1MALLOC(3)                  Linux Programmer's Manual                 MALLOC(3)
2
3
4

NAME

6       malloc, free, calloc, realloc - allocate and free dynamic memory
7

SYNOPSIS

9       #include <stdlib.h>
10
11       void *malloc(size_t size);
12       void free(void *ptr);
13       void *calloc(size_t nmemb, size_t size);
14       void *realloc(void *ptr, size_t size);
15       void *reallocarray(void *ptr, size_t nmemb, size_t size);
16
17   Feature Test Macro Requirements for glibc (see feature_test_macros(7)):
18
19       reallocarray(): _GNU_SOURCE
20           Since glibc 2.29:
21               _DEFAULT_SOURCE
22           Glibc 2.28 and earlier:
23               _GNU_SOURCE
24

DESCRIPTION

26       The malloc() function allocates size bytes and returns a pointer to the
27       allocated memory.  The memory is not initialized.  If size is  0,  then
28       malloc()  returns either NULL, or a unique pointer value that can later
29       be successfully passed to free().
30
31       The free() function frees the memory space pointed  to  by  ptr,  which
32       must  have  been  returned by a previous call to malloc(), calloc(), or
33       realloc().  Otherwise, or if free(ptr) has already been called  before,
34       undefined behavior occurs.  If ptr is NULL, no operation is performed.
35
36       The  calloc()  function allocates memory for an array of nmemb elements
37       of size bytes each and returns a pointer to the allocated memory.   The
38       memory  is  set  to zero.  If nmemb or size is 0, then calloc() returns
39       either NULL, or a unique pointer value that can later  be  successfully
40       passed to free().  If the multiplication of nmemb and size would result
41       in integer overflow, then calloc() returns an error.  By  contrast,  an
42       integer  overflow  would  not be detected in the following call to mal‐
43       loc(), with the result that an incorrectly sized block of memory  would
44       be allocated:
45
46           malloc(nmemb * size);
47
48       The  realloc() function changes the size of the memory block pointed to
49       by ptr to size bytes.  The contents will be unchanged in the range from
50       the start of the region up to the minimum of the old and new sizes.  If
51       the new size is larger than the old size, the added memory will not  be
52       initialized.   If  ptr  is  NULL,  then  the call is equivalent to mal‐
53       loc(size), for all values of size; if size is equal to zero, and ptr is
54       not  NULL,  then  the  call  is equivalent to free(ptr).  Unless ptr is
55       NULL, it must have been returned by an earlier call to  malloc(),  cal‐
56       loc(),  or realloc().  If the area pointed to was moved, a free(ptr) is
57       done.
58
59       The reallocarray() function  changes  the  size  of  the  memory  block
60       pointed  to  by  ptr to be large enough for an array of nmemb elements,
61       each of which is size bytes.  It is equivalent to the call
62
63               realloc(ptr, nmemb * size);
64
65       However, unlike that realloc() call, reallocarray() fails safely in the
66       case  where  the  multiplication  would  overflow.  If such an overflow
67       occurs, reallocarray() returns NULL, sets errno to ENOMEM,  and  leaves
68       the original block of memory unchanged.
69

RETURN VALUE

71       The  malloc()  and calloc() functions return a pointer to the allocated
72       memory, which is suitably aligned for any  built-in  type.   On  error,
73       these functions return NULL.  NULL may also be returned by a successful
74       call to malloc() with a size of zero, or by a successful call  to  cal‐
75       loc() with nmemb or size equal to zero.
76
77       The free() function returns no value.
78
79       The realloc() function returns a pointer to the newly allocated memory,
80       which is suitably aligned for any built-in type and  may  be  different
81       from ptr, or NULL if the request fails.  If size was equal to 0, either
82       NULL or a pointer suitable to be passed  to  free()  is  returned.   If
83       realloc()  fails, the original block is left untouched; it is not freed
84       or moved.
85
86       On success, the reallocarray() function returns a pointer to the  newly
87       allocated  memory.   On failure, it returns NULL and the original block
88       of memory is left untouched.
89

ERRORS

91       calloc(), malloc(), realloc(), and reallocarray()  can  fail  with  the
92       following error:
93
94       ENOMEM Out  of  memory.  Possibly, the application hit the RLIMIT_AS or
95              RLIMIT_DATA limit described in getrlimit(2).
96

ATTRIBUTES

98       For  an  explanation  of  the  terms  used   in   this   section,   see
99       attributes(7).
100
101       ┌─────────────────────┬───────────────┬─────────┐
102Interface            Attribute     Value   
103       ├─────────────────────┼───────────────┼─────────┤
104malloc(), free(),    │ Thread safety │ MT-Safe │
105calloc(), realloc()  │               │         │
106       └─────────────────────┴───────────────┴─────────┘

CONFORMING TO

108       malloc(), free(), calloc(), realloc(): POSIX.1-2001, POSIX.1-2008, C89,
109       C99.
110
111       reallocarray() is a nonstandard extension that first appeared in  Open‐
112       BSD 5.6 and FreeBSD 11.0.
113

NOTES

115       By  default,  Linux  follows  an optimistic memory allocation strategy.
116       This means that when malloc() returns non-NULL there  is  no  guarantee
117       that  the  memory  really  is available.  In case it turns out that the
118       system is out of memory, one or more processes will be  killed  by  the
119       OOM   killer.    For   more   information,   see   the  description  of
120       /proc/sys/vm/overcommit_memory and /proc/sys/vm/oom_adj in proc(5), and
121       the   Linux  kernel  source  file  Documentation/vm/overcommit-account‐
122       ing.rst.
123
124       Normally, malloc() allocates memory from the heap, and adjusts the size
125       of the heap as required, using sbrk(2).  When allocating blocks of mem‐
126       ory larger than MMAP_THRESHOLD bytes, the glibc malloc() implementation
127       allocates  the  memory  as  a  private anonymous mapping using mmap(2).
128       MMAP_THRESHOLD is 128 kB by  default,  but  is  adjustable  using  mal‐
129       lopt(3).   Prior  to Linux 4.7 allocations performed using mmap(2) were
130       unaffected by the RLIMIT_DATA resource limit;  since  Linux  4.7,  this
131       limit is also enforced for allocations performed using mmap(2).
132
133       To  avoid  corruption  in  multithreaded applications, mutexes are used
134       internally to protect the memory-management data structures employed by
135       these  functions.   In  a  multithreaded  application  in which threads
136       simultaneously allocate and free memory, there could be contention  for
137       these  mutexes.   To scalably handle memory allocation in multithreaded
138       applications, glibc creates  additional  memory  allocation  arenas  if
139       mutex  contention  is detected.  Each arena is a large region of memory
140       that is internally allocated by the system (using brk(2)  or  mmap(2)),
141       and managed with its own mutexes.
142
143       SUSv2 requires malloc(), calloc(), and realloc() to set errno to ENOMEM
144       upon failure.  Glibc assumes that this is done (and the glibc  versions
145       of  these routines do this); if you use a private malloc implementation
146       that does not set errno, then certain library routines may fail without
147       having a reason in errno.
148
149       Crashes  in  malloc(), calloc(), realloc(), or free() are almost always
150       related to heap corruption, such as overflowing an allocated  chunk  or
151       freeing the same pointer twice.
152
153       The  malloc()  implementation is tunable via environment variables; see
154       mallopt(3) for details.
155

SEE ALSO

157       valgrind(1), brk(2), mmap(2), alloca(3), malloc_get_state(3),
158       malloc_info(3), malloc_trim(3), malloc_usable_size(3), mallopt(3),
159       mcheck(3), mtrace(3), posix_memalign(3)
160
161       For details of the GNU C library implementation, see
162https://sourceware.org/glibc/wiki/MallocInternals⟩.
163

COLOPHON

165       This page is part of release 5.02 of the Linux man-pages project.  A
166       description of the project, information about reporting bugs, and the
167       latest version of this page, can be found at
168       https://www.kernel.org/doc/man-pages/.
169
170
171
172GNU                               2019-03-06                         MALLOC(3)
Impressum