|
 ABSTRACT
We present a study of operating system errors found by automatic, static, compiler analysis applied to the Linux and OpenBSD kernels. Our approach differs from previous studies that consider errors found by manual inspection of logs, testing, and surveys because static analysis is applied uniformly to the entire kernel source, though our approach necessarily considers a less comprehensive variety of errors than previous studies. In addition, automation allows us to track errors over multiple versions of the kernel source to estimate how long errors remain in the system before they are fixed.We found that device drivers have error rates up to three to seven times higher than the rest of the kernel. We found that the largest quartile of functions have error rates two to six times higher than the smallest quartile. We found that the newest quartile of files have error rates up to twice that of the oldest quartile, which provides evidence that code "hardens" over time. Finally, we found that bugs remain in the Linux kernel an average of 1.8 years before being fixed.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
|
| |
2
|
Jean Arlat , Martine Aguera , Louis Amat , Yves Crouzet , Jean-Charles Fabre , Jean-Claude Laprie , Eliane Martins , David Powell, Fault Injection for Dependability Validation: A Methodology and Some Applications, IEEE Transactions on Software Engineering, v.16 n.2, p.166-182, February 1990
[doi> 10.1109/32.44380]
|
 |
3
|
|
| |
4
|
M. Bishop and M. Dilger. Checking for Race Conditions in File Accesses. Computing systems, pages 131-152, Spring 1996.
|
| |
5
|
J. Bradley Chen , Yasuhiro Endo , Kee Chan , David Mazières , Antonio Dias , Margo Seltzer , Michael D. Smith, The measured performance of personal computer operating systems, ACM Transactions on Computer Systems (TOCS), v.14 n.1, p.3-40, Feb. 1996
[doi> 10.1145/225535.225536]
|
| |
6
|
R. Chillarege and N. Bowen. Understanding Large System Failures - A Fault Injection Experiment. In The lgth International Symposium on Fault Tolerant Computing, June 1989.
|
| |
7
|
D.R. Cox and D. Oakes. Analysis of Survival Data. Chapman and Hall, London, UK, 1984.
|
| |
8
|
D.R. Engler, B. Chelf, A. Chou, and S. Hallem. Checking System Rules Using System-Specific, Programmer-Written Compiler Extensions. In Proceedings of Operating Systems Design and Implementation (OSDI), September 2000.
|
| |
9
|
|
| |
10
|
J. Gray. A Census of Tandem System Availability Between 1985 and 1990. IEEE Transactions on Software Engineering, 39(4), October 1990.
|
| |
11
|
Intrinsa. A Technical Introduction to PREfix/Enterprise. Technical report, Intrinsa Corporation, 1998.
|
| |
12
|
N.L. Johnson and S. Kotz. Discrete Distributions. John Wiley & Sons, New York, NY, 1969.
|
| |
13
|
|
| |
14
|
|
| |
15
|
I. Lee, R. Iyer, and F. Symptoms. Faults, Symptoms, and Software Fault Tolerance in the Tandem GUARDIAN Operating System. In International Symposium on Fault- Tolerant Computing (FTCS), 1993.
|
| |
16
|
Will E. Leland , Murad S. Taqqu , Walter Willinger , Daniel V. Wilson, On the self-similar nature of Ethernet traffic, Conference proceedings on Communications architectures, protocols and applications, p.183-193, September 13-17, 1993, San Francisco, California, United States
|
| |
17
|
|
| |
18
|
B.P. Miller, D. Koski, C.P. Lee, V. Maganty, R. Murthy, A. Natarajan, and J. Steidl. Fuzz Revisited: A Reexamination of the Reliability of UNIX Utilities and Services. Technical Report CS-TR-1995-1268, University of Wisconsin, 1995.
|
| |
19
|
|
| |
20
|
|
| |
21
|
M. Rosenblum , E. Bugnion , S. A. Herrod , E. Witchel , A. Gupta, The impact of architectural trends on operating system performance, Proceedings of the fifteenth ACM symposium on Operating systems principles, p.285-298, December 03-06, 1995, Copper Mountain, Colorado, United States
|
| |
22
|
S.D. Silvey. Statistical Inference. Chapman and Hall, London, UK, 1975.
|
| |
23
|
M. Sullivan and R. Chillarege. Software Defects and Their Impact on System 118 Availability - A Study of Field Failures in Operating Systems. In Plst International Symposium on Fault Tolerant Computing, June 1991.
|
| |
24
|
M. Sullivan and R. Chillarege. A Comparison of Software Defects in Database Management Systems and Operating Systems. In 22nd International Symposium on Fault- Tolerant Computing, July 1992.
|
| |
25
|
D. Wagner, J. Foster, E. Brewer, and A. Aiken. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. In The 2000 Network and Distributed Systems Security Conference. San Diego, CA, February 2000.
|
| |
26
|
|
CITED BY 81
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Tal Garfinkel , Ben Pfaff , Jim Chow , Mendel Rosenblum , Dan Boneh, Terra: a virtual machine-based platform for trusted computing, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Jun Sun , Wanghong Yuan , Mahesh Kallahalla , Nayeem Islam, HAIL: a language for easy and correct device access, Proceedings of the 5th ACM international conference on Embedded software, September 18-22, 2005, Jersey City, NJ, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Vinod Ganapathy , Arini Balakrishnan , Michael M. Swift , Somesh Jha, Microdrivers: a new architecture for device drivers, Proceedings of the 11th USENIX workshop on Hot topics in operating systems, p.1-6, May 07-09, 2007, San Diego, CA
|
|
|
Pin Zhou , Wei Liu , Long Fei , Shan Lu , Feng Qin , Yuanyuan Zhou , Samuel Midkiff , Josep Torrellas, AccMon: Automatically Detecting Memory-Related Bugs via Program Counter-Based Invariants, Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture, p.269-280, December 04-08, 2004, Portland, Oregon
|
|
|
Yoann Padioleau , René Rydhof Hansen , Julia L. Lawall , Gilles Muller, Semantic patches for documenting and automating collateral evolutions in Linux device drivers, Proceedings of the 3rd workshop on Programming languages and operating systems: linguistic support for modern operating systems, p.10-es, October 22-22, 2006, San Jose, California
|
|
|
Lakshmi N. Bairavasundaram , Meenali Rungta , Andrea C. Arpaci-Dusseau , Remzi H. Arpaci-Dusseau, Limiting trust in the storage stack, Proceedings of the second ACM workshop on Storage security and survivability, October 30-30, 2006, Alexandria, Virginia, USA
|
|
|
Yvonne Coady , Gregor Kiczales , Joon Suan Ong , Andrew Warfield , Michael Feeley, Brittle systems will break - not bend: can aspect-oriented programming help?, Proceedings of the 10th workshop on ACM SIGOPS European workshop: beyond the PC, July 01-01, 2002, Saint-Emilion, France
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Zhenmin Li , Lin Tan , Xuanhui Wang , Shan Lu , Yuanyuan Zhou , Chengxiang Zhai, Have things changed now?: an empirical study of bug characteristics in modern open source software, Proceedings of the 1st workshop on Architectural and system support for improving software dependability, p.25-33, October 21-21, 2006, San Jose, California
|
|
|
Thomas Ball , Ella Bounimova , Byron Cook , Vladimir Levin , Jakob Lichtenberg , Con McGarvey , Bohus Ondrusek , Sriram K. Rajamani , Abdullah Ustuner, Thorough static analysis of device drivers, ACM SIGOPS Operating Systems Review, v.40 n.4, October 2006
|
|
|
|
|
|
|
|
|
|
|
|
Michael M. Swift , Muthukaruppan Annamalai , Brian N. Bershad , Henry M. Levy, Recovering device drivers, Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation, p.1-1, December 06-08, 2004, San Francisco, CA
|
|
|
Joshua LeVasseur , Volkmar Uhlig , Jan Stoess , Stefan Götz, Unmodified device driver reuse and improved system dependability via virtual machines, Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation, p.2-2, December 06-08, 2004, San Francisco, CA
|
|
|
Zhenmin Li , Shan Lu , Suvda Myagmar , Yuanyuan Zhou, CP-Miner: a tool for finding copy-paste and related bugs in operating system code, Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation, p.20-20, December 06-08, 2004, San Francisco, CA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Maria Cutumisu , Calvin Chan , Paul Lu , Duane Szafron, MCI-java: a modified java virtual machine approach to multiple code inheritance, Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium, p.2-2, May 06-07, 2004, San Jose, California
|
|
|
Feng Zhou , Jeremy Condit , Zachary Anderson , Ilya Bagrak , Rob Ennals , Matthew Harren , George Necula , Eric Brewer, SafeDrive: safe and recoverable extensions using language-based techniques, Proceedings of the 7th symposium on Operating systems design and implementation, November 06-08, 2006, Seattle, Washington
|
|
|
|
|
|
|
|
|
Galen Hunt , Mark Aiken , Manuel Fähndrich , Chris Hawblitzel , Orion Hodson , James Larus , Steven Levi , Bjarne Steensgaard , David Tarditi , Ted Wobber, Sealing OS processes to improve dependability and safety, ACM SIGOPS Operating Systems Review, v.41 n.3, June 2007
|
|
|
Dror G. Feitelson , Tokunbo O. S. Adeshiyan , Daniel Balasubramanian , Yoav Etsion , Gabor Madl , Esteban P. Osses , Sameer Singh , Karlkim Suwanmongkol , Minhui Xie , Stephen R. Schach, Fine-grain analysis of common coupling and its application to a Linux case study, Journal of Systems and Software, v.80 n.8, p.1239-1255, August, 2007
|
|
|
|
|
|
|
|
|
|
|
|
Francis M. David , Jeffrey C. Carlyle , Ellick M. Chan , Philip A. Reames , Roy H. Campbell, Improving dependability by revisiting operating system design, Proceedings of the 3rd conference on Third Workshop on Hot Topics in System Dependability, p.1-1, June 26, 2007, Edinburgh, UK
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Shan Chen , Lingling Zhou , Rendong Ying , Yi Ge, Safe device driver model based on kernel-mode JVM, Proceedings of the 3rd international workshop on Virtualization technology in distributed computing, p.1-8, November 12-12, 2007, Reno, Nevada
|
|
|
|
|
|
Shimin Chen , Michael Kozuch , Theodoros Strigkos , Babak Falsafi , Phillip B. Gibbons , Todd C. Mowry , Vijaya Ramachandran , Olatunji Ruwase , Michael Ryan , Evangelos Vlachos, Flexible Hardware Acceleration for Instruction-Grain Program Monitoring, ACM SIGARCH Computer Architecture News, v.36 n.3, p.377-388, June 2008
|
|
|
|
|
|
Kaushik Kumar Ram , Jose Renato Santos , Yoshio Turner , Alan L. Cox , Scott Rixner, Achieving 10 Gb/s using safe and transparent network interface virtualization, Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, March 11-13, 2009, Washington, DC, USA
|
|
|
Takahiro Shinagawa , Hideki Eiraku , Kouichi Tanimoto , Kazumasa Omote , Shoichi Hasegawa , Takashi Horie , Manabu Hirano , Kenichi Kourai , Yoshihiro Oyama , Eiji Kawai , Kenji Kono , Shigeru Chiba , Yasushi Shinjo , Kazuhiko Kato, BitVisor: a thin hypervisor for enforcing i/o device security, Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, March 11-13, 2009, Washington, DC, USA
|
|
|
|
|
|
|
|
|
|
|
|
Andrew G. Miklas , Stefan Saroiu , Alec Wolman , Angela Demke Brown, Bunker: a privacy-oriented platform for network tracing, Proceedings of the 6th USENIX symposium on Networked systems design and implementation, p.29-42, April 22-24, 2009, Boston, Massachusetts
|
|
|
|
|
|
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
D.4