System call causes Segmentation Fault

Question

I am writing a simple program in assembly that should call setreuid(0,0) and then call exit(). Here is my code:

section .text ; start code section of assembly
global _start
_start:
xor eax, eax ; setruid call
mov al,  0x46 ; get ready for setreuid system call
xor ebx, ebx ; arg 1 (0)
xor ecx, ecx ; arg 2 (0)
int 0x80 ; interrupt for setreuid
mov al,  0x01 ; prepare for exit call
int 0x80 ; interrupt for exit <---- 0x0804806c

When I run this through gdb it gets to 0x0804806c and then it crashes with the message:

0x0804806e in ?? ()
Execution is not within a known function

I am new to assembly so sorry if it's a noob mistake.

Update

I have copy and pasted exactly what I have posted here into exit.asm. Then I have compiled exit.asm using the following commands:

nasm -f elf exit.asm # elf file format for 32-bit linux
ld -o exit exit.o # link

this produces the program exit. When run it I get the following:

****@debian:~/shellcode$ ./exit
Segmentation fault
****@debian:~/shellcode$ 

Answer 1

What's happening is, setreuid returns a zero on success and a -1 on error. You're probably running as a regular user, who isn't allowed to set the user id of the process. For that reason, the return value of setreuid is -1, which in binary is all bits set for eax. By setting al to 0x01, you're only setting the least significant byte to 1. The high bits are all set, so you're not actually passing 1 in eax. You're effectively passing FFFFFF01. That's not a valid system call, let alone an exit call. When it gets to the second int 0x80, it keeps going to the next instruction, which it isn't allowed to read. Another thing is, you should mov ebx, 0 for the exit call. It just so happens that you xor'ed ebx previously, but that's a potential bug waiting to happen.