Hi! I've been working on the flipjump project, a programming language with 1 opcode: flip (invert) a bit, then jump (unconditionally). So a bit-flip followed by more bit-flips. It's effectively a bunch of NOT gates. This language, as poor as it sounds, is RICH.
Today I completed my compiler from C to FlipJump. It takes C files, and compiles them into flipjump. I finished testing it all today, and it works! My key interest in this project is to stretch what we know of computing and to prove that anything can be done even with minimal power.
I appreciate you reading my announcement, and be happy to answer questions.
More links:
- The flipjump language: https://github.com/tomhea/flip-jump https://esolangs.org/wiki/FlipJump
- c2fj python package https://pypi.org/project/c2fj/
bangaladore6 months ago
Reminds me of movfuscator [1]. This can compile programs to movs and only movs.
LPisGood6 months ago
Battelle is great. They also created some software called Cantor Dust [1] that turns files into images to allow humans to easily spot obfuscated data or files.
The sad thing about this kind of work, because I love it, is that to get paid to do it you need clearances and polygraphs and periodic reinvestigations/continuous monitoring and all sorts of things that I find unpleasant.
mmastrac6 months ago
I'm not sure what you mean but I was a security researcher for a large company for a bit and required none of that. I was required to work airgapped at home, however.
LPisGood6 months ago
Really? You were doing offensive security work not for a government (/contractor)? What sorts companies, aside from some enterprise pen testers, employ these roles?
saagarjha6 months ago
The tools you’re talking about are not exclusive to offensive security. They’re plenty useful for malware analysis and other reverse engineering tasks.
mmastrac6 months ago
Email is in my profile -- happy to clarify/share some very rough details if you'd like.
beng-nl6 months ago
Agreed that is a fine piece of work. But the author is Chris Domas. Which is plain from the repo readme, but it’d be clearer to link to his repo.
bangaladore6 months ago
I was originally going to link their repo [1]. But I saw it was forked from the one I linked so I just gave that one instead.
saagarjha6 months ago
Chris used to (maybe still does?) work at Batelle.
thegeekpirate6 months ago
He went MIA after joining Intel, so I'm assuming he's still there.
tromp6 months ago
Am I right in deducing that this language gets its power from self-modifying code? I.e. flipping bits within addresses of the opcodes of the running program?
tomheeop6 months ago
You are indeed right
tromp6 months ago
I would have expected the language documentation to focus more on this observation and to explain for instance how self modification is used to implement while loops. But I don't even see the term mentioned anywhere?!
tomheeop6 months ago
Good point! It's mentioned in the github wiki here: https://github.com/tomhea/flip-jump/wiki/Learn-FlipJump#memo...
It was once in the Readme but as I kept developing it more it become longer and longer, so I moved it into the wiki, and especially to here: https://esolangs.org/wiki/FlipJump
int_19h6 months ago
This was actually a not uncommon approach to implementing loops in earliest mainfraims.
tomheeop6 months ago
Do you have any article that I can read about it? Sounds interesting!
tomheeop6 months ago
There is also a brainfuck to flipjump compiler: https://github.com/tomhea/bf2fj
david-gpu6 months ago
Ah, the convenience of brainfuck with the performance of flipjump. Excellent.
tomheeop6 months ago
By the way, as a challenge, try how you can program an "If" statement in Flipjump.
greenbit6 months ago
I wondered this as well.
Thinking about it, if all you have is "invert some (N>1?) bits somewhere and jump to somewhere" .. I could see maybe it might work if you use self modifying code and there's really a 2nd instruction that is a no-op? Seems like it might work more like a cellular automata?
Of course, one could just go look at the documentation, but where's the fun in that?
int_19h6 months ago
You don't need a no-op; you can always just flip a bit you don't care about (e.g. reserve a word just for that) and then jump to next instruction.
alok-g6 months ago
Would like to know the answer. Thx.
tomheeop6 months ago
alok-g6 months ago
To the best I now understand, the jump address is allowed to be an expression using a specified bit variable. That would mean that the language has means to compile an expression for evaluation at the run time. If I am understanding correctly, then the power of flip jump is coming from those expressions, not the base flipjump instruction itself.
If I haven't understood this right, then I still do not follow how if statement works with flipjump.
tomheeop6 months ago
@alok-g I'll be happy to explain - You don't understand it correctly. The flipjump assembly syntax does allow relating to an address with offsets/more advanced stuff, but that doesn't add anything to.the language. It' just adds comfort to the programmer - it's basically like adding labels to an assembly language - it's possible to write assembly without them, just much less convenient.
The power of flipjump results in self modifying code. If I jump to a address that have the [flip 0, jump 0x1000], then I'll get to 0x1000 afterwards, right? But if I flip some specific bit in this instruction before jumping to it, it will become [flip 0, jump 0x1080]. You can call this instruction "memory bit", and the part of jumping to it and resulting in one of two possible addresses 0x1000/0x1040 based on a specific bit in it - "read the memory bit". The action is reading as you get to different place based on the value stored in this instruction. This "read" can also be seen as an "if". How you write then? For example writing "1" whould be doing a "read", and in the "read 0" case - do a flip to this address, and in the "read 1" case don't flip this memory address bit.
alok-g5 months ago
I could follow the part you have explained. Thanks still though.
>> But if I flip some specific bit in this instruction before jumping to it
Isn't the 'if' really happening in the above phrase? The rest of it is a modified jump address based on the above 'if' and just jumps to the modified address.
Now if I understand this correctly, how to do the above 'if', i.e., flip the address bit or not based on some condition?
May be it would begin from some bit read from IO which modifies an address. I saw that memory-mapped IO is used.
pizza6 months ago
Ah interesting.. wonder if you can model this with a recursively expanded algebraic expression. I've been thinking lately along similar lines about polynomials that encode pushdown automata, so this is cool to see.
tomheeop6 months ago
If you have an answer I'd be happy to hear it!
Firehawke6 months ago
Wouldn't it be better to call it "compile C to Linux or BSD"?
I kid, I kid.
dingdingdang6 months ago
It always amazes me that this is possible (to some extend anyway, I mean, the base layer is binary so obviously simpler higher-end CPU instructions are possible!)
Is there any potential performance win in this? What I mean is; since this general direction could, in principle if not in practise, enable the targeting of say, the 5-10 most efficient CPU instructions rather than attempting to use the whole surface area... would this potentially be a win?
eimrine6 months ago
I was expecting to see a way to translate hello_world.c into an electronic schematic full of NAND elements, kind of Mealy machine.
tonetegeatinst6 months ago
Looking forward to the poor security researcher who gets to reverse engineer some malware sample they compiles this into for obfuscation... Its going to be an interesting blog post.
jkrshnmenon6 months ago
I wonder if someone has already made a Reverse Engineering CTF challenge for this concept.
tomheeop6 months ago
There actually was one with subleq: https://www.google.com/amp/s/blog.attify.com/flare-4-ctf-wri...
jkrshnmenon6 months ago
I would also be very curious to see if it's possible to make a decompiler for this type of obfuscated program.
saagarjha6 months ago
Typically these obfuscators are applied in an automated fashion so yes.
jkrshnmenon6 months ago
DEFCON Quals challenge incoming.
saagarjha6 months ago
Please no we’ve already suffered enough :(
og20236 months ago
I read it as reverse engineering WTF challenge... cool stuff though, seriously.
dlcarrier6 months ago
Maxim (now owned by Analog) actually manufactures a single-instruction processor series, called MAXQ. It uses a single move instruction, with a flag for literals, and a transport triggered architecture.
Zamiel_Snawley6 months ago
What is the intended use case for such a processor?
dlcarrier6 months ago
They are embedded microcontrollers, which run real-time deterministic tasks, with tens to hundreds of MIPS on fixed-point tasks. These are the kinds of microcontrollers used in products like household appliances or control systems.
jvanderbot6 months ago
Is the family of circuits using just NOT gates actually universal? Or is "flip" and "jump" secretly using a lot of other gates.
tomheeop6 months ago
The power is within the self modification of the code. The jump might be implemented by a multiplexer, though it can be implemented in other ways too.
jvanderbot6 months ago
A CNOT is universal (transistor effectively) I don't think a NOT is universal.
I'm sure you can self modify your code so it executes only using XOR (bit flips), which is a CNOT, but I do not think this could be compiled down to an FPGA using only a billion not gates.
Actually I just convinced myself you can make an AND from three NOT gates if you can tie outputs together to get OR, so I believe you now. Sorry for the diversion! (Though I still dont see how bit flips and jumps directly can be built into a circuit, I know AND and NOT are universal so it's all good).
Imustaskforhelp6 months ago
hey this could actually be pretty nice if we can convert flipjump into sqlite native instructions like how it is possible for brainfuck , then you are on to something huge!
You would create although highly inefficient , after many years , maybe the first , language like those lisps where you could store data in sqlite and run it fromt there (but with C)
tomheeop6 months ago
That's cool! And that's possible. Do you have any more data to read about it?
Imustaskforhelp6 months ago
I really hope that you try this , this might be game changing !
Imustaskforhelp6 months ago
see this / my comments on here
Nevermnd6 months ago
Did I miss something? I thought NAND was you're 'universal gate' ?
artemonster6 months ago
Id appreciate more explanations from the power of combined bitflip & goto
tomheeop6 months ago
Sure!
https://github.com/tomhea/flip-jump/wiki/Learn-FlipJump
This will let you understand how to implement the very basic "if" in flipjump.
I tried to make it as easy for newcomers, but please feel free and update me if something is written complicated.
After you understand up to the macros, you can try yourself to understand the xor macro, which most of the library is built based on it: https://github.com/tomhea/flip-jump/blob/fe51448932e78db7d76...
[deleted]6 months agocollapsed
platz6 months ago
How is a jump realized by Not Gates?
tomheeop6 months ago
I dont think that the jump can be realized by NOT gates, but it's essentially "where to find the next NOT command". The jump is indeed a crucial part of the language, as it allows going back, and especially to make self-modifying code.
Jerrrry6 months ago
I'm guessing by not jumping into a terminating/ halting NOOP.
The logic is within the branching.
jumploops6 months ago
AND, OR, NOT - pick 2
sroussey6 months ago
NOR - pick 1
falcor846 months ago
Or equivalently NAND, leading to the usual recommendation about NAND to Tetris - https://www.nand2tetris.org/
dang6 months ago
Looks like we banned you and this domain because of the egregious vote manipulation and bogus comments at https://news.ycombinator.com/item?id=34856792.
That was a long time ago, though, and the project is interesting enough, so I'm going to assume you've learned your lesson and unban you. Please stop using multiple accounts for this though!
tomheeop6 months ago
Thanks man, I appreciate it.
jimbob456 months ago
Dang, I have to know what triggered you to say this. It’s not the same user account so you would have had to have recognized the URL and written based on that.
Do you keep notes on each astroturfed submission and auto-trigger reposts to notify yourself? Or did you just happen to recognize this? 20 minutes from his post to your comment is absurdly good moderation.
dang6 months ago
https://news.ycombinator.com/item?id=42742462 was on the front page. We got an email suggesting that the URL should be https://github.com/tomhea/c2fj instead of https://github.com/tomhea/flip-jump. That made sense, except it turned out that github.com/tomhea was banned. That seemed odd because we don't normally ban github domains, so I looked at the history https://news.ycombinator.com/from?site=github.com%2Ftomhea (most of which will only be visible to users who have 'showdead' set to 'yes' in their profile), and it was pretty easy to see that https://news.ycombinator.com/item?id=34856792 was, let's call it, the original sin in this chain of woe. It was also pretty obvious that the other submitting accounts were all related. Since the project itself is interesting I figured the best thing to do was give the submitter a second chance, so I picked the earlier post from today (the OP) and swapped it out for the other one (42742462).
I hope that answers your question!
doormatt6 months ago
You sir, are amazing. Thank you for being so utterly transparent.
chicken_grease6 months ago
[dead]
jpcookie6 months ago
[dead]
kuringganteng6 months ago
[flagged]