Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent AppSec context from being closed more than once on partial flush #7059

Merged
merged 1 commit into from
May 28, 2024
Merged

Prevent AppSec context from being closed more than once on partial flush #7059

merged 1 commit into from
May 28, 2024

Conversation

smola
Copy link
Member

@smola smola commented May 22, 2024
edited
Loading

What Does This Do

Ensure that AppSec hooks for root span finished run only once.

Motivation

We had some hooks in CoreTracer.write meant to be run whenever a root span is finished. However, they were effectively called not just when the root span finished, but also whenever a partial flush on a child span was performed. This ended up calling the hooks multiple teams, and earlier than expected.

When DD_APPSEC_ENABLED=true, this led to WAF object had not been closed warnings whenever a partial flush was triggered and the root span was not finished yet.

Reproducing the issue is easier when setting -Ddd.trace.partial.flush.min.spans=1.

Additional Notes

Jira ticket: APPSEC-53203

@smola smola changed the title AppSec/Profiling hooks for root span finished run only once Prevent AppSec context from being closed more than once on partial flush May 22, 2024
@smola smola added type: bug comp: asm waf Application Security Management (WAF) labels May 22, 2024
@smola smola force-pushed the smola/unique-onrootspanfinished branch from e080203 to 4f31ab5 Compare May 22, 2024 09:41
@smola smola requested review from a team, manuel-alvarez-alvarez and jandro996 May 22, 2024 09:47
@smola smola force-pushed the smola/unique-onrootspanfinished branch 3 times, most recently from 2de54da to 0a1311d Compare May 22, 2024 13:20
@smola smola marked this pull request as ready for review May 22, 2024 13:46
@smola smola requested a review from a team as a code owner May 22, 2024 13:46
@smola smola requested review from dougqh and ygree May 22, 2024 13:46
manuel-alvarez-alvarez
manuel-alvarez-alvarez reviewed May 27, 2024
View reviewed changes
dd-trace-core/src/main/java/datadog/trace/core/CoreTracer.java
@@ -240,11 +240,33 @@ PropagationTags.Factory getPropagationTagsFactory() {
return propagationTagsFactory;
}

/**
* Called when a root span is finished before it is serialized. This is might be called multiple
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice catch!

@smola
Prevent AppSec context from being closed more than once on partial flush
81eb977 
We had some hooks in `CoreTracer.write` meant to be run whenever a root
span is finished. However, they were effectively called not just when
the root span finished, but also whenever a partial flush on a child
span was performed. This ended up calling the hooks multiple times, and
earlier than expected.
@smola smola force-pushed the smola/unique-onrootspanfinished branch from 11f512d to 81eb977 Compare May 28, 2024 07:53
@pr-commenter
Copy link

pr-commenter bot commented May 28, 2024
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master smola/unique-onrootspanfinished
git_commit_date 1716880499 1716882783
git_commit_sha bd6b34d 81eb977
release_version 1.35.0-SNAPSHOT~bd6b34d283 1.35.0-SNAPSHOT~81eb977eeb
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1716885484 1716885484
ci_job_id 523834310 523834310
ci_pipeline_id 35195994 35195994
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 46 metrics, 16 unstable metrics.

scenario Δ mean execution_time candidate mean execution_time baseline mean execution_time
scenario:startup:insecure-bank:iast_HARDCODED_SECRET_DISABLED:AppSec better
[-5.772ms; -1.275ms] or [-11.463%; -2.533%]		 46.825ms 50.348ms
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.35.0-SNAPSHOT~81eb977eeb, baseline=1.35.0-SNAPSHOT~bd6b34d283

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.056 s) : 0, 1056490
Total [baseline] (10.353 s) : 0, 10353263
Agent [candidate] (1.063 s) : 0, 1063102
Total [candidate] (10.397 s) : 0, 10396759
section appsec
Agent [baseline] (1.172 s) : 0, 1171867
Total [baseline] (10.44 s) : 0, 10440245
Agent [candidate] (1.174 s) : 0, 1174481
Total [candidate] (10.491 s) : 0, 10491186
section iast
Agent [baseline] (1.182 s) : 0, 1182140
Total [baseline] (10.813 s) : 0, 10812561
Agent [candidate] (1.188 s) : 0, 1187581
Total [candidate] (10.771 s) : 0, 10771140
section profiling
Agent [baseline] (1.256 s) : 0, 1255941
Total [baseline] (10.617 s) : 0, 10616567
Agent [candidate] (1.262 s) : 0, 1261594
Total [candidate] (10.592 s) : 0, 10592224
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.056 s -
Agent appsec 1.172 s 115.377 ms (10.9%)
Agent iast 1.182 s 125.65 ms (11.9%)
Agent profiling 1.256 s 199.451 ms (18.9%)
Total tracing 10.353 s -
Total appsec 10.44 s 86.982 ms (0.8%)
Total iast 10.813 s 459.298 ms (4.4%)
Total profiling 10.617 s 263.304 ms (2.5%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.063 s -
Agent appsec 1.174 s 111.379 ms (10.5%)
Agent iast 1.188 s 124.478 ms (11.7%)
Agent profiling 1.262 s 198.492 ms (18.7%)
Total tracing 10.397 s -
Total appsec 10.491 s 94.427 ms (0.9%)
Total iast 10.771 s 374.381 ms (3.6%)
Total profiling 10.592 s 195.465 ms (1.9%) 
gantt
    title petclinic - break down per module: candidate=1.35.0-SNAPSHOT~81eb977eeb, baseline=1.35.0-SNAPSHOT~bd6b34d283

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (652.29 ms) : 0, 652290
BytebuddyAgent [candidate] (655.999 ms) : 0, 655999
GlobalTracer [baseline] (312.348 ms) : 0, 312348
GlobalTracer [candidate] (314.21 ms) : 0, 314210
AppSec [baseline] (49.37 ms) : 0, 49370
AppSec [candidate] (50.014 ms) : 0, 50014
Remote Config [baseline] (663.391 µs) : 0, 663
Remote Config [candidate] (681.636 µs) : 0, 682
Telemetry [baseline] (7.549 ms) : 0, 7549
Telemetry [candidate] (7.674 ms) : 0, 7674
section appsec
BytebuddyAgent [baseline] (673.077 ms) : 0, 673077
BytebuddyAgent [candidate] (674.143 ms) : 0, 674143
GlobalTracer [baseline] (295.006 ms) : 0, 295006
GlobalTracer [candidate] (295.613 ms) : 0, 295613
AppSec [baseline] (152.382 ms) : 0, 152382
AppSec [candidate] (152.492 ms) : 0, 152492
IAST [baseline] (18.666 ms) : 0, 18666
IAST [candidate] (18.836 ms) : 0, 18836
Remote Config [baseline] (625.216 µs) : 0, 625
Remote Config [candidate] (630.448 µs) : 0, 630
Telemetry [baseline] (7.138 ms) : 0, 7138
Telemetry [candidate] (7.761 ms) : 0, 7761
section iast
BytebuddyAgent [baseline] (775.875 ms) : 0, 775875
BytebuddyAgent [candidate] (778.337 ms) : 0, 778337
GlobalTracer [baseline] (291.625 ms) : 0, 291625
GlobalTracer [candidate] (292.338 ms) : 0, 292338
AppSec [baseline] (48.754 ms) : 0, 48754
AppSec [candidate] (48.91 ms) : 0, 48910
IAST [baseline] (23.723 ms) : 0, 23723
IAST [candidate] (25.692 ms) : 0, 25692
Remote Config [baseline] (607.275 µs) : 0, 607
Remote Config [candidate] (628.842 µs) : 0, 629
Telemetry [baseline] (7.299 ms) : 0, 7299
Telemetry [candidate] (7.267 ms) : 0, 7267
section profiling
BytebuddyAgent [baseline] (661.148 ms) : 0, 661148
BytebuddyAgent [candidate] (664.156 ms) : 0, 664156
GlobalTracer [baseline] (384.048 ms) : 0, 384048
GlobalTracer [candidate] (386.411 ms) : 0, 386411
AppSec [baseline] (50.325 ms) : 0, 50325
AppSec [candidate] (50.955 ms) : 0, 50955
Remote Config [baseline] (856.374 µs) : 0, 856
Remote Config [candidate] (841.978 µs) : 0, 842
Telemetry [baseline] (7.415 ms) : 0, 7415
Telemetry [candidate] (7.522 ms) : 0, 7522
ProfilingAgent [baseline] (95.651 ms) : 0, 95651
ProfilingAgent [candidate] (94.943 ms) : 0, 94943
Profiling [baseline] (95.676 ms) : 0, 95676
Profiling [candidate] (94.968 ms) : 0, 94968
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.35.0-SNAPSHOT~81eb977eeb, baseline=1.35.0-SNAPSHOT~bd6b34d283

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.061 s) : 0, 1060908
Total [baseline] (8.557 s) : 0, 8557168
Agent [candidate] (1.053 s) : 0, 1053342
Total [candidate] (8.523 s) : 0, 8522703
section iast
Agent [baseline] (1.184 s) : 0, 1184169
Total [baseline] (9.003 s) : 0, 9002874
Agent [candidate] (1.183 s) : 0, 1182625
Total [candidate] (9.003 s) : 0, 9002672
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.202 s) : 0, 1201897
Total [baseline] (9.015 s) : 0, 9015336
Agent [candidate] (1.182 s) : 0, 1182361
Total [candidate] (8.989 s) : 0, 8988846
section iast_TELEMETRY_OFF
Agent [baseline] (1.192 s) : 0, 1191651
Total [baseline] (8.996 s) : 0, 8995731
Agent [candidate] (1.19 s) : 0, 1189581
Total [candidate] (9.061 s) : 0, 9061298
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.061 s -
Agent iast 1.184 s 123.261 ms (11.6%)
Agent iast_HARDCODED_SECRET_DISABLED 1.202 s 140.989 ms (13.3%)
Agent iast_TELEMETRY_OFF 1.192 s 130.742 ms (12.3%)
Total tracing 8.557 s -
Total iast 9.003 s 445.706 ms (5.2%)
Total iast_HARDCODED_SECRET_DISABLED 9.015 s 458.168 ms (5.4%)
Total iast_TELEMETRY_OFF 8.996 s 438.563 ms (5.1%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.053 s -
Agent iast 1.183 s 129.284 ms (12.3%)
Agent iast_HARDCODED_SECRET_DISABLED 1.182 s 129.019 ms (12.2%)
Agent iast_TELEMETRY_OFF 1.19 s 136.239 ms (12.9%)
Total tracing 8.523 s -
Total iast 9.003 s 479.969 ms (5.6%)
Total iast_HARDCODED_SECRET_DISABLED 8.989 s 466.142 ms (5.5%)
Total iast_TELEMETRY_OFF 9.061 s 538.595 ms (6.3%) 
gantt
    title insecure-bank - break down per module: candidate=1.35.0-SNAPSHOT~81eb977eeb, baseline=1.35.0-SNAPSHOT~bd6b34d283

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (654.844 ms) : 0, 654844
BytebuddyAgent [candidate] (650.037 ms) : 0, 650037
GlobalTracer [baseline] (313.392 ms) : 0, 313392
GlobalTracer [candidate] (311.295 ms) : 0, 311295
AppSec [baseline] (50.017 ms) : 0, 50017
AppSec [candidate] (49.519 ms) : 0, 49519
Remote Config [baseline] (658.569 µs) : 0, 659
Remote Config [candidate] (668.966 µs) : 0, 669
Telemetry [baseline] (7.574 ms) : 0, 7574
Telemetry [candidate] (7.608 ms) : 0, 7608
section iast
BytebuddyAgent [baseline] (776.8 ms) : 0, 776800
BytebuddyAgent [candidate] (774.803 ms) : 0, 774803
GlobalTracer [baseline] (292.194 ms) : 0, 292194
GlobalTracer [candidate] (291.05 ms) : 0, 291050
AppSec [baseline] (49.958 ms) : 0, 49958
AppSec [candidate] (49.84 ms) : 0, 49840
IAST [baseline] (22.213 ms) : 0, 22213
IAST [candidate] (22.471 ms) : 0, 22471
Remote Config [baseline] (587.887 µs) : 0, 588
Remote Config [candidate] (605.654 µs) : 0, 606
Telemetry [baseline] (8.073 ms) : 0, 8073
Telemetry [candidate] (9.684 ms) : 0, 9684
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (788.356 ms) : 0, 788356
BytebuddyAgent [candidate] (775.472 ms) : 0, 775472
GlobalTracer [baseline] (296.178 ms) : 0, 296178
GlobalTracer [candidate] (291.954 ms) : 0, 291954
AppSec [baseline] (50.348 ms) : 0, 50348
AppSec [candidate] (46.825 ms) : 0, 46825
IAST [baseline] (23.354 ms) : 0, 23354
IAST [candidate] (25.787 ms) : 0, 25787
Remote Config [baseline] (597.449 µs) : 0, 597
Remote Config [candidate] (622.663 µs) : 0, 623
Telemetry [baseline] (8.162 ms) : 0, 8162
Telemetry [candidate] (7.359 ms) : 0, 7359
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (780.981 ms) : 0, 780981
BytebuddyAgent [candidate] (779.653 ms) : 0, 779653
GlobalTracer [baseline] (294.814 ms) : 0, 294814
GlobalTracer [candidate] (293.523 ms) : 0, 293523
AppSec [baseline] (47.799 ms) : 0, 47799
AppSec [candidate] (49.953 ms) : 0, 49953
IAST [baseline] (26.098 ms) : 0, 26098
IAST [candidate] (23.869 ms) : 0, 23869
Remote Config [baseline] (661.703 µs) : 0, 662
Remote Config [candidate] (629.975 µs) : 0, 630
Telemetry [baseline] (6.549 ms) : 0, 6549
Telemetry [candidate] (7.371 ms) : 0, 7371
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-05-28T08:10:39 2024-05-28T08:17:27
git_branch master smola/unique-onrootspanfinished
git_commit_date 1716880499 1716882783
git_commit_sha bd6b34d 81eb977
release_version 1.35.0-SNAPSHOT~bd6b34d283 1.35.0-SNAPSHOT~81eb977eeb
start_time 2024-05-28T08:10:25 2024-05-28T08:17:13
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1716884592 1716884592
ci_job_id 523834312 523834312
ci_pipeline_id 35195994 35195994
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 13 metrics, 15 unstable metrics.

Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.35.0-SNAPSHOT~81eb977eeb, baseline=1.35.0-SNAPSHOT~bd6b34d283
    dateFormat X
    axisFormat %s
section baseline
no_agent (366.905 µs) : 347, 387
.   : milestone, 367,
iast (477.038 µs) : 456, 498
.   : milestone, 477,
iast_FULL (548.933 µs) : 528, 570
.   : milestone, 549,
iast_GLOBAL (505.025 µs) : 483, 527
.   : milestone, 505,
iast_HARDCODED_SECRET_DISABLED (480.89 µs) : 460, 502
.   : milestone, 481,
iast_INACTIVE (460.114 µs) : 439, 481
.   : milestone, 460,
iast_TELEMETRY_OFF (472.182 µs) : 451, 493
.   : milestone, 472,
tracing (456.086 µs) : 435, 477
.   : milestone, 456,
section candidate
no_agent (372.278 µs) : 352, 393
.   : milestone, 372,
iast (485.2 µs) : 464, 507
.   : milestone, 485,
iast_FULL (549.566 µs) : 528, 571
.   : milestone, 550,
iast_GLOBAL (513.158 µs) : 490, 536
.   : milestone, 513,
iast_HARDCODED_SECRET_DISABLED (484.994 µs) : 464, 506
.   : milestone, 485,
iast_INACTIVE (449.912 µs) : 429, 471
.   : milestone, 450,
iast_TELEMETRY_OFF (473.88 µs) : 452, 496
.   : milestone, 474,
tracing (439.673 µs) : 419, 460
.   : milestone, 440,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 366.905 µs [347.063 µs, 386.748 µs] -
iast 477.038 µs [455.985 µs, 498.091 µs] 110.132 µs (30.0%)
iast_FULL 548.933 µs [527.898 µs, 569.968 µs] 182.028 µs (49.6%)
iast_GLOBAL 505.025 µs [482.933 µs, 527.117 µs] 138.12 µs (37.6%)
iast_HARDCODED_SECRET_DISABLED 480.89 µs [460.098 µs, 501.682 µs] 113.985 µs (31.1%)
iast_INACTIVE 460.114 µs [438.735 µs, 481.492 µs] 93.208 µs (25.4%)
iast_TELEMETRY_OFF 472.182 µs [451.357 µs, 493.007 µs] 105.277 µs (28.7%)
tracing 456.086 µs [435.477 µs, 476.696 µs] 89.181 µs (24.3%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 372.278 µs [352.017 µs, 392.539 µs] -
iast 485.2 µs [463.509 µs, 506.891 µs] 112.922 µs (30.3%)
iast_FULL 549.566 µs [528.394 µs, 570.737 µs] 177.288 µs (47.6%)
iast_GLOBAL 513.158 µs [490.081 µs, 536.236 µs] 140.881 µs (37.8%)
iast_HARDCODED_SECRET_DISABLED 484.994 µs [464.048 µs, 505.939 µs] 112.716 µs (30.3%)
iast_INACTIVE 449.912 µs [428.981 µs, 470.843 µs] 77.634 µs (20.9%)
iast_TELEMETRY_OFF 473.88 µs [451.656 µs, 496.105 µs] 101.602 µs (27.3%)
tracing 439.673 µs [419.16 µs, 460.186 µs] 67.395 µs (18.1%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.35.0-SNAPSHOT~81eb977eeb, baseline=1.35.0-SNAPSHOT~bd6b34d283
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.341 ms) : 1321, 1362
.   : milestone, 1341,
appsec (1.729 ms) : 1706, 1753
.   : milestone, 1729,
appsec_no_iast (1.695 ms) : 1671, 1718
.   : milestone, 1695,
iast (1.493 ms) : 1470, 1516
.   : milestone, 1493,
profiling (1.503 ms) : 1479, 1526
.   : milestone, 1503,
tracing (1.465 ms) : 1441, 1489
.   : milestone, 1465,
section candidate
no_agent (1.344 ms) : 1325, 1363
.   : milestone, 1344,
appsec (1.699 ms) : 1674, 1724
.   : milestone, 1699,
appsec_no_iast (1.708 ms) : 1683, 1733
.   : milestone, 1708,
iast (1.472 ms) : 1447, 1496
.   : milestone, 1472,
profiling (1.539 ms) : 1514, 1564
.   : milestone, 1539,
tracing (1.466 ms) : 1442, 1490
.   : milestone, 1466,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.341 ms [1.321 ms, 1.362 ms] -
appsec 1.729 ms [1.706 ms, 1.753 ms] 388.153 µs (28.9%)
appsec_no_iast 1.695 ms [1.671 ms, 1.718 ms] 353.287 µs (26.3%)
iast 1.493 ms [1.47 ms, 1.516 ms] 151.73 µs (11.3%)
profiling 1.503 ms [1.479 ms, 1.526 ms] 161.294 µs (12.0%)
tracing 1.465 ms [1.441 ms, 1.489 ms] 123.583 µs (9.2%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.344 ms [1.325 ms, 1.363 ms] -
appsec 1.699 ms [1.674 ms, 1.724 ms] 355.409 µs (26.4%)
appsec_no_iast 1.708 ms [1.683 ms, 1.733 ms] 364.067 µs (27.1%)
iast 1.472 ms [1.447 ms, 1.496 ms] 127.94 µs (9.5%)
profiling 1.539 ms [1.514 ms, 1.564 ms] 195.524 µs (14.5%)
tracing 1.466 ms [1.442 ms, 1.49 ms] 121.805 µs (9.1%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master smola/unique-onrootspanfinished
git_commit_date 1716880499 1716882783
git_commit_sha bd6b34d 81eb977
release_version 1.35.0-SNAPSHOT~bd6b34d283 1.35.0-SNAPSHOT~81eb977eeb
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1716885123 1716885123
ci_job_id 523834313 523834313
ci_pipeline_id 35195994 35195994
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.35.0-SNAPSHOT~81eb977eeb, baseline=1.35.0-SNAPSHOT~bd6b34d283
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.418 s) : 15418000, 15418000
.   : milestone, 15418000,
appsec (14.988 s) : 14988000, 14988000
.   : milestone, 14988000,
iast (18.783 s) : 18783000, 18783000
.   : milestone, 18783000,
iast_GLOBAL (17.811 s) : 17811000, 17811000
.   : milestone, 17811000,
profiling (15.102 s) : 15102000, 15102000
.   : milestone, 15102000,
tracing (15.336 s) : 15336000, 15336000
.   : milestone, 15336000,
section candidate
no_agent (15.346 s) : 15346000, 15346000
.   : milestone, 15346000,
appsec (15.14 s) : 15140000, 15140000
.   : milestone, 15140000,
iast (18.889 s) : 18889000, 18889000
.   : milestone, 18889000,
iast_GLOBAL (17.879 s) : 17879000, 17879000
.   : milestone, 17879000,
profiling (15.708 s) : 15708000, 15708000
.   : milestone, 15708000,
tracing (14.953 s) : 14953000, 14953000
.   : milestone, 14953000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.418 s [15.418 s, 15.418 s] -
appsec 14.988 s [14.988 s, 14.988 s] -430.0 ms (-2.8%)
iast 18.783 s [18.783 s, 18.783 s] 3.365 s (21.8%)
iast_GLOBAL 17.811 s [17.811 s, 17.811 s] 2.393 s (15.5%)
profiling 15.102 s [15.102 s, 15.102 s] -316.0 ms (-2.0%)
tracing 15.336 s [15.336 s, 15.336 s] -82.0 ms (-0.5%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.346 s [15.346 s, 15.346 s] -
appsec 15.14 s [15.14 s, 15.14 s] -206.0 ms (-1.3%)
iast 18.889 s [18.889 s, 18.889 s] 3.543 s (23.1%)
iast_GLOBAL 17.879 s [17.879 s, 17.879 s] 2.533 s (16.5%)
profiling 15.708 s [15.708 s, 15.708 s] 362.0 ms (2.4%)
tracing 14.953 s [14.953 s, 14.953 s] -393.0 ms (-2.6%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.35.0-SNAPSHOT~81eb977eeb, baseline=1.35.0-SNAPSHOT~bd6b34d283
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.465 ms) : 1453, 1476
.   : milestone, 1465,
appsec (2.19 ms) : 2156, 2224
.   : milestone, 2190,
iast (1.964 ms) : 1922, 2005
.   : milestone, 1964,
iast_GLOBAL (1.992 ms) : 1951, 2033
.   : milestone, 1992,
profiling (1.837 ms) : 1804, 1871
.   : milestone, 1837,
tracing (1.813 ms) : 1781, 1844
.   : milestone, 1813,
section candidate
no_agent (1.458 ms) : 1446, 1469
.   : milestone, 1458,
appsec (2.186 ms) : 2152, 2219
.   : milestone, 2186,
iast (1.95 ms) : 1910, 1990
.   : milestone, 1950,
iast_GLOBAL (1.996 ms) : 1954, 2037
.   : milestone, 1996,
profiling (1.829 ms) : 1795, 1862
.   : milestone, 1829,
tracing (1.817 ms) : 1784, 1849
.   : milestone, 1817,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.465 ms [1.453 ms, 1.476 ms] -
appsec 2.19 ms [2.156 ms, 2.224 ms] 725.048 µs (49.5%)
iast 1.964 ms [1.922 ms, 2.005 ms] 499.197 µs (34.1%)
iast_GLOBAL 1.992 ms [1.951 ms, 2.033 ms] 527.349 µs (36.0%)
profiling 1.837 ms [1.804 ms, 1.871 ms] 372.452 µs (25.4%)
tracing 1.813 ms [1.781 ms, 1.844 ms] 348.153 µs (23.8%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.458 ms [1.446 ms, 1.469 ms] -
appsec 2.186 ms [2.152 ms, 2.219 ms] 728.007 µs (49.9%)
iast 1.95 ms [1.91 ms, 1.99 ms] 492.186 µs (33.8%)
iast_GLOBAL 1.996 ms [1.954 ms, 2.037 ms] 537.908 µs (36.9%)
profiling 1.829 ms [1.795 ms, 1.862 ms] 371.077 µs (25.5%)
tracing 1.817 ms [1.784 ms, 1.849 ms] 358.891 µs (24.6%)

@smola smola merged commit ac3ca09 into master May 28, 2024
80 checks passed
@smola smola deleted the smola/unique-onrootspanfinished branch May 28, 2024 09:57
@github-actions github-actions bot added this to the 1.35.0 milestone May 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jandro996 jandro996 jandro996 approved these changes

@ValentinZakharov ValentinZakharov ValentinZakharov approved these changes

@manuel-alvarez-alvarez manuel-alvarez-alvarez manuel-alvarez-alvarez approved these changes

@PerfectSlayer PerfectSlayer PerfectSlayer approved these changes

@dougqh dougqh Awaiting requested review from dougqh dougqh is a code owner automatically assigned from DataDog/apm-java

@ygree ygree Awaiting requested review from ygree ygree is a code owner automatically assigned from DataDog/apm-java

Assignees
No one assigned
Labels
comp: asm waf Application Security Management (WAF) type: bug
Projects
None yet
Milestone
1.35.0
Development

Successfully merging this pull request may close these issues.
5 participants
@smola @PerfectSlayer @manuel-alvarez-alvarez @ValentinZakharov @jandro996