QEMU Considers Easing Its AI-Generated Code Policy for Low-Risk Contributions

The Current Hardline Policy

To understand the significance of the proposed change, it's important to look at the current policy. In mid-2025, QEMU formalized a strict rule in its code provenance documentation, stating that the project would "DECLINE any contributions which are believed to include or derive from AI generated content" . The reasoning was rooted in legal uncertainty, specifically the inability of a contributor to credibly make the certifications required by the Developer's Certificate of Origin (DCO) for code whose copyright provenance is unclear . The QEMU community explicitly stated it was "not willing or able to accept the legal risks of non-compliance" with the DCO .

The Proposed Shift: A Tiered System of Risk

The new proposal doesn't throw the doors open to all AI-generated code. Instead, it creates a tiered system based on the risk and impact of the contribution.

• Allowed Uses: AI assistance would be permitted for tasks "where the ramifications of copyright violations are at least easy to revert and unlikely to spread" . This includes small bug fixes and documentation updates, areas where the impact of a potential legal issue is contained and can be easily rolled back . Trivial uses, such as an IDE autocompleting a variable name, are seen as so low-risk that they may not even require formal disclosure .
• Restricted Uses: Contributions to QEMU's core code would remain heavily restricted. In these cases, using AI would be off-limits entirely "without prior agreement from a maintainer" . This safeguard ensures high-stakes, foundational code continues to have clear, human-auditable provenance.

A New Era of Disclosure: The 'AI-used-for:' Tag

A cornerstone of the proposed policy is a new mandatory disclosure mechanism. Bonzini has suggested adding an 'AI-used-for:' commit trailer to any patch where AI played a significant role . This tag serves a dual purpose: it transparently records the tool's involvement for reviewers and maintainers, and it "doubles as a check that the author has read the policy" before submitting . This approach is distinct from a simpler 'Assisted-by' tag, placing the onus on the contributor to actively certify that their use of AI was within the project's defined bounds. Crucially, using AI does not exempt a contributor from any other standard requirements, including the all-important DCO certification .

What It Means for the Future of Open Source

QEMU's deliberation is one of the most closely watched in the open-source world. The legal questions around AI-generated code—who owns it, under what license it can be contributed, and whether it can satisfy the DCO—remain largely unanswered by courts . In this vacuum, each project must create its own risk-management framework.

The approach QEMU is considering represents a potential middle path that many other major projects might emulate. Rather than maintaining an increasingly untenable absolute ban or rushing to accept all AI code without guardrails, this model leans into a risk-assessed, disclosure-first framework. Other significant projects, like FreeBSD, are wrestling with identical questions, and initiatives are already emerging to track "LLM-contaminated" open-source code . By potentially allowing low-risk AI help for boilerplate and documentation while keeping core logic strictly human-vetted, QEMU is testing a template that could balance the productivity gains of AI with the foundational legal and security needs of critical infrastructure software .