Add Wireshark Lua dissector backend

[AaronWebster]

Summary

Adds a parallel back end at compiler/back_end/lua/ that turns an Emboss
.emb definition into a runnable Wireshark Lua dissector. Mirrors the
C++ backend's shape (driver, starlark rule, golden tests) so the new
backend is invoked exactly like its C++ sibling:

emboss_lua_library(
    name = "myproto_lua",
    srcs = ["myproto.emb"],
)

How layered protocols work

Wireshark already dissects Ethernet → IP → UDP/TCP using its built-in
dissectors. The user only needs to define their payload in .emb;
declaring [(wireshark) register_on: "..."] plugs the generated
dissector into the correct Wireshark dissector table at load time.

[(wireshark) protocol: "myproto"]
[(wireshark) root: "Packet"]
[(wireshark) register_on: "udp.port == 12345 or tcp.port == 12345"]

The register_on value uses Wireshark-display-filter syntax — one or
more <table> == <integer> terms joined by or / ||, with decimal or
0x-hex patterns. Each term becomes a
DissectorTable.get("<table>"):add(<pattern>, <proto>) call.

Generator features

• One Proto per .emb, one local function per struct/bits, one
  value-strings table per enum.
• Nested structs dispatched via forward-declared locals so any
  reference order works.
• Bit-addressable (bits) blocks emitted as masked ProtoFields
  against a single container read.
• Conditional (if) fields are wrapped in if <condition> then … end, with the Emboss condition translated to Lua.
• Variable-length arrays (T[n] where n is a sibling field) and
  dynamically-located fields, via an Emboss-expression → Lua
  translator. Sibling values referenced by a condition, array length, or
  offset are captured into local val_* reads ahead of use.
• -- doc comments become each ProtoField's description; #
  comments are ignored.
• Endianness respected (subtree:add vs subtree:add_le).
• Module / struct / field level [(wireshark) filter: "..."]
  override the auto-generated filter-name segment.

Explicit non-goals (for this initial cut)

The generator emits valid Lua even when it can't fully describe a
field — it emits a -- skipped … comment and moves on. Future work
can extend coverage:

• Parameterized struct uses.
• let / virtual fields.
• Conditional or dynamically-sized fields inside bits blocks
  (byte-level structs are supported).
• Expression operators outside arithmetic / comparison / logical /
  $max (e.g. ?:, $present).

Tests

• compiler/back_end/lua/dissector_generator_test.py — 44 unit tests
  covering sanitization, integer-width mapping, register_on parsing,
  enum tables, filter composition, doc extraction, attribute validation,
  root-struct selection, nested-struct dispatch, and now the
  expression translator, conditional fields, value capture, and
  variable-length arrays.
• lua_golden_test targets in compiler/back_end/lua/BUILD for
  enum.emb, nested_structure.emb, uint_sizes.emb, int_sizes.emb,
  the testdata/wireshark.emb smoke fixture, and the new
  testdata/wireshark_dynamic.emb fixture (conditional field +
  length-prefixed variable array).
• compiler/back_end/lua/tshark_smoke_test.py — loads a generated
  dissector into a real TShark and asserts the decoded tree for both
  branches of a conditional, length-prefixed message. Auto-skips when
  tshark / text2pcap aren't installed (e.g. in CI).
• scripts/regenerate_goldens.py also refreshes the Lua goldens.

Test plan

• bazel test //compiler/back_end/lua:dissector_generator_test
• bazel test //compiler/back_end/lua/... (golden + smoke tests)
• bazel build //testdata:wireshark_lua_emboss //testdata:wireshark_dynamic_lua_emboss
• Generated dissector loads in TShark and correctly decodes
  synthetic packets — automated in tshark_smoke_test.py, and
  verified by hand for testdata/wireshark.emb and the dynamic
  fixture (enum value-strings, big-endian decode, nested structs,
  the conditional error_code, and the variable-length payload).