)
    if b==4 then
        c = 14
    end
end

function error1()
    local a,b,c,f
    --ok
    if b==1 then
        c = 11
    elseif b==2 then
        c = 12
    else
        c = 13
    end
    --print(f)
    if b==4 then
        c = 14
    end
end

some bug about utf-8 by luaopswap

转换之后明显会出现UTF-8乱码。

bytecode generated by 'luac -s' can't be decompiled.

assume the lua file is testbyte.lua and the code is :

function add(x, y)
    return x + y
end
print (add(3, 4))

first i use luac -s -o testbyte.luac testbyte.lua
then i use luadec testbyte.luac it failed with error

cannot find blockend > 9 , pc = 8, f->sizecode = 9
cannot find blockend > 3 , pc = 2, f->sizecode = 3
-- Decompiled using luadec 2.2 rev: 033cc84 for Lua 5.2 from https://github.com/viruscamp/luadec\
[1]    2129 bus error  ./luadec

so, am i did something wrong? or how to decompile the ' luac -s' file?
@jeffallen Thanks a lot!

keep ast after processing sub function

keep ast after processing sub function, do not translate sub function to string.

save type of value in register

save type of value in register
before #20

luadec-5.1 fails to compile undefined luaS_new

followinfg the installation instructions for luadec 5.1 on a kali rolling box:

make LUAVER=5.1

gcc -o luadec guess.o luadec.o decompile.o disassemble.o proto.o StringBuffer.o structs.o statement.o macro-array.o expression.o ../lua-5.1/src/liblua.a -lm
guess.o: In function luaU_guess_locals': guess.c:(.text+0x8eb): undefined reference toluaS_new'
luadec.o: In function strip': luadec.c:(.text+0x87): undefined reference toluaS_new'
luadec.c:(.text+0x9c): undefined reference to luaS_new' luadec.o: In functionInject':
luadec.c:(.text+0x30c): undefined reference to luaS_new' luadec.o: In functionmain':
luadec.c:(.text.startup+0xe6): undefined reference to luaL_loadfilex' decompile.o: In functionFixLocalNames':
decompile.c:(.text+0x2637): undefined reference to luaS_new' decompile.c:(.text+0x26c9): undefined reference toluaS_new'
decompile.o: In function ProcessSubFunction': decompile.c:(.text+0x3f21): undefined reference toluaS_new'
decompile.c:(.text+0x4042): undefined reference to luaS_new' decompile.o: In functionProcessCode':
decompile.c:(.text+0x5e37): undefined reference to luaS_new' /usr/bin/ld: luadec: hidden symbolluaS_new' isn't defined
/usr/bin/ld: final link failed: Bad value
collect2: error: ld returned 1 exit status
Makefile:52: recipe for target 'luadec' failed
make: *** [luadec] Error 1

how to compile for 32 bit cpu

This luadec is a greate library! It works fine.
But I have a question.
my mac is 64 bit, so the binary is x86_64.
i can compile lua for i386, but when set the "-arch i386" flag for luadec/Makefile, it still compile faied.
error: Undefined symbols for architecture x86_64:
could you tell me how to compile for 32 bit cpu? Thanks!

bug that use "return" instead of "do return end"

https://github.com/viruscamp/luadec/blob/master/test/unluac-test/final01.lua

if x then
  do return end
  print(x)
end

`allopcodes_lua_len` not found?

I cloned this repo on Linux and macOS but both are failed while looking for the symbol allopcodes_lua_len:

luaopswap.c:324:31: error: use of undeclared identifier 'allopcodes_lua_len'; did you mean 'allopcodes_luac_len'?
                int bufflen = cmp_gen_lua ? allopcodes_lua_len : allopcodes_luac_len;
                                            ^~~~~~~~~~~~~~~~~~
                                            allopcodes_luac_len

How could I fix this issue?

print 'function' error when processing multi files

luadec issue4_jmp_loadbool.lua main.lua
affects #7 #9

functionlocal a=nil
end
()

functionlocal b=nil
f(b)
end
()

目前错误多文件 combine 下 function 后未正常断行
解决方法，函数头，改成全部自己函数负责，自己函数的 function end 全部由自己输出
影响到 #7 #9

正确处理函数直接调用见 #13

Script to to count the result of function check

Write a script to count the result of function check. lua or bash
generate some like :
files 100
all 500
pass 400
fail 100
uncompilable 20
rate 80%

setlist bug

3 [-]: NEWTABLE  R6 16 0      ; R6 := {}
4 [-]: LOADK     R7 K1        ; R7 := "a"
5 [-]: LOADK     R8 K2        ; R8 := "b"
6 [-]: LOADK     R9 K3        ; R9 := "c"
7 [-]: LOADK     R10 K4       ; R10 := "d"
8 [-]: LOADK     R11 K5       ; R11 := "l"
9 [-]: LOADK     R12 K6       ; R12 := "f"

10 [-]: LOADK R13 K7 ; R13 := "g"
11 [-]: LOADK R14 K8 ; R14 := "i"
12 [-]: LOADK R15 K9 ; R15 := "j"
13 [-]: LOADK R16 K10 ; R16 := "k"
14 [-]: LOADK R17 K4 ; R17 := "d"
15 [-]: LOADK R18 K11 ; R18 := "e"
16 [-]: LOADK R19 K12 ; R19 := "z"
17 [-]: LOADK R20 K13 ; R20 := "y"
18 [-]: LOADK R21 K14 ; R21 := "h"
19 [-]: LOADK R22 K15 ; R22 := "x"
20 [-]: SETLIST R6 16 1 ; R6[0] to R6[15] := R7 to R22 ; R(a)[(c-1)*FPF+i] := R(a+i), 1 <= i <= b, a=6, b=16, c=1, FPF=50 --NEWTABLE already close!

bad header in precompiled chunk

./luadec/luadec: ./test-compiled/lua-5.1/popup_hint.lua: bad header in precompiled chunk

use ChunkSpy.lua accur error:ChunkSpy53.lua:1344: bad argument #3 to 'format' (number expected, got nil)

lua ChunkSpy.lua --source test.lua
It show that:

Pos   Hex Data           Description or Code
------------------------------------------------------------------------
0000                     ** source chunk: test1.lua
                         ** global header start **
0000  1B4C7561           header signature: "\27Lua"
0004  53                 version (major:minor hex digits)
0005  00                 format (0=official)
0006  19930D0A1A0A       LUAC_DATA: "\25\147\r\n\26\n"
ChunkSpy: A Lua 5.3 binary chunk disassembler
Version 0.9.9 (20150329)
Copyright (c) 2004-2006 Kein-Hong Man , 2014-2015 VirusCamp
The COPYRIGHT file describes the conditions under which this
software may be distributed (basically a Lua 5-style license.)

* Run with option -h or --help for usage information
ChunkSpy53.lua:1344: bad argument #3 to 'format' (number expected, got nil)

This is test.lua content:

local a
local b = 1
a = b

OS is mac,lua version is 5.3.3

change disassemble format OP_JMP from JMP dest to JMP sbc; PC+=sbc, goto dest

change disassemble format OP_JMP from
JMP dest
to
JMP sbc; PC+=sbc, goto dest

if_else with empty then

see
https://github.com/viruscamp/luadec/blob/master/test/error_nested_if/doreturnend2.lua

    if a then
    else
        if b then
            c=0
        end
    end

LuaTool passed the test

((a and b) or c or d)

see 997e684 #1
line 464 currExp->parent = prevParent;
When I use this line, it outputs ok, but cause a memory leak.
Else, it outputs: if (a and b) or d then

-- Command line: -fc -fn 0_10 E:\cbprojects\luadec\angrybirds_lua\scripts\menus\level_end.lua 
Decompiled_0_10 = function (p)
    local a,b,c,d
    --if (a and b) or d then
    if ((a and b) or c or d) then
        p = 3
    end
end

disassemble using function number string

change command line option -nf to -fn
disassemble using function number string
disassemble print function number string

SETLIST with c==0

SETLIST A B C R(A)[(C-1)*FPF+i] := R(A+i), 1 <= i <= B

If C is 0, the next instruction is cast as an integer, and used as the C value.This happens only when operand C is unable to encode the block number,i.e. when C > 511, equivalent to an array index greater than 25550.
如果 C 是 0，下一条指令被转换为整数并用作 C 的值。只有当操作数 C 不能编码块编号时出现该情况，例如当 C > 511 时，等同于数组索引大于25550。

        case OP_SETLIST:
        {
            if (c==0) {
                c = code[pc+1];
                pc++;
            }
            TRY(SetList(F, a, b, c));
            break;
        }

DeclareVariable reg=-1 after ReleaseLocals F->freeLocal--

程序崩溃

lua5.1-tests\attrib.lua
lua5.1-tests\locals.lua

调用时 reg = -1
void DeclareVariable(Function* F, const char* name, int reg) {

必然是 F->freeLocal--;
void ReleaseLocals(Function* F) {

settable to a expression cause errors

--  OP_SETTABLE MakeIndex( DOT )
-- DECOMPILER ERROR: Confused about usage of registers!
;(1+a).f3 = x
-- DECOMPILER ERROR: Confused about usage of registers!
;({2,3,4}+5)[6] =x
-- DECOMPILER ERROR: Overwrote pending register.
;({0,1}).a = x
local y =4 -- need to output last statement with error
-- local y = {0, 1; a = x}

see #17

if -- DECOMPILER ERROR: 7 unprocessed JMP targets

处理if，由简单开始，可能是ast引入的新问题
-- DECOMPILER ERROR: 7 unprocessed JMP targets
https://github.com/viruscamp/luadec/tree/master/test/error_nested_if/logic/if.lua
https://github.com/viruscamp/luadec/tree/master/test/error_nested_if/logic/if_error.lua
https://github.com/viruscamp/luadec/tree/master/test/error_nested_if/logic/if_all.lua

decompile sub function not output local defines of upvalues all the time

When decompile using -fn ,it is not output local defines of upvalues all the time.
用 -fn 时，函数前的 upvalue 定义不总是出现

not output local defines of upvalues before function define:
应该写的 upvalues 定义没写
luadec -ns -fn 0_0 fn_upvalue.lua

output local defines of upvalues
此处写了，这是 strip 过的函数，有一个猜测 upvalue name 的功能，此时输出到 stdout 了
luadec -ns -fn 0_0 ..\test\compiled\Main.luac

Get local name by reg and pc insteadof LOCAL(i)

Remove use of LOCAL(i)
Get local name by reg and pc

test case for LocVar startpc endpc

for i = 1, 10 do
    local a,b,c,d = i,i+1,i+2;
    print(a);
end
local c=...
local b,a=3,4;
print(a)

for i = 1, 10 do
    local x,y,z
    f[i] = function() x=x+1; print(y); z=i; end
end

do
    local a1 = 0
    print(a1)
end
local b1 = 1

local t = {a,b,c}

int FunctionCheck(const Proto* f, int indent, StringBuffer* str) // 未实现

is_vararg lua 5.1 and lua 5.2 test case, for add function param arg

-- 5.1 main always is_vararg=2
-- 5.2 main always is_vararg=1
local a;

(function()
-- 5.2 don't has arg
    for k,v in ipairs(_G.arg) do
        print(v)
    end
end)()

for k,v in ipairs({...}) do
    print(v)
end

-- 5.2 don't has arg
for k,v in ipairs(arg) do
    print(v)
end

-- is_vararg=0
function f0()
    local x=arg
end

-- 5.1 is_vararg=7
-- 5.2 is_vararg=1
function f1(...)
    local x=arg
end

-- 5.1 is_vararg=3, not use arg, but put arg as param
-- 5.2 is_vararg=1
function f2(...)
    local x=...
end

-- 5.1 is_vararg=3
-- 5.2 is_vararg=1
function f3(...)
    local x=arg
    local y=...
end

-- 5.1 is_vararg=3
-- 5.2 is_vararg=1
function f4(x, ...)
    local x=arg
    local y=...
end

单独的 OP_JMP 跳到 OP_LOADBOOL 时，与 #1 相关

单独的 OP_JMP 跳到 OP_LOADBOOL 时，与 #1 相关
在 ProcessCode case:OP_JMP 到下列分支

processing OP_JMP to } else if (GET_OPCODE(idest) == OP_LOADBOOL) {

基本确认这是错误的处理方法