background image

Vol. 3A 6-13

INTERRUPT AND EXCEPTION HANDLING

To return from an exception- or interrupt-handler procedure, the handler must use the IRET (or IRETD) instruction. 
The IRET instruction is similar to the RET instruction except that it restores the saved flags into the EFLAGS 
register. The IOPL field of the EFLAGS register is restored only if the CPL is 0. The IF flag is changed only if the CPL 
is less than or equal to the IOPL. See Chapter 3, “Instruction Set Reference, A-L,” of the Intel® 64 and IA-32 Archi-
tectures Software Developer’s Manual, Volume 2A, for a description of the complete operation performed by the 
IRET instruction.
If a stack switch occurred when calling the handler procedure, the IRET instruction switches back to the interrupted 
procedure’s stack on the return.

6.12.1.1   Protection of Exception- and Interrupt-Handler Procedures

The privilege-level protection for exception- and interrupt-handler procedures is similar to that used for ordinary 
procedure calls when called through a call gate (see Section 5.8.4, “Accessing a Code Segment Through a Call 
Gate”). The processor does not permit transfer of execution to an exception- or interrupt-handler procedure in a 
less privileged code segment (numerically greater privilege level) than the CPL. 
An attempt to violate this rule results in a general-protection exception (#GP). The protection mechanism for 
exception- and interrupt-handler procedures is different in the following ways:

•

Because interrupt and exception vectors have no RPL, the RPL is not checked on implicit calls to exception and 
interrupt handlers.

•

The processor checks the DPL of the interrupt or trap gate only if an exception or interrupt is generated with an 
INT n, INT 3, or INTO instruction. Here, the CPL must be less than or equal to the DPL of the gate. This 
restriction prevents application programs or procedures running at privilege level 3 from using a software 
interrupt to access critical exception handlers, such as the page-fault handler, providing that those handlers are 
placed in more privileged code segments (numerically lower privilege level). For hardware-generated 
interrupts and processor-detected exceptions, the processor ignores the DPL of interrupt and trap gates.

Figure 6-4.  Stack Usage on Transfers to Interrupt and Exception-Handling Routines

 CS

Error Code

EFLAGS

CS

 EIP

ESP After
Transfer to Handler

Error Code

ESP Before
Transfer to Handler

 EFLAGS

 EIP

 SS

 ESP

Stack Usage with No

Privilege-Level Change

Stack Usage with

Privilege-Level Change

Interrupted Procedure’s 

Interrupted Procedure’s

and Handler’s Stack

Handler’s Stack

ESP After

Transfer to Handler

Transfer to Handler

ESP Before

Stack