wait() returns the pid of the child process (or -1
on error). Since you're not clearing the AH
register before the next syscall, chances are part of that value is still there, and you end up invoking an arbitrary system call instead of 0x0a
.
Try setting EAX
instead of AL
:
mov ebx, esp
mov eax, 0x0a
int 0x80