There are lots of people yelling that Rust provides no benefit, or that this is all the fault of interacting with non-Rust code. Neither is accurate.

The race occurred in a section of code not labelled unsafe. It was allowed to occur because the principles the borrow checker relies on were violated in a section that was.

This was not because C code had not addressed this challenge; someone thought, with a comment at the unsafe section, they would have safeguards and could take shortcuts. They released the lock guarding access to the mutable reference they held. This would not have occurred if that lock was correctly modelled to hold its contents, as std::sync::Mutex is intended to.

The developer who built the translation layer didn't apply the structural lessons in the standard library.

The claim this is "only a crash" is also wild speculation; memory corruption of this class may have wildly unpredictable effects, including replacing credentials or extracting information. It's detectable when it crashes.

Most notably, the bugfix addressed the final race. It did not address either of these structural weaknesses in the type modelling; meaning while this bug was fixed, the conditions that let it happen by accident were not. This has been the case in each of these publicised rust rewrite bugs I've seen.

... I've never even heard of them getting into an accident, let alone killing anyone! They do run shuttle buses to IKEA, though.

There are projects to reimplement coreutils e.g. in assembly, Rust, V, Haskell and probably many others. It looks like most of them are pretty sloppy.

True. But it took bad coding practices to make this screw up. They added code that faked the user interface of a simple feature they had not implemented, and pushed to production years later without once checking if it worked.

They've added a (weak) test now. But that's not the start of the stupidity. They added the fake -r option three years ago. The argument parsing has its own model of what's required, while it reports everything in a typeless association list - and nothing was there to read this setting. It's plainly bad architecture, and they're not fixing that.

How about the way Firefox complains about its DRM blobs crashing if you visit Dropbox, even if you have it set to disable all DRM functions and not run scripts? If you delete said faulty suspicious blobs, it automatically starts installing something without my consent. Mozilla deserves a creepy rating. Oh look, despite having telemetry disabled, after doing that test it's been writing new files under a folder named datareporting. The UI has been actively growing worse as well, featuring things like not telling you why it's concerned about SSL certificates, or why it redirects to https when explicitly instructed to use http.

It's a nice jest, but that's still what we're typically working with; pick a program, then use that program to create a document or open a recent one. The transition to work-centered rather than tool-centered interface mostly didn't happen. Side note, the oldest Windows installation I had didn't have a Program Manager; it started along with Excel, and opened no other windows.

Sure, it could. But that would require a coordinate remapping layer... like the at least three that already exist, for scaled windows ("non-HiDPI"), for multiple monitor layouts, and for the taskbar. And this is Windows they're talking about; let's not pretend they'll remove the APIs just because they're too lazy to make their phone ports use them. Besides which, all the other phone platforms now have APIs to avoid screen regions like the annoying camera notches. The excuse is the usual bullshit, made up on the spot.

"Open Source does not and never has meant anything other than being able to get the sources" - bullshit. Open Source has a very clear definition as a term, laid down in the Open Source Definition, in turn based on the Debian Free Software Guidelines, in turn based on the Free Software Foundation's Free Software. You can argue the term lacks legal protection, but stop spreading lies about what it means.

Wrong lesson. They're conflating separate things that may or may not all be crap. In particular, there is no "metaverse", and the incompetent software vendor here was "decentraland", which appears to be mostly scam. So Samsung spent advertising budget on something that doesn't work (not unusual), but happened to invite the press to report on how badly.

Both those places of course have existing codecs optimized for their use cases, such as ASTC and DSC. And deployment in hardware is what matters for them; they have no benefit from the byte orientation of QOI. QOI is does not satisfy either case: entirely serial breaks texture use, and 33% base expansion breaks the monitor case. Only perfectly flat horisontal runs of 3 or more pixels achieve lower than 8 bits per pixel.

I'm sure you could already tell, but it offers nothing for that use case. For instance, it doesn't support high bit depth or one channel per pixel (as caused by Bayer filters and the like). If you're looking for something that might compress more than your camera does, but preserves sensor data, DNG is more relevant. If you're looking for easier to parse, FITS.

No, because he had complete veto to shut down alterations that would eliminate pathologically poor cases for not feeling right to him. And now he's got the format 100% specified with meaningless padding and no version field. But the compression usually outperforms PPM!

It's not likely to see any use as an in-GPU texture compression format; it's 100% serial. No 2D lookups into the compressed image. You could make a sort of checkpoint by storing the 192-256 byte palette, 3-4 bytes of prior pixel, and offsets into image and compressed stream, but I don't think people would bother. Of course, decoding the format could be done by compute shaders, but wouldn't make much sense with less than some dozens of images to decode simultaneously; CPUs are often better at these tight loops.

The pixel to pixel diffing doesn't do anything to the runs, I think. It's basically 8-bit RGB, running 64-entry palette, RLE, and two variants of HAM. And a completely redundant end marker that only complicates things (by overlapping with the palette format). The main feature of the format is a codec that'll fit in L1 cache and uses simple byte based processing. By the way, who uses 8-bit linear?