What is the difference between iret and iretd, iretq?

Question

What is the difference between iret and iretd, iretq?

I want to simulate an iret condition on an x86_64 Linux server. I found three instructions

iret: operand size 16
iretd: operand size 32
iretq: operand size 64

I can not distinguish them, and which one to use. thanks for the help!

I have another question about iret simulation, can you see? http://stackoverflow.com/questions/11756274/how-to-simulate-a-iret-on-linux-x86-64

+4

assembly x86 linux-kernel

hellolwq Aug 1 '12 at 9:15

source share

1 answer

Gj. · Accepted Answer · 2012-08-01T10:49:04+0000

From this link :

An IRET is returned with an interrupt (hardware or software) using (or EIP), CS and flags from the stack, and then continuing execution from the new CS: IP.
IRETW issues IP, CS and flags of 2 bytes each, removing the 6 bytes stack as a whole. IRETD issues EIP as 4 bytes, produces 4 more bytes of which the two upper parts are discarded, and the lower two go to CS, and issues flags as 4 bytes, taking 12 bytes from the stack.
IRET is short for IRETW or IRETD, depending on the default BITS.

Very similar to IRETQ

What is the difference between iret and iretd, iretq?

More articles: