I did a debug-build of curl built with the libssh backend and ran the test suite.
I expected the following
I ran into issues because it turns out we try to free the pointer that libssh has returned from its sftp_canonicalize_path function.
All memory allocations in a debug build are subject for extra handling and thus it cannot easily mix with memory allocated without the debug-layer. But when I instead changed to use the "real" free() directly on this pointer, that also caused crashes. I could only make it run fine by completely avoiding the free of that data!