Sample Header Ad - 728x90

No system call when malloc after free

1 vote
2 answers
1315 views
linux linux-kernel linux-audit
While I was playing a little with kernel audit system, I made a small C program: 
#include 
#include 

int main(int argc, char** argv){
        void *t;
        while(1){
                t = malloc(1);
                free(t);

        }
        return 0;
}
And applied the following filters to audit: 
-a always,exit -F arch=b32 -S open,openat -F exit=-EACCES -F key=access
-a always,exit -F arch=b64 -S open,openat -F exit=-EACCES -F key=access
-a always,exit -F arch=b32 -S brk
-a always,exit -F arch=b64 -S brk
` After compiling and running, I noticed that sys_brk wasn't showing up in the audit log. Furthermore it didn't also appear in strace, even tho malloc was called (checked with ltrace). Lastly I removed the free and the calls to sys_brk started showing up. What is causing this type of behaviour? Does glibc make some kind of optimization in malloc and free functions to prevent useless syscalls? TL;DR: free followed by malloc makes neither call the kernel. Why?
Asked by Jorge Heleno (173 rep)
Mar 8, 2019, 12:56 AM
Last activity: Jul 10, 2025, 09:08 AM
Sidebar Ad - 300x250
Related Questions

Browse more questions from Unix & Linux Stack Exchange

More questions tagged "linux"
More questions tagged "linux-kernel"
More questions tagged "linux-audit"
Footer Ad - 728x90