Multiple Degrees of Correctness


The trouble with prcheck and the automated prbool validation is that one can’t attach the giant patch it produces to bugzilla and expect it to get committed. So I am spending this week combing through prcheck outputĀ  and patch-bombing bugzilla with per-module patches.

I find going through the errors manually to be a lot of fun than I expected. I am finding types of errors that I was not considering when I was writing prcheck. For example, I expected the biggest gains to come at runtime from making all prbool values 0/1, but it seems that most of the cool errors are due to PRBool & PRInt32 resolving to the same type. That results in code mayhem ranging from wrong method overloads being called to method signatures claiming to return PRBool where method bodies act like the function returns nsresults.

The prbool check is just an incredibly minor restriction of the C++ system, yet it resulted in hundreds of errors(almost all of which are typos). In my mind this reinforces the importance of static typing (which C++ doesn’t do enough of).

The main lesson I learned today is that code doesn’t have to be correct in order to work correctly.


While on vacation in Ukraine I finally got to try out GPRS Internet through my cellphone. Sure EDGE is slow, but the convenience of having internet everywhere I go while traveling is unparalleled. It’s just too bad that I had to go to a developing country to be able to afford mobile internet. In Canada I would’ve paid over $750 for the $10 worth of Internet in Ukraine. So I am very excited that governments are starting to regulate mobile pricing. Looks like EU is first. I hope the local cellular oligopoly gets a kick to the head soon.


  1. In my mind the integer/boolean type collision just reinforces the need in C/C++ for a generative typing construct other than struct/class.

    I ran into this, hard, recently in an operating systems class distinguishing between kernel virtual addresses, linear addresses, and physical addresses, which we could only segregate into two different types (basically uintptr_t and void*) because otherwise we’d lose operator support. My final assignment suffered from three specific bugs, one of which would have been caught by having three disjoint types. I’m sure the typing distinction would also have sped up my rate of generation of the address-manipulation code, too.

    I think my next biggest complaint, for C, would be for a template system which could guarantee type safety without duplication by only allowing pointer types as type variables, but that’s a rather different can of worms. I’m not sure whether it would be more or less useful than the previous complaint if implemented, tho.

    One of these days I’ll take the time to look at the C-derived languages that add these features, but I’m unfortunately too busy at the moment to do so in any depth.

  2. re: the “monopoly”, I think the first thing to do is chip heads at the CRTC, as the CRTC has proven to be innefficient and not protecting the public interest as it allowed the Fido-Rogers merger.

    On the other hand, Europe is very behind Canada in term of voice communication pricing as calling a cell-phone from a land-line still cost a lot (more than calling, say, north-America). And I see this on the pricing for international calls. France: 0.05$ / min, France (cellphone): 0.29$ / min.

    I guess there is not perfect world.