DEV Community

Cover image for In Defense of Manual Memory Management
Dayvster 🌊
Dayvster 🌊

Posted on • Originally published at dayvster.com

In Defense of Manual Memory Management

#programming #zig #systems

Why Manual Memory Management Still Matters ?

It is now easier than ever to write software without ever needing to learn about the heap or the stack. Languages like JavaScript, Python and even Go have built-in ways to manage your memory usage for you at runtime with acceptable performance hits for most modern consumer grade hardware. However consumer hardware is not the end all be all of computing. There are still many use cases where the performance benefits of manual memory management are worth the effort, such as in embedded systems, game development, and high-performance computing.

I'd even argue that it's a valuable skill to have and learn even if you don't need it for your day to day work. It can give you a deeper understanding of how computers work and how to optimize your code for performance.

When you understand how memory management works how your system works under the hood, you will also as a third order effect understand your own code and software better. Plus you can then use super cool and trendy languages like Zig, Odin and C3 which have manual memory management as a core feature.

The Usual Pitfalls

Here are some things that you should be aware of when doing manual memory management:

Dangling Pointers

A dangling pointer is a pointer that points to memory that has already been deallocated. Imagine lending your friend a book and making a note of it and when you go to ask for it back they tell you that they've already thrown it away, rude yes, but now you have a note that points to a book that no longer exists. Bad analogy aside a dangling pointer is a pointer that points to memory that has already been freed, and if you try to access it you will get undefined behavior, which can lead to crashes, data corruption, and security vulnerabilities.

Double Free

Continuing my bad analogy say that you've lent your friend a book and now you wish to throw it away, so first you have to get it back from your friend, who has rudely already thrown it away, even though you wanted to throw it away yourself. So you attempt to throw away a book that has already been thrown away. Wow I'm really bad at this whole analogy thing. Regardless, a double free is when you try to free memory that has already been freed, and this can lead to undefined behavior, which can lead to crashes, data corruption, and security vulnerabilities.

Use After Free

You know what I'm sticking to my bad analogy, so say that you've lent your friend a book and then you attempt to read it after your friend has already thrown it away, you will get a book that is no longer there and you will be confused and upset. This is what happens when you try to access memory that has already been freed, you will get undefined behavior, which can lead to... yes you've guessed it, crashes, data corruption, and security vulnerabilities.

Leaking Memory

Your friend lives in a small apartment and you lend them a book, then you lend them 10 more books and after that you just keep lending them books like the crazed book lender that you are without ever asking for them back. Eventually your friend will have a huge pile of books that they can't manage(that'll show em) and they will have no space left in their apartment. This is what happens when you allocate memory but never free it, you will eventually run out of memory and your application will crash. This is called a memory leak, and it can be a serious problem if not managed properly.

Buffer Overflows

Your friend is a bit OCD they reserved a singular bookshelf for the books you lend them, it only has space for about 10 books because your very OCD friend likes the number 10, so you lend them 10 books one week and the next week you lend them 1 more book. Your friend has a meltdown because they have 11 books and can't fit them on their shelf that can only ever hold 10 books. Yes I am sticking to my bad analogy. A buffer overflow is essentially when you try to write more data to a buffer than it can hold. Guess what this can lead to? Yes you guessed it, crashes, data corruption, and security vulnerabilities.

Memory Fragmentation

Your very OCD friend built a bigger shelf and has a new strategy of how to place books on that shelf, they wanna sort them alphabetically or by color or something I don't know it's an OCD thing. So you keep lending them book chaotically which leads your friend to have a bunch of empty space between the books on the shelf, the shelf itself is bigger yes, but the empty space between the books is wasted space that can't be used for anything else. This is what happens when you have a lot of small allocations and deallocations, it can lead to memory fragmentation, which can lead to inefficient use of memory and eventually running out of memory.

Incorrect Ownership

Ok I got no idea how to work my bad analogy into this one, you and your ... roommates ? all try to modify the same book on the shelf at the same time, this opens a rift in the space time continuum because somehow you've now produced a quantum book that exists in multiple states at the same time, and you have no idea which state is the correct one. Wow that went off the rails real quick. Incorrect ownership is basically when you have multiple pointers to the same memory and each of them tries modifying it. This can lead to race conditions and data corruption, and it can be very difficult to debug.

As you can see doing manual memory management is a lot more involved than just using a garbage collected language, but it can also be a lot more rewarding and fun. You get to have more control over your application's memory usage and you can really optimize your software for performance and for known hardware. However, you also have to be very careful and pay attention to the details, because if you make a mistake it can lead to some very bad consequences.

How To Avoid These Pitfalls

Just use a garbage collected language, problem solved. End of article. Just kidding, if you want to do manual memory management there are some things you can do to avoid these pitfalls, you've already solved the biggest problem by now which is understanding the pitfalls (I hope). But just understanding the problem is only half the journey the solution is the other half. So let's think about some solutions to these problems.

The Mental Model

The first thing you need to do is to have a mental model of how memory management works. Let's start with 2 terms which immediately describe what they do, the stack and the heap.

Stack

For a stack we always default to a stack of plates when describing it because it's the easiest way to visualize it, you can only add or remove plates from the top of the stack because we really do not wanna break any plates. So the stack is a region of memory that is used for storing local variables and function call information. It is organized in a last-in-first-out (LIFO) manner, which means that the most recently added item is the first one to be removed. The stack is typically much faster than the heap because it has a fixed size and does not require dynamic memory allocation.

Heap

For the heap imagine a big disorganized pile of clothes, you can very quickly throw clothes onto the pile and you can also quickly grab clothes from the pile, but you have no idea where anything is and it can get really messy really fast. The heap is a region of memory that is used for dynamic memory allocation. It is organized in a more flexible manner than the stack, which means that you can allocate and deallocate memory in any order. The heap is typically slower than the stack because it requires dynamic memory allocation and deallocation.

I could easily write full articles on just the stack and just the heap alone but for the sake of keeping your attention span I think this is a good enough mental model to get you started.

Tools and Tricks

Use the tools available to you. We have debuggers and sanitizers, logging and profiling tools, and even static analysis tools that can help you catch these issues before they become a problem. Use them, they are there for a reason and they can save you a lot of time and headaches.

  • Debuggers: A debugger is a tool that allows you to step through your code line by line and inspect the state of your program at any point in time. This can be incredibly helpful for finding and fixing memory management issues, as you can see exactly where things are going wrong.
  • Sanitizers: Sanitizers are tools that can help you detect memory management issues at runtime. For example, AddressSanitizer can help you detect buffer overflows and use-after-free errors, while LeakSanitizer can help you detect memory leaks.
  • Logging and Profiling Tools: Logging can help you track the flow of your program and see where memory is being allocated and deallocated. Profiling tools can help you identify performance bottlenecks in your code, which can be caused by inefficient memory management.
  • Static Analysis Tools: Static analysis tools can analyze your code without running it and can help you find potential memory management issues before they become a problem. For example, tools like Clang's static analyzer can help you find potential memory leaks and other issues in your code.
  • Code Reviews: Code reviews can be a great way to catch memory management issues before they make it into production. Having another set of eyes on your code can help you spot potential issues that you might have missed, ask a friend to review your code if it's a hobby or solo project if you have to, just maybe not the same friend that you lend books to in the previous analogies, they might be a bit overwhelmed at this point.

Best Practices and Habits

Tools are great and all but at the core of manual memory management is you, the developer. You need to have a good set of habits and practices that can help you avoid these pitfalls in the first place. By delving into the world of manual memory management you take responsibility for your own code and you have to be disciplined about how you manage your memory. Here are some best practices and habits that can help you avoid these pitfalls:

  • Always Free What You Allocate: This is the most basic rule of manual memory management, if you allocate memory you need to make sure that you free it when you're done with it. This can help you avoid memory leaks and ensure that your application does not run out of memory.
  • Use Smart Pointers: If you're using a language that supports smart pointers, such as C++, use the tools they give you, smart pointers are easy to learn and they can help you avoid a ton of pitfalls listed above like dangling pointers, double free, use after free, and even incorrect ownership. They are a great way to manage memory safely and efficiently.
  • Favor scope-based cleanup: If your language supports it, use scope-based cleanup mechanisms. In C++, this is RAII (Resource Acquisition Is Initialization), where resources are automatically released when they go out of scope. In Zig, you can use defer to schedule cleanup code that runs when a block ends. These tools help prevent memory leaks and make sure your application doesn’t run out of memory.
  • Test small and often: When you're doing manual memory management, it's important to test your code frequently and in small increments. This can help you catch issues early on before they become bigger problems. Write unit tests that specifically test the memory management aspects of your code, and run them regularly to ensure that everything is working as expected.
  • Respect your future self, document your damn code: You will forget about the details of your code in the future, especially when it comes to manual memory management. Make sure to document your code well, especially the parts that deal with memory management. This can help you understand your code better in the future and can help you avoid making mistakes when you come back to it later on.

How Different Languages Tackle Manual Memory Management

Ok we're done with bad analogies for now, so let's discuss how different languages that do not come with a garbage collector handle manual memory management, and how they help you avoid the pitfalls mentioned above.

C

C is a fine classic, it's timeless and beautiful in its simplicity. I appreciate just how minimal it is and how much you can do with just raw C and the standard library. Famously C has malloc and free for manual memory management, and it is up to the developer to make sure that they are used correctly. C does not have any built-in tools to help you avoid the pitfalls of manual memory management, so you need to be very careful when using it. However, there are many third-party libraries and tools that can help you manage memory in C, such as Valgrind for detecting memory leaks and AddressSanitizer for detecting buffer overflows and use-after-free errors.

But recently we've gotten some new tools and helpers in the C ecosystem such as Fil-C.

Fil-C

Fil-C is a modified toolchain that adds a ton of memory safety to C and C++ at a very minimal cost and no need for expensive rewrites to other languages or paradigms which may lead you to throw away decades of battle tested code and bugfixes.

What Fil-C delivers is:

  • Modified Compiler: Fil-C uses a modified compiler based on LLVM/Clang that instruments your code during compilation. It rewrites pointer operations and inserts safety checks so that invalid memory accesses such as out of bounds reads or writes are detected at runtime.
  • Custom Runtime: Fil-C links programs against its own runtime which is responsible for enforcing these safety guarantees. It tracks memory objects, validates pointer accesses, and aborts execution if the program attempts an unsafe operation.
  • Modified Standard Library: The C standard library used with Fil-C is adapted to operate within the same safety model. This ensures that safety guarantees apply consistently across both your code and the libraries it depends on.
  • A Memory Safe ABI: Fil-C programs run with a modified application binary interface designed to support its safety checks and metadata tracking. This ABI allows the runtime to reliably enforce memory safety across the entire program.

Together, these components allow Fil-C to keep the simplicity and ecosystem of C, while adding a layer of protection against many of the most common and dangerous memory errors.

But the magic happens when you compile your existing C or C++ code with the Fil-C compile, it will automatically rewrite your code to add safety checks, insert runtime checks and link against the Fil-C runtime, all without you having to change a single line of your code. This means that you can take your existing C or C++ codebase and compile it with Fil-C to get memory safety guarantees without having to rewrite your code or change your programming paradigm.

Essentially something like

int x = arr[i];
Enter fullscreen mode Exit fullscreen mode

Will compile to something sorta like:

check_pointer_bounds(arr, i);
load_value(arr + i);
Enter fullscreen mode Exit fullscreen mode

C++

Ah yes the one everyone loves to hate but also the one that has had one of the biggest impact on the software industry. I know C++ gets a bad rep, in fact I even wrote a whole article in defense of C++ give it a read if you have some time. But back to the main point, C++ has evolved a lot since its inception and it has added a lot of features to help with manual memory management in a safe and controlled way, such as smart pointers which are basically wrappers around raw pointers that automatically manage the memory they point to.

Also modern C++ strongly encourages the use of containers instead of manual memory allocation, usually if you use the following: std::vector, std::string, std::map, std::unordered_map and so on, you will be using manual memory management under the hood but you won't have to worry about it because the containers will take care of it for you.

Trouble arises if you use something like:

int* arr = new int[10];
Enter fullscreen mode Exit fullscreen mode

This is a raw pointer and you will have to manually manage the memory for it. The same can be achieved with

std::vector<int> arr(10);
Enter fullscreen mode Exit fullscreen mode

This will give you a vector of 10 integers and you won't have to worry about memory management

Zig

My favorite of the bunch, Zig is a modern programming language that has manual memory management as a core feature. It has a unique approach to memory management that is designed to be safe and efficient, while still giving developers full control over their memory usage. You can accomplish this by understanding zig allocators and using them correctly in your code. Zig also has the defer keyword which allows you to schedule cleanup code that runs when a block ends, this can help you avoid memory leaks and ensure that your application does not run out of memory.

Basically Zig gives you the tools you need to manage your memory safely and efficiently with minimal effort on your end and all this with basically no overhead or significant performance hits, it's a win-win situation.

Plus zig can interop with C and even be used as a C or C++ compiler.

Odin

I've covered how Odin manages memory in is odin just a more boring C? the title is a bit clickbaity, I'm sorry about that, I mean it in a good way, I like a language that is simple and straightforward and gets out of my way and lets me be productive. Odin is precisely that and I love it. I really would recommend reading through my article on Odin because it has a very cool and unique approach to manual memory management that is worth learning about.

What makes Odin interesting when it comes to memory management is that it does not try to hide memory from you. Instead it makes it explicit and flexible through allocators. In Odin you can pass allocators around just like normal values and decide exactly how memory should be handled in a given part of your program. Many APIs also default to using context.allocator, which gives you a convenient default while still letting you override it when needed.

This means you can easily switch strategies depending on the problem. Maybe you want an arena allocator for short lived data, or a custom allocator for a performance sensitive subsystem. Odin makes that kind of thing straightforward.

In practice this leads to code that is very predictable. You know where allocations happen, you know who owns them, and you can change the allocation strategy without rewriting half your program. It fits nicely with Odin’s general philosophy of simplicity and control.

C3

I have not had the time to properly dive into C3 yet. I tinkered with it a bit and I like the direction they are taking.

From what I have seen so far, C3 leans heavily on scope based allocation and deterministic cleanup. The idea is that a lot of memory you allocate only needs to live for the duration of a function or a block. Instead of manually tracking every allocation and freeing it later, the language and its libraries make it easy to tie allocations to a scope and clean them up when that scope ends.

C3 also provides helpers like mem::new_array and mem::alloc_array in the standard library so you are not constantly dealing with raw allocation primitives. The project also promotes the use of temporary or arena style allocators for short lived data.

What I like about this approach is that it tackles one of the biggest sources of memory bugs which is lifetime confusion. If allocations clearly belong to a scope, a lot of mistakes simply disappear.

I still need to spend more time with C3 before forming a strong opinion, but from what I have seen so far it looks like another interesting attempt at making manual memory management practical instead of painful.

The Rust Detour

I'll be honest with you, I don't consider Rust to be a manual memory management language. It's a language that has a unique approach to memory management yes but at no point does it require you to manually allocate and deallocate memory, it has a built in ownership system that takes care of all of that for you. Rust is basically a set of compiler rules which basically just shifts the responsibility of memory management away from the developer, if that sounds familiar it's because that's precisely what garbage collected languages do. They assume you will mess up and they take care of it for you, Rust just does that at compile time instead of runtime.

Is that a good approach? Honestly no. I think it's a horrible approach that adds more problems than it solves and in the end it does not even guarantee memory full safety, that's how you get the famous quotes like memory leaks are considered memory safe in Rust. So far Rust has failed to impress in production as well such as when Cloudflare went down because of a memory issue in their Rust code, a problem Rust was specifically designed to prevent.

As you can tell I'm not a fan of Rust and I don't think it's a good language at all. It came in hot with wild promises and failed to deliver on any of them so far, but that's a topic for another article.

When Should you Reach for Manual Memory Management?

Manual memory management is really powerful and if you understand it well you can write incredibly efficient and performant code, but it also comes with a lot of responsibility and potential for mistakes. So when should you reach for manual memory management?

Performance Critical Code

In high performance systems, even small inefficiencies can add up. Games, trading systems, real time audio processing, and high frequency networking software often benefit from predictable memory usage and deterministic cleanup.

Garbage collectors can introduce pauses or unpredictable allocation patterns. Manual memory management allows developers to control exactly when allocations happen and when memory is released.

Embedded Systems

Embedded devices often run with extremely limited memory and CPU resources. A garbage collector may simply be too expensive or too unpredictable in these environments.

Manual memory management lets developers carefully control how memory is used and ensures that the system never exceeds its constraints.

Systems Programming

Operating systems, drivers, compilers, and networking stacks all tend to require direct control over memory. In these areas you often need to manage memory layouts explicitly, work with hardware, or operate in environments where a runtime simply does not exist.

Large Existing Codebases

Sometimes the reason is simple. There are decades of battle tested C and C++ code in the world. Rewriting those systems into a different paradigm or language is often unrealistic or would lead to throwing away decades worth of battle tested code and bug fixes.

In those cases it makes more sense to improve tooling, add safety layers, or adopt better practices rather than start over from scratch.

And that is really the key point. Manual memory management is not something you reach for just because you can. It is something you use when you need control, predictability, and performance that higher level runtimes cannot always provide.

Understanding it also changes how you think about software in general. Once you know what is actually happening under the hood when memory is allocated, freed, or reused, many parts of programming start to make a lot more sense.

Conclusion

Manual memory management has a reputation for being dangerous and outdated, but that reputation mostly comes from misunderstanding and misuse.

Yes, the pitfalls are real. But so are the performance benefits and the deeper understanding of how software works that comes with mastering it.

The reality is that manual memory management is still everywhere. Operating systems, game engines, databases, embedded systems, networking stacks and high performance software all rely on it every day. Entire industries run on systems that manage memory manually and have done so successfully for decades.

What has changed is the ecosystem around it. We now have better debugging tools, sanitizers, static analyzers and improved language features that make writing safe manual memory code far more approachable than it used to be. Modern C++, Zig, Odin and C3 are all exploring different ways to give developers control without unnecessary pain.

At the end of the day, manual memory management is just another tool in the toolbox. Not every project needs it, and for many applications a garbage collected language is perfectly fine. But when performance, determinism or low level control matter, understanding manual memory management becomes incredibly valuable.

And honestly, once you understand it, it stops being scary. It just becomes another part of writing good software.

Thank you for your time, this was a long one and I sincerely hope you enjoyed it.

Top comments (0)