This was ported from NetBSD (except for the man page).
The runtime implements a number of functions defined by the compiler
ABI. These are prefixed by asan. The compiler emits calls to
asan_load*() and __asan_store*() around memory accesses, and the
runtime consults the shadow map to determine whether a given access is
valid. This is good for catching use-after-frees and array overruns.
kasan_mark() is called by various kernel allocators to update state in
the shadow map. Updates to those allocators will come in subsequent
The runtime also defines various interceptors. Some low-level routines
are implemented in assembly and are thus not amenable to compiler
instrumentation. To handle this, the runtime implements these routines
on behalf of the rest of the kernel. The sanitizer implementation
validates memory accesses manually before handing off to the real
This port reuses some prior work by andrew@ and Costin Carabas.