Last modified: Sun Jun 14 00:34:22 UTC+0200 2026 © A. Tarpai
8086 IRET
8086 used the same mechanism for
- hw CPU exceptions
- hw interrupt through the INTR-pin
- sw int using the INT n instruction
The CPU pushes 3 WORDS onto stack: the FLAGS register, content of CS and the IP (in this order). Then loads CS:IP from the IVT (vector number n = 0..255) and makes the jump.
INT stack
15 0
| |
+--------------+
| X X X X |
+--------------+
| X X X X | <-- SP+6
+--------------+
| FLAGS |
+--------------+
| CS |
+--------------+
| IP | <-- SP
+--------------+
| |
+--------------+
| |
+--------------+ 0
The handler routine returns with IRET (CF) instruction, which pops and loads these 3 registers from stack and continues execution.
386 IRET
IRET can pull up parameters in both operand sizes.
With DWORD stack view:
operand-size = 32 operand-size = 16
D=1 or D=0 and 66h D=0 or D=1 and 66h
31 0 31 0
| | <-- ESP + 12 | | <-- ESP + 6
+---------+---------+ +---------+---------+
| EFLAGS | | FLAGS CS |
+---------+---------+ +---------+---------+
| CS | | IP | <-- ESP
+---------+---------+ +---------+---------+
| EIP | <-- ESP | |
+---------+---------+ +---------+---------+
| | | |
IRET IRET
IRETD IRETW
Pops 3 DWORDS (12 bytes) Pops 3 WORDS (6 bytes)
EIP HI zeroed
| |
| |
v v
+---------+---------+ +---------+---------+
| | EIP | 0 0 0 0 IP | EIP
+---------+---------+ +---------+---------+
There are different mnemonics for the assembler to encode IRET with proper operand-size prefix 66h.
The stack-frame format is determined by hw.
The hardware makes 16-bit stack frame, when
- PE = 0: to emulate and run 8086 interrupt code (see IVT emulation)
- PE = 1 and interrupt through 286-type GATE DESCRIPTOR: to emulate and run 286 p-mode interrupt code (see IDT interrupt call mechanism)
The hardware makes 32-bit stack frame, when PE = 1 and interrupt through 386-type 32-bit GATE DESCRIPTOR.