on the occasion of the latest kernel release, linux creator linus torvalds issued a rare warning about the disorderly use of ai tools in open-source collaboration. according to gizevo, a large number of security reports—mass‑generated by ai and highly similar in content—are continuously flooding the linux kernel vulnerability submission system, severely clogging critical review channels and trapping the core maintenance team in a quagmire of inefficient, repetitive work. torvalds made it clear that his objection is not to ai technology itself, but to the “one‑click submission” practice lacking contextual understanding and a sense of responsibility—when dozens of developers invoke the same ai model to scan identical code segments, the system quickly receives hundreds of nearly identical vulnerability reports.
this flood of reports has substantially slowed down the pace of kernel governance: maintainers are forced to devote considerable effort to identifying duplicates, retrieving historical fix records, and repeatedly sending standardized responses such as, “this bug was fixed in v6.11‑rc3; see the patch link.” even though this week’s kernel updates proceeded smoothly overall—with driver module updates accounting for 50% of the changes and gpu‑related improvements particularly notable—the information noise generated by ai continues to significantly disrupt what was once a rigorous and efficient code‑review process.
to restore a high‑quality collaborative workflow, torvalds has laid out clear guidelines for developers worldwide: genuine contributions lie not in hastily raising issues, but in deeply understanding kernel mechanisms and development standards; ai can serve as a helpful tool, but every submission must include a verifiable reproduction path, precise localization analysis, and a fully tested patch. only then can tools truly serve humanity, rather than replacing thoughtful deliberation.
