Linus Says AI Is Just a Tool: ‘Atmosphere Programming’ Works for Throwaway Code, Not 35‑Year Projects

Commit activity increase

In the last six months the commit count for the two most recent Linux kernel releases rose by roughly 20 % compared with previous years. Linus Torvalds initially attributed the surge to excitement around version 7.0, but later identified the true driver as the widespread adoption of AI‑assisted development tools that lower the barrier to writing kernel patches.

AI impact on development

Positive effect: AI helps developers discover bugs that were previously hidden, accelerating bug discovery and short‑term output.

Negative effect: AI‑generated vulnerability reports have flooded the kernel security mailing list with thousands of near‑duplicate submissions, often pointing to the same underlying issue.

Policy response: The community adjusted its disclosure policy – bugs found by AI are treated as public information unless they constitute a genuine security exploit.

Policy adjustment details

When a bug is discovered using AI, it is considered public by default because the same AI tool could be used by many others to find the same issue. Only when the bug represents a true security exploit is the exploit method kept confidential. This change aims to reduce the workload on the security mailing list while still protecting serious vulnerabilities.

Tooling and automation

Linus noted that the kernel development process has been stable for about 20 years after the switch to Git and modern release tooling. The community already uses extensive automation, including Google’s Syzkaller fuzzing system that automatically checks patches on the mailing list. In addition, many core developers now run AI locally to assist with code review, patch generation, and bug hunting.

Social pressure on maintainers

AI forces developers out of their comfort zones and creates a new class of “burnout” for maintainers, especially those of small, long‑lived projects that lack the resources to triage massive report volumes. While large projects like the Linux kernel have over 1 000 contributors per release and a well‑funded maintainer base, the majority of GitHub repositories (estimated at 4.8 billion repositories, with 600 k considered critical for enterprises) are maintained by one to three people. Those maintainers can be overwhelmed by the flood of AI‑generated reports.

Scale of the open‑source ecosystem

The Linux kernel now contains roughly 35 million lines of code . Over the past two decades the release process has remained stable, but the recent AI influx has noticeably increased development activity across the board.

Advice for newcomers

Effective use of AI tools requires deep knowledge of the system being programmed. Prompt engineering works best for developers who understand the underlying architecture, can read generated assembly, and can assess whether an AI‑suggested change is safe. Linus emphasized that “excellent developers still write better code” and that AI is a tool, not a replacement for expertise.

Other open‑source projects mentioned

Linus highlighted a personal side project – a guitar‑pedal design – whose source files are fully open. The repository is available at https://github.com/torvalds/guitar-pedal.

Key takeaways

AI has increased kernel commit activity by ~20 % by lowering the entry barrier for patch creation.

AI improves bug discovery but introduces social and process challenges, notably duplicate security reports.

The community’s response is to treat AI‑found bugs as public unless they are true exploits.

Automation (e.g., Syzkaller) and local AI tools are already part of the workflow.

Maintainer burnout is a real risk for small projects; deep system knowledge remains essential for effective AI prompting.