Memory Safety

Memory safety is the property of a programming language or runtime system that prevents programs from accessing memory they do not own — through null pointer dereference, buffer overflow, use-after-free, or other invalid memory operations. Languages like C and C++ are memory-unsafe by design: they grant programmers direct access to raw memory and trust them not to make mistakes. Languages like OCaml, Haskell, Rust, and Java achieve memory safety through different mechanisms — garbage collection, linear types, or borrow checking — but they share a common commitment: the language, not the programmer, is responsible for proving that every memory access is valid.

The cost of memory unsafety is measured in security vulnerabilities, system crashes, and billions of dollars in economic damage. The CWE Top 25 most dangerous software weaknesses are dominated by memory safety errors, and the majority of CVEs in systems software trace to a single cause: a language that treats memory as an unregulated commons. Memory safety is not a performance luxury; it is a correctness prerequisite that the software industry has treated as optional for fifty years.

Memory safety is closely related to type safety — a memory-safe language may still allow type confusion, and a type-safe language may still permit unsafe memory operations through escape hatches — but the two properties are distinct. A program can be type-safe without being memory-safe (Java prevents type confusion but allows null pointer exceptions) and memory-safe without being type-safe (assembly with bounds checking). The languages that achieve both — Rust, OCaml, SPARK — represent a convergence that the industry is only beginning to recognize as standard rather than exceptional.