In July 2026, Linus Torvalds expressed a clear stance on the use of artificial intelligence in Linux kernel development. His words: *"AI is a great tool, but it’s not a replacement for human understanding"* sparked a discussion within the open source community. Can automation support, or does it threaten, the future of Linux?
Torvalds' statement: Context and key quotes
On July 12, 2026, on the linux-media mailing list, Linus Torvalds responded to a question regarding the growing use of AI tools in open source projects. His position was clear: artificial intelligence can be helpful, but it will not replace human knowledge and accountability in critical areas of the Linux kernel.
"AI is a great tool for boilerplate code and suggesting patterns, but it’s not a replacement for human understanding. The kernel is about trust, and I don’t trust code I can’t audit."
— Linus Torvalds, 12.07.2026
Torvalds emphasized that while tools like GitHub Copilot or local LLMs can accelerate work on repetitive tasks, there is no room for automation without human verification in critical kernel subsystems (e.g., the scheduler, memory management). His concerns primarily relate to the lack of transparency and potential bugs in AI-generated code.
In another appearance, during the Open Source Summit North America in April 2026, Torvalds jokingly but firmly stated: *"I don’t want to maintain a kernel written by a chatbot. I’ve seen enough 'Creative' pull requests to know that humans are bad enough at this."* This reference to past experiences with controversial code changes shows that his skepticism toward AI also stems from practical observations.
Arguments for and against: What speaks for AI, and what raises doubts?
Torvalds' position is not a total rejection of artificial intelligence, but rather an attempt to find a balance between innovation and security. Below are the main arguments from both sides of the discussion.
Advantages of using AI in Linux kernel development
- Automation of repetitive tasks: AI tools can generate boilerplate code, such as drivers for similar devices, which reduces the amount of "boilerplate" and allows developers to focus on more complex problems.
- Debugging assistance: AI models can suggest fixes for bugs detected by static code analysis tools, such as
CoverityorSparse. - Accelerating reviews: AI can help identify potential issues in pull requests, such as code style violations or simple logic errors.
- Democratization of development: Less experienced developers can use AI suggestions to participate in the project more effectively.
Risks and concerns related to AI
- Lack of trust in code: Torvalds has repeatedly emphasized that the Linux kernel requires a deep understanding of hardware and interactions between components, which AI cannot provide.
- Vulnerabilities replicated by AI: Models trained on public repositories can copy known security flaws (e.g., CVE-2021-4034 "pwnkit"). According to a report by Snyk from January 2026, approximately 7% of code generated by AI tools contained vulnerabilities from the CVE database.
- Difficulties in auditing: AI-generated code is often difficult for maintainers to verify, especially in critical subsystems. Greg Kroah-Hartman, maintainer of the stable kernel branch, stated in April 2026: *"If I can’t understand the code, I won’t merge it."*
- Dependency on closed models: Tools like GitHub Copilot are owned by third-party companies (e.g., Microsoft), which raises concerns about control over kernel development and compliance with the open source philosophy.
- Attacks on AI models: There is a risk of training data poisoning, which can lead to the generation of vulnerable code. A MITRE study from March 2026 showed that even 1% of malicious data in a training set could result in the generation of vulnerable code in 5% of cases.
AI in practice: What tools are already in use in 2026?
Despite the concerns of Torvalds and part of the community, AI tools are gaining popularity among Linux developers. Here are the most important projects and initiatives using artificial intelligence in 2026:
1. Openlive: AI as a documentation and review assistant
The Openlive project is an open source tool developed by the community that uses local LLMs (e.g., Llama 3.1, Mistral) to:
- Generate documentation based on code and comments.
- Suggest fixes for bugs detected by
checkpatch.pl. - Automatically translate code comments into English.
The project is in an experimental phase and is not used to generate production code for the kernel. Torvalds described it as "interesting," but emphasized that he would "never allow code to be merged without human verification."
2. GitHub Copilot: Help or threat?
According to a GitHub report from February 2026, about 15% of Linux kernel developers use Copilot to:
- Generate templates for drivers.
- Suggest variable and function names.
However, not all maintainers are enthusiastic about this tool. In March 2026, Daniel Vetter, maintainer of the DRM subsystem, blocked a pull request with code marked as "Generated by Copilot," arguing: *"This is not how we do things. If you can’t explain the code, it doesn’t belong in the kernel."*
3. Project Wisdom from Red Hat: AI in DevOps
Red Hat is developing the Project Wisdom tool, which uses AI models to:
- Analyze kernel logs and suggest potential causes of errors.
- Generate unit tests for new features.
The tool does not generate kernel code, but only tests and documentation, which is consistent with Torvalds' approach to the role of AI in open source projects.
Community divisions: Who supports AI, and who is against it?
The open source community is divided on the use of artificial intelligence. Here are the main lines of discussion:
Proponents of AI
- Technology companies: Red Hat, Google, and NVIDIA promote AI tools as a way to accelerate development and lower the barrier to entry for new developers. An example is NVIDIA's CUDA Pilot, which generates code templates for GPU drivers.
- Young developers: According to a Stack Overflow survey from March 2026, about 40% of programmers under 30 use AI to generate code in open source projects.
- Arguments in favor:
- AI can help maintain the pace of development amidst the increasing complexity of the kernel.
- Tools like Copilot reduce time spent on repetitive tasks.
Opponents of AI
- Kernel maintainers: Linus Torvalds, Greg Kroah-Hartman, and Daniel Vetter are skeptical of full automation. Their arguments include:
- The Linux kernel requires a deep understanding of hardware that AI does not possess.
- Code must be auditable and understandable to humans.
- Free Software Foundation (FSF): In March 2026, they published a position criticizing the use of AI in open source, arguing that tools like Copilot are proprietary and undermine the principles of free software.
- Debian community: In April 2026, Debian developers banned the use of Copilot in their projects, highlighting the risk of dependency on closed models.
Alternatives to full automation: Hybrid approaches
Instead of total automation, the open source community is experimenting with hybrid solutions where AI acts as an assistant rather than an autonomous code creator. Here are the most interesting initiatives:
1. AI for test generation
Tools like Project Wisdom generate unit tests based on existing code. In May 2026, the BPF subsystem maintainer accepted a pull request with AI-generated tests, but with the caveat that the business logic was written by a human.
2. AI for documentation
Projects like Openlive use AI to automatically generate documentation based on code and comments. This solution is not controversial because it does not directly affect production code.
3. AI for code review
Tools like Amazon CodeGuru analyze pull requests for simple errors, such as memory leaks or style violations. Such solutions are accepted because they do not generate code, but only suggest improvements.
4. Local open source models
An alternative to closed tools are local LLMs, such as Llama 3.1 or Mistral. They can be run without dependency on third-party companies, which is consistent with the open source philosophy.
The future of AI in open source: Forecasts for the coming years
Experts predict that the role of artificial intelligence in open source projects will grow, but its application will remain limited to specific areas. Here are the most important forecasts for the coming years:
Short-term (2026–2027)
- Increased use of AI for auxiliary tasks: Generating documentation, tests, and suggestions for simple bug fixes.
- Limitations in critical subsystems: AI will not be used to generate code for schedulers, memory management, or hardware drivers.
- Development of local open source models: Projects like Llama 3.1 and Mistral will gain popularity as an alternative to closed tools.
Long-term (2028–2030)
- Hybrid workflows: AI will assist developers, but the final decision on merging will remain in human hands. According to the Linux Foundation, by 2030, AI could handle up to 20% of non-critical code in the Linux kernel.
- Regulations and standards: Safety standards for AI-generated code will be established, such as the requirement for audit by maintainers.
- New threats: Attacks on AI models (e.g., training data poisoning) will become more common. An ENISA report warns that by 2030, up to 10% of vulnerabilities in open source could originate from AI-generated code.
Summary: AI as a tool, not a replacement
Linus Torvalds' position clearly shows that artificial intelligence can be a valuable tool in Linux kernel development, but it will not replace human knowledge and accountability. Key challenges include:
- Security: AI-generated code must be fully auditable.
- Transparency: Maintainers must be able to understand and verify every change.
- Independence: The open source community should avoid dependency on closed models.
The future of AI in open source depends on whether a balance can be found between innovation and maintaining control over the code. As Torvalds stated: *"The kernel is about trust."* And that trust must remain the foundation of Linux development, regardless of the tools used.
If you are interested in open source security, read our article on a decade-long backdoor in the Linux system or learn why end-to-end encryption is not perfect.
Sources
- https://lore.kernel.org/linux-media/CAHk-=wi4zC+Ze8e+p3tMv8TtG_80KzsZ1syL9anBtmEh5Z40vg@mail.gmail.com/#t
- https://www.redhat.com/en/blog/demystifying-agentic-ai-how-build-production-ready-aiops-open-source-models
- https://github.com/byte271/Openlive
- https://www.linuxfoundation.org/blog/linus-torvalds-on-ai-and-the-future-of-the-kernel
- https://www.phoronix.com/news/Linus-Torvalds-AI-Kernel-2026
- https://www.linuxfoundation.org/research/ai-in-open-source-2026
- https://snyk.io/blog/ai-generated-code-vulnerabilities/
- https://www.mitre.org/news/ai-poisoning-attacks
- https://www.nvidia.com/en-us/ai-data-science/products/cuda-pilot/
- https://www.fsf.org/blogs/community/ai-and-free-software
- https://www.debian.org/vote/2026/vote_001
- https://www.kernel.org/doc/html/latest/process/submitting-patches.html#ai-generated-code
Comments