Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Hoshino Lina / 星乃リナ 🩵 3D Yuri Wedding 2026!!! Profile picture
@Lina_Hoshino
Oct 5, 2022 16 tweets 3 min read Read on X
Scrolly
There's a lot of weird debate about whether Rust in the kernel is useful or not... in my experience, it's way more useful than I could've ever imagined!

I went from 1st render to a stable desktop that can run run games, browsers, etc. in about two days of work on my driver (!!!)
All the concurrency bugs just vanish with Rust! Memory gets freed when it needs to be freed! Once you learn to make Rust work with you, I feel like it guides you into writing correct code, even beyond the language's safety promises. It's seriously magic! ✨
There is absolutely no way I wouldn't have run into race conditions, UAFs, memory leaks, and all kinds of badness if I'd been writing this in C.

In Rust? Just some logic bugs and some core memory management issues. Once those were fixed, the rest of the driver just worked!!
I tried kmscube, and it was happily rendering frames. Then I tried to start a KDE session, and it crashed after a while, but you know what didn't cause it? 3 processes trying to use the GPU at the same time, allocating and submitting commands in parallel. In parallel!!
After things work single-threaded in a driver as complex as this, having all the locking and threading just magically working as intended with no weird races or things stepping on top of each other is, as far as I'm concerned, completely unheard of for a driver this complex.
And then all the memory management just... happens as if by magic. A process using the GPU exits, and all the memory and structs it was using get freed. Dozens of lines in my log of everything getting freed properly. I didn't write any of that glue, Rust did it all for me!
(Okay, I wrote the part that hooks up the DRM subsystem to Rust, including things like dropping a File struct when the file is closed, which is what triggers all that memory management to happen... but then Rust does the rest!)
I actually spent more time tracking down a single forgotten `*` in the DCP driver (written in C by Alyssa and Janne, already tested) that was causing heap overflows than I spent tracking down CPU-side safety issues (in unsafe code) in Rust on my brand new driver, in total.
Even things like handling ERESTARTSYS properly: Linux Rust encourages you to use Result<T> everywhere (the kernel variant where Err is an errno), and then you just stick a ? after wherever you're sleeping/waiting on a condition (like the compiler tells you) and it all just works!
Seriously, there is a huuuuuuge difference between C and Rust here. The Rust hype is real! Fearless concurrency is real! And having to have a few unsafe {} blocks does not in any way negate Rust's advantages!
Some people seem to be misunderstanding the first tweet in this thread... I didn't write a driver in 2 days, I debugged a driver in 2 days! The driver was already written by then!

What I'm saying is that Rust stopped many classes of bugs from existing. Sorry if I wasn't clear!
There was also a bit of implementation work involved in those 2 days of work though - buffer sharing in particular wasn't properly implemented when I got first renders, so that was part of it, but the bulk of the driver was already done.
Apparently I have to clarify again?

I did write the driver myself (and the DRM kernel abstractions I needed). The 2 days were the debugging once the initial implementation was done. The Rust driver took 7 weeks, and I started reverse engineering this GPU 6 months ago...
This was the first stream where I started evaluating Rust to write the driver (I'd been eyeing the idea for a while, but this was the first real test).

Initially it was just some userspace experiments to prove the concept, then moved onto the kernel.

I mostly worked on stream and it's been 12 streams plus the debugging one, so I guess writing the driver took about 12 (long) days of work, plus a bit extra (spread out over 7 weeks because I stream twice per week and took one week off)
So just to be totally clear:

Reverse engineering and prototype driver: ~4 calendar months, ~20 (long) days of work

Rust driver development (including abstractions): ~7 calendar weeks, ~12 (long) days of work

Debugging to get a stable desktop: 5 calendar days, 2 days of work.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Hoshino Lina / 星乃リナ 🩵 3D Yuri Wedding 2026!!!

Hoshino Lina / 星乃リナ 🩵 3D Yuri Wedding 2026!!! Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Lina_Hoshino

Hoshino Lina / 星乃リナ 🩵 3D Yuri Wedding 2026!!! Profile picture
Jun 1
Okay, I generally side with *both* users and riggers because this cmo3 or not situation is mostly Live2D's fault but.

This has got to be the worst rigger take I've seen so far. If you can't afford to keep your clients' files safe by default, you should not be doing this job.
If you do not provide a cmo3 to users, it is your absolute prerogative to make the utmost effort to never, ever lose those files.

There is no possible excuse for losing paid client work like that. Ever. Period. That's a hill I will die on. This is the lowest possible bar.
This is literally Computer 101. You should have backups. You should have off-site/cloud backups. And you shouldn't charge people for it.

If you don't, you are not a serious professional in *any* computer-based field. This is a basic industry standard requirement.
Read 7 tweets
Hoshino Lina / 星乃リナ 🩵 3D Yuri Wedding 2026!!! Profile picture
May 31
A lot of people aren't appreciating how weird and abnormal the Live2D situation is. Thread.

I make music. When I do a comm, the client can ask for stems, which allows them to remix or remaster the song part by part. I don't need to send them my project file and plugins.
When you commission model art, you don't get the raw working PSD file, the artist's brushes, or their editor settings, but you get a cleaned cut PSD file that can be rigged but also built upon for adjustments and additions if necessary.
When you commission a 3D model, you may or may not get a raw .blend file, but whatever final model file can usually be re-imported for adjustments or changes and additions, and different models can be merged together into one.
Read 11 tweets
Hoshino Lina / 星乃リナ 🩵 3D Yuri Wedding 2026!!! Profile picture
May 31
I understand the riggers' perspective here because the project file has their workflow and settings; but

For a client, this is equivalent to buying a car you can't service or change any parts on. Right To Repair is a thing for good reason.
The bigger issue here is Live2D moc3 is a proprietary file format that has not had meaningful third party tooling/RE.

It's like the only options are you can't service your car at all, or the manufacturer gives you all their source code.

It doesn't have to be like this.
Live2D could easily fix this by allowing moc3 files to be imported into a new cmo3 file "as a black box", set up so that you can remove/hide ArtMeshes and build on the existing parameter inputs and physics settings, but not view/change the actual parameter rigs.
Read 7 tweets
Hoshino Lina / 星乃リナ 🩵 3D Yuri Wedding 2026!!! Profile picture
May 23
TIL people are using crazy FPGA DMA attack stuff to... cheat in games.

Back in my day this was a fun attack vector for things like BitLocker and other secure systems...

Also... $6k???? You can do this for a couple hundred max, someone is making BANK here.
Kernel level anticheat is evil, but also, if you're running this kind of insane setup you kind of should expect it to stop working with any OS/driver update too.

If you're booting your OS from a fake evil noncompliant NVMe drive itself then... yeah you kind of had this coming.
TLDR Valorant isn't bricking anything, it just turns on a system security feature that makes these crazy fake NVMe drives stop working (because they don't follow the NVMe spec)... and I guess some people had Windows installed on them so it stops booting or something.
Read 5 tweets
Hoshino Lina / 星乃リナ 🩵 3D Yuri Wedding 2026!!! Profile picture
Oct 17, 2024
Almost every thread about Rust for Linux ends up with someone saying "why not Zig instead"? And usually the answer is just "it's less mature" or "nobody pushed it".

I didn't know anything about Zig, so I decided to take a look today... and I'm not very impressed ^^;;
I learned that Zig does not have:

- Destructors
- Macros
- Lifetimes
- Operator overloading

Those are major reasons why I chose Rust for the drm/asahi driver...

It sounds like Zig is trying to be "modern C"... but the whole point of R4L is to not get stuck with C!
All those things Rust has that Zig doesn't are important for the things I'm doing.

Destructors/RAII are fundamental to how the driver tracks and cleans up firmware structures safely and reliably when needed. If I had to write "defer" everywhere it would be a bug-prone mess...
Read 14 tweets
Hoshino Lina / 星乃リナ 🩵 3D Yuri Wedding 2026!!! Profile picture
Sep 1, 2024
Honestly, I'm kind of sad about Wedson leaving RfL. He developed a huge part of the foundation that made Rust for Linux possible.

I'll still work on DRM (except sched) and driver upstreaming when the core stuff is in place, but I don't know about other subsystems.
At the rate things are going, I wouldn't be surprised if upstreaming the drm/asahi driver isn't possible until 2026 at the earliest. I had hopes for things to move much faster, but that's not possible without active cooperation from existing maintainers, and we aren't getting it.
Reading upstreaming mailing list threads is painful. Every second comment is "why is this not like C" or "do it like C". Nobody is putting any effort into understanding why Rust exists and why it works. It's just superficial "this code is scary and foreign" type reactions.
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(