Defect potentials vary by size.  That means that a large application has a greater tendency to be buggy than a small one.  For a 1000 FP software project ($750k – $1.4m) D

This table represents the root cause of software defects:

Defect Origin Best Average Worst
Requirements 0.34 0.70 (16.5%) 1.35
Architecture and Design 0.67 1.05 (25%) 1.78
Code 0.44 1.15 (27%) 2.63
Security flaws 0.18 0.25 (6%) 0.4
Documents 0.20 0.45  (10.5%) 0.54
Bad fixes 0.39 0.65 (15%) 1.26
Total 2.22 4.25 7.96

Measured in defects per function point.

Source: p. 256. Capers Jones, Quantifying Software, 2018 CRC Press.

It is interesting to note from the graph above that more defects come from pre-coding work,  than once the coding starts.   That is, the sum of the defects from requirements, architecture and design is greater than the coding defects. Given that the code is built on the foundation of the previous three, we will end up coding the wrong thing or in the wrong way unless we fix those pre-coding defects first.  In agile projects we can see as much as 40% of overall effort is due to rework caused by insufficient or poor quality on the pre-coding work.

The single most time consuming aspect of software development is finding and fixing bugs.  Anything that can be done to avoid them in the first place should be taken seriously.