TRPL states that unsafe occurs in two locations

[Gankra]

In the unsafe section:

unsafe is used in two contexts... the first one is to mark a function as unsafe ... The second use of unsafe is an unsafe block

It occurs in 4-5 depending on how you count:

• unsafe fn
• unsafe trait
• unsafe block
• unsafe impl
• #[unsafe_no_drop_flag]

In my TURPL draft I currently state the following:

Their are several places unsafe can appear in Rust today, which can largely be
grouped into two categories:

• There are unchecked contracts here. To declare you understand this, I require
  you to write unsafe elsewhere:
  • On functions, unsafe is declaring the function to be unsafe to call. Users
    of the function must check the documentation to determine what this means,
    and then have to write unsafe somewhere to identify that they're aware of
    the danger.
  • On trait declarations, unsafe is declaring that implementing the trait
    is an unsafe operation, as it has contracts that other unsafe code is free to
    trust blindly.
• I am declaring that I have, to the best of my knowledge, adhered to the
  unchecked contracts:
  • On trait implementations, unsafe is declaring that the contract of the
    unsafe trait has been upheld.
  • On blocks, unsafe is declaring any unsafety from an unsafe
    operation to be handled, and therefore the parent function is safe.

There is also #[unsafe_no_drop_flag], which is a special case that exists for
historical reasons and is in the process of being phased out. See the section on
destructors for details.

[Gankra]

Note that Send and Sync are the only two stable unsafe traits, but there are more in the unstable pipeline.

[arielb1]

Is #[unsafe_no_drop_flag] the only unsafe attribute?

[Gankra]

To my knowledge. We used to have unsafe_drop or whatever but dropck has subsumed it.