ASan works great! To save you a bit of effort in figuring out how it works, this is the best source I found (besides the source): https://www.usenix.org/system/files/conference/atc12/atc12-f...
Also, I thought that the compiler additions was implemented years ago, several times (tristan gingold's "checker-gcc" first, then the bounds-checking patches and most recently "-fmudflap"), so that asan's functionality would basically only require rewriting libmudflap - but it apparently requires a much deeper surgery of gcc. Can anyone familiar with asan and/or the previous implementations comment on that?
I've used most of the tools on that page, including Valgrind. Valgrind interprets your program, and hooks loads, stores, malloc/free, etc. to track memory usage. ASan is a compiler pass that inserts extra instructions around loads and stores to drive per-address state machines that live in a shadow area of memory.
Valgrind is slow (20x-50x for serial programs, more for parallel programs because Valgrind only executes one thread at a time), but can detect reads from uninitialized memory because your program is essentially executing in a VM. ASan is much faster, especially if the compiler pass can avoid instrumenting some loads/stores based on static analysis, and cannot detect reads from uninitialized memory, but can detect most other kinds of memory areas.
They're both thread-safe, so you can use them to debug parallel programs. As mentioned above, Valgrind is much slower at this, and until recently  you would never see most race conditions in multithreaded programs because Valgrind's schedule would run each thread until it yielded voluntarily, rather than pre-empting and time-multiplexing between threads. In contrast, with ASan all threads are running close to at-speed and simultaneously, so in my case performance was >100x better and I actually saw the race conditions I cared about.
Valgrind supports more platforms than ASan (see  vs. ), and does not require compiler support (so you can use it to debug code from any compiler), but does tend to lag behind new platform features a bit. For example, until recently it borked if you used the new x86_64 RDTSCP instruction.
Mudflap seems similar in concept, but there appear to be issues with the implementation (see "Known Shortcomings" at )
 3.8.0 and on have the --fair-sched=yes option http://valgrind.org/docs/manual/manual-core.html#manual-core...
No, it has a JIT. It's running compiled code. See http://valgrind.org/docs/valgrind2007.pdf for details, section 3 in particular.
Most notably, asan does not yet catch memory leaks, and will never be able to detect use of uninitialized values. Valgrind can tell you when you're using uninitialized values at bit-level granularity.
So Valgrind is still king in absolute capability, but it's likely that asan's speed will open it up to being used in cases where Valgrind simply isn't possible due to its speed/size overhead.
I think that's really the biggest advantage ASAN has - it's cheap enough that you can just make it the default when running tests or developing on your local machine, and catch a number of memory errors immediately instead of having to actively debug them.
A lot of people are using this on their fuzzing rigs with large software applications like Firefox. ASAN hugely decreases cost per test cycle (and therefore cost per bug, without changing fuzzers).
A friend and I chipped in to get a fuzz server (quad xeon X5660, 96 GB RAM, dual SSD). It's paid for itself twice over in bug bounties and there are more in the queue. Valgrind was always too expensive but using ASAN builds we can find more bugs.
Having ASAN support in GCC would be really handy, because for large projects it can be a major effort to get everything to compile in CLANG.
If you are sufficiently paranoid, and willing to accept a speed and memory hit (roughly factor of two) you could use ASAN in production. Personally, I am beginning to entertain the idea of using an ASAN-instrumented browser for day-to-day use.
That's a pretty interesting idea, and seems to be a practical realization of something people have been trying to do for ages: produce a C variant with more safety. The most prominent project I know trying to do that is the C-like language Cyclone (http://cyclone.thelanguage.org/), but this seems like an alternate approach that lets you get "C but safer" without actually moving away from C.
Cyclone is something every programming language enthusiast should look into, IMHO. It's extremely interesting, well-done work.
I have been trying clang+ASan on a larger project with mixed success. While it could catch a known bug, it seemed to miscompile some essential startup code and therefore I could not get it running in regression tests. Never got around to debugging it, but now I can try again with GCC.
There is also another interesting project out there, although it is not as far along as ASAN:
This project aims to track exact memory bounds of all objects. ASan will not detect out of bounds accesses that go to allocated memory of another object, but SAFECode would catch that.
ASAN helps find difficult-to-reproduce bugs, e.g. data races. A data race occurs when two or more threads access the same memory locations in a undefined order. The OS can interrupt threads at any time, it's hard to test all possible interleavings of instructions from multiple threads. Programmers typically have some invariants in their mind but it's really easy to make a mistake, and hard to detect it.
To use the tool, you compile a C/C++ program in a different way. The ASAN toolchain instruments your memory accesses. Then you run your program (or unit tests for library code). And it will tell you if there were memory errors like data races. Then you look at your source code and fix the bug.
Valgrind does a similar thing and is a standard open source tool. As mentioned on the page, this is faster.
ASan can only catch memory errors in C/C++ programs. A memory error is an access outside the allocated memory of an object, e.g. due to incorrect pointer arithmetics. Such errors would otherwise go undetected but can cause all kinds of errors in the program, like corrupted data, crashes etc.
ASan is already in Clang, and I've heard some of rumours of a ‘Thread Sanitizer’ as well. All kinds of interesting projects brewing inside of google, it seems :)
Will probably see GCC 4.8 on Windows before Clang++ and ASan.
So if you are looking for something specifically to clean up or test software that cleans up USPS addresses, there you go.
If you want something that takes random address-looking things and tries to find a USPS address that matches it, that's harder :)