Don't do it like this, this is a very very bad idom for malloc()'ing n
objects for an array
I don't think I've ever seen anyone say that it is a bad idiom,
let alone a "very very bad idiom".
if at all possible use calloc() i.e. calloc(n, sizeof(array))
since calloc() doe size checking for you,
C89 4.10.3.1 The Calloc Function
Description
The calloc function allocates space for an array of nmemb objects,
each of whose size is size. The space is initialized to all bits zero.
Returns
The calloc function returns either a null pointer or a pointer to
the allocated space.
I don't see anything in there about calloc() checking sizes.
What I do see is that calloc() always initializes to zero, which malloc()
does not do. If one is working with a large array, the time required to
perform that initialization could be high, and it might be entirely
wasted time if the user program promptly sets the storage to something else.
On systems in which the zeroing is done in software, calloc() would
cause the entire array to pass through the cache. If calloc() is
written to optimize the time required to do the initialization, that
would have the side effect of pushing all other data (and possibly most
code as well) out of the cache. That could have substantial hidden
costs, especially on multiprocessor shared memory systems in which it
is necessary to communicate the memory addresses to all nodes in order
to "lock" the memory segment while it is written.
On systems in which the zeroing can be done in hardware ("demand zero
memory"), memory which is being allocated out of the existing pool must
still be zeroed in software, whereas memory that happens to get allocated
by a system call asking for more memory would not [on such systems]
require explicit initialization. The timing difference is detectable
for cryptographic differential analysis purposes; there are a lot
of other timing differences that can be detected for other operations,
but if one is trying to protect against such issues, the fewer issues
that one has to worry about, the better.
In summary, using malloc() instead of calloc() is NOT a
"very very bad idiom": there are solid reasons to prefer malloc()
in a number of instances.