This definition of memory safety reminds me of a story of writing a C compiler for LISP machines. As I recall, C pointers were represented in LISP as a tuple of a reference to a buffer, and an index into that buffer. In other words, the exact same solution as used in this article: All pointers carry with them (explicitly, in this case) information about which "derived" pointers are legal.

Check out http://arcanesentiment.blogspot.com/2012/05/pointer-arithmet..., which describes Zeta-C's handling of pointers (Zeta-C being a C compiler for Lisp machines).

And as a bonus, there's a link to the Zeta-C source code!

Good work! The "pointers as capabilities" idea makes it much clearer to me what "memory safety" means. Can we have a similar article about "type safety"? I think many people would benefit from knowing the exact relationship between type safety and memory safety, and whether one is a subset of the other.

> We should think of a pointer as consisting of logically three elements (p,b,e): the legal region is defined by the base b and bounds (or extent) e, and the pointer itself is p.

Everything old is new again. Look up how segmentation works on x86 in 32-bit mode (initially introduced as "protected mode" on 80286).

Bah, this was dropped on x86-64, so it's not very interesting..