Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ASM] iast: Tainting of DefaultInterpolatedStringHandler #6340

Draft
wants to merge 7 commits into
base: master
Choose a base branch
from
Draft

[ASM] iast: Tainting of DefaultInterpolatedStringHandler #6340

wants to merge 7 commits into from
+604 −10

Conversation

e-n-0
Copy link
Member

@e-n-0 e-n-0 commented Nov 22, 2024

Summary of changes

Reason for change

Implementation details

Test coverage

Other details

@datadog-ddstaging
Copy link

datadog-ddstaging bot commented Nov 22, 2024
edited
Loading

Datadog Report

Branch report: flavien/iast/interpolatedstring
Commit report: 9c1b9ba
Test service: dd-trace-dotnet

❌ 7 Failed (0 Known Flaky), 456814 Passed, 3502 Skipped, 32h 35m 36.84s Total Time

❌ Failed Tests (7)

This report shows up to 5 failed tests.

  • TestIastSqliInterpolatedString - Datadog.Trace.Security.IntegrationTests.Iast.AspNetCore5IastTestsFullSamplingIastEnabled - Details

    Expand for error 
     
 Verified path: D:\a\1\s\tracer\test\Datadog.Trace.Security.IntegrationTests\..\snapshots\Iast.SqliInterpolatedString.AspNetCore5.IastEnabled.verified.txtpNetCore5,
     Type: web,
     Tags: {
       aspnet_core.endpoint: Samples.Security.AspNetCore5.Controllers.IastController.InterpolatedSqlString (Samples.Security.AspNetCore5),
       aspnet_core.route: iast/interpolatedsqlstring,
       component: aspnet_core,
       env: integration_tests,
       http.method: GET,
       http.request.headers.host: localhost:00000,
 ...

  • TestIastSqliInterpolatedString - Datadog.Trace.Security.IntegrationTests.Iast.AspNetCore5IastTestsFullSamplingIastEnabled - Details

    Expand for error 
     Results do not match.
 Differences:
 Received: Iast.SqliInterpolatedString.AspNetCore5.IastEnabled.received.txt
 Verified: Iast.SqliInterpolatedString.AspNetCore5.IastEnabled.verified.txt
 Received Content:
 [
   {
     TraceId: Id_1,
     SpanId: Id_2,
     Name: aspnet_core.request,
 ...

  • TestIastSqliInterpolatedString - Datadog.Trace.Security.IntegrationTests.Iast.AspNetCore5IastTestsFullSamplingIastEnabled - Details

    Expand for error 
     Results do not match.
 Differences:
 Received: Iast.SqliInterpolatedString.AspNetCore5.IastEnabled.received.txt
 Verified: Iast.SqliInterpolatedString.AspNetCore5.IastEnabled.verified.txt
 Received Content:
 [
   {
     TraceId: Id_1,
     SpanId: Id_2,
     Name: aspnet_core.request,
 ...

  • TestIastSqliInterpolatedString - Datadog.Trace.Security.IntegrationTests.Iast.AspNetCore5IastTestsFullSamplingIastEnabled - Details

    Expand for error 
     Results do not match.
 Differences:
 Received: Iast.SqliInterpolatedString.AspNetCore5.IastEnabled.received.txt
 Verified: Iast.SqliInterpolatedString.AspNetCore5.IastEnabled.verified.txt
 Received Content:
 [
   {
     TraceId: Id_1,
     SpanId: Id_2,
     Name: aspnet_core.request,
 ...

  • TestIastSqliInterpolatedString - Datadog.Trace.Security.IntegrationTests.Iast.AspNetCore5IastTestsFullSamplingIastEnabled - Details

    Expand for error 
     
 Verified path: D:\a\1\s\tracer\test\Datadog.Trace.Security.IntegrationTests\..\snapshots\Iast.SqliInterpolatedString.AspNetCore5.IastEnabled.verified.txtpNetCore5,
     Type: web,
     Tags: {
       aspnet_core.endpoint: Samples.Security.AspNetCore5.Controllers.IastController.InterpolatedSqlString (Samples.Security.AspNetCore5),
       aspnet_core.route: iast/interpolatedsqlstring,
       component: aspnet_core,
       env: integration_tests,
       http.method: GET,
       http.request.headers.host: localhost:00000,
 ...

@andrewlock
Copy link
Member

Execution-Time Benchmarks Report ⏱️

Execution-time results for samples comparing the following branches/commits:

Execution-time benchmarks measure the whole time it takes to execute a program. And are intended to measure the one-off costs. Cases where the execution time results for the PR are worse than latest master results are shown in red. The following thresholds were used for comparing the execution times:

  • Welch test with statistical test for significance of 5%
  • Only results indicating a difference greater than 5% and 5 ms are considered.

Note that these results are based on a single point-in-time result for each branch. For full results, see the dashboard.

Graphs show the p99 interval based on the mean and StdDev of the test run, as well as the mean value of the run (shown as a diamond below the graph).

gantt
    title Execution time (ms) FakeDbCommand (.NET Framework 4.6.2) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6340) - mean (74ms)  : 65, 83
     .   : milestone, 74,
    master - mean (71ms)  : 64, 78
     .   : milestone, 71,

    section CallTarget+Inlining+NGEN
    This PR (6340) - mean (1,122ms)  : 1063, 1181
     .   : milestone, 1122,
    master - mean (1,109ms)  : 1083, 1135
     .   : milestone, 1109,
Loading 
gantt
    title Execution time (ms) FakeDbCommand (.NET Core 3.1) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6340) - mean (110ms)  : 108, 112
     .   : milestone, 110,
    master - mean (109ms)  : 106, 112
     .   : milestone, 109,

    section CallTarget+Inlining+NGEN
    This PR (6340) - mean (818ms)  : 633, 1003
     .   : milestone, 818,
    master - mean (772ms)  : 752, 791
     .   : milestone, 772,
Loading 
gantt
    title Execution time (ms) FakeDbCommand (.NET 6) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6340) - mean (94ms)  : 91, 96
     .   : milestone, 94,
    master - mean (92ms)  : 91, 94
     .   : milestone, 92,

    section CallTarget+Inlining+NGEN
    This PR (6340) - mean (739ms)  : 690, 787
     .   : milestone, 739,
    master - mean (726ms)  : 711, 741
     .   : milestone, 726,
Loading 
gantt
    title Execution time (ms) HttpMessageHandler (.NET Framework 4.6.2) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6340) - mean (191ms)  : 186, 195
     .   : milestone, 191,
    master - mean (192ms)  : 186, 198
     .   : milestone, 192,

    section CallTarget+Inlining+NGEN
    This PR (6340) - mean (1,219ms)  : 1195, 1242
     .   : milestone, 1219,
    master - mean (1,214ms)  : 1192, 1237
     .   : milestone, 1214,
Loading 
gantt
    title Execution time (ms) HttpMessageHandler (.NET Core 3.1) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6340) - mean (277ms)  : 272, 281
     .   : milestone, 277,
    master - mean (278ms)  : 272, 284
     .   : milestone, 278,

    section CallTarget+Inlining+NGEN
    This PR (6340) - mean (955ms)  : 932, 979
     .   : milestone, 955,
    master - mean (949ms)  : 933, 965
     .   : milestone, 949,
Loading 
gantt
    title Execution time (ms) HttpMessageHandler (.NET 6) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6340) - mean (266ms)  : 262, 269
     .   : milestone, 266,
    master - mean (266ms)  : 262, 270
     .   : milestone, 266,

    section CallTarget+Inlining+NGEN
    This PR (6340) - mean (925ms)  : 907, 943
     .   : milestone, 925,
    master - mean (931ms)  : 914, 948
     .   : milestone, 931,
Loading

@andrewlock
Copy link
Member

Benchmarks Report for tracer 🐌

Benchmarks for #6340 compared to master:

  • 3 benchmarks are slower, with geometric mean 1.136
  • All benchmarks have the same allocations

The following thresholds were used for comparing the benchmark speeds:

  • Mann–Whitney U test with statistical test for significance of 5%
  • Only results indicating a difference greater than 10% and 0.3 ns are considered.

Allocation changes below 0.5% are ignored.

Benchmark details

Benchmarks.Trace.ActivityBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master StartStopWithChild net6.0 7.97μs 45.4ns 327ns 0.0119 0.00398 0 5.61 KB
master StartStopWithChild netcoreapp3.1 9.92μs 54.9ns 334ns 0.0151 0.00503 0 5.8 KB
master StartStopWithChild net472 16.3μs 51.3ns 199ns 1.06 0.332 0.116 6.21 KB
#6340 StartStopWithChild net6.0 7.91μs 44.7ns 303ns 0.0158 0.00396 0 5.61 KB
#6340 StartStopWithChild netcoreapp3.1 10μs 56.3ns 356ns 0.0191 0.00954 0 5.8 KB
#6340 StartStopWithChild net472 16.3μs 64.3ns 249ns 1.03 0.294 0.0898 6.2 KB
Benchmarks.Trace.AgentWriterBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master WriteAndFlushEnrichedTraces net6.0 487μs 394ns 1.53μs 0 0 0 2.7 KB
master WriteAndFlushEnrichedTraces netcoreapp3.1 654μs 145ns 543ns 0 0 0 2.7 KB
master WriteAndFlushEnrichedTraces net472 859μs 583ns 2.26μs 0.425 0 0 3.3 KB
#6340 WriteAndFlushEnrichedTraces net6.0 494μs 956ns 3.7μs 0 0 0 2.7 KB
#6340 WriteAndFlushEnrichedTraces netcoreapp3.1 657μs 450ns 1.74μs 0 0 0 2.7 KB
#6340 WriteAndFlushEnrichedTraces net472 862μs 477ns 1.78μs 0.428 0 0 3.3 KB
Benchmarks.Trace.AspNetCoreBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master SendRequest net6.0 152μs 856ns 6.52μs 0.148 0 0 14.47 KB
master SendRequest netcoreapp3.1 167μs 884ns 6μs 0.169 0 0 17.27 KB
master SendRequest net472 0.000513ns 0.000275ns 0.00103ns 0 0 0 0 b
#6340 SendRequest net6.0 150μs 844ns 6.09μs 0.158 0 0 14.47 KB
#6340 SendRequest netcoreapp3.1 169μs 980ns 8.93μs 0.17 0 0 17.27 KB
#6340 SendRequest net472 0.00221ns 0.00088ns 0.00329ns 0 0 0 0 b
Benchmarks.Trace.CIVisibilityProtocolWriterBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master WriteAndFlushEnrichedTraces net6.0 564μs 2.75μs 11μs 0.558 0 0 41.57 KB
master WriteAndFlushEnrichedTraces netcoreapp3.1 680μs 3.75μs 22.8μs 0.406 0 0 41.75 KB
master WriteAndFlushEnrichedTraces net472 863μs 4.32μs 18.3μs 8.56 2.57 0.428 53.28 KB
#6340 WriteAndFlushEnrichedTraces net6.0 568μs 2.29μs 11.5μs 0.573 0 0 41.55 KB
#6340 WriteAndFlushEnrichedTraces netcoreapp3.1 724μs 4.09μs 27.4μs 0.353 0 0 41.65 KB
#6340 WriteAndFlushEnrichedTraces net472 902μs 3.94μs 15.3μs 8.3 2.62 0.437 53.31 KB
Benchmarks.Trace.DbCommandBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master ExecuteNonQuery net6.0 1.31μs 0.782ns 2.93ns 0.0145 0 0 1.02 KB
master ExecuteNonQuery netcoreapp3.1 1.73μs 2.21ns 8.25ns 0.0138 0 0 1.02 KB
master ExecuteNonQuery net472 2.04μs 2.42ns 9.38ns 0.156 0.00102 0 987 B
#6340 ExecuteNonQuery net6.0 1.37μs 1.11ns 4.3ns 0.0145 0 0 1.02 KB
#6340 ExecuteNonQuery netcoreapp3.1 1.86μs 1.4ns 5.44ns 0.0139 0 0 1.02 KB
#6340 ExecuteNonQuery net472 2.05μs 2.24ns 8.69ns 0.157 0.00102 0 987 B
Benchmarks.Trace.ElasticsearchBenchmark - Slower ⚠️ Same allocations ✔️

Slower ⚠️ in #6340

Benchmark diff/base Base Median (ns) Diff Median (ns) Modality
Benchmarks.Trace.ElasticsearchBenchmark.CallElasticsearch‑net6.0 1.124 1,204.15 1,353.80

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master CallElasticsearch net6.0 1.2μs 0.724ns 2.71ns 0.0138 0 0 976 B
master CallElasticsearch netcoreapp3.1 1.51μs 1.23ns 4.6ns 0.0129 0 0 976 B
master CallElasticsearch net472 2.46μs 1.32ns 5.12ns 0.157 0 0 995 B
master CallElasticsearchAsync net6.0 1.35μs 0.535ns 2.07ns 0.0129 0 0 952 B
master CallElasticsearchAsync netcoreapp3.1 1.66μs 0.878ns 3.4ns 0.0134 0 0 1.02 KB
master CallElasticsearchAsync net472 2.75μs 1.27ns 4.76ns 0.166 0 0 1.05 KB
#6340 CallElasticsearch net6.0 1.35μs 0.518ns 1.94ns 0.0135 0 0 976 B
#6340 CallElasticsearch netcoreapp3.1 1.6μs 0.633ns 2.37ns 0.013 0 0 976 B
#6340 CallElasticsearch net472 2.58μs 1.08ns 4.19ns 0.158 0 0 995 B
#6340 CallElasticsearchAsync net6.0 1.31μs 0.674ns 2.52ns 0.0131 0 0 952 B
#6340 CallElasticsearchAsync netcoreapp3.1 1.66μs 1.48ns 5.75ns 0.0137 0 0 1.02 KB
#6340 CallElasticsearchAsync net472 2.61μs 1.41ns 5.47ns 0.167 0 0 1.05 KB
Benchmarks.Trace.GraphQLBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master ExecuteAsync net6.0 1.31μs 0.484ns 1.81ns 0.0131 0 0 952 B
master ExecuteAsync netcoreapp3.1 1.62μs 2.24ns 8.37ns 0.0128 0 0 952 B
master ExecuteAsync net472 1.77μs 0.485ns 1.81ns 0.145 0 0 915 B
#6340 ExecuteAsync net6.0 1.27μs 0.587ns 2.28ns 0.0135 0 0 952 B
#6340 ExecuteAsync netcoreapp3.1 1.59μs 0.936ns 3.5ns 0.0128 0 0 952 B
#6340 ExecuteAsync net472 1.82μs 0.594ns 2.22ns 0.145 0 0 915 B
Benchmarks.Trace.HttpClientBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master SendAsync net6.0 4.32μs 3.27ns 12.7ns 0.0323 0 0 2.31 KB
master SendAsync netcoreapp3.1 5.35μs 3.02ns 11.7ns 0.0375 0 0 2.85 KB
master SendAsync net472 7.37μs 8.02ns 31.1ns 0.493 0 0 3.12 KB
#6340 SendAsync net6.0 4.21μs 1.93ns 7.46ns 0.0315 0 0 2.31 KB
#6340 SendAsync netcoreapp3.1 5.44μs 1.95ns 7.54ns 0.0382 0 0 2.85 KB
#6340 SendAsync net472 7.36μs 2.14ns 8.27ns 0.494 0 0 3.12 KB
Benchmarks.Trace.ILoggerBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master EnrichedLog net6.0 1.6μs 0.785ns 2.94ns 0.0233 0 0 1.64 KB
master EnrichedLog netcoreapp3.1 2.22μs 0.93ns 3.48ns 0.0221 0 0 1.64 KB
master EnrichedLog net472 2.77μs 0.859ns 3.33ns 0.249 0 0 1.57 KB
#6340 EnrichedLog net6.0 1.5μs 0.969ns 3.63ns 0.0232 0 0 1.64 KB
#6340 EnrichedLog netcoreapp3.1 2.14μs 1.3ns 4.86ns 0.0226 0 0 1.64 KB
#6340 EnrichedLog net472 2.82μs 1.76ns 6.58ns 0.249 0 0 1.57 KB
Benchmarks.Trace.Log4netBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master EnrichedLog net6.0 119μs 174ns 673ns 0.0596 0 0 4.28 KB
master EnrichedLog netcoreapp3.1 124μs 226ns 875ns 0 0 0 4.28 KB
master EnrichedLog net472 150μs 107ns 399ns 0.681 0.227 0 4.46 KB
#6340 EnrichedLog net6.0 119μs 150ns 582ns 0.0597 0 0 4.28 KB
#6340 EnrichedLog netcoreapp3.1 122μs 136ns 509ns 0 0 0 4.28 KB
#6340 EnrichedLog net472 153μs 80ns 299ns 0.687 0.229 0 4.46 KB
Benchmarks.Trace.NLogBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master EnrichedLog net6.0 3.12μs 1.24ns 4.82ns 0.0297 0 0 2.2 KB
master EnrichedLog netcoreapp3.1 4.17μs 3.85ns 14.9ns 0.0293 0 0 2.2 KB
master EnrichedLog net472 4.91μs 4.95ns 19.2ns 0.32 0 0 2.02 KB
#6340 EnrichedLog net6.0 3.12μs 2.9ns 10ns 0.03 0 0 2.2 KB
#6340 EnrichedLog netcoreapp3.1 4.24μs 2.19ns 8.49ns 0.0289 0 0 2.2 KB
#6340 EnrichedLog net472 4.85μs 1.28ns 4.8ns 0.319 0 0 2.02 KB
Benchmarks.Trace.RedisBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master SendReceive net6.0 1.29μs 0.403ns 1.51ns 0.016 0 0 1.14 KB
master SendReceive netcoreapp3.1 1.76μs 1ns 3.88ns 0.015 0 0 1.14 KB
master SendReceive net472 2.03μs 1.27ns 4.92ns 0.183 0 0 1.16 KB
#6340 SendReceive net6.0 1.34μs 0.69ns 2.67ns 0.016 0 0 1.14 KB
#6340 SendReceive netcoreapp3.1 1.74μs 0.534ns 1.92ns 0.0154 0 0 1.14 KB
#6340 SendReceive net472 2.04μs 1.72ns 6.67ns 0.183 0 0 1.16 KB
Benchmarks.Trace.SerilogBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master EnrichedLog net6.0 2.7μs 0.665ns 2.49ns 0.0217 0 0 1.6 KB
master EnrichedLog netcoreapp3.1 3.99μs 1.83ns 6.59ns 0.0223 0 0 1.65 KB
master EnrichedLog net472 4.34μs 1.7ns 6.12ns 0.322 0 0 2.04 KB
#6340 EnrichedLog net6.0 2.85μs 1.05ns 4.06ns 0.0214 0 0 1.6 KB
#6340 EnrichedLog netcoreapp3.1 3.88μs 1.6ns 6.19ns 0.0212 0 0 1.65 KB
#6340 EnrichedLog net472 4.41μs 2.02ns 7.81ns 0.322 0 0 2.04 KB
Benchmarks.Trace.SpanBenchmark - Slower ⚠️ Same allocations ✔️

Slower ⚠️ in #6340

Benchmark diff/base Base Median (ns) Diff Median (ns) Modality
Benchmarks.Trace.SpanBenchmark.StartFinishSpan‑net6.0 1.151 387.35 445.75
Benchmarks.Trace.SpanBenchmark.StartFinishScope‑netcoreapp3.1 1.132 640.08 724.51

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master StartFinishSpan net6.0 388ns 0.528ns 2.04ns 0.00809 0 0 576 B
master StartFinishSpan netcoreapp3.1 615ns 1.12ns 4.34ns 0.00767 0 0 576 B
master StartFinishSpan net472 643ns 1.25ns 4.82ns 0.0917 0 0 578 B
master StartFinishScope net6.0 477ns 0.672ns 2.6ns 0.0099 0 0 696 B
master StartFinishScope netcoreapp3.1 639ns 1.12ns 4.18ns 0.00921 0 0 696 B
master StartFinishScope net472 847ns 1.27ns 4.91ns 0.105 0 0 658 B
#6340 StartFinishSpan net6.0 447ns 0.717ns 2.78ns 0.00794 0 0 576 B
#6340 StartFinishSpan netcoreapp3.1 635ns 0.889ns 3.44ns 0.00797 0 0 576 B
#6340 StartFinishSpan net472 655ns 1.26ns 4.89ns 0.0918 0 0 578 B
#6340 StartFinishScope net6.0 496ns 0.747ns 2.89ns 0.00974 0 0 696 B
#6340 StartFinishScope netcoreapp3.1 723ns 1.66ns 6.44ns 0.00908 0 0 696 B
#6340 StartFinishScope net472 906ns 1.6ns 6.21ns 0.104 0 0 658 B
Benchmarks.Trace.TraceAnnotationsBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master RunOnMethodBegin net6.0 594ns 0.832ns 3.22ns 0.00963 0 0 696 B
master RunOnMethodBegin netcoreapp3.1 857ns 1.45ns 5.61ns 0.00952 0 0 696 B
master RunOnMethodBegin net472 1.09μs 1.86ns 7.22ns 0.104 0 0 658 B
#6340 RunOnMethodBegin net6.0 658ns 1.09ns 4.23ns 0.00981 0 0 696 B
#6340 RunOnMethodBegin netcoreapp3.1 921ns 1.26ns 4.38ns 0.00932 0 0 696 B
#6340 RunOnMethodBegin net472 1.1μs 2.41ns 9.32ns 0.104 0 0 658 B

@andrewlock
Copy link
Member

Benchmarks Report for appsec 🐌

Benchmarks for #6340 compared to master:

  • All benchmarks have the same speed
  • 3 benchmarks have fewer allocations

The following thresholds were used for comparing the benchmark speeds:

  • Mann–Whitney U test with statistical test for significance of 5%
  • Only results indicating a difference greater than 10% and 0.3 ns are considered.

Allocation changes below 0.5% are ignored.

Benchmark details

Benchmarks.Trace.Asm.AppSecBodyBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master AllCycleSimpleBody net6.0 217μs 132ns 512ns 2.48 0 0 176.82 KB
master AllCycleSimpleBody netcoreapp3.1 319μs 176ns 657ns 2.39 0 0 184.27 KB
master AllCycleSimpleBody net472 282μs 329ns 1.27μs 33.4 2.53 0 210.04 KB
master AllCycleMoreComplexBody net6.0 223μs 143ns 535ns 2.49 0 0 180.33 KB
master AllCycleMoreComplexBody netcoreapp3.1 328μs 162ns 628ns 2.47 0 0 187.68 KB
master AllCycleMoreComplexBody net472 291μs 485ns 1.82μs 33.9 2.6 0 213.56 KB
master ObjectExtractorSimpleBody net6.0 147ns 0.145ns 0.563ns 0.00394 0 0 280 B
master ObjectExtractorSimpleBody netcoreapp3.1 200ns 0.266ns 1.03ns 0.00368 0 0 272 B
master ObjectExtractorSimpleBody net472 215ns 0.197ns 0.763ns 0.0445 0 0 281 B
master ObjectExtractorMoreComplexBody net6.0 3.07μs 1.48ns 5.35ns 0.0527 0 0 3.78 KB
master ObjectExtractorMoreComplexBody netcoreapp3.1 4.08μs 1.57ns 5.88ns 0.051 0 0 3.69 KB
master ObjectExtractorMoreComplexBody net472 4.75μs 3.01ns 11.7ns 0.602 0.00474 0 3.8 KB
#6340 AllCycleSimpleBody net6.0 217μs 122ns 457ns 2.47 0 0 176.82 KB
#6340 AllCycleSimpleBody netcoreapp3.1 318μs 246ns 953ns 2.45 0 0 184.26 KB
#6340 AllCycleSimpleBody net472 281μs 611ns 2.37μs 33.3 2.54 0 210.04 KB
#6340 AllCycleMoreComplexBody net6.0 222μs 107ns 400ns 2.53 0 0 180.33 KB
#6340 AllCycleMoreComplexBody netcoreapp3.1 325μs 123ns 461ns 2.45 0 0 187.68 KB
#6340 AllCycleMoreComplexBody net472 289μs 180ns 672ns 33.9 2.61 0 213.56 KB
#6340 ObjectExtractorSimpleBody net6.0 151ns 0.161ns 0.622ns 0.00396 0 0 280 B
#6340 ObjectExtractorSimpleBody netcoreapp3.1 195ns 0.216ns 0.809ns 0.00373 0 0 272 B
#6340 ObjectExtractorSimpleBody net472 210ns 0.0965ns 0.361ns 0.0446 0 0 281 B
#6340 ObjectExtractorMoreComplexBody net6.0 2.99μs 1.48ns 5.34ns 0.053 0 0 3.78 KB
#6340 ObjectExtractorMoreComplexBody netcoreapp3.1 3.97μs 2.47ns 9.56ns 0.0497 0 0 3.69 KB
#6340 ObjectExtractorMoreComplexBody net472 4.39μs 3.64ns 14.1ns 0.602 0.00657 0 3.8 KB
Benchmarks.Trace.Asm.AppSecEncoderBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master EncodeArgs net6.0 37.4μs 13.8ns 51.8ns 0.451 0 0 32.4 KB
master EncodeArgs netcoreapp3.1 54.7μs 38.7ns 150ns 0.435 0 0 32.4 KB
master EncodeArgs net472 69.2μs 70.9ns 275ns 5.14 0.0677 0 32.5 KB
master EncodeLegacyArgs net6.0 71.8μs 130ns 502ns 0 0 0 2.14 KB
master EncodeLegacyArgs netcoreapp3.1 103μs 51.4ns 192ns 0 0 0 2.14 KB
master EncodeLegacyArgs net472 157μs 71.7ns 278ns 0.314 0 0 2.15 KB
#6340 EncodeArgs net6.0 37.6μs 22.4ns 86.8ns 0.451 0 0 32.4 KB
#6340 EncodeArgs netcoreapp3.1 53.9μs 17.3ns 64.9ns 0.43 0 0 32.4 KB
#6340 EncodeArgs net472 69.2μs 75.3ns 292ns 5.16 0.0683 0 32.5 KB
#6340 EncodeLegacyArgs net6.0 73μs 48.1ns 186ns 0 0 0 2.14 KB
#6340 EncodeLegacyArgs netcoreapp3.1 105μs 92.5ns 358ns 0 0 0 2.15 KB
#6340 EncodeLegacyArgs net472 157μs 84.9ns 329ns 0.316 0 0 2.15 KB
Benchmarks.Trace.Asm.AppSecWafBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master RunWafRealisticBenchmark net6.0 182μs 145ns 561ns 0 0 0 2.44 KB
master RunWafRealisticBenchmark netcoreapp3.1 196μs 358ns 1.39μs 0 0 0 2.39 KB
master RunWafRealisticBenchmark net472 207μs 57.2ns 214ns 0.31 0 0 2.46 KB
master RunWafRealisticBenchmarkWithAttack net6.0 121μs 90.6ns 339ns 0 0 0 1.47 KB
master RunWafRealisticBenchmarkWithAttack netcoreapp3.1 129μs 213ns 824ns 0 0 0 1.46 KB
master RunWafRealisticBenchmarkWithAttack net472 140μs 70.6ns 273ns 0.211 0 0 1.49 KB
#6340 RunWafRealisticBenchmark net6.0 180μs 183ns 684ns 0 0 0 2.44 KB
#6340 RunWafRealisticBenchmark netcoreapp3.1 194μs 240ns 931ns 0 0 0 2.39 KB
#6340 RunWafRealisticBenchmark net472 209μs 128ns 495ns 0.312 0 0 2.46 KB
#6340 RunWafRealisticBenchmarkWithAttack net6.0 122μs 78.7ns 305ns 0 0 0 1.47 KB
#6340 RunWafRealisticBenchmarkWithAttack netcoreapp3.1 129μs 54.2ns 195ns 0 0 0 1.46 KB
#6340 RunWafRealisticBenchmarkWithAttack net472 139μs 48.8ns 176ns 0.209 0 0 1.49 KB
Benchmarks.Trace.Iast.StringAspectsBenchmark - Same speed ✔️ Fewer allocations 🎉

Fewer allocations 🎉 in #6340

Benchmark Base Allocated Diff Allocated Change Change %
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatAspectBenchmark‑net6.0 256.25 KB 253.83 KB -2.42 KB -0.94%
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatAspectBenchmark‑netcoreapp3.1 263.55 KB 253.8 KB -9.75 KB -3.70%
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatBenchmark‑net472 59.36 KB 57.16 KB -2.2 KB -3.71%

Raw results

Branch Method Toolchain Mean StdError StdDev Gen 0 Gen 1 Gen 2 Allocated
master StringConcatBenchmark net6.0 58.5μs 750ns 7.39μs 0 0 0 43.44 KB
master StringConcatBenchmark netcoreapp3.1 61.6μs 799ns 7.91μs 0 0 0 42.64 KB
master StringConcatBenchmark net472 37.9μs 150ns 542ns 0 0 0 59.36 KB
master StringConcatAspectBenchmark net6.0 322μs 1.85μs 13.7μs 0 0 0 256.25 KB
master StringConcatAspectBenchmark netcoreapp3.1 365μs 2.07μs 18.7μs 0 0 0 263.55 KB
master StringConcatAspectBenchmark net472 289μs 5.53μs 53.4μs 0 0 0 278.53 KB
#6340 StringConcatBenchmark net6.0 54μs 256ns 1.02μs 0 0 0 43.44 KB
#6340 StringConcatBenchmark netcoreapp3.1 63.5μs 737ns 7.26μs 0 0 0 42.64 KB
#6340 StringConcatBenchmark net472 38.8μs 196ns 1.24μs 0 0 0 57.16 KB
#6340 StringConcatAspectBenchmark net6.0 294μs 5.47μs 53.8μs 0 0 0 253.83 KB
#6340 StringConcatAspectBenchmark netcoreapp3.1 337μs 1.61μs 9.12μs 0 0 0 253.8 KB
#6340 StringConcatAspectBenchmark net472 307μs 7.67μs 74.7μs 0 0 0 278.53 KB

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
area:asm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@e-n-0 @andrewlock @daniel-romano-DD