Jump to content

NOP (code)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by EmptySora (talk | contribs) at 04:27, 18 June 2024 (Rewrote x86 notes cell + MOS:STRAIGHT (don’t do `this`; converted to code tags). I highly doubt that link on “0x” to hex is needed. #article-section-source-editor). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

In computer science, a NOP, no-op, or NOOP (pronounced "no op"; short for no operation) is a machine language instruction and its assembly language mnemonic, programming language statement, or computer protocol command that does nothing.

Machine language instructions

Some computer instruction sets include an instruction whose explicit purpose is to not change the state of any of the programmer-accessible registers, status flags, or memory. It often takes a well-defined number of clock cycles to execute. In other instruction sets, there is no explicit NOP instruction, but the assembly language mnemonic NOP represents an instruction which acts as a NOP; e.g., on the SPARC, sethi 0, %g0.

A NOP must not access memory, as that could cause a memory fault or page fault.

A NOP is most commonly used for timing purposes, to force memory alignment, to prevent hazards, to occupy a branch delay slot, to render void an existing instruction such as a jump, as a target of an execute instruction, or as a place-holder to be replaced by active instructions later on in program development (or to replace removed instructions when reorganizing would be problematic or time-consuming). In some cases, a NOP can have minor side effects; for example, on the Motorola 68000 series of processors, the NOP opcode causes a synchronization of the pipeline.[1]

Listed below are the NOP instruction for some CPU architectures:

CPU architecture Instruction mnemonic Bytes Opcode Notes
Intel x86 CPU family NOP 1; 1–9 for i686 and x86-64 0x90[2] 0x90 decodes to NOP. While many people believe that xchg rax, rax translates to NOP (0x90), this is demonstrably wrong since the translation is missing the ModR/M byte which encodes the registers.

Instead xchg rax, rax is encoded as "0x4887c0", with "48" as the prefix for 64-bit numbers, "87" as the opcode for xchg and "c0" as the ModR/M byte for 2 identical registers with index 0, rax.

However, most assemblers encode xchg rax, rax as "0x90", both for optimization (xchg takes longer to execute than nop) and because they behave the same way.

In this way, "0x4890" does not decode to xchg rax, rax in 64-bit mode and "0x90" does not decode to xchg eax, eax in 32-bit mode.

Since the assembler knows this, it can make this replacement, which may cause confusion. To actualy insert xchg rax, rax into a program, the opcodes have to be manually inserted, which then results in an instruction that is equivalent to, though not identical to, NOP.

Intel 8051 / MCS-51 family NOP 1 0x00
DEC Alpha NOP 4 0x47FF041F Opcode for BIS r31,r31,r31, an instruction that bitwise-ORs the always-0 register with itself.
AMD 29k NOP 4 0x70400101 Opcode for aseq 0x40,gr1,gr1, an instruction that asserts that the stack register is equal to itself.[3]
ARM A32 NOP 4 0x00000000 This stands for andeq r0, r0, r0. The assembly instruction nop will most likely expand to mov r0, r0 which is encoded 0xE1A00000 (little-endian architecture).[4]
ARM T32 (16 bit) NOP 2 0xb000 Opcode for ADD SP, #0 - Add zero to the stack pointer (No operation). The assembly instruction nop will most likely expand to mov r8, r8 which is encoded 0x46C0.[5]
ARM T32 (32 bit) NOP 4 0xF3AF 8000
ARM A64 (64 bit) NOP 4 0xD503201F
AVR NOP 2 0x0000 one clock cycle
IBM System/360, IBM System/370, IBM System/390, z/Architecture, UNIVAC Series 90 NOP 4 0x47000000 or 0x470nnnnn or 0x47n0nnnn where "n" is any 4-bit value. The NOP ("No-Op") and NOPR ("No-Op Register") are a subset of the "Branch on Condition" or "Branch on Condition Register" instructions, respectively; both versions have two options for generating a NO-OP.

In the case of both the NOP and NOPR instructions, the first 0 in the second byte is the "mask" value, the condition to test such as equal, not equal, high, low, etc. If the mask is 0, no branch occurs.

In the case of the NOPR instruction, the second value in the second byte is the register to branch on. If register 0 is chosen, no branch occurs regardless of the mask value. Thus, if either of the two values in the second byte is 0, the branch will not happen.

In the case of the NOP instruction, the second value in the second byte is the "base" register of a combined base register, displacement register and offset address. If the base register is also 0, the branch is not taken regardless of the value of the displacement register or displacement address.

NOPR 2 0x0700 or 0x070n or 0x07n0 where "n" is any 4-bit value.
SuperH NOP 2 0x0009
MIPS NOP 4 0x00000000 Stands for sll r0,r0,0, meaning: Logically shift register 0 zero bits to the left and store the result in register 0. Writes to register 0 are ignored; it always contains 0.
MIPS-X NOP 4 0x60000019 (extended opcode for add r0,r0,r0)
MIX NOP 1 word ± * * * * 0 The * bytes are arbitrary, and can be anything from 0 to the maximum byte (required to be in the range 63-99). MIX uses sign-magnitude representation.
MMIX SWYM 4 0xFD****** SWYM stands for "Sympathize with your machinery". The * digits can be chosen arbitrarily.
Motorola 68000 family NOP 2 0x4E71 This synchronizes the pipeline and prevents instruction overlap.[1]
Motorola 6809 NOP 1 0x12
MOS Technology 65xx (e.g. 6502) NOP 1 0xEA NOP consumes two clock cycles. Undefined opcodes in the NMOS versions of the 65xx family were converted to be NOPs of varying instruction lengths and cycle times in the 65C02.
PA-RISC NOP 4 0x08000240 Opcode for OR 0,0,0.[6]
LDI 26,0 4 0x34000034 Palindromic NOP - that is, an instruction that executes as NOP regardless of whether byte order is interpreted as little-endian or big-endian. Some PA-RISC system instructions are required to be followed by seven palindromic NOPs.[6]
PowerPC NOP 4 0x60000000 (extended opcode for ori r0,r0,0)
PIC microcontroller NOP 12 bits 0b000000000000 MOVW 0,W
RISC-V NOP 4 0x00000013 ADDI x0, x0, 0
C.NOP 2 0x0001 C.ADDI x0, 0. Only available on RISC-V CPUs that support the "C" (compressed instructions) extension.[7]
SPARC NOP 4 0x01000000 Stands for sethi 0, %g0 which zeroes the hardwired-to-zero %g0 register[8]
Z80 NOP 1 0x00 There are some other instructions without any effect (and the same timing): LD A, A, LD B, B etc.
PDP-10 JFCL 0, (conventional)
JUMP, SETA, SETAI, CAI, TRN, TLN
1 word 25500******* (octal) Jump never
Jump never, set nothing, skip never
PDP-11 NOP 16 bits 000240 (octal) Clear none of the condition codes
VAX NOP 1 0x01 Delay is dependent on processor type

From a hardware design point of view, unmapped areas of a bus are often designed to return zeroes; since the NOP slide behavior is often desirable, it gives a bias to coding it with the all-zeroes opcode.

Code

A function or a sequence of programming language statements is a NOP or null statement if it has no effect. Null statements may be required by the syntax of some languages in certain contexts.

Ada

In Ada, the null statement serves as a NOP.[9] As the syntax forbids that control statements or functions be empty, the null statement must be used to specify that no action is required. (Thus, if the programmer forgets to write a sequence of statements, the program will fail to compile.)

C and derivatives

The simplest NOP statement in C is the null statement, which is just a semi-colon in a context requiring a statement.

Be aware that your C-compiler is going to ignore null statements, which has historical and performance reasons.

  ;

An empty block (compound statement) is also a NOP, and may be more legible, but will still be ignored by the compiler.:

  {}

In some cases, such as the body of a function, a block must be used, but this can be empty. In C, statements cannot be empty—simple statements must end with a ; (semicolon) while compound statements are enclosed in {} (braces), which does not itself need a following semicolon. Thus in contexts where a statement is grammatically required, some such null statement can be used.

The null statement is useless by itself, but it can have a syntactic use in a wider context, e.g., within the context of a loop:

  while (getchar() != '\n') {}

alternatively,

  while (getchar() != '\n')
      ;

or more tersely:

  while (getchar() != '\n');

(note that the last form may be confusing, and as such generates a warning with some compilers or compiler options, as semicolon usually indicates an end of function call instruction when placed after a parenthesis on the end of line).

The above code continues calling the function getchar() until it returns a \n (newline) character, essentially fast-forwarding the current reading location of standard input to the beginning of next line.

Fortran

In Fortran, the CONTINUE statement is used in some contexts such as the last statement in a DO loop, although it can be used anywhere, and does not have any functionality.

JavaScript

The JavaScript language does not have a built-in NOP statement. Many implementations are possible:

  • Use the ; empty statement[10] or the {} empty block statement the same way as in the C and derivatives examples;
  • Use the undefined or the null expression as a complete statement (an expression statement) when the previous methods are not allowed by the syntax.

Alternatives, in situations where a function is required, are:

  • Use the Function.prototype() built-in function, that accepts any arguments and returns undefined;[11]
  • Use a NOP function available in a third-party library —see below;
  • Define a custom NOP function, as in the following example (using the ES6 arrow function syntax):
const noop = () => {};

AngularJS

The AngularJS framework provides angular.noop function that performs no operations.

jQuery

The jQuery library provides a function jQuery.noop(), which does nothing.[12]

Lodash

The Lodash library provides a function _.noop(), which returns undefined and does nothing.[13]

Pascal

As with C, the ; used by itself can be used as a null statement in Pascal. In fact, due to the specification of the language, in a BEGIN / END block, the semicolon is optional before the END statement, thus a semicolon used there is superfluous.

Also, a block consisting of BEGIN END; may be used as a placeholder to indicate no action, even if placed inside another BEGIN / END block.

Python

The Python programming language has a pass statement which has no effect when executed and thus serves as a NOP. It is primarily used to ensure correct syntax due to Python's indentation-sensitive syntax; for example the syntax for definition of a class requires an indented block with the class logic, which has to be expressed as pass when it should be empty.

Shell scripting (bash, zsh, etc.)

The ':' [colon] command is a shell builtin that has similar effect to a "NOP" (a do-nothing operation). It is not technically an NOP, as it changes the special parameter $? (exit status of last command) to 0. It may be considered a synonym for the shell builtin 'true', and its exit status is true (0).[14][15][16]

TeX macro language (ConTeXt, LaTeX, etc.)

The TeX typographical system's macro language has the \relax command.[17] It does nothing by itself, but may be used to prevent the immediately preceding command from parsing any subsequent tokens.[18]

NOP protocol commands

Many computer protocols, such as telnet, include a NOP command that a client can issue to request a response from the server without requesting any other actions. Such a command can be used to ensure the connection is still alive or that the server is responsive. A NOOP command is part of the following protocols (this is a partial list):

Note that unlike the other protocols listed, the IMAP4 NOOP command has a specific purpose—it allows the server to send any pending notifications to the client.

While most telnet or FTP servers respond to a NOOP command with "OK" or "+OK", some programmers have added quirky responses to the client. For example, the ftpd daemon of MINIX responds to NOOP with the message:[19]

200 NOOP to you too!

Cracking

NOPs are often involved when cracking software that checks for serial numbers, specific hardware or software requirements, presence or absence of hardware dongles, etc. in the form of a NOP slide. This process is accomplished by altering functions and subroutines to bypass security checks and instead simply return the expected value being checked for. Because most of the instructions in the security check routine will be unused, these would be replaced with NOPs, thus removing the software's security functionality without altering the positioning of everything which follows in the binary.

Security exploits

The NOP opcode can be used to form a NOP slide, which allows code to execute when the exact value of the instruction pointer is indeterminate (e.g., when a buffer overflow causes a function's return address on the stack to be overwritten).

See also

References

  1. ^ a b "Motorola 68000 Programmer's Reference Manual" (PDF).
  2. ^ "Intel 64 and IA-32 Architectures Software Developer's Manual: Instruction Set Reference A-Z" (PDF). Retrieved 2012-03-01.
  3. ^ AMD, Am29050 Microprocessor User's Manual, 1991, pages 223 and 257.
  4. ^ "4.8.4. NOP ARM pseudo-instruction". RealView Compilation Tools for BREW Assembler Guide.
  5. ^ "5.6.3. NOP Thumb pseudo-instruction". RealView Compilation Tools for BREW Assembler Guide.
  6. ^ a b Hewlett-Packard, PA-RISC 2.0 Architecture, 1995, pages 2-21 and 7-103. Archived on Jun 21, 2020.
  7. ^ RISC-V Foundation, The RISC-V Instruction Set Manual, Volume 1: User-Level ISA, version 2.2, 7 May 2017, p.79.
  8. ^ Weaver, D. L.; Germond, T., eds. (1994). The SPARC Architecture Manual, Version 9 (PDF). Prentice Hall. ISBN 0-13-825001-4. Archived from the original (PDF) on 2012-01-18. Retrieved 2014-01-09. Note that NOP is a special case of the SETHI instruction, with imm22 = 0 and rd = 0.
  9. ^ Ada Reference Manual — null statements. "The execution of a null_statement has no effect."
  10. ^ MDN JavaScript reference – empty statement. "The empty statement is a semicolon (;) indicating that no statement will be executed, even if JavaScript syntax requires one."
  11. ^ ECMAScript Language Specification – Edition 5.1 – Properties of the Function Prototype Object
  12. ^ jQuery.noop() from jQuery API documentation
  13. ^ "Lodash Documentation". lodash.com. Retrieved 2017-12-15.
  14. ^ Advanced Bash-Scripting Guide > Chapter 3. Special Characters
  15. ^ bash manpage > SHELL BUILTIN COMMANDS
  16. ^ zsh manpage (zshbuiltins) > SHELL BUILTIN COMMANDS
  17. ^ Bausum, David (2002). "TeX Primitive Control Sequences". TeX Reference Manual. Kluwer Academic Publishers. Retrieved 1 April 2020. According to The TeXbook, 'TeX does nothing' when it encounters \relax. Actually, \relax may tell TeX, 'This is the end of what you've been doing'.
  18. ^ TeX wikibook – relax
  19. ^ "ftpd.c". Retrieved 2016-06-19.