reassign 812858 binutils 2.25.90.20160101-2 thanks I disassembled the offending code and found calls to 0x0 address, not good:
0x080e303b in __register_frame_info_bases () (gdb) disassemble /m Dump of assembler code for function __register_frame_info_bases: 0x080e2fe0 <+0>: push %edi 0x080e2fe1 <+1>: push %esi 0x080e2fe2 <+2>: push %ebx 0x080e2fe3 <+3>: mov 0x10(%esp),%eax 0x080e2fe7 <+7>: call 0x8048ef0 <__x86.get_pc_thunk.bx> 0x080e2fec <+12>: add $0xef864,%ebx 0x080e2ff2 <+18>: mov 0x14(%esp),%esi 0x080e2ff6 <+22>: test %eax,%eax 0x080e2ff8 <+24>: je 0x80e305a <__register_frame_info_bases+122> 0x080e2ffa <+26>: mov (%eax),%ecx 0x080e2ffc <+28>: test %ecx,%ecx 0x080e2ffe <+30>: je 0x80e305a <__register_frame_info_bases+122> 0x080e3000 <+32>: mov 0x18(%esp),%edx 0x080e3004 <+36>: mov %eax,0xc(%esi) 0x080e3007 <+39>: mov $0x7f8,%eax 0x080e300c <+44>: movl $0x0,0x10(%esi) 0x080e3013 <+51>: movl $0xffffffff,(%esi) 0x080e3019 <+57>: mov %edx,0x4(%esi) 0x080e301c <+60>: mov 0x1c(%esp),%edx 0x080e3020 <+64>: mov %ax,0x10(%esi) 0x080e3024 <+68>: mov %edx,0x8(%esi) 0x080e3027 <+71>: mov -0x207(%ebx),%edx 0x080e302d <+77>: test %edx,%edx 0x080e302f <+79>: je 0x80e3060 <__register_frame_info_bases+128> 0x080e3031 <+81>: lea 0x3010(%ebx),%edi 0x080e3037 <+87>: sub $0xc,%esp 0x080e303a <+90>: push %edi => 0x080e303b <+91>: call 0x0 0x080e3040 <+96>: mov 0x302c(%ebx),%eax 0x080e3046 <+102>: mov %esi,0x302c(%ebx) 0x080e304c <+108>: mov %eax,0x14(%esi) 0x080e304f <+111>: mov %edi,(%esp) 0x080e3052 <+114>: call 0x0 0x080e3057 <+119>: add $0x10,%esp 0x080e305a <+122>: pop %ebx 0x080e305b <+123>: pop %esi 0x080e305c <+124>: pop %edi 0x080e305d <+125>: ret 0x080e305e <+126>: xchg %ax,%ax 0x080e3060 <+128>: mov 0x302c(%ebx),%eax 0x080e3066 <+134>: mov %esi,0x302c(%ebx) 0x080e306c <+140>: mov %eax,0x14(%esi) 0x080e306f <+143>: pop %ebx 0x080e3070 <+144>: pop %esi 0x080e3071 <+145>: pop %edi 0x080e3072 <+146>: ret End of assembler dump. I guess that the linker "forgot" somehow to fill those places with proper addresses. If I compile with gold linker then the program is fine, like this: g++ -fuse-ld=gold -static -m32 test.cpp ./a.out Hello test So the ld.gold works fine, but not the default ld.dfd, so I conclude that ld.dfd is at fault. I can also reproduce the segfault with g++-4.9, but not with g++-4.8 -- Marius