What are the anonymous 4096 byte allocations before every read? I would think that killall would read /proc/{pid}/stat directly into a stack buffer, especially if the reads are only 1024 bytes.
I had a quick look. There are 6 calls to malloc in the killall program and several calls to functions like asprintf which will allocate. See my other post for source.