I debugged this more. The secondary crash (besides the cpuid one). The binary "steam" has a static libcrypto.a built in. RSA_new() is called in it. This initializes all of the RSA struct, except the "engine" pointer, because engines are not built in the static build. While RSA_new is called in this static build, RSA_free is called in the shared library, which has engine support. There it tries to dereference RSA->engine if it is not NULL and that crashes. I went an opened a steam issue. I also went and opened pull requests for openssl to initialize RSA->engine to NULL, for 1.0.1 and 1.0.2 branch, so if that is accepted and published and steam picks it up, it will in their static builds too.