An empirical study of operating systems errors
Andy Chou, Junfeng Yang, Benjamin Chelf, Seth Hallem, Dawson Engler
Abstract
We present a study of operating system errors found by automatic,
static, compiler analysis applied to the Linux and OpenBSD
kernels. Our approach differs from previous studies that consider
errors found by manual inspection of logs, testing, and surveys
because static analysis is applied uniformly to the entire kernel
source, though our approach necessarily considers a less
comprehensive variety of errors than previous studies. In addition,
automation allows us to track errors over multiple versions of the
kernel source to estimate how long errors remain in the system
before they are fixed.
We found that device drivers have error
rates up to three to seven times higher than the rest of the
kernel. We found that the largest quartile of functions have error
rates two to six times higher than the smallest quartile. We found
that the newest quartile of files have error rates up to twice that
of the oldest quartile, which provides evidence that code ``hardens''
over time. Finally, we found that bugs remain in the Linux kernel
an average of 1.8 years before being fixed.