Created attachment 51891 [details] Example program with reachable blocks Version: 3.6 SVN OS: Linux Please see the attached example (example.c). When running valgrind on it I get: $ valgrind --tool=memcheck --trace-children=yes --num-callers=32 --memcheck:leak-check=yes --memcheck:leak-resolution=high ./test [skip] ==9787== 10 bytes in 1 blocks are possibly lost in loss record 5 of 12 ==9787== at 0x4C278FC: calloc (vg_replace_malloc.c:467) ==9787== by 0x400591: init_ts1 (example.c:22) ==9787== by 0x4005E9: main (example.c:32) ==9787== ==9787== 10 bytes in 1 blocks are possibly lost in loss record 6 of 12 ==9787== at 0x4C278FC: calloc (vg_replace_malloc.c:467) ==9787== by 0x4005AA: init_ts1 (example.c:23) ==9787== by 0x4005E9: main (example.c:32) ==9787== ==9787== 10 bytes in 1 blocks are possibly lost in loss record 7 of 12 ==9787== at 0x4C278FC: calloc (vg_replace_malloc.c:467) ==9787== by 0x400591: init_ts1 (example.c:22) ==9787== by 0x400601: main (example.c:33) ==9787== ==9787== 10 bytes in 1 blocks are possibly lost in loss record 8 of 12 ==9787== at 0x4C278FC: calloc (vg_replace_malloc.c:467) ==9787== by 0x4005AA: init_ts1 (example.c:23) ==9787== by 0x400601: main (example.c:33) ==9787== ==9787== 32 bytes in 1 blocks are possibly lost in loss record 12 of 12 ==9787== at 0x4C278FC: calloc (vg_replace_malloc.c:467) ==9787== by 0x40057E: init_ts1 (example.c:21) ==9787== by 0x400601: main (example.c:33) ==9787== ==9787== LEAK SUMMARY: ==9787== definitely lost: 0 bytes in 0 blocks ==9787== indirectly lost: 0 bytes in 0 blocks ==9787== possibly lost: 72 bytes in 5 blocks ==9787== still reachable: 136 bytes in 7 blocks ==9787== suppressed: 0 bytes in 0 blocks Now please apply patch to example.c: --- example-old.c 2010-09-23 09:24:45.000000000 +0400 +++ example.c 2010-09-23 09:24:02.000000000 +0400 @@ -7,7 +7,7 @@ void *ptr2; }; -static struct ts1 *s1, *s2; +static struct ts1 *s2, *s1; struct ts2 { struct ts1 *ts; Possibly leaks have gone! ==9861== LEAK SUMMARY: ==9861== definitely lost: 0 bytes in 0 blocks ==9861== indirectly lost: 0 bytes in 0 blocks ==9861== possibly lost: 0 bytes in 0 blocks ==9861== still reachable: 208 bytes in 12 blocks ==9861== suppressed: 0 bytes in 0 blocks Reproducible: Always I've added debug logging to mc_leakcheck.c (please see mc_leakcheck_c_debug.patch attached). After that I believe that there is a bug in lc_push_without_clique_if_a_chunk_ptr(): we to re-check sub-nodes of nodes which changed its state from Possible to Reachable (please see mc_leakcheck_c_possibly_lost.patch).
Created attachment 51892 [details] Debug logging to mc_leakcheck.c that helped me to find the bug
Created attachment 51893 [details] Fix in lc_push_without_clique_if_a_chunk_ptr()
I think you'll find the patch needs to do a bit more than that ;-) *** This bug has been marked as a duplicate of bug 206600 ***