Hey, in step 6 you write an address. Are you sure this address is correct? I suppose, the top of stack address in step 1 could be different. E.g. command line arguments and environment variables are pushed onto the stack during program initialization. (see Startup state of a Linux/i386 ELF binary.)