KASAN
also: Kernel Address Sanitizer
KASAN (Kernel Address Sanitizer) is a dynamic memory error detector built into the Linux kernel that finds use-after-free, out-of-bounds access, and other memory safety bugs in kernel code.
KASAN instruments kernel memory allocations to detect invalid memory accesses at runtime. It tracks allocated memory regions and catches bugs like reading from freed memory or writing past buffer boundaries before they cause system crashes or security vulnerabilities.
KASAN works by adding shadow memory that marks each byte of kernel memory as allocated, freed, or invalid. When the kernel accesses memory, KASAN checks the shadow state and reports violations immediately with a detailed error message including the exact location and type of bug.
Example: If code tries to read from a buffer after kfree() has released it, KASAN detects the use-after-free and prints a report. This is invaluable during kernel development and testing to catch memory corruption bugs early.
KASAN is enabled at compile time with kernel configuration options like CONFIG_KASAN=y and has minimal performance overhead compared to running without memory checking, making it practical for debugging kernels in development and CI environments.