Understanding malloc and free: Memory Allocation Mechanisms in C

In the world of programming, memory management is a complex maze where every developer must navigate carefully, and the functions malloc and free serve as the essential signposts.

1. Basic Concepts of Memory Management

C distinguishes between the stack and the heap. The stack is automatically allocated and freed by the system for local variables, grows toward lower addresses, and is usually limited to 1‑2 MB on Windows. The heap requires manual allocation and deallocation via functions such as malloc and free , grows toward higher addresses, and is limited only by the available virtual memory.

The stack never fragments because its space is contiguous, whereas the heap can become fragmented due to frequent malloc / free operations, reducing program efficiency.

2. How malloc Allocates Memory

malloc is not a direct system call; it is a C library function that performs dynamic memory allocation. It uses two different kernel interfaces depending on the requested size:

For allocations smaller than 128 KB, malloc invokes the brk() system call, moving the program break upward to extend the heap.

For allocations larger than 128 KB, it uses mmap() with a private anonymous mapping, allocating memory from the file‑mapping area.

2.1 Allocation via brk()

When brk() is used, the heap top pointer is shifted to obtain a new contiguous region. This method is efficient for small allocations but can leave freed blocks inside the heap, causing fragmentation.

2.2 Allocation via mmap()

When mmap() is used, the kernel creates a private anonymous mapping, effectively “stealing” a region from the file‑mapping area.

2.3 Characteristics of the Allocated Memory

malloc reserves virtual memory; physical pages are only mapped when the program accesses them. For brk allocations, freed blocks remain in the process’s memory pool, while mmap allocations are returned to the OS upon free , removing the mapping.

Problem 1: How Much Virtual Memory Does malloc Allocate?

When requesting a single byte, malloc actually reserves a larger region (e.g., 132 KB) to serve as a pool. The following test program demonstrates this:

#include <stdio.h>
#include <malloc.h>

int main() {
    printf("Using cat /proc/%d/maps to view allocation\n", getpid());
    void *addr = malloc(1);
    printf("Address of 1‑byte allocation: %p\n", addr);
    getchar();
    free(addr);
    printf("Freed 1‑byte allocation (heap remains)\n");
    getchar();
    return 0;
}

Running this on a glibc 2.17 system shows a heap range of about 132 KB, confirming the pre‑allocation.

Problem 2: Does free Return Memory to the OS?

For brk ‑based allocations, free marks the block as free inside the heap but does not return it to the kernel, allowing rapid reuse but causing possible fragmentation. For mmap ‑based allocations, free removes the mapping, fully returning the memory to the OS.

Problem 3: How Does free Know the Size of the Block?

Each allocated block contains a hidden header placed just before the user‑visible address. The header stores the block size and other metadata. When free receives a pointer, it subtracts the header size to locate this information and determines how much memory to release.

3. Why Not Use Only mmap or Only brk?

System calls are expensive because they require a switch from user mode to kernel mode. Using mmap for every allocation would incur a kernel transition for each request and cause a page‑fault on first access, increasing CPU overhead.

Conversely, brk provides a contiguous heap that can be extended with a single call, and freed blocks can be cached in the allocator’s pool, reducing both system‑call frequency and page‑faults.

4. Summary

malloc and free are fundamental to C‑language memory management. malloc chooses between brk (for small allocations) and mmap (for large allocations) to balance performance and fragmentation. free releases memory back to the allocator’s pool or to the OS depending on the allocation method. Understanding these mechanisms helps developers write more efficient and reliable C programs.