cURL / Mailing Lists / curl-library / Single Mail


curl_multi_remove_handle() crashes if called before transfer is complete (sftp only)

From: 蔡文凱 <>
Date: Tue, 23 Feb 2016 10:23:37 +0800

I'm doing a sftp uploading with CURLOPT_LOW_SPEED_LIMIT &
CURLOPT_LOW_SPEED_TIME set. If I call curl_multi_remove_handle() before
transfer is complete,there will be a segmentation fault.

I also find out that crash only occurs when CURLOPT_LOW_SPEED_LIMIT &

Referring to Saqib Ali's mail

I add

curl_easy_setopt(newEasyHandle, CURLOPT_LOW_SPEED_LIMIT, (long)10240);
curl_easy_setopt(newEasyHandle, CURLOPT_LOW_SPEED_TIME, (long)10);

in his test code and move block C between blocks A & B.

Curl crashes everytime.

gdb backtrace :
#0 0x00007ffff7ba0940 in Curl_llist_count () from
#1 0x00007ffff7ba1175 in multi_addtimeout () from
#2 0x00007ffff7ba2866 in Curl_expire () from /usr/local/lib/
#3 0x00007ffff7b95551 in Curl_speedcheck () from
#4 0x00007ffff7bae061 in ssh_block_statemach.constprop () from
#5 0x00007ffff7b90bf1 in Curl_disconnect () from
#6 0x00007ffff7b91380 in Curl_done () from /usr/local/lib/
#7 0x00007ffff7ba2dca in curl_multi_remove_handle () from
#8 0x0000000000400f5c in main () at curl_crash_test.cpp:36

my Curl Version
curl 7.47.1 (x86_64-pc-linux-gnu) libcurl/7.47.1 OpenSSL/1.0.1f zlib/1.2.8
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp
scp sftp smb smbs smtp smtps telnet tftp
Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP UnixSockets


List admin:
Received on 2016-02-23