I just noticed that you set up %ebp before you call some C code. I'm 99.9% certain you don't have to. I.e., if I recall correctly, %ebp is preserved by a C function, but other than that its input value is NOT assumed to be anything sensible.