Skip to content

Rust Memory Safety Examples: A Comprehensive Course

Understanding Memory Safety Through Rust's Type System

Welcome to the Course

Memory safety vulnerabilities have been responsible for approximately 70% of security bugs in systems software over the past decade. Buffer overflows, use-after-free errors, and data races have plagued C and C++ codebases since their inception, leading to countless security exploits and system crashes. Rust was designed specifically to eliminate these classes of bugs at compile time, and this course will show you exactly how it accomplishes this remarkable feat.

The rust-memory-safety-examples codebase is not a typical application—it's a teaching laboratory. Every module, every function, and every type definition exists to demonstrate a specific memory safety principle. By studying this codebase systematically, you'll develop an intuition for Rust's ownership model that goes far beyond memorizing rules. You'll understand why the borrow checker rejects certain patterns and how to design your own code to work harmoniously with Rust's safety guarantees.

This course takes you from your first encounter with Rust's bounds checking through advanced concurrent programming patterns. Along the way, you'll see how Rust's seemingly strict rules actually provide tremendous flexibility once you understand their underlying logic.

Prerequisites

Before beginning this course, you should have:

Programming Fundamentals - Comfort with at least one systems programming language (C, C++, Go, or similar) - Understanding of basic memory concepts: stack vs. heap, pointers, allocation and deallocation - Familiarity with common data structures: arrays, vectors, hash maps

Basic Rust Syntax - Ability to read Rust code (variables, functions, structs, enums) - Understanding of Rust's basic types (i32, String, Vec<T>, Option<T>, Result<T, E>) - Experience running Rust programs with cargo run and cargo test

Helpful but Not Required - Prior exposure to concepts like RAII (Resource Acquisition Is Initialization) - Basic understanding of threading and concurrency challenges - Experience debugging memory-related bugs in other languages

If you're completely new to Rust, we recommend completing the first half of "The Rust Programming Language" book before starting this course. However, if you're an experienced programmer comfortable reading new syntax, you can likely follow along while referencing documentation as needed.

Learning Objectives

By the end of this course, you will be able to:

Conceptual Understanding

  • Explain why buffer overflows, use-after-free bugs, and data races cannot occur in safe Rust
  • Describe the ownership model and how it differs from garbage collection and manual memory management
  • Articulate the relationship between lifetimes, references, and memory safety
  • Compare Rust's approach to thread safety with traditional locking strategies

Practical Skills

  • Identify common memory safety patterns in Rust code and understand their purpose
  • Design data structures that leverage the type system to prevent misuse
  • Write concurrent code that is guaranteed free of data races
  • Debug borrow checker errors by understanding what the compiler is protecting against

Architectural Thinking

  • Evaluate trade-offs between different safe abstraction patterns
  • Choose appropriate synchronization primitives for different concurrent scenarios
  • Structure APIs that guide users toward safe usage patterns

How to Use This Course

This course consists of paired documents for each lesson:

Lecture Documents

Each lecture document (like this one) provides conceptual context and explanation. These documents are designed to be read sequentially or listened to as audio. They explain why code is structured certain ways, connect patterns to broader Rust principles, and highlight design decisions worth understanding.

Lecture documents reference specific code sections but don't reproduce entire files. They're meant to build your mental model before you examine the implementation details.

Code Companion Documents

Each lesson's code companion contains annotated source code with detailed inline explanations. These documents show you exactly what the code does, with commentary on interesting lines and patterns. Use these as references while reading the lectures or as standalone study materials.

Suggested Approach

First Pass: Orientation 1. Read the lecture document to understand the concepts 2. Run any associated examples to see the behavior 3. Skim the code companion to see how concepts map to implementation

Second Pass: Deep Dive 1. Read the code companion carefully, typing out key sections yourself 2. Experiment with modifications—what happens if you change something? 3. Return to the lecture document to reinforce conceptual understanding

Third Pass: Integration 1. Try to explain the patterns to someone else (or write your own summary) 2. Look for these patterns in other Rust codebases 3. Apply the patterns in your own projects

Pacing Recommendations

  • Intensive Track (2-3 days): One lesson every 2-3 hours with breaks
  • Standard Track (1 week): One lesson per day with time for experimentation
  • Deep Learning Track (2-3 weeks): One lesson every 2-3 days with extensive hands-on practice

Learning Threads Overview

Several conceptual threads weave through this curriculum, appearing in multiple lessons with increasing depth:

Thread 1: The Bounds Checking Journey

Appears in: Lessons 1, 2, 3

This thread follows Rust's approach to preventing buffer overflows. You'll start by running code that demonstrates bounds checking in action, then explore the module architecture that organizes these protections, and finally dive deep into the various bounds checking patterns available—from iterator-based approaches to explicit bounds checking with detailed error information.

The key insight of this thread: Rust doesn't just check bounds at runtime; it provides patterns that often eliminate the need for bounds checks entirely through iterator abstractions and slice patterns.

Thread 2: Ownership and Lifetimes Mastery

Appears in: Lessons 2, 4, 5

This is perhaps the most important thread for understanding Rust's unique value proposition. You'll see how ownership rules prevent use-after-free bugs, how lifetimes encode validity requirements in the type system, and how these concepts enable zero-cost abstractions that are both safe and fast.

The key insight of this thread: Lifetimes are not about how long something lives—they're about proving to the compiler that references are valid for as long as they're used.

Thread 3: Fearless Concurrency

Appears in: Lessons 2, 6, 7

Concurrent programming is notoriously difficult in most languages, but Rust's type system provides compile-time guarantees against data races. This thread builds from basic shared-state concurrency with Arc<Mutex<T>> through advanced patterns using channels, atomic types, and the Send/Sync traits.

The key insight of this thread: Rust doesn't prevent all concurrency bugs (deadlocks are still possible), but it guarantees freedom from data races—a guarantee no other mainstream language provides without runtime overhead.

Thread 4: Type-Driven Design

Appears in: All lessons

Running throughout the course is the philosophy of encoding invariants in the type system. Rather than relying on documentation or programmer discipline, Rust's patterns make invalid states unrepresentable. This thread shows how careful type design prevents entire categories of bugs.

The key insight of this thread: The best bug is one that cannot be written. Type-driven design moves error detection from runtime to compile time.

Course Outline

Lesson 1: First Encounter — Running Safe Code

File: examples/buffer_overflow_prevention.rs

Your journey begins with executable examples that demonstrate Rust's memory safety in action. This lesson focuses on buffer overflow prevention—a vulnerability class responsible for countless security exploits throughout computing history. You'll run code that would crash or be exploitable in C, and see how Rust handles the same scenarios safely.

Key concepts: Runtime bounds checking, panic behavior, safe APIs vs. unsafe operations

Duration: 30-45 minutes

Lesson 2: The Big Picture — Memory Safety Taxonomy

File: src/lib.rs

Before diving deep into any single topic, this lesson provides an architectural overview of the entire codebase. You'll understand how the three main categories of memory safety (buffer overflows, use-after-free, data races) relate to each other and why they're organized into separate modules. This lesson also introduces the documentation philosophy that makes Rust code self-describing.

Key concepts: Module organization, documentation as specification, the three pillars of memory safety

Duration: 45-60 minutes

Lesson 3: Bounds Checking Deep Dive

File: src/buffer_overflow_prevention.rs

Now we examine bounds checking patterns comprehensively. You'll learn multiple approaches to preventing buffer overflows: iterator-based patterns that eliminate indexing entirely, safe indexing methods that return Option<T>, bounds-checked wrappers that provide detailed error information, and stack-allocated buffers with compile-time size guarantees.

Key concepts: Iterators vs. indexing, Option for fallible operations, newtype patterns for additional safety, const generics

Duration: 60-90 minutes

Lesson 4: Ownership in Action

File: examples/use_after_free_prevention.rs

This lesson makes ownership tangible through runnable examples. You'll see move semantics in action, understand why certain patterns that seem reasonable are rejected by the compiler, and develop intuition for how Rust tracks value ownership. The examples demonstrate both what works and why alternatives wouldn't be safe.

Key concepts: Move semantics, borrowing rules, the relationship between ownership and memory deallocation

Duration: 45-60 minutes

Lesson 5: Ownership and Lifetimes Mastery

File: src/use_after_free_prevention.rs

The deepest dive into Rust's most distinctive feature. This lesson covers lifetime annotations in detail: what they mean, when they're required, and how to read complex lifetime signatures. You'll understand lifetime elision rules, see patterns for structs that contain references, and learn how lifetimes enable safe APIs for borrowed data.

Key concepts: Lifetime annotations, lifetime elision, struct lifetimes, lifetime bounds on generics

Duration: 90-120 minutes

Lesson 6: Concurrent Code Introduction

File: examples/data_race_prevention.rs

Your entry point to Rust's concurrency story. This lesson demonstrates the fundamental patterns for sharing data between threads: Arc for shared ownership across threads, Mutex for mutual exclusion, and how these types compose to provide safe concurrent access. You'll run examples that would have data races in other languages and see how Rust prevents them.

Key concepts: Arc<T>, Mutex<T>, thread spawning, shared mutable state

Duration: 45-60 minutes

Lesson 7: Thread Safety Through Types

File: src/data_race_prevention.rs

The culmination of the concurrency thread. This lesson examines the Send and Sync traits that form the foundation of Rust's thread safety guarantees. You'll understand when types are automatically Send or Sync, how to work with types that aren't, and advanced patterns including channels for message passing, atomic types for lock-free programming, and reader-writer locks for read-heavy workloads.

Key concepts: Send and Sync traits, channels, atomics, RwLock, choosing the right synchronization primitive

Duration: 90-120 minutes

Next Steps

After completing this course, you'll have a solid foundation in Rust's memory safety guarantees. Here are paths for continued learning:

Deepen Your Understanding

  • The Rustonomicon: The official guide to unsafe Rust—understanding unsafe helps you appreciate what safe Rust provides
  • Rust for Rustaceans by Jon Gjengset: Advanced patterns and idioms for experienced Rust developers
  • "Learn Rust With Entirely Too Many Linked Lists": A deep dive into ownership through implementing various linked list types

Apply Your Knowledge

  • Contribute to open source: Find Rust projects that interest you and start with documentation or test contributions
  • Rewrite something in Rust: Take a small tool you've written in another language and port it to Rust
  • Build a concurrent application: Create something that exercises the patterns from Lessons 6-7
  • Async Rust: The async/await story builds on ownership concepts in fascinating ways
  • Embedded Rust: Memory safety on resource-constrained devices
  • WebAssembly with Rust: Bring memory safety to the browser

Stay Connected

  • Join the Rust community on Discord, Reddit, or the official forum
  • Follow This Week in Rust for ecosystem updates
  • Attend local Rust meetups or RustConf

Ready to Begin?

Start with Lesson 1: First Encounter to see Rust's memory safety in action. Run the examples, observe the behavior, and prepare to understand how Rust achieves what other languages cannot.

The journey from "fighting the borrow checker" to "thinking with the borrow checker" is transformative. By the end of this course, you won't just know Rust's rules—you'll understand their purpose and appreciate their elegance.

Let's begin.