NOP (code) explained

In computer science, a NOP, no-op, or NOOP (pronounced "no op"; short for no operation) is a machine language instruction and its assembly language mnemonic, programming language statement, or computer protocol command that does nothing.

Machine language instructions

Some computer instruction sets include an instruction whose explicit purpose is to not change the state of any of the programmer-accessible registers, status flags, or memory. It often takes a well-defined number of clock cycles to execute. In other instruction sets, there is no explicit NOP instruction, but the assembly language mnemonic NOP represents an instruction which acts as a NOP; e.g., on the SPARC, sethi 0, %g0.

A NOP must not access memory, as that could cause a memory fault or page fault.

A NOP is most commonly used for timing purposes, to force memory alignment, to prevent hazards, to occupy a branch delay slot, to render void an existing instruction such as a jump, as a target of an execute instruction, or as a place-holder to be replaced by active instructions later on in program development (or to replace removed instructions when reorganizing would be problematic or time-consuming). In some cases, a NOP can have minor side effects; for example, on the Motorola 68000 series of processors, the NOP opcode causes a synchronization of the pipeline.[1]

Listed below are the NOP instruction for some CPU architectures:

CPU architectureInstruction mnemonicBytesOpcodeNotes
Intel x86 CPU familyNOP10x90[2] 0x90 is the one-byte encoding for XCHG AX,AX in 16-bit code and XCHG EAX,EAX in 32-bit code. In long mode, XCHG RAX,RAX requires two bytes, as it would begin with an REX.W prefix, making the encoding 0x48 0x90. However, 0x90 is interpreted as a NOP in long mode regardless of whether it is preceded by 0x48.
multi-byte NOP2–9 for Pentium Pro and later Intel processors, and all AMD AMD64 processors0x66 0x90
0x0F 0x1F 0x00

0x0F 0x1F 0x40 0x00

0x0F 0x1F 0x44 0x00 0x00

0x66 0x0F 0x1F 0x44 0x00 0x00

0x0F 0x1F 0x80 0x00 0x00 0x00 0x00

0x0F 0x1F 0x84 0x00 0x00 0x00 0x00 0x00

0x66 0x0F 0x1F 0x84 0x00 0x00 0x00 0x00 0x00

0x66 is the operand-size override prefix. 0x0F 0x1F is a two-byte NOP opcode that takes a ModRM operand upon which no operation is performed; 0x00 is [EAX], 0x40 0x00 is [EAX + 00H], 0x44 0x00 0x00 is [EAX + EAX*1 + 00H], 0x80 0x00 0x00 0x00 0x00 is [EAX + 00000000H], and 0x84 0x00 0x00 0x00 0x00 0x00 is [EAX + EAX*1 + 00000000H].
Intel 8008LAA10xC0Load A from A
Intel 8051 / MCS-51 familyNOP10x00
Intel 8080, Intel 8085, Z80NOP10x00
DEC AlphaNOP40x47FF041FOpcode for BIS r31,r31,r31, an instruction that bitwise-ORs the always-0 register with itself.
AMD 29kNOP40x70400101Opcode for aseq 0x40,gr1,gr1, an instruction that asserts that the stack register is equal to itself.[3]
ARM A32NOP40x00000000This stands for andeq r0, r0, r0. The assembly instruction nop will most likely expand to mov r0, r0 which is encoded 0xE1A00000 (little-endian architecture).[4]
ARM T32 (16 bit)NOP20xb000Opcode for ADD SP, #0 - Add zero to the stack pointer (No operation). The assembly instruction nop will most likely expand to mov r8, r8 which is encoded 0x46C0.[5]
ARM T32 (32 bit)NOP40xF3AF 8000
ARM A64 (64 bit)NOP40xD503201F
AVRNOP20x0000one clock cycle
IBM System/360, IBM System/370, IBM System/390, z/Architecture, UNIVAC Series 90NOP40x47000000 or 0x470nnnnn or 0x47n0nnnn where "n" is any 4-bit value.The NOP ("No-Op") and NOPR ("No-Op Register") are a subset of the "Branch on Condition" or "Branch on Condition Register" instructions, respectively; both versions have two options for generating a NO-OP. In the case of both the NOP and NOPR instructions, the first 0 in the second byte is the "mask" value, the condition to test such as equal, not equal, high, low, etc. If the mask is 0, no branch occurs.

In the case of the NOPR instruction, the second value in the second byte is the register to branch on. If register 0 is chosen, no branch occurs regardless of the mask value. Thus, if either of the two values in the second byte is 0, the branch will not happen.

In the case of the NOP instruction, the second value in the second byte is the "base" register of a combined base register, displacement register and offset address. If the base register is also 0, the branch is not taken regardless of the value of the displacement register or displacement address.

NOPR20x0700 or 0x070n or 0x07n0 where "n" is any 4-bit value.
SuperHNOP20x0009
MIPSNOP40x00000000Stands for sll r0,r0,0, meaning: Logically shift register 0 zero bits to the left and store the result in register 0. Writes to register 0 are ignored; it always contains 0.
MIPS-XNOP40x60000019(extended opcode for add r0,r0,r0)
MIXNOP1 word± * * * * 0The * bytes are arbitrary, and can be anything from 0 to the maximum byte (required to be in the range 63-99). MIX uses sign-magnitude representation.
MMIXSWYM40xFD******SWYM stands for "Sympathize with your machinery". The * digits can be chosen arbitrarily.
Motorola 6800NOP10x01
Motorola 68000 familyNOP20x4E71This synchronizes the pipeline and prevents instruction overlap.
Motorola 6809NOP10x12
MOS Technology 65xx (e.g. 6502)NOP10xEA'''NOP''' consumes two clock cycles. Undefined opcodes in the NMOS versions of the 65xx family were converted to be NOPs of varying instruction lengths and cycle times in the 65C02.
PA-RISCNOP40x08000240Opcode for OR 0,0,0.
LDI 26,040x34000034Palindromic NOP - that is, an instruction that executes as NOP regardless of whether byte order is interpreted as little-endian or big-endian. Some PA-RISC system instructions are required to be followed by seven palindromic NOPs.[6]
PowerPCNOP40x60000000(extended opcode for ori r0,r0,0)
PIC microcontrollerNOP12 bits0b000000000000
RISC-VNOP40x00000013ADDI x0, x0, 0
C.NOP20x0001C.ADDI x0, 0. Only available on RISC-V CPUs that support the "C" (compressed instructions) extension.[7]
Signetics 8X300MOV AUX, AUX16 bits0x0000Move AUX to AUX with no rotate
SPARCNOP40x01000000Stands for sethi 0, %g0 which zeroes the hardwired-to-zero %g0 register[8]
PDP-10JFCL 0, (conventional)
JUMP, SETA, SETAI, CAI, TRN, TLN
1 word25500******* (octal)Jump never
Jump never, set nothing, skip never
PDP-11NOP2000240 (octal)Clear none of the condition codes
VAXNOP10x01Delay is dependent on processor type
WD16NOP20x0000

From a hardware design point of view, unmapped areas of a bus are often designed to return zeroes; since the NOP slide behavior is often desirable, it gives a bias to coding it with the all-zeroes opcode.

Code

A function or a sequence of programming language statements is a NOP or null statement if it has no effect. Null statements may be required by the syntax of some languages in certain contexts.

Ada

In Ada, the null statement serves as a NOP.[9] As the syntax forbids that control statements or functions be empty, the null statement must be used to specify that no action is required. (Thus, if the programmer forgets to write a sequence of statements, the program will fail to compile.)

C and derivatives

The simplest NOP statement in C is the null statement, which is just a semi-colon in a context requiring a statement.

Most C compilers generate no code for null statements, which has historical and performance reasons. ;An empty block (compound statement) is also a NOP, and may be more legible, but will still have no code generated for it by the compiler. In some cases, such as the body of a function, a block must be used, but this can be empty. In C, statements cannot be empty—simple statements must end with a ; (semicolon) while compound statements are enclosed in {} (braces), which does not itself need a following semicolon. Thus in contexts where a statement is grammatically required, some such null statement can be used.

The null statement is useless by itself, but it can have a syntactic use in a wider context, e.g., within the context of a loop: while (getchar != '\n') alternatively,

while (getchar != '\n') ;or more tersely:

while (getchar != '\n');(note that the last form may be confusing, and as such generates a warning with some compilers or compiler options, as semicolon usually indicates an end of function call instruction when placed after a parenthesis on the end of line).

The above code continues calling the function getchar until it returns a \n (newline) character, essentially fast-forwarding the current reading location of standard input to the beginning of next line.

Fortran

In Fortran, the CONTINUE statement is used in some contexts such as the last statement in a DO loop, although it can be used anywhere, and does not have any functionality.

JavaScript

The JavaScript language does not have a built-in NOP statement. Many implementations are possible:

Alternatives, in situations where a function is required, are:

const noop = => ;

AngularJS

The AngularJS framework provides angular.noop function that performs no operations.

jQuery

The jQuery library provides a function jQuery.noop, which does nothing.[12]

Lodash

The Lodash library provides a function _.noop, which returns undefined and does nothing.[13]

Pascal

As with C, the ; used by itself can be used as a null statement in Pascal. In fact, due to the specification of the language, in a BEGIN / END block, the semicolon is optional before the END statement, thus a semicolon used there is superfluous.

Also, a block consisting of BEGIN END; may be used as a placeholder to indicate no action, even if placed inside another BEGIN / END block.

Python

The Python programming language has a pass statement which has no effect when executed and thus serves as a NOP. It is primarily used to ensure correct syntax due to Python's indentation-sensitive syntax; for example the syntax for definition of a class requires an indented block with the class logic, which has to be expressed as pass when it should be empty.

Shell scripting (bash, zsh, etc.)

The ':' [colon] command is a shell builtin that has similar effect to a "NOP" (a do-nothing operation). It is not technically an NOP, as it changes the special parameter $? (exit status of last command) to 0. It may be considered a synonym for the shell builtin 'true', and its exit status is true (0).[14] [15] [16]

TeX macro language (ConTeXt, LaTeX, etc.)

The TeX typographical system's macro language has the \relax command.[17] It does nothing by itself, but may be used to prevent the immediately preceding command from parsing any subsequent tokens.[18]

NOP protocol commands

Many computer protocols, such as telnet, include a NOP command that a client can issue to request a response from the server without requesting any other actions. Such a command can be used to ensure the connection is still alive or that the server is responsive. A NOOP command is part of the following protocols (this is a partial list):

Note that unlike the other protocols listed, the IMAP4 NOOP command has a specific purpose—it allows the server to send any pending notifications to the client.

While most telnet or FTP servers respond to a NOOP command with "OK" or "+OK", some programmers have added quirky responses to the client. For example, the ftpd daemon of MINIX responds to NOOP with the message:[19] 200 NOOP to you too!

Cracking

NOPs are often involved when cracking software that checks for serial numbers, specific hardware or software requirements, presence or absence of hardware dongles, etc. in the form of a NOP slide. This process is accomplished by altering functions and subroutines to bypass security checks and instead simply return the expected value being checked for. Because most of the instructions in the security check routine will be unused, these would be replaced with NOPs, thus removing the software's security functionality without altering the positioning of everything which follows in the binary.

Security exploits

The NOP opcode can be used to form a NOP slide, which allows code to execute when the exact value of the instruction pointer is indeterminate (e.g., when a buffer overflow causes a function's return address on the stack to be overwritten).

See also

Notes and References

  1. Web site: Motorola 68000 Programmer's Reference Manual.
  2. Web site: Intel 64 and IA-32 Architectures Software Developer's Manual: Instruction Set Reference A-Z. 2012-03-01.
  3. AMD, Am29050 Microprocessor User's Manual, 1991, pages 223 and 257.
  4. Web site: 4.8.4. NOP ARM pseudo-instruction. RealView Compilation Tools for BREW Assembler Guide.
  5. Web site: 5.6.3. NOP Thumb pseudo-instruction. RealView Compilation Tools for BREW Assembler Guide.
  6. Hewlett-Packard, PA-RISC 2.0 Architecture, 1995, pages 2-21 and 7-103. Archived on Jun 21, 2020.
  7. RISC-V Foundation, The RISC-V Instruction Set Manual, Volume 1: User-Level ISA, version 2.2, 7 May 2017, p.79.
  8. Book: The SPARC Architecture Manual, Version 9 . Weaver, D. L. . Germond, T. . . 0-13-825001-4 . 1994 . Note that NOP is a special case of the SETHI instruction, with imm22 = 0 and rd = 0. . 2014-01-09 . https://web.archive.org/web/20120118213535/http://www.sparc.org/standards/SPARCV9.pdf . 2012-01-18 . dead.
  9. http://www.adaic.org/resources/add_content/standards/05aarm/html/AA-5-1.html#S0134 Ada Reference Manual - null statements
  10. MDN JavaScript reference – empty statement. "The empty statement is a semicolon (;) indicating that no statement will be executed, even if JavaScript syntax requires one."
  11. ECMAScript Language Specification – Edition 5.1 – Properties of the Function Prototype Object
  12. http://api.jquery.com/jquery.noop/ jQuery.noop
  13. Web site: Lodash Documentation. lodash.com. en. 2017-12-15.
  14. http://tldp.org/LDP/abs/html/special-chars.html Advanced Bash-Scripting Guide > Chapter 3. Special Characters
  15. bash manpage > SHELL BUILTIN COMMANDS
  16. zsh manpage (zshbuiltins) > SHELL BUILTIN COMMANDS
  17. Book: Bausum . David . TeX Reference Manual . 2002 . Kluwer Academic Publishers . 1 April 2020 . TeX Primitive Control Sequences . According to The TeXbook, 'TeX does nothing' when it encounters \relax. Actually, \relax may tell TeX, 'This is the end of what you've been doing'..
  18. TeX wikibook – relax
  19. Web site: ftpd.c. 2016-06-19.