RVOPcode
Home/Instructions/SSPOPCHK
SSPOPCHK

RISC-V SSPOPCHK Instruction Details

Instruction ManualR-type

SSPOPCHK reads the shadow return address at ssp and checks it against x1/x5.

Instruction Syntax

sspopchk rs1
Operand Breakdown
Destination rd: register receiving the operation result.
Source rs1: register holding the first operand.
Source rs2: register holding the second operand.
ZicfissSecurity Mechanisms
Related Search Terms
sspopchk instructionRISC-V sspopchksspopchk syntaxsspopchk encodingsspopchk shadow-stack pop checksspopchk CFIsspopchk shadow stack

Instruction Behavior

Beginner view: SSPOPCHK loads the shadow return address at ssp and compares it bit-for-bit with x1 or x5. A mismatch raises a software-check exception; on success ssp advances by XLEN/8.

Quick Understanding & Search Notes

SSPOPCHK belongs to the RISC-V CFI instruction set; behavior depends on whether Zicfilp/Zicfiss is enabled and on environment configuration.

Shadow-stack operations implicitly use ssp and XLEN width.
Do not mistake MOP compatibility for always-active security checks; inactive cases may degrade to no-op or zero-result behavior.
RISC-V Unprivileged ISA Manual: Control-Flow IntegrityRISC-V Unprivileged ISA Manual: Zimop/Zcmop May-Be-Operations

Common Usage Scenarios

Address & Pointer

Understand this scenario with real code like «sspopchk x1».

Data Loading

Understand this scenario with real code like «sspopchk x1».

Resource Management

Understand this scenario with real code like «sspopchk x1».

Pre-Use Checklist

Syntax Check
  • Confirm the current instruction format is R-type.
  • Confirm the operand order matches the example.
Semantic Check
  • Ensure the destination register usage is compatible with the calling convention.
  • Confirm this is not the lower-level form of a pseudo-instruction expansion.

Pitfalls / Common Confusions

Only x1 and x5 are supported compared link-register operands.
A shadow-stack value mismatch raises a software-check exception.
Trap behavior depends on privilege level, environment configuration CSRs, and page-table/memory attributes.
ssp is incremented by XLEN/8 only after the load succeeds and the comparison passes.
SSPOPCHK/C.SSPOPCHK increment ssp only after the load succeeds and comparison passes.

FAQ

What happens if the related CFI feature is inactive for SSPOPCHK?

Zicfiss instructions degrade according to the official Zimop/Zcmop-compatible behavior and do not perform shadow-stack checks or updates.

What official rule defines SSPOPCHK?

The Control-Flow Integrity chapter of the RISC-V Unprivileged ISA defines LPAD, SSPUSH, SSPOPCHK, SSRDP, and SSAMOSWAP.