Very interesting. When using opaque structs in APIs in the past, I’ve aways provided _create and _destroy functions that allocate them on the heap. API users would regularly leak memory, and allowing the use of alloca some cases would have made the API simpler to use.
I appreciated the idea of the library declaring the required memory allocation size instead of relying on malloc internally.
I’m not entirely sure this scales well if your library requires additional allocations later on. Of course there’s always the option of pre-allocating the whole of it whenever possible, that is whenever the amount of space is not determined at runtime.