Hubbry Logo
C dynamic memory allocationC dynamic memory allocationMain
Open search
C dynamic memory allocation
Community hub
C dynamic memory allocation
logo
7 pages, 0 posts
0 subscribers
Be the first to start a discussion here.
Be the first to start a discussion here.
Contribute something
C dynamic memory allocation
C dynamic memory allocation
C dynamic memory allocation
View on Wikipedia
from Wikipedia

C standard library (libc)
General topics
Miscellaneous headers

C dynamic memory allocation refers to performing manual memory management for dynamic memory allocation in the C programming language via a group of functions in the C standard library, namely malloc, realloc, calloc, aligned_alloc and free.[1][2][3]

The C++ programming language includes these functions; however, the operators new and delete provide similar functionality and are recommended by that language's authors.[4] Still, there are several situations in which using new/delete is not applicable, such as garbage collection code or performance-sensitive code, and a combination of malloc and placement new may be required instead of the higher-level new operator.

Many different implementations of the actual memory allocation mechanism, used by malloc, are available. Their performance varies in both execution time and required memory.

Rationale

[edit]

The C programming language manages memory statically, automatically, or dynamically. Static-duration variables are allocated in main memory, usually along with the executable code of the program, and persist for the lifetime of the program; automatic-duration variables are allocated on the stack and come and go as functions are called and return. For static-duration and automatic-duration variables, the size of the allocation must be compile-time constant (except for the case of variable-length automatic arrays[5]). If the required size is not known until run-time (for example, if data of arbitrary size is being read from the user or from a disk file), then using fixed-size data objects is inadequate.

The lifetime of allocated memory can also cause concern. Neither static- nor automatic-duration memory is adequate for all situations. Automatic-allocated data cannot persist across multiple function calls, while static data persists for the life of the program whether it is needed or not. In many situations the programmer requires greater flexibility in managing the lifetime of allocated memory.

These limitations are avoided by using dynamic memory allocation, in which memory is more explicitly (but more flexibly) managed, typically by allocating it from the free store (informally called the "heap"),[citation needed] an area of memory structured for this purpose. In C, the library function malloc is used to allocate a block of memory on the heap. The program accesses this block of memory via a pointer that malloc returns. When the memory is no longer needed, the pointer is passed to free which deallocates the memory so that it can be used for other purposes.

The original description of C indicated that calloc and cfree were in the standard library, but not malloc. Code for a simple model implementation of a storage manager for Unix was given with alloc and free as the user interface functions, and using the sbrk system call to request memory from the operating system.[6] The 6th Edition Unix documentation gives alloc and free as the low-level memory allocation functions.[7] The malloc and free routines in their modern form are completely described in the 7th Edition Unix manual.[8][9]

Some platforms provide library or intrinsic function calls which allow run-time dynamic allocation from the C stack rather than the heap (e.g. alloca()[10]). This memory is automatically freed when the calling function ends.

Overview of functions

[edit]

The C dynamic memory allocation functions are defined in stdlib.h header (cstdlib header in C++).[1]

Function Description
malloc allocates the specified number of bytes
aligned_alloc allocates the specified number of bytes at the specified alignment
realloc increases or decreases the size of the specified block of memory, moving it if necessary
calloc allocates the specified number of bytes and initializes them to zero
free releases the specified block of memory back to the system

Differences between malloc() and calloc()

[edit]
  • malloc() takes a single argument (the amount of memory to allocate in bytes), while calloc() takes two arguments — the number of elements and the size of each element.
  • malloc() only allocates memory, while calloc() allocates and sets the bytes in the allocated region to zero.[11]

Usage example

[edit]

Creating an array of ten integers with automatic scope is straightforward in C: 

int a[10];

However, the size of the array is fixed at compile time. If one wishes to allocate a similar array dynamically without using a variable-length array, which is not guaranteed to be supported in all C11 implementations, the following code can be used: 

int* a = (int*)malloc(10 * sizeof(int));

This computes the number of bytes that ten integers occupy in memory, then requests that many bytes from malloc and assigns the result to a pointer named a (due to C syntax, pointers and arrays can be used interchangeably in some situations).

Because malloc might not be able to service the request, it might return a null pointer and it is good programming practice to check for this: 

int* a = (int*)malloc(10 * sizeof(int));
if (!a) {
    fprintf(stderr, "malloc failed\n");
    return -1;
}

When the program no longer needs the dynamic array, it must eventually call free to return the memory it occupies to the free store: 

free(a);

The memory set aside by malloc is not initialized and may contain cruft: the remnants of previously used and discarded data. After allocation with malloc, elements of the array are uninitialized variables. The command calloc will return an allocation that has already been cleared: 

int* a = (int*)calloc(10, sizeof(int));

With realloc we can resize the amount of memory a pointer points to. For example, if we have a pointer acting as an array of size and we want to change it to an array of size , we can use realloc. 

int* a = (int*)malloc(2 * sizeof(int));
a[0] = 1;
a[1] = 2;
a = (int*)realloc(a, 3 * sizeof(int));
a[2] = 3;

Note that realloc must be assumed to have changed the base address of the block (i.e. if it has failed to extend the size of the original block, and has therefore allocated a new larger block elsewhere and copied the old contents into it). Therefore, any pointers to addresses within the original block are also no longer valid.

Type safety

[edit]

malloc returns a void pointer (void*), which indicates that it is a pointer to a region of unknown data type. The use of casting is required in C++ due to the strong type system, whereas this is not the case in C. One may "cast" (see type conversion) this pointer to a specific type: 

// without a cast
int* ptr1 = malloc(10 * sizeof(*ptr));

// with a cast
int* ptr2 = (int*)malloc(10 * sizeof(*ptr));

There are advantages and disadvantages to performing such a cast.

Advantages to casting

[edit]
  • Including the cast may allow a C program or function to compile as C++.
  • The cast allows for pre-1989 versions of malloc that originally returned a char*.[12]
  • Casting can help the developer identify inconsistencies in type sizing should the destination pointer type change, particularly if the pointer is declared far from the malloc() call (although modern compilers and static analysers can warn on such behaviour without requiring the cast[13]).

Disadvantages to casting

[edit]
  • Under the C standard, the cast is redundant.
  • Adding the cast may mask failure to include the header stdlib.h, in which the function prototype for malloc is found.[12][14] In the absence of a prototype for malloc, the C90 standard requires that the C compiler assume malloc returns an int. If there is no cast, C90 requires a diagnostic when this integer is assigned to the pointer; however, with the cast, this diagnostic would not be produced, hiding a bug. On certain architectures and data models (such as LP64 on 64-bit systems, where long and pointers are 64-bit and int is 32-bit), this error can actually result in undefined behaviour, as the implicitly declared malloc returns a 32-bit value whereas the actually defined function returns a 64-bit value. Depending on calling conventions and memory layout, this may result in stack smashing. This issue is less likely to go unnoticed in modern compilers, as C99 does not permit implicit declarations, so the compiler must produce a diagnostic even if it does assume int return.
  • If the type of the pointer is changed at its declaration, one may also need to change all lines where malloc is called and cast.

Common errors

[edit]

The improper use of dynamic memory allocation can frequently be a source of bugs. These can include security bugs or program crashes, most often due to segmentation faults.

Most common errors are as follows:[15]

Not checking for allocation failures
Memory allocation is not guaranteed to succeed, and may instead return a null pointer. Using the returned value, without checking if the allocation is successful, invokes undefined behavior. This usually leads to crash (due to the resulting segmentation fault on the null pointer dereference), but there is no guarantee that a crash will happen so relying on that can also lead to problems.
Memory leaks
Failure to deallocate memory using free leads to the buildup of non-reusable memory, which is no longer used by the program. This wastes memory resources and can lead to allocation failures when these resources are exhausted.
Logical errors
All allocations must follow the same pattern: allocation using malloc, usage to store data, deallocation using free. Failures to adhere to this pattern, such as memory usage after a call to free (dangling pointer) or before a call to malloc (wild pointer), calling free twice ("double free"), etc., usually causes a segmentation fault and results in a crash of the program. These errors can be transient and hard to debug – for example, freed memory is usually not immediately reclaimed by the OS, and thus dangling pointers may persist for a while and appear to work.

In addition, as an interface that precedes ANSI C standardization, malloc and its associated functions have behaviors that were intentionally left to the implementation to define for themselves. One of them is the zero-length allocation, which is more of a problem with realloc since it is more common to resize to zero.[16] Although both POSIX and the Single Unix Specification require proper handling of 0-size allocations by either returning NULL or something else that can be safely freed,[17] not all platforms are required to abide by these rules. Among the many double-free errors that it has led to, the 2019 WhatsApp RCE was especially prominent.[18] A way to wrap these functions to make them safer is by simply checking for 0-size allocations and turning them into those of size 1. (Returning NULL has its own problems: it otherwise indicates an out-of-memory failure. In the case of realloc it would have signaled that the original memory was not moved and freed, which again is not the case for size 0, leading to the double-free.)[19]

Implementations

[edit]

The implementation of memory management depends greatly upon operating system and architecture. Some operating systems supply an allocator for malloc, while others supply functions to control certain regions of data. The same dynamic memory allocator is often used to implement both malloc and the operator new in C++.[20]

Heap-based

[edit]
See also: sbrk

Implementation of legacy allocators was commonly done using the heap segment. The allocator would usually expand and contract the heap to fulfill allocation requests.

The heap method suffers from a few inherent flaws:

  • A linear allocator can only shrink if the last allocation is released. Even if largely unused, the heap can get "stuck" at a very large size because of a small but long-lived allocation at its tip which could waste any amount of address space, although some allocators on some systems may be able to release entirely empty intermediate pages to the OS.
  • A linear allocator is sensitive to fragmentation. A good allocator will attempt to track and reuse free slots through the entire heap, but as allocation sizes and lifetimes get mixed it can be difficult and expensive to find or coalesce free segments large enough to hold new allocation requests.
  • A linear allocator has extremely poor concurrency characteristics, as the heap segment is per-process every thread has to synchronise on allocation, and concurrent allocations from threads which may have very different work loads amplifies the previous two issues.

dlmalloc and ptmalloc

[edit]

Doug Lea has developed the public domain dlmalloc ("Doug Lea's Malloc") as a general-purpose allocator, starting in 1987. The GNU C library (glibc) is derived from Wolfram Gloger's ptmalloc ("pthreads malloc"), a fork of dlmalloc with threading-related improvements.[21][22][23] As of November 2023, the latest version of dlmalloc is version 2.8.6 from August 2012.[24]

dlmalloc is a boundary tag allocator. Memory on the heap is allocated as "chunks", an 8-byte aligned data structure which contains a header, and usable memory. Allocated memory contains an 8- or 16-byte overhead for the size of the chunk and usage flags (similar to a dope vector). Unallocated chunks also store pointers to other free chunks in the usable space area, making the minimum chunk size 16 bytes on 32-bit systems and 24/32 (depends on alignment) bytes on 64-bit systems.[22][24]: 2.8.6, Minimum allocated size 

Unallocated memory is grouped into "bins" of similar sizes, implemented by using a double-linked list of chunks (with pointers stored in the unallocated space inside the chunk). Bins are sorted by size into three classes:[22][24]: Overlaid data structures 

  • For requests below 256 bytes (a "smallbin" request), a simple two power best fit allocator is used. If there are no free blocks in that bin, a block from the next highest bin is split in two.
  • For requests of 256 bytes or above but below the mmap threshold, dlmalloc since v2.8.0 use an in-place bitwise trie algorithm ("treebin"). If there is no free space left to satisfy the request, dlmalloc tries to increase the size of the heap, usually via the brk system call. This feature was introduced way after ptmalloc was created (from v2.7.x), and as a result is not a part of glibc, which inherits the old best-fit allocator.
  • For requests above the mmap threshold (a "largebin" request), the memory is always allocated using the mmap system call. The threshold is usually 128 KB.[25] The mmap method averts problems with huge buffers trapping a small allocation at the end after their expiration, but always allocates an entire page of memory, which on many architectures is 4096 bytes in size.[26]

Game developer Adrian Stone argues that dlmalloc, as a boundary-tag allocator, is unfriendly for console systems that have virtual memory but do not have demand paging. This is because its pool-shrinking and growing callbacks (sysmalloc/systrim) cannot be used to allocate and commit individual pages of virtual memory. In the absence of demand paging, fragmentation becomes a greater concern.[27]

FreeBSD's and NetBSD's jemalloc

[edit]

Since FreeBSD 7.0 and NetBSD 5.0, the old malloc implementation (phkmalloc by Poul-Henning Kamp) was replaced by jemalloc, written by Jason Evans. The main reason for this was a lack of scalability of phkmalloc in terms of multithreading. In order to avoid lock contention, jemalloc uses separate "arenas" for each CPU. Experiments measuring number of allocations per second in multithreading application have shown that this makes it scale linearly with the number of threads, while for both phkmalloc and dlmalloc performance was inversely proportional to the number of threads.[28]

OpenBSD's malloc

[edit]

OpenBSD's implementation of the malloc function makes use of mmap. For requests greater in size than one page, the entire allocation is retrieved using mmap; smaller sizes are assigned from memory pools maintained by malloc within a number of "bucket pages", also allocated with mmap.[29][better source needed] On a call to free, memory is released and unmapped from the process address space using munmap. This system is designed to improve security by taking advantage of the address space layout randomization and gap page features implemented as part of OpenBSD's mmap system call, and to detect use-after-free bugs—as a large memory allocation is completely unmapped after it is freed, further use causes a segmentation fault and termination of the program.

The GrapheneOS project initially started out by porting OpenBSD's memory allocator to Android's Bionic C Library.[30]

Hoard malloc

[edit]
Main article: Hoard memory allocator

Hoard is an allocator whose goal is scalable memory allocation performance. Like OpenBSD's allocator, Hoard uses mmap exclusively, but manages memory in chunks of 64 kilobytes called superblocks. Hoard's heap is logically divided into a single global heap and a number of per-processor heaps. In addition, there is a thread-local cache that can hold a limited number of superblocks. By allocating only from superblocks on the local per-thread or per-processor heap, and moving mostly-empty superblocks to the global heap so they can be reused by other processors, Hoard keeps fragmentation low while achieving near linear scalability with the number of threads.[31]

mimalloc

[edit]
Main article: mimalloc

An open-source compact general-purpose memory allocator from Microsoft Research with focus on performance.[32] The library is about 11,000 lines of code.

Thread-caching malloc (tcmalloc)

[edit]

Every thread has a thread-local storage for small allocations. For large allocations mmap or sbrk can be used. TCMalloc, a malloc developed by Google,[33] has garbage-collection for local storage of dead threads. The TCMalloc is considered to be more than twice as fast as glibc's ptmalloc for multithreaded programs.[34][35]

In-kernel

[edit]

Operating system kernels need to allocate memory just as application programs do. The implementation of malloc within a kernel often differs significantly from the implementations used by C libraries, however. For example, memory buffers might need to conform to special restrictions imposed by DMA, or the memory allocation function might be called from interrupt context.[36] This necessitates a malloc implementation tightly integrated with the virtual memory subsystem of the operating system kernel.

Overriding malloc

[edit]

Because malloc and its relatives can have a strong impact on the performance of a program, it is not uncommon to override the functions for a specific application by custom implementations that are optimized for application's allocation patterns. The C standard provides no way of doing this, but operating systems have found various ways to do this by exploiting dynamic linking. One way is to simply link in a different library to override the symbols. Another, employed by Unix System V.3, is to make malloc and free function pointers that an application can reset to custom functions.[37]

The most common form on POSIX-like systems is to set the environment variable LD_PRELOAD with the path of the allocator, so that the dynamic linker uses that version of malloc/calloc/free instead of the libc implementation.

Allocation size limits

[edit]

The largest possible memory block malloc can allocate depends on the host system, particularly the size of physical memory and the operating system implementation.

Theoretically, the largest number should be the maximum value that can be held in a size_t type, which is an implementation-dependent unsigned integer representing the size of an area of memory. In the C99 standard and later, it is available as the SIZE_MAX constant from <stdint.h>. Although not guaranteed by ISO C, it is usually 2^(CHAR_BIT * sizeof(size_t)) - 1.

On glibc systems, the largest possible memory block malloc can allocate is only half this size, namely 2^(CHAR_BIT * sizeof(ptrdiff_t) - 1) - 1.[38]

Extensions and alternatives

[edit]

The C library implementations shipping with various operating systems and compilers may come with alternatives and extensions to the standard malloc interface. Notable among these is:

  • alloca, which allocates a requested number of bytes on the call stack. No corresponding deallocation function exists, as typically the memory is deallocated as soon as the calling function returns. alloca was present on Unix systems as early as 32/V (1978), but its use can be problematic in some (e.g., embedded) contexts.[39] While supported by many compilers, it is not part of the ANSI-C standard and therefore may not always be portable. It may also cause minor performance problems: it leads to variable-size stack frames, so that both stack and frame pointers need to be managed (with fixed-size stack frames, one of these is redundant).[40] Larger allocations may also increase the risk of undefined behavior due to a stack overflow.[41] C99 offered variable-length arrays as an alternative stack allocation mechanism – however, this feature was relegated to optional in the later C11 standard.
  • POSIX defines a function posix_memalign that allocates memory with caller-specified alignment. Its allocations are deallocated with free,[42] so the implementation usually needs to be a part of the malloc library.

See also

[edit]

References

[edit]
[edit]
Revisions and contributorsEdit on WikipediaRead on Wikipedia

C dynamic memory allocation

View on Grokipedia
from Grokipedia
In the C programming language, dynamic memory allocation is a mechanism that allows programs to request and manage blocks of memory at runtime from the heap, providing flexibility for handling data structures whose sizes are determined during execution rather than at compile time. This manual process, distinct from static or automatic allocation on the stack, requires programmers to explicitly allocate and deallocate memory to optimize resource usage and avoid inefficiencies associated with fixed-size arrays. The core functions for dynamic memory allocation—malloc, calloc, realloc, and free—are defined in the standard header <stdlib.h> and conform to the ISO C standard, including C23. The malloc function allocates a specified number of bytes of uninitialized memory and returns a pointer to the beginning of the block, or NULL if the allocation fails due to insufficient memory. In contrast, calloc allocates memory for an array of a given number of elements, each of a specified size, and initializes all bytes to zero, making it suitable for arrays that require predictable initial values. The realloc function resizes a previously allocated block to a new size, potentially moving it to a different location while preserving the original contents (up to the smaller of the old and new sizes), and returns NULL on failure; it behaves like malloc if the input pointer is NULL and, if the new size is zero, the behavior is undefined in C23 (implementation-defined in earlier standards, often equivalent to free). Finally, free deallocates a block previously allocated by one of the allocation functions, releasing it back to the system, with no operation if the pointer is NULL, but undefined behavior if misused (such as freeing invalid or already-freed memory). Effective use of dynamic memory allocation demands careful attention to error checking, as all allocation functions except free must be tested for NULL returns to handle out-of-memory conditions gracefully. Common pitfalls include memory leaks from failing to free allocated blocks, dangling pointers after deallocation, and buffer overflows from miscalculating sizes, which can lead to program crashes or security vulnerabilities. These functions operate on a single global heap per process in most implementations, with alignment guarantees suitable for any built-in type, ensuring portability across compliant systems.

Fundamentals

Purpose and Rationale

Dynamic memory allocation in C refers to the runtime process of requesting and obtaining a block of memory from the heap, a region of memory distinct from the stack or static segments, in contrast to compile-time or automatic allocation where sizes are fixed beforehand. This mechanism allows programs to allocate memory as needed during execution, returning a pointer to the allocated block or NULL if the request fails. Historically, dynamic memory allocation was introduced in the development of C during the early 1970s at Bell Labs, evolving from earlier Unix kernel code for managing memory and disk blocks, to enable the creation of flexible data structures such as linked lists and trees. It became essential for systems programming where data sizes, like file lengths or user inputs, are unknown at compile time, allowing C to support efficient, adaptable applications without predefined limits. The primary benefits include optimized memory utilization for large or unpredictable datasets, as programs can allocate only the required amount and release it when no longer needed, and support for dynamic growth in structures like expandable arrays, linked lists, or trees. This flexibility enhances program and portability across systems with varying memory constraints. However, dynamic allocation imposes full responsibility on the , including explicit deallocation, which can result in memory leaks if pointers to allocated blocks are lost without freeing them, or fragmentation where free memory becomes scattered and unusable for larger requests. These issues, while addressable through careful coding, underscore the trade-offs in manual control over automatic alternatives.

Static vs Dynamic Memory Allocation

In C programming, memory allocation can be categorized into three primary types based on storage duration: static, automatic, and dynamic. Static allocation applies to variables with static storage duration, such as those declared at file scope or with the static keyword inside functions; their memory is allocated at compile time and persists for the entire program execution, residing in the data segment of the process's virtual memory layout. The size of statically allocated memory must be known and fixed at compile time, enabling efficient access but limiting flexibility for runtime variations. Automatic allocation, in contrast, manages memory for local variables declared within function blocks, placing them on the stack with storage duration; this memory is allocated upon entering the scope and automatically deallocated upon exit, ensuring efficient reuse without manual intervention. Sizes for variables are typically fixed at , though introduced variable-length arrays (VLAs) that allow runtime-determined sizes while still using storage on the stack, subject to stack size limits imposed by the system. This approach suits temporary data with predictable lifetimes tied to function scopes but can lead to stack overflows if large or deeply recursive allocations exceed available stack space, often limited to a few megabytes. Dynamic allocation, utilizing allocated storage duration, occurs at runtime on the heap, allowing sizes to be determined during execution—essential when data requirements, such as lengths based on user input or computations, cannot be foreseen at . Unlike static and automatic methods, dynamic memory requires explicit deallocation to prevent leaks, and it resides in a separate that expands as needed, offering greater flexibility for structures like linked lists or resizable buffers. However, this introduces overhead from runtime and potential fragmentation, contrasting with the compile-time efficiency of static allocation and the scope-bound simplicity of automatic allocation. In the typical process memory layout, the stack and heap occupy distinct segments to avoid collisions: the stack, starting from high virtual addresses, grows downward (toward lower addresses) as functions are called and local variables allocated, while the heap begins near the at lower addresses and grows upward (toward higher addresses) with dynamic requests. This bidirectional growth—stack descending from the top and heap ascending from the bottom—maximizes usable space in the virtual range, typically spanning gigabytes, though the stack is constrained to a smaller fixed size (e.g., 1-8 MB by default on many systems) compared to the heap's potential to consume available RAM. Dynamic allocation becomes a prerequisite for scenarios demanding runtime flexibility, such as processing variable-sized inputs or building complex structures whose extent is only resolvable during program flow.

Core Functions

malloc and calloc

The malloc function allocates a contiguous block of memory of the specified size in bytes from the heap and returns a pointer to the beginning of the allocated space. Its prototype is declared in the <stdlib.h> header as void *malloc(size_t size);. The allocated memory is uninitialized, meaning it may contain indeterminate values from previous use. The size_t parameter is an unsigned integer type defined in <stddef.h>, capable of representing the maximum size of any object on the implementation. If the allocation succeeds and size is greater than zero, malloc returns a pointer suitably aligned for any that fits in the available ; if size is zero, the return value is either a or a unique pointer that can be passed to free. On failure, such as when insufficient memory is available, it returns a , without aborting the program. The calloc function similarly allocates for an array but with explicit zero initialization. Its prototype is void *calloc(size_t nmemb, size_t size);, where nmemb specifies the number of elements and size the byte size of each, resulting in a total allocation of nmemb * size bytes. All bits in the allocated storage are initialized to zero before the pointer is returned, ensuring predictable values such as zero for integers or appropriate representations for other types, though floating-point zeros or may vary by platform. Like malloc, it returns a on failure or, for zero total size, either a or a unique freeable pointer; the return type is void * to allow generic use across types. The size_t arguments carry the same semantics as in malloc, but the multiplication nmemb * size risks overflow if it exceeds SIZE_MAX, potentially leading to in the C standard or implementation-specific failure (e.g., returning null). Both functions return void * pointers for type flexibility, typically requiring an explicit to the desired type in usage, though this practice is debated for reasons of and standards compliance. A key difference lies in initialization: malloc provides faster allocation since it skips zeroing, leaving potential garbage data that must be explicitly initialized by the programmer, whereas calloc incurs additional overhead from zeroing, making it slower but ideal for scenarios like arrays of structures (where bytes are zeroed) or counters starting at zero. This performance trade-off favors malloc for speed-critical paths without initialization needs, while calloc ensures safety in -sensitive contexts.

realloc and free

The realloc function is used to resize a previously allocated block of memory. Its prototype is declared as void *realloc(void *ptr, size_t size); in the <stdlib.h> header. If ptr is not NULL, it must point to a block previously allocated by malloc, calloc, or realloc and not yet freed; the function attempts to adjust this block to the new size specified by the size parameter in bytes. If ptr is NULL, realloc behaves equivalently to malloc(size). If size is zero and ptr is not NULL, prior to C23 the behavior was implementation-defined (often equivalent to free(ptr) and returning NULL), but in C23 it results in undefined behavior. When resizing succeeds, realloc returns a pointer to the reallocated memory, which may be the same as ptr if in-place expansion is possible or a new location if the block must be relocated. The contents of the original memory up to the smaller of the old and new sizes are preserved unchanged; any additional space in an enlarged block is uninitialized, while excess data in a shrunk block is discarded. If relocation is required, the implementation copies the preserved data to the new block and frees the original, potentially incurring a performance overhead due to the memcpy operation. On failure to allocate the requested size, realloc returns NULL without deallocating or modifying the original block pointed to by ptr, leaving it valid for continued use. The free function deallocates a block of memory previously allocated by malloc, calloc, aligned_alloc (since C11), or realloc. Its prototype is void free(void *ptr);, also in <stdlib.h>. It takes no return value and, if ptr is NULL, performs no operation. After a successful call, the memory at ptr is no longer valid for access, and using it leads to undefined behavior, such as the risk of dangling pointers. Undefined behavior also occurs if ptr was not returned by an allocation function, if the memory has already been freed (double-free), or if it points to non-heap memory. In typical usage, memory management in C follows a sequence where malloc (or calloc) allocates a block, optional calls to realloc resize it as needed, and free eventually releases it to prevent leaks. When realloc relocates a block, it implicitly invokes behavior akin to freeing the old block after copying, but failure modes ensure the original remains intact without automatic deallocation. Both functions are thread-safe since , with realloc synchronizing against concurrent free or realloc calls on the same block.

Usage and Best Practices

Basic Usage Examples

Dynamic memory allocation in C begins with the malloc function, which allocates a block of memory of a specified size in bytes and returns a pointer to the beginning of the block, or NULL if the allocation fails. A common pattern involves allocating an array of integers, assigning values to its elements, and accessing them using pointer arithmetic. For example, to allocate space for 10 integers:

c

#include <stdlib.h> #include <stdio.h> int main() { int *ptr = malloc(10 * sizeof(int)); if (ptr == NULL) { fprintf(stderr, "Allocation failed\n"); exit(1); } // Assign values using pointer arithmetic for (int i = 0; i < 10; i++) { ptr[i] = i * 2; // Equivalent to *(ptr + i) = i * 2; } // Access and print values for (int i = 0; i < 10; i++) { printf("%d ", ptr[i]); } printf("\n"); free(ptr); // Release the memory to prevent leaks return 0; }

#include <stdlib.h> #include <stdio.h> int main() { int *ptr = malloc(10 * sizeof(int)); if (ptr == NULL) { fprintf(stderr, "Allocation failed\n"); exit(1); } // Assign values using pointer arithmetic for (int i = 0; i < 10; i++) { ptr[i] = i * 2; // Equivalent to *(ptr + i) = i * 2; } // Access and print values for (int i = 0; i < 10; i++) { printf("%d ", ptr[i]); } printf("\n"); free(ptr); // Release the memory to prevent leaks return 0; }

This workflow checks for allocation failure, uses the allocated memory, and calls free at the end to deallocate the block, ensuring no memory leaks occur. The calloc function provides an alternative by allocating memory for an array of elements and initializing all bits to zero, which is useful for counters or accumulators that start at zero. Consider allocating and populating an array of 5 integers initialized to zero:

c

#include <stdlib.h> #include <stdio.h> int main() { int *counters = calloc(5, [sizeof](/page/Sizeof)(int)); if (counters == NULL) { fprintf(stderr, "Allocation failed\n"); exit(1); } // Populate the zero-initialized array for (int i = 0; i < 5; i++) { counters[i] += i + 1; // Builds on the zero initialization } // Access and print for (int i = 0; i < 5; i++) { printf("%d ", counters[i]); } printf("\n"); free(counters); return 0; }

#include <stdlib.h> #include <stdio.h> int main() { int *counters = calloc(5, [sizeof](/page/Sizeof)(int)); if (counters == NULL) { fprintf(stderr, "Allocation failed\n"); exit(1); } // Populate the zero-initialized array for (int i = 0; i < 5; i++) { counters[i] += i + 1; // Builds on the zero initialization } // Access and print for (int i = 0; i < 5; i++) { printf("%d ", counters[i]); } printf("\n"); free(counters); return 0; }

Here, the zero-initialization simplifies logic for data structures like counters, and the same error-checking and deallocation steps apply. To resize an existing allocation, realloc adjusts the size of the memory block pointed to by an existing pointer, potentially moving the block to a new location while preserving the original contents up to the minimum of the old and new sizes; it returns NULL on failure, in which case the original pointer remains valid. A typical use case is growing a dynamic string buffer:

c

#include <stdlib.h> #include <stdio.h> #include <string.h> int main() { char *buffer = malloc(10); if (buffer == NULL) { fprintf(stderr, "Initial allocation failed\n"); exit(1); } strcpy(buffer, "Hello"); // Initial content // Attempt to grow to 20 bytes char *new_buffer = realloc(buffer, 20); if (new_buffer == NULL) { fprintf(stderr, "Reallocation failed\n"); free(buffer); // Original still valid; free it exit(1); } buffer = new_buffer; // Update pointer to new location strcat(buffer, ", World!"); // Use expanded buffer printf("%s\n", buffer); free(buffer); return 0; }

#include <stdlib.h> #include <stdio.h> #include <string.h> int main() { char *buffer = malloc(10); if (buffer == NULL) { fprintf(stderr, "Initial allocation failed\n"); exit(1); } strcpy(buffer, "Hello"); // Initial content // Attempt to grow to 20 bytes char *new_buffer = realloc(buffer, 20); if (new_buffer == NULL) { fprintf(stderr, "Reallocation failed\n"); free(buffer); // Original still valid; free it exit(1); } buffer = new_buffer; // Update pointer to new location strcat(buffer, ", World!"); // Use expanded buffer printf("%s\n", buffer); free(buffer); return 0; }

This example handles the potential NULL return by freeing the original pointer only if reallocation fails, demonstrating safe growth of dynamic arrays while incorporating pointer arithmetic implicitly through array indexing. In C23, calling realloc with a size of 0 results in ; use free(ptr) instead for deallocation to ensure portability and safety.

Type Safety and Casting

In C, the dynamic memory allocation functions such as malloc, calloc, and realloc return a void* pointer, which serves as an type lacking specific type information about the allocated block. This design enables generic allocation suitable for any , promoting flexibility in the language's , but it also carries inherent risks of type mismatches if the returned pointer is assigned to an incompatible pointer type without careful handling. The absence of embedded type metadata in void* relies entirely on the to ensure correct usage, potentially leading to subtle errors during pointer arithmetic or dereferencing if the intended type is not accurately tracked. The debate over casting the return value of malloc to the target pointer type—typically written as (type*)malloc(sizeof(type))—originates from pre-ANSI C implementations, where malloc returned a char* instead of void*, necessitating an explicit cast to avoid type incompatibility warnings or errors. With the introduction of ANSI/ISO Standard C in 1989, void* became the return type, and implicit conversions from void* to any other object pointer type were permitted, rendering the cast redundant in pure C code. Despite this evolution, the practice persists in some codebases due to legacy habits or mixed C/C++ environments. Casting offers several advantages, including explicit documentation of the intended pointer type, which enhances code readability and self-documentation for maintainers. It also enables the compiler to perform stricter type checking on subsequent operations, potentially catching inadvertent pointer conversions or assignments at rather than runtime. Furthermore, casting facilitates portability to C++, where the stricter disallows implicit conversions from void* to other pointer types, making such code compatible without modification when compiled as C++. However, casting introduces disadvantages in modern C, as it adds unnecessary verbosity and maintenance overhead without providing functional benefits, given the implicit conversion rules. A significant is that the cast can suppress valuable diagnostics; for instance, if <stdlib.h> is omitted, the compiler may issue a warning about an implicit int return type for malloc, but the cast masks this, potentially leading to . Additionally, if the cast uses an incorrect type, it can obscure errors in the sizeof expression, such as allocating insufficient space due to a type mismatch, without triggering compile-time alerts. Established best practices in C recommend avoiding the cast to leverage implicit conversions and maintain concise code, while using sizeof(*ptr) in the allocation size to create self-documenting expressions that automatically adjust if the pointer type changes. For example, instead of int *p = (int *)malloc(5 * sizeof(int));, the preferred form is int *p = malloc(5 * sizeof(*p));, which ties the size directly to the pointer's target type and reduces the chance of size-related errors during refactoring. In contrast to C, C++ requires an explicit cast for malloc returns due to its prohibition on implicit void* conversions, aligning with the language's emphasis on type safety and compatibility with operators like new and delete. This difference underscores the need for conditional compilation or separate code paths in projects supporting both languages, though using C++-specific allocation mechanisms is generally advised over malloc in C++ contexts.

Potential Pitfalls

Common Errors

One of the most prevalent issues in C dynamic memory allocation is the , which occurs when dynamically allocated is not freed using free() before the pointer's lifetime ends, leading to gradual exhaustion of available system resources. This error often goes undetected during initial testing but manifests as or denial-of-service conditions in long-running programs. For instance, allocating a buffer with malloc(BUFFER_SIZE) without a corresponding free() call can accumulate leaks over multiple iterations. Double-free errors arise from calling free() multiple times on the same pointer or freeing memory not originally allocated dynamically, such as stack variables or literals, resulting in heap metadata corruption and . Symptoms include program crashes or subtle , as the heap manager may reuse the freed block, leading to overlapping allocations. This vulnerability can enable attackers to execute arbitrary code if exploited. Use-after-free happens when a program accesses via a pointer after it has been deallocated with free() or realloc(), invoking as specified in the C Standard. Common causes include dereferencing a pointer in a loop after premature freeing or failing to update pointers post-realloc(). Consequences range from abnormal termination and to security exploits allowing with the process's privileges. Buffer overflows in dynamic allocation stem from allocating insufficient memory, often due to miscalculating sizes with sizeof (e.g., using sizeof(int*) instead of sizeof(int) for an array) or inadequate checks for string terminators and padding in structures. This leads to writing beyond the allocated bounds, corrupting adjacent heap data and potentially enabling code injection or control-flow hijacking. Failing to check the return value of malloc(), calloc(), or realloc() for NULL—which indicates allocation failure due to heap exhaustion—results in NULL pointer dereferences, causing immediate crashes or undefined behavior. Heap exhaustion can arise from memory leaks, excessive demands, or system constraints, and ignoring it assumes infinite resources, which is unrealistic. Integer overflow during size computation, such as in malloc(n * sizeof(type)) where n multiplied by sizeof(type) exceeds SIZE_MAX, causes wraparound and allocates a smaller buffer than intended, facilitating buffer overflows. This is particularly risky with large n values from user input or loops, as unsigned arithmetic silently wraps per the C Standard. To prevent these errors, always verify allocation returns against NULL and handle failures gracefully, such as by exiting or using alternative storage. Pair every allocation with a corresponding free() at the appropriate scope, avoiding double-frees by setting pointers to NULL post-free and ensuring only dynamic pointers are freed. For use-after-free, update or nullify pointers immediately after deallocation and store temporary references before freeing in linked structures. Allocate with precise sizes using sizeof(*ptr) and check for overflows via conditions like if (n > SIZE_MAX / sizeof(type)) before calling allocation functions. Tools like Valgrind's Memcheck can detect leaks, invalid accesses, and double-frees at runtime by instrumenting memory operations. In C++ wrappers around C code, smart pointers can automate management to mitigate leaks and mismatches. For realloc() failures, promptly free the original pointer if the new allocation returns NULL to avoid leaks.

Allocation Size Limits

In C, dynamic memory allocation functions such as malloc accept a size_t parameter to specify the requested size in bytes, where size_t is an unsigned integer type defined in <stddef.h> and further specified in <stdint.h> with a maximum value of SIZE_MAX. On typical 32-bit platforms, SIZE_MAX is 232 - 1 (approximately 4 GB), while on 64-bit platforms it is 264 - 1 (approximately 16 EB). However, these represent theoretical upper bounds for a single allocation; the actual heap size available for allocation is often significantly smaller due to system reservations and implementation details. Practical constraints on allocation sizes arise from available system resources and operating system policies. The total allocatable is limited by physical RAM minus kernel and process overhead, as well as per-process limits enforced by mechanisms like RLIMIT_AS ( limit) and RLIMIT_DATA ( limit) in systems, queryable via the getrlimit function. For example, exceeding RLIMIT_AS causes malloc to fail with ENOMEM. Additionally, heap fragmentation—where free memory is divided into non-contiguous blocks—can prevent large allocations even when sufficient total free memory exists, reducing the effective maximum contiguous block size available. The realloc function imposes specific limits when resizing allocations while preserving content. It adjusts the block size to the new size_t value, retaining the original contents up to the minimum of the old and new sizes; if the new size is smaller, bytes beyond the new size are discarded, meaning full content preservation is impossible below the original size without manual copying. Operating systems like enable memory overcommitment by default, allowing malloc to succeed for requests exceeding physical RAM (e.g., via mode 0 or 1 in /proc/sys/vm/overcommit_memory), as is allocated lazily without immediate physical backing. However, this can lead to invocation of the Out-Of-Memory (OOM) killer, which terminates processes when physical memory and swap are exhausted, effectively limiting practical allocation sizes to avoid system instability. Portability issues further constrain allocation sizes across architectures. On 32-bit systems, the address space is typically limited to 4 GB (shared with the kernel), restricting heap growth compared to 64-bit systems where terabytes or more are feasible. In embedded systems, heaps are often severely limited to kilobytes or less due to constrained RAM (e.g., 64 KB total on some microcontrollers), and dynamic allocation may be disabled or replaced with static alternatives to ensure predictability. There is no standard C mechanism to query maximum allocatable sizes or current heap limits, as these are implementation- and platform-dependent. Some implementations, such as on , provide the non-standard malloc_usable_size function to retrieve the usable size of an allocated block (which may exceed the requested size due to ), but it does not report overall heap boundaries.

Implementations

Heap-Based Allocators

Heap-based allocators manage dynamic memory allocation in C by organizing the heap as a contiguous region of that grows as needed, typically starting from the end of the and expanding via system calls like or . The core structure relies on free lists, which are linked lists of blocks representing available ; each free block stores metadata such as its and a pointer to the next free block, enabling efficient traversal for allocation requests. To mitigate fragmentation, allocators perform coalescing during deallocation, merging adjacent free blocks into a single larger block when they become contiguous, which reduces the number of small, unusable fragments. Common allocation strategies in heap-based allocators include first-fit, which selects the first free block in the list that meets or exceeds the requested size for quick decisions, and best-fit, which scans the entire free list to find the smallest suitable block, aiming to leave larger remnants for future requests. Another approach is the , which divides the heap into power-of-two sized blocks and allocates by splitting larger blocks as needed, pairing blocks with "buddies" of the same size for easy recombination. Deallocation involves marking the block as free by updating the free list and checking for adjacent free blocks to enable coalescing, thereby maintaining heap efficiency over repeated allocate-free cycles. Fragmentation poses significant challenges in these allocators, manifesting as internal fragmentation, where allocated blocks contain unused space due to size rounding or padding to meet alignment requirements, and external fragmentation, where free memory is scattered in small, non-contiguous pieces that cannot satisfy larger allocation requests despite sufficient total free space. In standard C library implementations, such as on , the ptmalloc allocator serves as the default heap-based mechanism, extending the original dlmalloc design with support for multiple arenas to handle concurrent access while applying these foundational strategies. Performance in heap-based allocators typically achieves O(1) average time for allocations and deallocations in first-fit and best-fit with segregated free lists, or O(log n) in buddy systems due to the logarithmic splitting and merging depth, balancing speed with fragmentation control in typical workloads.

Specialized and Thread-Safe Allocators

Specialized allocators in C extend the standard dynamic allocation mechanisms by incorporating optimizations for specific use cases, such as multithreading, reduced fragmentation, or enhanced , while maintaining compatibility with functions like malloc, free, and realloc. These implementations often employ advanced data structures and strategies to address limitations in general-purpose heap allocators, particularly in high-concurrency environments or resource-constrained systems. dlmalloc, developed by , serves as a foundational general-purpose allocator that uses binning to organize free memory chunks into size-based lists for efficient small allocations. Its variant, ptmalloc (integrated into ), enhances thread-safety through multiple arenas—independent heap regions assignable to threads—minimizing lock contention by allowing concurrent allocations within separate arenas. Binning in ptmalloc groups free chunks into fast, small, large, and unsorted bins, enabling quick lookups and coalescing while supporting up to 8,192 arenas for scalability in multithreaded applications. jemalloc, originally developed for and now used in systems like , employs for small objects, where fixed-size slabs track usage via bitmaps to minimize internal fragmentation. It features thread caches (tcaches) that store recently freed objects locally, reducing global lock acquisitions and improving performance in concurrent workloads. Additionally, jemalloc supports dirty page purging using madvise to release unused pages back to the kernel, helping control in long-running processes. mimalloc, developed by since 2016, utilizes segregated free lists sharded across pages to distribute allocations and reduce fragmentation, achieving lower overhead in server environments. It supports huge pages for larger allocations to improve TLB efficiency and overall throughput, with per-thread heaps that avoid central locks for thread-local operations. This design results in sustained low fragmentation rates, even under mixed allocation patterns common in . tcmalloc (Thread-Caching Malloc) from relies on thread-local caches for small objects, satisfying most allocations without and transferring excess objects to a central freelist only when caches overflow. It performs aggressive coalescing of adjacent free blocks to combat fragmentation, making it suitable for high-throughput applications like web servers. In per-thread mode, tcmalloc minimizes contention but may increase memory usage if threads frequently create and destroy caches. Hoard is designed for scalability on multiprocessor systems, using per-processor heaps to eliminate and per-thread superblocks—pre-allocated chunks subdivided by size class—for fast, lock-free allocations. A global heap supplies superblocks to heaps as needed, balancing load while avoiding contention in multithreaded scenarios. This structure ensures near-linear speedup with core count, though it trades some memory efficiency for reduced synchronization overhead. OpenBSD's malloc prioritizes security through and guard pages, placing allocations at random offsets within pages to hinder exploits and inserting unallocated guard pages between large chunks to trigger faults on overruns. Enabled via configuration like G in /etc/malloc.conf, these features detect errors early without significantly impacting performance in non-adversarial environments. The allocator uses for randomized address placement, enhancing resistance to predictable attacks. Comparisons among these allocators reveal trade-offs: dlmalloc and ptmalloc excel in simplicity and binning efficiency for single-threaded or lightly concurrent code but may suffer lock contention in highly threaded scenarios compared to jemalloc's tcaches or tcmalloc's local caches. jemalloc and mimalloc prioritize low fragmentation—jemalloc via slab purging and mimalloc via sharding—ideal for long-lived server processes, while tcmalloc offers strong throughput at the cost of higher peak usage in some scenarios. scales well on many-core systems but uses more due to superblock granularity. malloc trades some speed for , with guard pages aiding fault detection. Overall, selection depends on priorities such as fragmentation control in threaded apps (jemalloc, mimalloc), raw speed (tcmalloc), or exploit mitigation ().

Kernel and Embedded Implementations

In kernel environments, such as the , dynamic memory allocation employs specialized functions distinct from user-space mechanisms to ensure reliability and isolation. The primary allocator for small objects (typically under 4KB) is kmalloc, which provides physically contiguous memory backed by the slab allocator, an efficient caching system for frequently used object sizes that minimizes fragmentation and overhead. For larger or virtually contiguous allocations, vmalloc is used, which maps non-contiguous physical pages into a contiguous , suitable for drivers needing large buffers without strict physical contiguity. These page-based allocators, built atop the , operate in kernel space to avoid interference with user-space heaps, preventing issues like shared fragmentation or pollution. Kernel allocations differ fundamentally from user-space ones in design and guarantees. Unlike user-space malloc and free, which rely on overcommitment (allowing allocations beyond physical memory via tricks), kernel functions like kmalloc and vmalloc do not overcommit; requests fail immediately if sufficient memory is unavailable, ensuring system stability under pressure. Additionally, kernel allocation emphasizes stricter determinism: flags such as GFP_ATOMIC or GFP_NOWAIT enable non-blocking, predictable operations critical for handlers and real-time contexts, avoiding sleeps that could deadlock the system, whereas user-space allocations may block indefinitely. Standard C functions like malloc and free are unavailable in kernel code, replaced by these custom APIs to enforce these constraints. In embedded systems, particularly resource-constrained or real-time environments, full dynamic allocation is often avoided due to risks of fragmentation, non-determinism, and unbounded execution times, leading to reliance on static buffers or fixed-size pools instead of a traditional heap. Real-time operating systems (RTOS) like provide tailored heap schemes to balance these needs: heap_1 offers the simplest deterministic allocation without freeing, ideal for static object lifecycles; heap_2 adds basic freeing but risks fragmentation; heap_4 improves efficiency with coalescence to reduce holes; and heap_5 supports disjoint regions for hardware with separate RAM banks, all configured via a fixed total size to prevent over-allocation. Portability challenges arise because the C standard assumes a hosted environment with full library support, including <stdlib.h> for malloc; freestanding implementations, common in embedded targets, omit this header and dynamic functions, requiring custom solutions for compliance and predictability. Alternatives in embedded contexts prioritize predictability over flexibility, such as custom pools that pre-allocate fixed blocks for specific object types, avoiding runtime search overhead and fragmentation seen in heaps. These pools, often implemented as arrays of fixed-size buffers, support fast allocation/deallocation via indices or bitmaps, suitable for real-time tasks where constant-time operations are essential. Sbrk-like mechanisms, adapted from Unix but simplified, can extend a static heap boundary in controlled ways, but fixed pools remain preferred for their bounded behavior and elimination of heap growth unpredictability.

Advanced Topics

Overriding Standard Functions

In C, overriding standard dynamic memory allocation functions such as malloc and free allows developers to intercept and customize their behavior, enabling features like detection, performance optimization, or integration with custom heap managers without altering the source code of applications that use the . This is particularly useful in tools or specialized environments where the default implementation needs augmentation, such as tracking allocations to identify unfreed or implementing object pooling for frequent small allocations. However, such overrides must preserve the original function signatures to maintain compatibility. One common method to override these functions dynamically is through the LD_PRELOAD on systems, which loads a custom before the standard C library (libc), allowing its symbols to take precedence over libc's versions. For instance, a shared object containing redefined malloc and free can be preloaded by setting LD_PRELOAD=/path/to/custom_lib.so before executing the program; this intercepts all calls to these functions application-wide, provided the custom implementation calls the original via dlsym(RTLD_NEXT, "malloc") to avoid . This technique is widely used for non-invasive , as it does not require recompilation. For static linking scenarios, glibc exports malloc, free, and related functions as weak symbols, permitting user-defined strong symbols with the same names to override them during linking without explicit weak declarations in user code. By simply implementing void *malloc(size_t size) and void free(void *ptr) in the user's object files or libraries, the linker resolves to these versions, effectively replacing the libc defaults. This approach is suitable for embedding custom allocators directly into executables, such as a heap manager that uses a bitmap or linked list to track blocks for debugging purposes. For example, a custom malloc might prepend allocation metadata (e.g., size and caller address) to the returned pointer and log it, while free verifies and removes the entry from a global tracking structure to detect leaks at program exit. Custom heap managers can be built by overriding these functions to manage a dedicated , bypassing the system heap for specific use cases like real-time systems or leak-prone modules. In a debugging context, the manager might maintain a of allocated pointers, incrementing a counter on malloc and decrementing on free; any non-zero count at exit signals leaks, with details like allocation sites reported via backtraces. Tools like Valgrind's Memcheck exemplify this by intercepting malloc and free calls through dynamic binary instrumentation, tracking every heap block and reporting leaks with stack traces upon program termination, thus aiding in precise diagnosis without source modifications. For less invasive tuning without full overrides, POSIX-inspired interfaces like mallopt and mallinfo in allow adjustment of allocator parameters and retrieval of heap statistics. The mallopt(int param, int value) function modifies behaviors such as the maximum number of arenas (M_ARENA_MAX) for multithreaded performance or the threshold for using (M_MMAP_THRESHOLD) to reduce fragmentation, returning 1 on success. Meanwhile, mallinfo() populates a with metrics like total allocated space (arena) and number of blocks (ordblks), enabling runtime monitoring and tuning of the default allocator. These are not part of the standard but are supported in for fine-grained control. Overriding carries risks, including ABI incompatibility if the custom functions deviate from expected signatures or behaviors, potentially causing crashes or undefined results in dependent code. Thread-safety is another concern; the default malloc is thread-safe via per-thread arenas, but a custom implementation must explicitly handle synchronization (e.g., using mutexes) to avoid race conditions in multithreaded programs, or it may lead to corruption. Additionally, recursive calls during initialization must be managed carefully to prevent infinite loops.

Extensions and Alternatives

POSIX provides extensions to the standard C allocation functions, enabling more precise control over alignment. The posix_memalign function allocates a block of aligned to a specified boundary, which is useful for hardware requirements such as SIMD operations or cache line optimization, and returns the via a pointer parameter while setting errno on failure. Similarly, memalign offers comparable aligned allocation but is not part of the standard and may vary in behavior across systems, often requiring manual deallocation with free. These extensions enhance performance in performance-critical applications but are limited to -compliant environments, such as systems. C11's Annex K introduces optional bounds-checking interfaces aimed at improving by validating buffer sizes and handling runtime constraints, though these primarily target string and memory copy operations like memcpy_s and strcpy_s rather than direct allocation functions. Implementations may extend this paradigm to safer allocation variants, such as checked realloc functions that detect size overflows, but Annex K itself does not mandate bounded allocation APIs like a hypothetical malloc_n or realloc_s, making their availability compiler- and library-dependent. This optional feature set promotes by invoking runtime-constraint handlers on violations, yet its adoption remains low due to incomplete support in major libraries like . In C++, dynamic memory management extends beyond C's model through the new and delete operators, which combine allocation with object construction and destruction, respectively, and support for custom allocators tailored to specific needs like . (RAII) further automates deallocation by tying resource lifetimes to object scopes, using smart pointers such as std::unique_ptr to eliminate manual free calls and reduce leaks. These mechanisms offer greater safety than raw C allocation while maintaining low-level control, though they introduce compile-time overhead and require C++ compatibility. Libraries provide alternatives to manual management in C. The Boehm-Demers-Weiser conservative garbage collector replaces malloc and free with automatic collection, scanning the stack and heap conservatively to reclaim unused memory without explicit deallocation, suitable for retrofitting legacy C code. Arena allocators, conversely, preallocate a large contiguous block and dole out sub-allocations within it, enabling bulk deallocation at scope end for temporary data structures like parse trees, which simplifies lifetime management in performance-sensitive scenarios. As of 2025, modern trends emphasize safer C allocation amid ongoing ISO discussions, with C23 (ISO/IEC 9899:2024) incorporating enhancements like memset_explicit for secure zeroing but no new bounded allocation primitives; however, C23 specifies that realloc(ptr, 0) with a non-NULL ptr results in , a change from prior standards where it often behaved like free(ptr). Instead, proposals such as TrapC advocate compile-time checks for overflows in malloc calls to prevent integer issues without runtime cost. These efforts aim to balance C's minimalism with , drawing from experiences in embedded and secure systems. Extensions like aligned functions and Annex K interfaces improve precision and robustness but compromise portability across non-compliant platforms, potentially requiring conditional compilation. Alternatives such as C++ RAII or Boehm GC mitigate manual errors through automation, yet impose runtime overhead—garbage collection pauses or allocator indirection—that can degrade real-time performance, trading developer burden for reduced defect rates in complex applications.

References

  1. https://en.cppreference.com/w/c/memory
  2. https://www.gnu.org/software/c-intro-and-ref/manual/html_node/Dynamic-Memory-Allocation.html
  3. https://man7.org/linux/man-pages/man3/malloc.3.html
  4. https://en.cppreference.com/w/c/memory/malloc
  5. https://en.cppreference.com/w/c/memory/realloc
  6. https://www.cs.sfu.ca/~ashriram/Courses/CS295/assets/books/C_Book_2nd.pdf
  7. https://www.spinellis.gr/blog/20170914/index.html
  8. https://www.cs.hmc.edu/~oneill/gc-library/Wilson-Alloc-Survey-1995.pdf
  9. https://www.umsl.edu/~lawtonb/224/dynamic0.html
  10. https://courses.cs.washington.edu/courses/cse374/20au/lectures/10-dyna-mem-alloc/10-dyna-mem-alloc.pdf
  11. https://www.math.utah.edu/computing/compilers/c/C99RationaleV5.10.pdf
  12. https://cs.gmu.edu/~zduric/cs262/Slides/teoX.pdf
  13. https://systems-encyclopedia.cs.illinois.edu/articles/c-memory-management/
  14. https://www.cs.cornell.edu/courses/cs3410/2025sp/notes/mem.html
  15. https://web.stanford.edu/class/archive/cs/cs107/cs107.1222/lectures/07/Lecture07.pdf
  16. https://www.cs.fsu.edu/~myers/c%2B%2B/notes/dma.html
  17. https://pubs.opengroup.org/onlinepubs/007904975/functions/malloc.html
  18. https://en.cppreference.com/w/c/types/size_t
  19. https://pubs.opengroup.org/onlinepubs/009696799/functions/calloc.html
  20. https://en.cppreference.com/w/c/memory/calloc
  21. https://www.hackerearth.com/practice/notes/malloc-vs-calloc/
  22. https://en.cppreference.com/w/c/memory/free
  23. https://c-faq.com/malloc/cast.html
  24. https://c-faq.com/malloc/sd3.html
  25. https://c-faq.com/malloc/mallocnocast.html
  26. https://wiki.sei.cmu.edu/confluence/display/c/MEM31-C.+Free+dynamically+allocated+memory+when+no+longer+needed
  27. https://cwe.mitre.org/data/definitions/401.html
  28. https://wiki.sei.cmu.edu/confluence/display/c/MEM34-C.+Only+free+memory+allocated+dynamically
  29. https://cwe.mitre.org/data/definitions/590.html
  30. https://wiki.sei.cmu.edu/confluence/display/c/MEM30-C.+Do+not+access+freed+memory
  31. https://cwe.mitre.org/data/definitions/416.html
  32. https://wiki.sei.cmu.edu/confluence/display/c/MEM35-C.+Allocate+sufficient+memory+for+an+object
  33. https://wiki.sei.cmu.edu/confluence/display/c/MEM11-C.+Do+not+assume+infinite+heap+space
  34. https://wiki.sei.cmu.edu/confluence/display/c/MEM07-C.+Ensure+that+the+arguments+to+calloc%28%29%2C+when+multiplied%2C+do+not+wrap
  35. https://wiki.sei.cmu.edu/confluence/display/c/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap
  36. https://valgrind.org/docs/manual/mc-manual.html
  37. https://pubs.opengroup.org/onlinepubs/9699919799/functions/malloc.html
  38. https://www.ibm.com/docs/en/aix/7.1.0?topic=concepts-system-memory-allocating-using-malloc-subsystem
  39. https://pubs.opengroup.org/onlinepubs/9699919799/functions/realloc.html
  40. https://www.kernel.org/doc/Documentation/vm/overcommit-accounting
  41. https://www.embedded.com/mastering-stack-and-heap-for-system-reliability-part-1-calculating-stack-size/
  42. https://man7.org/linux/man-pages/man3/malloc_usable_size.3.html
  43. https://sourceware.org/glibc/wiki/MallocInternals
  44. https://dl.acm.org/doi/pdf/10.1145/173262.155107
  45. https://dl.acm.org/doi/pdf/10.1145/301589.286864
  46. https://dl.acm.org/doi/pdf/10.1145/359605.359626
  47. https://sourceware.org/glibc/manual/2.34/html_node/The-GNU-Allocator.html
  48. https://gee.cs.oswego.edu/dl/html/malloc.html
  49. https://jemalloc.net/
  50. https://www.microsoft.com/en-us/research/wp-content/uploads/2019/06/mimalloc-tr-v1.pdf
  51. https://www.blackhat.com/presentations/bh-usa-07/Ferguson/Presentation/bh-usa-07-ferguson.pdf
  52. https://man.archlinux.org/man/jemalloc.3.en
  53. https://jemalloc.net/jemalloc.3.html
  54. https://engineering.fb.com/2011/01/03/core-infra/scalable-memory-allocation-using-jemalloc/
  55. https://github.com/microsoft/mimalloc
  56. https://microsoft.github.io/mimalloc/
  57. https://gperftools.github.io/gperftools/tcmalloc.html
  58. https://google.github.io/tcmalloc/design.html
  59. https://pages.cs.wisc.edu/~danb/google-perftools-0.98/tcmalloc.html
  60. https://people.cs.umass.edu/~emery/pubs/berger-asplos2000.pdf
  61. https://www.cs.utexas.edu/ftp/techreports/tr99-22.pdf
  62. https://github.com/emeryberger/Hoard
  63. http://man.openbsd.org/malloc
  64. https://undeadly.org/cgi?action=article&sid=20031017121955
  65. https://www.openbsd.org/security.html
  66. https://suniphrase.wordpress.com/2015/10/27/jemalloc-vs-tcmalloc-vs-dlmalloc/
  67. https://docs.kernel.org/core-api/memory-allocation.html
  68. https://www.embedded.com/freestanding-vs-hosted-implementations/
  69. https://embedded-code-patterns.readthedocs.io/en/latest/pool/
  70. https://man7.org/linux/man-pages/man8/ld.so.8.html
  71. https://stackoverflow.com/questions/17020497/why-dont-i-get-a-link-error-when-i-provide-my-own-malloc-and-free
  72. https://man7.org/linux/man-pages/man3/mallopt.3.html
  73. https://pubs.opengroup.org/onlinepubs/9699919799/functions/posix_memalign.html
  74. https://www.gnu.org/software/libc/manual/html_node/Aligned-Memory-Blocks.html
  75. https://www.open-std.org/jtc1/sc22/wg14/www/docs/n1570.pdf
  76. https://www.open-std.org/jtc1/sc22/wg14/www/docs/n2336.pdf
  77. https://www.modernescpp.com/index.php/overloading-operator-new-and-delete/
  78. https://www.hboehm.info/gc/
  79. https://www.rfleury.com/p/untangling-lifetimes-the-arena-allocator
  80. https://www.open-std.org/jtc1/sc22/wg14/www/docs/n3220.pdf
  81. https://www.open-std.org/jtc1/sc22/wg14/www/docs/n3423.pdf
Add your contribution
Related Hubs
Contribute something
User Avatar
No comments yet.