Rust is a memory-safe programming language that disallows undefined behavior. Its safety guarantees have been extensively examined by the community through empirical studies, which has led to its remarkable success. However, unsafe code remains a critical concern in Rust. By reviewing the safety design of Rust and analyzing real-world Rust projects, this paper establishes a systematic framework for understanding unsafe code and undefined behavior, and summarizes the soundness criteria for Rust code. It further derives actionable guidance for achieving sound encapsulation.

翻译：Rust 是一种内存安全的编程语言，禁止未定义行为。其安全性保证已通过实证研究得到社区的广泛检验，这促成了其显著的成功。然而，不安全代码在 Rust 中仍然是一个关键问题。本文通过回顾 Rust 的安全性设计并分析现实世界的 Rust 项目，建立了一个系统性的框架来理解不安全代码和未定义行为，并总结了 Rust 代码的可靠性准则。进一步地，本文推导出了实现可靠封装的可操作指导原则。