Microsoft Code at Fault for Half of all Windows Crashes

Flamester writes "In a ZDNet Australia story, Microsoft is claiming that half of all MS Windows crashes are the fault of third party code, not their own. That is, according to Dr. Watson. The article also goes into the 'rigor in which MS tests their products before release'. "

1st post karma-whoring

[rokzy]

Microsoft has laid the blame for half of all Windows crashes on third-party code.

Scott Charney, chief security strategist at Microsoft, told developers at the TechEd 2003 conference in Brisbane, that information collected by Dr Watson, the company's reporting tool, revealed that "half of all crashes in Windows are caused not by Microsoft code, but third-party code".

Charney's comments come as the company highlights the rigour with which it tests its own products before release. Microsoft emphasised that products such as Yukon and Exchange Server were undergoing thorough testing -- both internally and via independent third parties -- prior to their release to the market.

The company is employing root cause analysis and event sequence analysis procedures to scrub out the creation of sloppy code. The result is that individual developers have a high degree of accountability for the code they produce, while the systems and processes associated with code development are rigorously monitored.

Root cause analysis enables the company to check closely the work of individual developers. "If a developer has written vulnerable code, then we look at what else that developer has written and check it," Charney said

Event sequence analysis takes this further, analysing the reasons why the vulnerable code was written. Charney said it was not necessarily so they can sack whoever is writing vulnerable code, but find out the reasons why and how Microsoft improve their staff with training or more efficient processes.

As Charney made his remarks, Charles Sturt University announced they would be offering a Master of Information Systems Security degree including MCSE:Security industry certification.

Charney's also reinforced Microsoft's message to developers and network administrators that they needed to build secure applications and networks "from the ground up".

The chief security strategist's remarks have come at an unfortunate time, as mainstream and niche media outlets produce heavy coverage of the impact of the MSBlast worm, which has infiltrated corporate and enterprise networks worldwide.

John Dvorak has some interesting crash stats...

[sphealey]

John Dvorak developed some interesting stats on XP crashes based on information given in a speech by Bill Gates. He works out that there are 25 millions blue screen crashes of XP per day. Interesting read. Also raises the question of exactly what happens to all those "crash reports".

sPh

Re:Uhm, right...

[andrewl6097]

Actually OS crashes do get sent. When you boot up, xp will recognize that it had just crashed and will offer to send the info.

Re:Uhm, right...

[JimDabell]

So they're saying that a poorly designed application can take down the entire operating system?

I suspect that they are referring to drivers and other kernel-space code. The standard Microsoft weenie excuse for instability in the past has been "it's the drivers!", blaming the video drivers is a favourite.

Remember that Microsoft don't write most Windows drivers, they don't have to because their market share is so great, any hardware manufacturer who doesn't supply Windows drivers is not competitive.

I believe this is the reason why Microsoft introduced their "Microsoft signed drivers" that are supposed to guarantee Microsoft-level stability (!).

However, I have to laugh at Microsoft when they claim 50% of crashes aren't their fault. It's like an advert for a diet pill saying "Doesn't cause death in over 90% of people!".

Re:Ring 0, Ring 3?

[jpmorgan]

Dude, do you know what you're talking about? First, graphics drivers run in Ring0, along with most of the graphics subsystem. They haven't run in Ring3 since NT 3.51 days.

Regardless, if a driver is running in the same memory space as the subsystem, a driver crash is going to take it out. It doesn't matter what ring the code is in. Again, back in NT 3.51 days graphics drivers were kept in seperate memory spaces, in ring3, but that was dropped due to piss poor performance.

The GDI subsystem (several layers away from any graphics drivers) currently sprawls Ring0 and Ring3.

Re:Uhm, right...

[tomhudson]

My original post stated North America because most jurisdictions have taken Microsoft to task over this, including, for example,

1. all of Canada
2. the IEEE statement on the title of engineer

Microsoft is not recognised by the (in the USA) Accreditation Board of Engineering and Technology (ABET), and don't have the ability to grant a BSc., which is a prerequisite for using the term or title Engineer in most states.

Guess you've been caught talking out of your ass again (but that's what ACs do)

Re:Uhm, right...

[EnVisiCrypt]

Yup.

I've done an embedded system with QNX, and it is quite the nice RTOS.

Under QNX, the devices hang out in the device manager, which is not in the kernel space, and the drivers are handled by the process manager, also not in the kernel. Since the kernel exists just to pass messages, essentially, it is uncrashable.

Re:Uhm, right...

[AstroDrabb]

Yup, I have to agree with that. It depends on what you are using it for. For the average desktop use, XP is a big improvement over win9x. However, I get a lot of crashes from XP especially with Outlook when I am doing some heavy compiling and do some heavy dev work. 6 months ago I switched to using Linux to develop with at work (without anyones knowledge) and things have been great. This is at a fortune 500 company. Some people caught wind of it and now a few other developers and most of the Oracle DBA's are asking and showing interest. I have been MS free on my home network for 3 years or so and it has been great. Being able to be almost MS free on my workstations at work has been icing on the cake. Oh, one other thing I don't think anyone has seemed to notice is that is doesn't matter whether those 50% of crashes are from drivers OR apps. The thing that sticks out to me is MS is admitting to 50% of all crashes is because of their product. They are just saying it in a marketing friendly way to try to push the blame to driver developers.

Re:Uhm, right...

[monkeydo]

But then again you could be worng, and look at that, YOU ARE!

The "Texas Engineering Practice Act" has a whole page of exceptions, but they call them "exemptions".

Lets see if we can find the relevant parts:

Section 20. EXEMPTIONS.

(a) The following persons shall be exempt from the licensure provisions of this Act, provided that such persons are not directly or indirectly represented or held out to the public to be legally qualified to engage in the practice of engineering: ...SNIP...

(3) a person doing the actual work of installing, operating, repairing, or servicing locomotive or stationary engines, steam boilers, Diesel engines, internal combustion engines, refrigeration compressors and systems, hoisting engines, electrical engines, air conditioning equipment and systems, or mechanical and electrical, electronic or communications equipment and apparatus; ....SNIP...

Well, that would seem to apply quite nicely not only to train engineers, but also software and systems engineers.

Sorry, Mephisto, that's no excuse

[billstewart]

There are different kinds of crashing:

• Individual Apps crashing themselves - that can happen on any OS. It shouldn't happen in major commercial products, but that's reality, and at least most of them are better about saving their state so they fail as safely as possible. I would have said that MS Office is pretty stable about that, except my MS Office has been crashing a lot the last couple of days, and of course there's all the Word Virus and Outlook Virus crap, so maybe I won't say that.
  
• Hardware crashes - Unavoidable.
  
• Crashes related to third-party device drivers - yeah, fine, you can't escape that, but the OS should be designed to minimize the need for drivers and provide mechanisms for isolating them.
• The whole box crashing from applications - There's simply no excuse for this. That's why operating systems have kernels, and hardware has memory protection. Unix could pretty much defend itself from this by what, 1979? It wasn't rocket science like Multics or something. The 8086 memory architecture was too baroque, but the real advantage of all the segmentation stuff was that you *could* use it for memory management. Linus delayed at least one kernel release because a root user who opened a disk drive and scribbled on it _could_ cause the OS to crash. NT 3.5x was pretty safe about this, since it still looked VMS-like inside, but in NT 4 they moved a lot of the graphics capability into the kernel for "speed", and opened up the possibility of crashes again.
• Applications using up some critical resources like disk drive so the machine becomes unusable - yes, this is possible, but the resources that are that critical are very very limited, e.g. a virtual memory system lets you page out or swap out application processes to prevent it.
• Applications crashing some major subsystem that doesn't take down the OS. Unix has this risk - if you hang X Windows or the graphics system, applications that don't use X can still run fine, but you may need to telnet in to restart the subsystem. But this should also be minimized - keeping separate file systems for the OS's use vs. users' applications helps a lot.