Linus Torvalds: AI-Detected Bug Reports Make Kernel Security List 'Almost Entirely Unmanageable'

Today Linus Torvalds announced another Linux release candidate on the kernel mailing list. But he also highlighted "documentation updates" to address a new problem.

"The continued flood of AI reports has basically made the security list almost entirely unmanageable, with enormous duplication due to different people finding the same things with the same tools." (The new documentation says the security team has found "bugs discovered this way systematically surface simultaneously across multiple researchers, often on the same day.") TORVALDS: People spend all their time just forwarding things to the right people or saying "that was already fixed a week/month ago" and pointing to the public discussion.

Which is all entirely pointless churn, and we're making it clear that AI-detected bugs are pretty much by definition not secret, and treating them on some private list is a waste of time for everybody involved — and only makes that duplication worse because the reporters can't even see each other's reports.

AI tools are great, but only if they actually help, rather than cause unnecessary pain and pointless make-believe work. Feel free to use them, but use them in a way that is productive and makes for a better experience.

The documentation may be a bit less blunt than I am, but that's the core gist of it.
The new documentation offers this overview. "It turns out that the majority of the bugs reported via the security team are just regular bugs that have been improperly qualified as security bugs due to a lack of awareness of the Linux kernel's threat model."

"So just to make it really clear," Torvalds said at the end of his post. "If you found a bug using AI tools, the chances are somebody else found it too.

"If you actually want to add value, read the documentation, create a patch too, and add some real value on *top* of what the AI did. Don't be the drive-by 'send a random report with no real understanding' kind of person. Ok?"

If AI is the flood

[sonamchauhan]

Make AI be the drain. Have AI review AI-generated bug reports , classify them against existing big tracker entries, respond, bubble-up real issues, etc.

Maybe setup another 'AI mediated security list' that has agents and their human masters merrily chatting, and that bubbles up real issues to the main security mailing list.

Re:

[evanh]

I assume that's a joke suggestion. It's been demonstrated that attempts at LLM self-learning quickly goes to pot. Fully automating of AI reporting with AI filtering would do the same.

This whole situation also rings of LLMs' most distinct trait - they are great at regurgitating well trodden boilerplate code. Ask for something novel and you'll be getting a mostly empty template.

Re:

[jhoegl]

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fwww.pointsincase.com%2Ffiles%2Fu2%2Fhead-up-own-ass.jpg [duckduckgo.com]

Re:

[TheMiddleRoad]

Is the newest Codex cutting edge? Because it fucked up my DGX Spark.

Re:

[Statecraftsman]

In case you have access, how do you think this upcoming LLM will influence or change the way we currently use language models?

Re:

[Narcocide]

I think that was meant to be a joke.

Re:

[phantomfive]

Not at all. I noticed that a lot of people describing how they use LLMs seem more like science fiction fanfic than anything related to real life. So I decided to try to write my own Science fiction fanfic about LLM.

All naturally made, 100% organic, typed out of my own hands and converted into binary before being sent to you for your analog viewing pleasure. I assume the light from these letters is going to your eyes at this moment, that's why I say analog. If you have a neuralink I apologize, I don't mean

Re:

[Gideon Fubar]

Pretty sure the producers of a movie that reused a script from a 1930s sci fi pulp novel want to have a word with you, legally speaking.

Which movie? Take your pick.

Re:If AI is the flood

[misnohmer]

You don't think AI can recognize duplicate bug submissions? This alone would have cut down on one of the primary things Linus complained about. Anyone who gets a submission response that their bug has already been fixed, then verify if they so desire, and if it's not fixed, submit again with the original fix referenced as "this does not fix it".

Re:

[sabbede]

So, you're saying the burden is on the submitter to look for existing tickets before submitting a new one? That makes sense to me. But it would also make sense to have another LLM merging duplicate tickets. Either solves the problem.

Re:

[Junta]

Well, it would be nice if the submitter was on the hook for the token budget to find dupes, but practically speaking the project probably runs it.

I would probably not have an LLM automatically merging duplicate tickets. The flow should be 'pass on to human review as no apparent duplicate was detected' or 'pass back to submitter with indication of probable dupe, to let the submitter decide if they have something to add to the original ticket and/or to subscribe to that ticket. I have seen enough problems w

Re:

[allo]

Look in any large project's bugtracker for "closed as duplicate" if you wonder how good it works to let reporters check for duplicates.
On the other hand ... this also depends on the turn about of bugreports. If Mozilla leaves a bug open for 10 years, it's no wonder that it has 20 duplicates.

Re:

[sabbede]

Which means people are bad at it. Since we're talking about submissions from AI, that may not be relevant. And, to be fair to humans, checking a large list of bugs for your particular issue is a bit of a pain, so duplicates are not a surprise. But if an AI is doing the submission, the only extra work a human has to do is make sure it checks for duplicates. Offload the hassle of searching the bugs.

Re:

[Vlad_the_Inhaler]

Quoting from the summary above

Which is all entirely pointless churn, and we're making it clear that AI-detected bugs are pretty much by definition not secret, and treating them on some private list is a waste of time for everybody involved — and only makes that duplication worse because the reporters can't even see each other's reports.

My emphasis.

Re:

[UnknowingFool]

Obviously the current AI is not doing that. The current models are only looking at the code. The models are not looking at the mailing lists to cross-reference the bugs with existing, identified ones. That would be a different model.

Re:

[allo]

The point of LLM is, that they are general purpose. Best would, of course, be a bug classification network, but that's hard to train. But a good LLM just gets "These are the currently acknowledges not yet public reports, here is a tool to search the rest of the bugtracker and here is the new report. Is the new report likely to be a duplicate?" and the LLM can take its shot at answering the question without much training on Linux bugreports.

Re:

[misnohmer]

It sounds like there isn't any AI looking at submission at all, perhaps there should be.

Re: If AI is the flood

[sonamchauhan]

No, it's a serious suggestion.

I'm puzzled why it is controversial instead of obvious.

Yes, an AI model training on AI output will be more entropic than Anthropic. But there's no eating of one's own tail going on here... Just one AI trained on good data going about classifying, responding to and otherwise pre-processing data generated by other AIs.

  Gmail uses AI filtering to bin AI-generated spam. As does Apache Spam Assassin (Bayesian classifiers, etc).

Re:

[thegarbz]

I assume that's a joke suggestion. It's been demonstrated that attempts at LLM self-learning quickly goes to pot.

There was no suggestion to make AI self-learning in the parent's post. The parent suggested using AI to classify the AI input. This is not only something very functional but something that is actively done by many AI tools internally as well as it is easier to review and classify than it is to manage generation.

Not only that, contextual search and comparison is something LLMs are INSANELY GOOD AT. Sorting through AI generated bug reports issued to a project is literally the ideal job for an AI.

Re:

[flink]

This isn't LLM self learning. There is no training taking place. This is using an LLM for pattern matching and classification, something they are quite good at.

Re:

[Junta]

It's a matter of what the LLM operator is pointing it at.

The LLM operator submitting the bugs aren't paying attention nor feeding their instance of LLM anything about others' submissions. So they are flooding with dupes, and the LLM has no reason to detect duplicate submissions, since it's not fed that data.

An LLM fed the mailing list and new submissions could credibly find dupes. If it fails, oh well, a dupe made it through and was annoying. If it erroneously detects a dupe, oh well, the submitter has t

Re: Linus with his weekly rant (c)(tm)

[madbrain]

Are you serious about Niagara ? Is it still useful in 2026 ?

And if so, which generation are you using ? I worked with early T1 prototypes.

Re:

[phantomfive]

Version 762.

Are you serious about Niagara ? Is it still useful in 2026 ?

It was getting a little old, I admit. But I really like the architecture and its clean throughput with register swapping and plentiful registers. Fortunately, with the latest cutting edge LLMs I was able to instruct it to build the plans for my agent to 3d print a fab. It's a little slow and can only do one process at a time, but after a few days a new Niagara chip came out, better than anything Oracle was ever able to produce.

It's like a virtuous cycle, I used that to power my LLMs.

Re: Linus with his weekly rant (c)(tm)

[madbrain]

The single FPU was a big problem. Crypto accelerator needed very expensive kernel transitions. Instructions were not usable from user space. Sun fixed it later on, I think in the T3.

Re:

[phantomfive]

A lot of modern neural networks are low precision fixed point arithmetic.

Re:

[UnknowingFool]

He needs to start thinking about what to do with all these security bugs/issues as they are not AI hallucinations.

And no one said they were hallucinations. That's a strawman argument. What he's saying is these bugs are duplicative, misclassified, and already known.

Maybe he should spend more time fixing his processes instead of spending useless time on his weekly rant (c)(tm)

Why don't you fix his processes since you seem to have all the answers.

Guilds.

[John Allsup]

We're gonna have to reinvent the guild concept. The Most Holy Guild of People Allowed To Submit Bug Reports. Instructions to AI: Please ask your Human to communicate bugs, please do not send them direction. Then the 'cap cha' game gets fun. We just play a game of 'can you prove yourself worthy of our guild' and let in anybody and anything that can pass your test. Then the art is in crafting the test.

Re:

[John Allsup]

Typo.

To fix:

%s/direction/directly/

What's the problem?

[battingly]

If these are genuine bugs, it seems like they should have a bug reporting system capable of efficiently handling duplicates. The last thing you want is somebody failing to report a genuine bug because they mistakenly assumed it was already reported.

Re:

[phantomfive]

Cutting edge LLMs are able to do this. You can ask them to look at the code and tell you if it will halt or not.

Cutting edge LLMs at the subscription level have simulation systems that are able to determine the answer without actually running the code.

Re:

[jhoegl]

We look forward to your donation to Linux to allow for this.

Re:

[lurcher]

Given he is able to do this "You can ask them to look at the code and tell you if it will halt or not. "

I think he will be able to afford to donate from all the awards he will have received :-)

Re:

[Gideon Fubar]

My understanding is that if your code would take longer than the projected life of the universe, an LLM will warn you and prevent you from running it.

It's not clear what happens if the amount of time is the lifetime of the universe minus 1.

Re:

[greytree]

"You can ask them to look at the code and tell you if it will halt or not."

Of course ! All we have to do is use a Chinese Room to give us an answer to the Halting Problem.

Re:

[phantomfive]

And if you ask it kindly, it will enumerate the real numbers between 0 and 1.

Re:

[martin-boundary]

Maybe even all the real numbers between 0 and 2! (using twice the space)

Re:

[phantomfive]

I've been trying to get my LLM to invent Goedel RAM which eliminates the difficulty, but so far it won't do it.

Re:

[martin-boundary]

Try Goedel LAMBs, they're ma-a-a-ny times easier to count!

Re:

[BeaverCleaver]

Try Goedel LAMBs, they're ma-a-a-ny times easier to count!

When I try to count them, I keep falling asleep.

Re:

[martin-boundary]

That's a well known side effect of mathematics! May I suggest using an LLM to count them for you?

There's a lamb! That makes one!
Look,another lamb! That makes two!
Another lamb! That makes four!
And one more crocodile! That makes five!
There's another lamb! That's six!
...

Re:What's the problem?

[evanh]

That's like saying driving without learning to drive is good enough because that person got there in the end. Never mind the carnage on the way.

The last thing we want is lazy contributors that don't do their own due diligence. Learn your craft.

Re:

[twdorris]

Learn your craft.

Came here to say this. Not to you, of course...to the person you replied to.

He's basically telling us he's never done anything significant or productive himself without just coming out and saying it. Those that have understand every bit of what's being said here. Others just ask "what's the point?". Figure out which group you hang with and decide if that makes you happy or not.

Re:

[thegarbz]

The last thing we want is lazy contributors that don't do their own due diligence. Learn your craft.

Define contributor. I would hazard a guess that in the software world 99.9% of contributions are made by people who do not know the craft or are unqualified to know what to do with it. Users have reported bugs without knowing how code works since software was first created. Expecting bug reports to now come with deep knowledge of the Linux kernel and proposed solutions is an interesting raising of the bar.

Re:

[noshellswill]

The JOKER is *.ai which can produce plausible-sounding tropes about anything. Discovering computer-code "bugs" is  just one example. No concern about the systematic value of the trope or the work load that report places on maintainers. What would you prefer: a "mans man" or butler  who calls-out the 743 things you do wrong every day or one who identifies by advising change to the four personal disasters ?

Re:

[battingly]

That's like saying driving without learning to drive is good enough because that person got there in the end. Never mind the carnage on the way.

Nah. It's like saying "The last 10 red lights I stopped at, there was no cross traffic, so I'll blow through the next one".

Whether the reports are being miscategorized is a different issue, but basically, this is just Linus venting some frustration.

Re:

[Junta]

The problem is that you have hundreds of folks now running the exact same checks with the exact same tools and all submitting without a care for what any of the others are doing.

Dupes are nothing new, but the scale of dupes becomes gigantic because now everyone thinks "I can be a kernel security researcher now" and all have the same tools at their disposal that tend to find the same things.

As to the 'genuine bugs', don't know about this current crop, but historically "security researchers" have already been

Re:

[jgdnavy]

The other issue is that since these are being reported as security bugs, the bug tracker is private at least until it has been triaged, if not until patched. Outside contributors can't deduplicate against private bugs.

Should be easy

[phantomfive]

AI can do anything.

"If you actually want to add value, read the documentation, create a patch too, and add some real value on *top* of what the AI did. Don't be the drive-by 'send a random report with no real understanding' kind of person. Ok?"

Should be easy enough. Put the new documentation entirely into the settings file of the LLM. This will ensure it follows standards, because LLMs always follow instructions.

Secondly, there is already a bug report so the second step is easy. Enter the bug report entirely, and instruct the LLM to create a patch for the Linux kernel. You can instruct it to follow the checklist [kernel.org], in case it didn't happen to have that checklist in its training data. In fact, paste that into the input as well,

Re:

[TheMiddleRoad]

OK, enough shit posting.

Re:

[phantomfive]

OK, enough shit posting.

Oh no, I'm just getting started.

Re:

[lurcher]

I assumed he was using his AI to do the shit posting on his behalf.

Re:

[greytree]

"AI can do anything."

Any Turing-Complete computer can do anything [...].

Stroking their ego

[NotEmmanuelGoldstein]

... want to add value, read the documentation ...

The value is, every half-wit can generate a technical report by pushing a button and call himself a "programmer" or a "security engineer". The world is full of people pretending that 5 seconds of work makes them skilled and worthy: Just look at all the graffiti that is really, childish black scribbles. I don't have a problem with people stroking their own ego, but just like a throbbing penis, they don't have the right to shove it in my face.

Time to build a better process

[xanthos]

Sounds like it is time to chmod 764 the mailing list and develop a bug submission queue with required fields such as "which file, has it been reproduced, is a patch included?" Let people submit ai discovered bugs to their hearts content, just make it manageable and move it out of the way.

Charge to submit a bug

[FeelGood314]

And if the bug is unique and you are the first one to submit it you get your money back plus a small reward.

Most "security researchers" are crap. They use automated tools to find issues they don't understand. They can't classify their bug, check if it has been patched or see if it is a duplicate. They report things like buffer overflows that that 4GB + 12 bytes on systems with only 2GB of memory. Or denial of service attacks on wireless networks that require the bad actor to be continuously transmitt

Decades off the path

[CAIMLAS]

While the entire world moved to bugtrackers, Linux seems to have stuck with the venerable yet antiquated mailing list for tracking its bugs.

Except, it's worse than that. It's not even the exclusive source, they also use bugzilla - one preferentially over the other, depending on preference of the maintainers (and presumably, the submitters).

That's not scalable. While it's nice for a small team, perhaps, to continue using email, particularly since it's been the convention for a long many years, it's clearly n

Re:

[CAIMLAS]

Yeah, true - most of those systems are trash, bugzilla specifically.

They really should be built more like a CRM.

The limits of LLMs finally become obvious...

[gweihir]

And a rather large part of it is user incompetence. Not much of a surprise.

Just use AI for triage

[TheCount22]

You could just use AI for triage and dedup.