In my emulator I have it pushing the size corresponding to the gate type (same with the flags/CS:IP). Task switches depend on whether the incoming task is 32-bit or 16-bit. The Intel manuals cover the specifics in some detail if you look at the INT/INTO instruction.

OK. That means at least that is implemented correctly in UniPCemu. There's still a bug somewhere(causing crashes in 32-bit Windows and Linux), but I can't find it (yet). The weird thing is that everything seems to work as is documented, but they still crash(on invalid descriptors, or invalid pointers(wrong segment loaded/stored into memory). In the case of Linux it's even worse: it's jumping to user space from kernel space, but the kernel descriptors only allow EIP in the range of 0-512MB(limit of 1GB, with it's base at 3GB, so the Linux kernel pretending to be an user-space program in kernel space with kernel privileges?).