Sashiko (刺し子, literally "little stabs") is a form of decorative reinforcement stitching from Japan. Originally used to reinforce points of wear or to repair worn places or tears with patches, here it represents our mission to reinforce the Linux kernel through automated, intelligent patch review.
Sashiko is an agentic Linux kernel code review system. It uses a set Linux kernel-specific prompts and a special protocol to review proposed Linux kernel changes. Sashiko can ingest patches from mailing lists or local git. It's fully self contained (doesn't use any external agentic cli tools) and can work with various LLM providers.
If you are a kernel maintainer, please see our Guide for Kernel Maintainers for information on interacting with Sashiko.
Sashiko is not perfect, but in our measurements the quality of reviews is high: in our tests sashiko was able to find 53.6% (with Gemini 3.1 Pro) of bugs based on unfiltered last 1000 upstream commits with Fixed: tags. In some sense, it's already above the human level given that 100% of these bugs made it through human-driven code reviews and were accepted to the main tree. The rate of false positives is harder to measure, but based on limited manual reviews it's well within 20% range and the majority of it is a gray zone.
Please, note that as with any other LLM-based tools, Sashiko's output is probabilistic: it might find or not find bugs (or find other bugs) with the same input.
- Automated Ingestion: Monitors mailing lists (using
lore.kernel.org) for new patch submissions. - Manual Ingestion: Can ingest patches from a local git repository.
- Self-contained: Doesn't depend on 3rd-party tools and can work with various LLM providers (Gemini, Claude, GitHub Copilot CLI, and others).
- Web interface and CLI: Provides a web interface and a CLI tool. Email support will be added soon.
Sashiko uses a multi-stage review protocol to evaluate patches thoroughly from multiple perspectives, mimicking a team of specialized reviewers.
- Stage 1: Analyze commit main goal. Focuses on the big picture, architectural flaws, UAPI breakages, and conceptual correctness.
- Stage 2: High-level implementation verification. Verifies if the code matches the commit message claims, checking for missing pieces, undocumented side-effects, and API contract violations.
- Stage 3: Execution flow verification. Traces C code execution flow, checking for logic errors, missing return checks, unhandled error paths, and off-by-one errors.
- Stage 4: Resource management. Analyzes memory leaks, use-after-free (UAF), double frees, and object lifecycles across queues, timers, and workqueues.
- Stage 5: Locking and synchronization. Investigates concurrency issues, deadlocks, RCU rule violations, and thread-safety.
- Stage 6: Security audit. Audits for buffer overflows, OOB reads/writes, TOCTOU races, and information leaks (like copying uninitialized memory).
- Stage 7: Hardware engineer's review. Specifically reviews driver and hardware code for correct register accesses, DMA mapping, memory barriers, and state machine constraints.
- Stage 8: Deduplication and Consolidation. Consolidates feedback from stages 1-7, merges duplicates, and groups overlapping issues.
- Stage 9: Verification and severity estimation. Validates the consolidated concerns, filters false positives, and estimates severity.
- Stage 10: Report generation. Converts confirmed findings into a polite, standard, inline-commented LKML email reply.
Also Sashiko is using per-subsystem and generic prompts, initially developed by Chris Mason:
Before using Sashiko, please be aware of the following:
Sashiko operates by sending patch data and potentially extensive portions of the Linux kernel git history to your configured Large Language Model (LLM) provider.
- What is shared: This may include not just the patch being reviewed, but also related commits, file contents, and other context from the configured kernel repository to provide the LLM with sufficient context.
- Your responsibility: You must ensure you are authorized and comfortable sharing this code and data with the third-party LLM provider.
- Liability: The authors of Sashiko assume no responsibility for any consequences regarding data privacy, confidentiality, or intellectual property rights resulting from the transmission of this data.
Running an automated review system like Sashiko can be computationally expensive and may incur significant API costs.
- Cost factors: The total cost depends heavily on the volume of patches reviewed, the complexity of individual patches, and the pricing model of your chosen LLM provider and specific model.
- Monitoring: It is the user's sole responsibility to monitor token usage and billing. While Sashiko may provide usage estimates, these are approximations and should not be relied upon for billing purposes.
- Liability: The authors of Sashiko are not responsible for any financial costs, fees, or unexpected charges incurred by the use of this software.
- Rust: Version 1.90 or later.
- Git: For managing the repository and kernel tree.
- LLM Provider API Key: Access to an LLM provider (e.g., Google's Gemini or Anthropic's Claude).
cargo install sashikogit clone --recursive https://github.com/sashiko-dev/sashiko.git
cd sashikoNote: The --recursive flag is important to initialize the linux kernel source submodule.
Copy an example config to get started. For a full reference of every setting, see the Configuration Reference.
Sashiko supports multiple LLM providers. To get started with the default (Gemini):
cp docs/examples/Settings.example.toml Settings.toml
export LLM_API_KEY="your-api-key-here"For Claude, Claude Code CLI, GitHub Copilot CLI, AWS Bedrock, Vertex AI, Kiro CLI, and OpenAI-compatible endpoints, see the LLM Provider Configuration Guide.
cargo build --releaseSashiko consists of two main components: the Daemon and the CLI.
The daemon is responsible for monitoring mailing lists, managing the database, and coordinating the AI review process. It also provides a Web UI and an API for the CLI.
To start the daemon:
sashiko(Or from source: cargo run, or via Nix: nix run github:sashiko-dev/sashiko)
The CLI (sashiko-cli) allows you to interact with the running Sashiko daemon
or run standalone local reviews from your terminal. For the full command
reference, including local review setup and all options, see the
CLI Reference.
Quick start:
# Submit patches to a running daemon
sashiko-cli submit HEAD~3..HEAD
# Run a local review (no daemon required)
sashiko-cli local --force-local
# Check review status
sashiko-cli show latest(From source: cargo run --bin sashiko-cli -- [OPTIONS] [COMMAND],
or via Nix: nix profile add github:sashiko-dev/sashiko)
Sashiko can review your patches locally without sending emails to LKML or updating sashiko.dev. See the CLI Reference for full setup, options, and a comparison of all three review modes.
Once the daemon is running, you can access the Web UI, the daemon will print the URL to access it from localhost.
Sashiko includes a benchmark tool to evaluate review quality against known bugs. See the Benchmarking Guide for setup and usage.
We welcome contributions and feedback through two main channels:
- GitHub: Feel free to use GitHub issues for bug reports and feature requests, and submit Pull Requests for code changes.
- Mailing List: Join us at
sashiko@lists.linux.dev(archived at lore.kernel.org) for Sashiko-related announcements and broader AI-review discussions, including general feedback, architectural ideas, and specific prompt discussions. Automated patch reviews are sent from and should be replied tosashiko-reviews@lists.linux.dev.
This project uses the Developer Certificate of Origin (DCO). All contributions must include a Signed-off-by line to certify that you wrote the code or have the right to contribute it.
You can automatically add this line by using the -s flag when committing:
git commit -sThis project was built using Gemini CLI. If you're using other development agents, make sure they follow the guidance in GEMINI.md. Please, make sure your code is working before sending PR. Make sure it can be built without warnings, all tests pass, run cargo fmt and clippy. If you're changing AI-related parts, please, run at least several code reviews. Development got much faster these days, but testing is as important as ever.
For users of the Gemini CLI, we provide specialized skills to automate development workflows:
review-pr: Performs deep, scrutinizing code reviews againstGEMINI.mdand design documents. Detects relevant design files automatically and generates categorized findings with ready-to-paste diffs.sashiko-feature: A meta-skill for implementing new features. It handles design document matching, codebase investigation, and ensures adherence to SOLID/DRY principles in Rust, while iteratively runningmakechecks.
To install these skills in your local workspace:
gemini skills install ./skills/review-pr.skill --scope workspace
gemini skills install ./skills/sashiko-feature.skill --scope workspace
/skills reloadFor users of other agent interfaces (e.g., OpenCode, Claude Code), we recommend following your interface's specific settings to symlink or copy the skill configurations (the SKILL.md and references/ files) into your agent's custom instruction path.
Copyright The Linux Foundation and its contributors. All rights reserved.
The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our Trademark Usage page.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.