improve UselessPopCleanTransformer by expanding dups first, add grunt sample

Author: EpicPlayerA10

deobfuscator-api/src/main/java/org/objectweb/asm/tree/AbstractInsnNode.java

@@ -643,7 +643,7 @@ public String namedOpcode() {
   public int getConsumedStackValuesCount(Frame<? extends Value> frame) {
     return switch (this.getOpcode()) {
       // Unary operations (one value)
-      case ISTORE, LSTORE, FSTORE, DSTORE, ASTORE, POP, DUP, DUP_X1, SWAP, INEG,
+      case ISTORE, LSTORE, FSTORE, DSTORE, ASTORE, POP, DUP, INEG,
            LNEG, FNEG, DNEG, I2L, I2F, I2D, L2I, L2F, L2D, F2I, F2L, F2D, D2I, D2L, D2F, I2B, I2C, I2S, IFEQ, IFNE,
            IFLT, IFGE, IFGT, IFLE, TABLESWITCH, LOOKUPSWITCH, IRETURN, LRETURN, FRETURN, DRETURN, ARETURN, PUTSTATIC,
            GETFIELD, NEWARRAY, ANEWARRAY, ARRAYLENGTH, ATHROW, CHECKCAST, INSTANCEOF, MONITORENTER, MONITOREXIT, IFNULL,
@@ -652,7 +652,7 @@ public int getConsumedStackValuesCount(Frame<? extends Value> frame) {
       case IALOAD, LALOAD, FALOAD, DALOAD, AALOAD, BALOAD, CALOAD, SALOAD, IADD, LADD, FADD, DADD, ISUB, LSUB, FSUB,
            DSUB, IMUL, LMUL, FMUL, DMUL, IDIV, LDIV, FDIV, DDIV, IREM, LREM, FREM, DREM, ISHL, LSHL, ISHR, LSHR, IUSHR,
            LUSHR, IAND, LAND, IOR, LOR, IXOR, LXOR, LCMP, FCMPL, FCMPG, DCMPL, DCMPG, IF_ICMPEQ, IF_ICMPNE, IF_ICMPLT,
-           IF_ICMPGE, IF_ICMPGT, IF_ICMPLE, IF_ACMPEQ, IF_ACMPNE, PUTFIELD -> 2;
+           IF_ICMPGE, IF_ICMPGT, IF_ICMPLE, IF_ACMPEQ, IF_ACMPNE, PUTFIELD, SWAP, DUP_X1 -> 2;
       // Ternary operations (three values)
       case IASTORE, LASTORE, FASTORE, DASTORE, AASTORE, BASTORE, CASTORE, SASTORE -> 3;
 

deobfuscator-impl/src/test/java/uwu/narumi/deobfuscator/TestDeobfuscation.java

@@ -1,5 +1,6 @@
 package uwu.narumi.deobfuscator;
 
+import uwu.narumi.deobfuscator.api.transformer.ComposedTransformer;
 import uwu.narumi.deobfuscator.core.other.composed.ComposedHP888Transformer;
 import uwu.narumi.deobfuscator.core.other.composed.ComposedSuperblaubeereTransformer;
 import uwu.narumi.deobfuscator.core.other.composed.ComposedUnknownObf1Transformer;
@@ -11,6 +12,7 @@
 import uwu.narumi.deobfuscator.core.other.impl.clean.peephole.UselessPopCleanTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.pool.InlineLocalVariablesTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.pool.InlineStaticFieldTransformer;
+import uwu.narumi.deobfuscator.core.other.impl.universal.AccessRepairTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.universal.RemapperTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.universal.StringBuilderTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.universal.UniversalNumberTransformer;
@@ -171,6 +173,17 @@ protected void registerAll() {
         .input(OutputType.MULTIPLE_CLASSES, InputType.CUSTOM_CLASS, "sb27/sample1")
         .register();
 
+    // Grunt
+    test("Grunt Sample 1")
+        .transformers(
+            AccessRepairTransformer::new,
+            () -> new ComposedTransformer(true,
+                ComposedGeneralFlowTransformer::new,
+                InlineStaticFieldTransformer::new
+            ))
+        .input(OutputType.MULTIPLE_CLASSES, InputType.CUSTOM_JAR, "grunt-obf.jar")
+        .register();
+
     test("POP2 Sample")
         .transformers(UselessPopCleanTransformer::new)
         .input(OutputType.SINGLE_CLASS, InputType.CUSTOM_CLASS, "Pop2Sample.class")

deobfuscator-transformers/src/main/java/uwu/narumi/deobfuscator/core/other/impl/clean/peephole/ExpandDupsTransformer.java

@@ -0,0 +1,309 @@
+package uwu.narumi.deobfuscator.core.other.impl.clean.peephole;
+
+import org.jetbrains.annotations.Nullable;
+import org.objectweb.asm.tree.AbstractInsnNode;
+import org.objectweb.asm.tree.MethodNode;
+import org.objectweb.asm.tree.analysis.Frame;
+import org.objectweb.asm.tree.analysis.OriginalSourceValue;
+import uwu.narumi.deobfuscator.api.asm.InsnContext;
+import uwu.narumi.deobfuscator.api.asm.MethodContext;
+import uwu.narumi.deobfuscator.api.transformer.Transformer;
+
+/**
+ * This transformer expands DUP-related instructions (DUP, DUP_X1, DUP_X2, DUP2, DUP2_X1, DUP2_X2) and SWAP
+ * by replacing them with clones of the instructions that produced the values on the stack.
+ * This simplification is often effective after constant propagation or other optimizations have made
+ * the producers constant values (e.g., LDC, BIPUSH).
+ *
+ * <p>Example 1:
+ *
+ * <p>Input:
+ * <pre>
+ * bipush 10
+ * dup
+ * invokestatic foo (I)V
+ * invokestatic bar (I)V
+ * </pre>
+ *
+ * <p>Output:
+ * <pre>
+ * bipush 10
+ * bipush 10 // cloned value
+ * invokestatic foo (I)V
+ * invokestatic bar (I)V
+ * </pre>
+ *
+ * Example 2 (DUP_X2 - Form 1: value1, value2, value3 -> value1, value3, value2, value1):
+ *
+ * <p>Input:
+ * <pre>
+ * bipush 10 // value3
+ * bipush 20 // value2
+ * bipush 30 // value1
+ * dup_x2
+ * invokestatic someMethod(III)V // Consumes value1, value2, value3
+ * invokestatic anotherMethod(I)V // Consumes original value1
+ * </pre>
+ *
+ * <p>Output:
+ * <pre>
+ * bipush 10 // value3
+ * bipush 20 // value2
+ * bipush 30 // value1
+ * pop
+ * pop
+ * pop
+ * bipush 30 // cloned value1
+ * bipush 10 // cloned value3
+ * bipush 20 // cloned value2
+ * bipush 30 // cloned value1
+ * invokestatic someMethod(III)V
+ * invokestatic anotherMethod(I)V
+ * </pre>
+ *
+ */
+public class ExpandDupsTransformer extends Transformer {
+  @Override
+  protected void transform() throws Exception {
+    scopedClasses().forEach(classWrapper -> classWrapper.methods().forEach(methodNode -> {
+      MethodContext methodContext = MethodContext.of(classWrapper, methodNode);
+
+      for (AbstractInsnNode insn : methodNode.instructions.toArray()) {
+        // Try to expand DUP-related instructions
+        boolean expanded = expandDup(methodContext, insn);
+
+        if (expanded) {
+          methodNode.instructions.remove(insn);
+          markChange();
+        }
+      }
+    }));
+  }
+
+  /**
+   * Expands DUP-related instructions in a method's bytecode.
+   *
+   * @return Is expanded
+   */
+  // This is a mess XD
+  private boolean expandDup(MethodContext methodContext, AbstractInsnNode insn) {
+    MethodNode methodNode = methodContext.methodNode();
+    InsnContext insnContext = methodContext.at(insn);
+    Frame<OriginalSourceValue> frame = insnContext.frame();
+    if (frame == null) return false;
+
+    if (insn.getOpcode() == DUP) {
+      OriginalSourceValue value1 = frame.getStack(frame.getStackSize() - 1);
+      AbstractInsnNode producer1 = checkAndGetProducer(value1);
+      if (producer1 == null) return false;
+
+      // Expand
+      methodNode.instructions.insert(insn, producer1.clone(null));
+
+      return true;
+    } else if (insn.getOpcode() == DUP_X1) {
+      OriginalSourceValue value1 = frame.getStack(frame.getStackSize() - 1);
+      AbstractInsnNode producer1 = checkAndGetProducer(value1);
+      if (producer1 == null) return false;
+
+      OriginalSourceValue value2 = frame.getStack(frame.getStackSize() - 2);
+      AbstractInsnNode producer2 = checkAndGetProducer(value2);
+      if (producer2 == null) return false;
+
+      insnContext.placePops();
+
+      // Expand
+      methodNode.instructions.insert(insn, producer1.clone(null));
+      methodNode.instructions.insert(insn, producer2.clone(null));
+      methodNode.instructions.insert(insn, producer1.clone(null));
+
+      return true;
+    } else if (insn.getOpcode() == DUP_X2) {
+      OriginalSourceValue value1 = frame.getStack(frame.getStackSize() - 1);
+      AbstractInsnNode producer1 = checkAndGetProducer(value1);
+      if (producer1 == null) return false;
+
+      OriginalSourceValue value2 = frame.getStack(frame.getStackSize() - 2);
+      AbstractInsnNode producer2 = checkAndGetProducer(value2);
+      if (producer2 == null) return false;
+
+      // Forms
+      if (value1.getSize() == 1 && value2.getSize() == 2) {
+        insnContext.placePops();
+
+        // Expand
+        methodNode.instructions.insert(insn, producer1.clone(null));
+        methodNode.instructions.insert(insn, producer2.clone(null));
+        methodNode.instructions.insert(insn, producer1.clone(null));
+
+        return true;
+      } else {
+        OriginalSourceValue value3 = frame.getStack(frame.getStackSize() - 3);
+        AbstractInsnNode producer3 = checkAndGetProducer(value3);
+        if (producer3 == null) return false;
+
+        if (value1.getSize() == 1 && value2.getSize() == 1 && value3.getSize() == 1) {
+          insnContext.placePops();
+
+          // Expand
+          methodNode.instructions.insert(insn, producer1.clone(null));
+          methodNode.instructions.insert(insn, producer3.clone(null));
+          methodNode.instructions.insert(insn, producer2.clone(null));
+          methodNode.instructions.insert(insn, producer1.clone(null));
+
+          return true;
+        }
+      }
+    } else if (insn.getOpcode() == DUP2) {
+      OriginalSourceValue value1 = frame.getStack(frame.getStackSize() - 1);
+      AbstractInsnNode producer1 = checkAndGetProducer(value1);
+      if (producer1 == null) return false;
+
+      // Forms
+      if (value1.getSize() == 2) {
+        // Expand
+        methodNode.instructions.insert(insn, producer1.clone(null));
+
+        return true;
+      } else if (value1.getSize() == 1) {
+        OriginalSourceValue value2 = frame.getStack(frame.getStackSize() - 2);
+        AbstractInsnNode producer2 = checkAndGetProducer(value2);
+        if (producer2 == null) return false;
+
+        // Expand
+        methodNode.instructions.insert(insn, producer2.clone(null));
+        methodNode.instructions.insert(insn, producer1.clone(null));
+
+        return true;
+      }
+    } else if (insn.getOpcode() == DUP2_X1) {
+      OriginalSourceValue value1 = frame.getStack(frame.getStackSize() - 1);
+      AbstractInsnNode producer1 = checkAndGetProducer(value1);
+      if (producer1 == null) return false;
+
+      OriginalSourceValue value2 = frame.getStack(frame.getStackSize() - 2);
+      AbstractInsnNode producer2 = checkAndGetProducer(value2);
+      if (producer2 == null) return false;
+
+      // Forms
+      if (value1.getSize() == 2 && value2.getSize() == 1) {
+        insnContext.placePops();
+
+        // Expand
+        methodNode.instructions.insert(insn, producer1.clone(null));
+        methodNode.instructions.insert(insn, producer2.clone(null));
+        methodNode.instructions.insert(insn, producer1.clone(null));
+
+        return true;
+      } else {
+        OriginalSourceValue value3 = frame.getStack(frame.getStackSize() - 3);
+        AbstractInsnNode producer3 = checkAndGetProducer(value3);
+        if (producer3 == null) return false;
+
+        if (value1.getSize() == 1 && value2.getSize() == 1 && value3.getSize() == 1) {
+          insnContext.placePops();
+
+          // Expand
+          methodNode.instructions.insert(insn, producer2.clone(null));
+          methodNode.instructions.insert(insn, producer1.clone(null));
+          methodNode.instructions.insert(insn, producer3.clone(null));
+          methodNode.instructions.insert(insn, producer2.clone(null));
+          methodNode.instructions.insert(insn, producer1.clone(null));
+
+          return true;
+        }
+      }
+    } else if (insn.getOpcode() == DUP2_X2) {
+      OriginalSourceValue value1 = frame.getStack(frame.getStackSize() - 1);
+      AbstractInsnNode producer1 = checkAndGetProducer(value1);
+      if (producer1 == null) return false;
+
+      OriginalSourceValue value2 = frame.getStack(frame.getStackSize() - 2);
+      AbstractInsnNode producer2 = checkAndGetProducer(value2);
+      if (producer2 == null) return false;
+
+      // Forms
+      if (value1.getSize() == 2 && value2.getSize() == 2) {
+        insnContext.placePops();
+
+        // Expand
+        methodNode.instructions.insert(insn, producer1.clone(null));
+        methodNode.instructions.insert(insn, producer2.clone(null));
+        methodNode.instructions.insert(insn, producer1.clone(null));
+
+        return true;
+      } else {
+        OriginalSourceValue value3 = frame.getStack(frame.getStackSize() - 3);
+        AbstractInsnNode producer3 = checkAndGetProducer(value3);
+        if (producer3 == null) return false;
+
+        if (value1.getSize() == 1 && value2.getSize() == 1 && value3.getSize() == 2) {
+          insnContext.placePops();
+
+          // Expand
+          methodNode.instructions.insert(insn, producer2.clone(null));
+          methodNode.instructions.insert(insn, producer1.clone(null));
+          methodNode.instructions.insert(insn, producer3.clone(null));
+          methodNode.instructions.insert(insn, producer2.clone(null));
+          methodNode.instructions.insert(insn, producer1.clone(null));
+
+          return true;
+        } else if (value1.getSize() == 2 && value2.getSize() == 1 && value3.getSize() == 1) {
+          insnContext.placePops();
+
+          // Expand
+          methodNode.instructions.insert(insn, producer1.clone(null));
+          methodNode.instructions.insert(insn, producer3.clone(null));
+          methodNode.instructions.insert(insn, producer2.clone(null));
+          methodNode.instructions.insert(insn, producer1.clone(null));
+
+          return true;
+        } else {
+          OriginalSourceValue value4 = frame.getStack(frame.getStackSize() - 4);
+          AbstractInsnNode producer4 = checkAndGetProducer(value4);
+          if (producer4 == null) return false;
+
+          if (value1.getSize() == 1 && value2.getSize() == 2 && value3.getSize() == 1 && value4.getSize() == 1) {
+            insnContext.placePops();
+
+            // Expand
+            methodNode.instructions.insert(insn, producer2.clone(null));
+            methodNode.instructions.insert(insn, producer1.clone(null));
+            methodNode.instructions.insert(insn, producer4.clone(null));
+            methodNode.instructions.insert(insn, producer3.clone(null));
+            methodNode.instructions.insert(insn, producer2.clone(null));
+            methodNode.instructions.insert(insn, producer1.clone(null));
+
+            return true;
+          }
+        }
+      }
+    } else if (insn.getOpcode() == SWAP) {
+      OriginalSourceValue value1 = frame.getStack(frame.getStackSize() - 1);
+      AbstractInsnNode producer1 = checkAndGetProducer(value1);
+      if (producer1 == null) return false;
+
+      OriginalSourceValue value2 = frame.getStack(frame.getStackSize() - 2);
+      AbstractInsnNode producer2 = checkAndGetProducer(value2);
+      if (producer2 == null) return false;
+
+      insnContext.placePops();
+
+      // Swap
+      methodNode.instructions.insert(insn, producer2.clone(null));
+      methodNode.instructions.insert(insn, producer1.clone(null));
+
+      return true;
+    }
+
+    return false;
+  }
+
+  @Nullable
+  private AbstractInsnNode checkAndGetProducer(OriginalSourceValue sourceValue) {
+    if (sourceValue.originalSource.isOneWayProduced() && sourceValue.originalSource.getProducer().isConstant()) {
+      return sourceValue.originalSource.getProducer();
+    }
+    return null;
+  }
+}

deobfuscator-transformers/src/main/java/uwu/narumi/deobfuscator/core/other/impl/clean/peephole/UselessPopCleanTransformer.java

@@ -23,6 +23,9 @@ public UselessPopCleanTransformer() {
 
   @Override
   protected void transform() throws Exception {
+    // Expand DUPs first
+    Transformer.transform(ExpandDupsTransformer::new, scope(), context());
+
     FramedInstructionsStream.of(this)
         .editInstructionsStream(stream -> stream.filter(insn -> insn.getOpcode() == POP || insn.getOpcode() == POP2))
         .forEach(insnContext -> {