Really should rename "Data Oriented Programming" as it can be confused with "Data oriented design" or its less used synonym "Data oriented programming" (which name matches exactly). Data oriented programming/design is a superior idea over Object oriented programming - yes, the video is about a completely different subject, but naming is important.

I wish compilers would come with more of these features out of the box. I'd imagine that at least some static analyses features are relatively easy to implement. This could already be a big help.

40 years ago, some dudes creates Ada...

Good to have extra checking capabilities but not sure what this adds to MS debug CRT. That already reports many of presented stuff such as boundary overruns and memory leaks. Using modern C++ would already prevent many of the issues.

SAL was useful in a codebase I worked on years ago but it was so so so poorly documented! Fascinating talk, thanks.

Valgrind dev (d)hat on, very interesting. Continuation sounds good. Is there no way to hook the loader so that asan is active during program load?

At 46:24 , does it make the A[-1] write to what would have been there if the metadata wasn’t (in the process of “taking the hit”)?

Interesting talk of some fantastic technology. Was somewhat put off by the parts that very much come across as a sales pitch though.

9:22, if you can build it into the IDE then you can add it to all compilers you can submit code for, no excuses, it should be made a compile time error, also should add a option to toggle checking for values that have not been 0'd out by the function exit, if there's no sign they're being passed to something outside of the function's scope then they should be cleared by the time it ends, even if it's not compiled into the final byte code, this type of requirement will at least remind the dev that the variable exists and they should make sure it is safely cleaned up. In my case I make liberal use of goto to ensure safe cleanup, here's an example: int foo(...) { int ret = -1; // Default to an unknown error void *mem = calloc( 1, BUFSIZ ); /* Compiler should assume this succeeds and use a non-0 number to track when it's cleaned up, an instance of mem = NULL; should be found shortly before return */ ... if ( /* catch error */ ) goto free_pointer; ... ret = 0; free_pointer: free(mem); mem = NULL; return ret; }

42:29, a simpler solution is to just store the thread id in the lock, start it off as -1 (or 0 if that's always invalid) and when a lock is obtained set that id and increment a reference count, every lock attempt there after from that would then increase that count and the same number of releases would then be required to clear the the thread id let another thread take the lock, it's the solution I came up with for my custom mutex that utilises a system mutex under the hood for the initial lock, 1st thread to acquire the lock, set the thread id and release the lock takes the custom mutex, the other thread/s upon acquiring the lock will check again if the thread id is still empty and return to waiting on it if not.

48:31, you can, change the font size, I don't even use windows anymore and I still remember that

Wait till Rust comment arrives xDDD

Watching this scares me as hell because I know too much what this means, and it's so ugly !

Funny they run it on GCC to show memory errors, but not on MSVC or any other MS tech (apart from vague IoT) itself. Sadge. Goes to show they are ready to poo poo on other projects but not their own. MS has always been this way Good video though! Really interesting tech!

Dynamic analysis is an improvement but it's not sufficient, for dynamic analysis to work you'd need to be able to run all of the code paths ahead of time, which is rare. The way forward is to actually ship the analysis to prod, and at that point you might as well use a better language.

rust is coming....