I've heard a lot about this tool recently and also started using it. It is very helpful. It's becoming more and more well-known and is great for finding memory leaks, buffer overflows, and other memory related issues in code.
It's a dynamic analyzer in that you have to build with the compiler options: -fsanitize=address and sometimes -lasan. Then you run the application and even better, fuzz the application, and it will print out problems it finds to stderr.
Who else has used this tool and what were your experiences like?
PrasannaKumar Muralidharan
Kernel developer @ Witworks
ASAN is simply awesome. I have found and fixed several problems in codebases as old as 20+ years. I regularly use KASAN (Kernel ASAN) in my day job.
ASAN points out issues before a customer sees that. It has helped in fixing 5 year old customer bug (issue appears only after running the application for 7 to 8 months continuously) that was difficult to find.