Skip to content

Fix IAST Vulnerabilities stack trace generation when multiple vulnerabilities share location #8412

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 18, 2025
Merged

Fix IAST Vulnerabilities stack trace generation when multiple vulnerabilities share location #8412

merged 1 commit into from
Feb 18, 2025
+77 −1

Conversation

jandro996
Copy link
Member

@jandro996 jandro996 commented Feb 18, 2025
edited by jira bot
Loading

What Does This Do

Motivation

If multiple vulnerabilities share the same location, it is not necessary to generate the stack trace again, as they should share it

Additional Notes

Contributor Checklist

Jira ticket: APPSEC-56803

@jandro996 jandro996 added type: bug Bug report and fix tag: no release notes Changes to exclude from release notes comp: asm iast Application Security Management (IAST) labels Feb 18, 2025
@jandro996 jandro996 requested a review from a team as a code owner February 18, 2025 11:38
@smola smola changed the title Fix IAST Vulnerabilities stack trace generation when multiple vulnerabilities shares location Fix IAST Vulnerabilities stack trace generation when multiple vulnerabilities share location Feb 18, 2025
@pr-commenter
Copy link

pr-commenter bot commented Feb 18, 2025

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/fix-stackid-sharing-location
git_commit_date 1739876417 1739878380
git_commit_sha e0242cf 449af83
release_version 1.47.0-SNAPSHOT~e0242cfadc 1.47.0-SNAPSHOT~449af83b85
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1739880828 1739880828
ci_job_id 811725922 811725922
ci_pipeline_id 56139040 56139040
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-xbgzg7x-project-304-concurrent-0-fhlg9nnx 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux Linux runner-xbgzg7x-project-304-concurrent-0-fhlg9nnx 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 58 metrics, 5 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.47.0-SNAPSHOT~449af83b85, baseline=1.47.0-SNAPSHOT~e0242cfadc

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.038 s) : 0, 1037835
Total [baseline] (10.563 s) : 0, 10563470
Agent [candidate] (1.046 s) : 0, 1045537
Total [candidate] (10.46 s) : 0, 10459734
section appsec
Agent [baseline] (1.189 s) : 0, 1188974
Total [baseline] (10.842 s) : 0, 10842147
Agent [candidate] (1.188 s) : 0, 1188180
Total [candidate] (10.812 s) : 0, 10811898
section iast
Agent [baseline] (1.18 s) : 0, 1179716
Total [baseline] (11.002 s) : 0, 11002192
Agent [candidate] (1.182 s) : 0, 1181773
Total [candidate] (11.006 s) : 0, 11005745
section profiling
Agent [baseline] (1.26 s) : 0, 1260248
Total [baseline] (10.876 s) : 0, 10876137
Agent [candidate] (1.261 s) : 0, 1260878
Total [candidate] (11.012 s) : 0, 11011826
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.038 s -
Agent appsec 1.189 s 151.139 ms (14.6%)
Agent iast 1.18 s 141.881 ms (13.7%)
Agent profiling 1.26 s 222.413 ms (21.4%)
Total tracing 10.563 s -
Total appsec 10.842 s 278.677 ms (2.6%)
Total iast 11.002 s 438.722 ms (4.2%)
Total profiling 10.876 s 312.667 ms (3.0%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.046 s -
Agent appsec 1.188 s 142.643 ms (13.6%)
Agent iast 1.182 s 136.235 ms (13.0%)
Agent profiling 1.261 s 215.341 ms (20.6%)
Total tracing 10.46 s -
Total appsec 10.812 s 352.164 ms (3.4%)
Total iast 11.006 s 546.011 ms (5.2%)
Total profiling 11.012 s 552.092 ms (5.3%) 
gantt
    title petclinic - break down per module: candidate=1.47.0-SNAPSHOT~449af83b85, baseline=1.47.0-SNAPSHOT~e0242cfadc

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (716.158 ms) : 0, 716158
BytebuddyAgent [candidate] (721.805 ms) : 0, 721805
GlobalTracer [baseline] (239.291 ms) : 0, 239291
GlobalTracer [candidate] (239.887 ms) : 0, 239887
AppSec [baseline] (55.068 ms) : 0, 55068
AppSec [candidate] (55.562 ms) : 0, 55562
Remote Config [baseline] (700.522 µs) : 0, 701
Remote Config [candidate] (700.06 µs) : 0, 700
Telemetry [baseline] (11.368 ms) : 0, 11368
Telemetry [candidate] (12.273 ms) : 0, 12273
section appsec
BytebuddyAgent [baseline] (738.936 ms) : 0, 738936
BytebuddyAgent [candidate] (738.611 ms) : 0, 738611
GlobalTracer [baseline] (237.887 ms) : 0, 237887
GlobalTracer [candidate] (237.885 ms) : 0, 237885
AppSec [baseline] (177.007 ms) : 0, 177007
AppSec [candidate] (176.655 ms) : 0, 176655
Remote Config [baseline] (686.783 µs) : 0, 687
Remote Config [candidate] (676.634 µs) : 0, 677
Telemetry [baseline] (8.303 ms) : 0, 8303
Telemetry [candidate] (8.306 ms) : 0, 8306
IAST [baseline] (21.723 ms) : 0, 21723
IAST [candidate] (21.681 ms) : 0, 21681
section iast
BytebuddyAgent [baseline] (841.564 ms) : 0, 841564
BytebuddyAgent [candidate] (843.319 ms) : 0, 843319
GlobalTracer [baseline] (231.733 ms) : 0, 231733
GlobalTracer [candidate] (232.229 ms) : 0, 232229
AppSec [baseline] (58.35 ms) : 0, 58350
AppSec [candidate] (58.066 ms) : 0, 58066
Remote Config [baseline] (622.69 µs) : 0, 623
Remote Config [candidate] (617.475 µs) : 0, 617
Telemetry [baseline] (8.883 ms) : 0, 8883
Telemetry [candidate] (8.871 ms) : 0, 8871
IAST [baseline] (23.209 ms) : 0, 23209
IAST [candidate] (23.09 ms) : 0, 23090
section profiling
ProfilingAgent [baseline] (96.199 ms) : 0, 96199
ProfilingAgent [candidate] (96.851 ms) : 0, 96851
BytebuddyAgent [baseline] (706.929 ms) : 0, 706929
BytebuddyAgent [candidate] (707.396 ms) : 0, 707396
GlobalTracer [baseline] (350.135 ms) : 0, 350135
GlobalTracer [candidate] (350.301 ms) : 0, 350301
AppSec [baseline] (55.116 ms) : 0, 55116
AppSec [candidate] (54.536 ms) : 0, 54536
Remote Config [baseline] (687.325 µs) : 0, 687
Remote Config [candidate] (694.076 µs) : 0, 694
Telemetry [baseline] (8.813 ms) : 0, 8813
Telemetry [candidate] (8.902 ms) : 0, 8902
Profiling [baseline] (96.223 ms) : 0, 96223
Profiling [candidate] (96.876 ms) : 0, 96876
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.47.0-SNAPSHOT~449af83b85, baseline=1.47.0-SNAPSHOT~e0242cfadc

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.048 s) : 0, 1048315
Total [baseline] (8.685 s) : 0, 8684643
Agent [candidate] (1.047 s) : 0, 1047067
Total [candidate] (8.692 s) : 0, 8692433
section iast
Agent [baseline] (1.171 s) : 0, 1170567
Total [baseline] (9.265 s) : 0, 9264976
Agent [candidate] (1.179 s) : 0, 1179277
Total [candidate] (9.297 s) : 0, 9296764
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.17 s) : 0, 1169739
Total [baseline] (9.237 s) : 0, 9237382
Agent [candidate] (1.175 s) : 0, 1174895
Total [candidate] (9.232 s) : 0, 9232101
section iast_TELEMETRY_OFF
Agent [baseline] (1.167 s) : 0, 1167127
Total [baseline] (9.288 s) : 0, 9287618
Agent [candidate] (1.168 s) : 0, 1168393
Total [candidate] (9.245 s) : 0, 9244715
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.048 s -
Agent iast 1.171 s 122.253 ms (11.7%)
Agent iast_HARDCODED_SECRET_DISABLED 1.17 s 121.424 ms (11.6%)
Agent iast_TELEMETRY_OFF 1.167 s 118.813 ms (11.3%)
Total tracing 8.685 s -
Total iast 9.265 s 580.333 ms (6.7%)
Total iast_HARDCODED_SECRET_DISABLED 9.237 s 552.739 ms (6.4%)
Total iast_TELEMETRY_OFF 9.288 s 602.975 ms (6.9%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.047 s -
Agent iast 1.179 s 132.21 ms (12.6%)
Agent iast_HARDCODED_SECRET_DISABLED 1.175 s 127.829 ms (12.2%)
Agent iast_TELEMETRY_OFF 1.168 s 121.327 ms (11.6%)
Total tracing 8.692 s -
Total iast 9.297 s 604.332 ms (7.0%)
Total iast_HARDCODED_SECRET_DISABLED 9.232 s 539.669 ms (6.2%)
Total iast_TELEMETRY_OFF 9.245 s 552.282 ms (6.4%) 
gantt
    title insecure-bank - break down per module: candidate=1.47.0-SNAPSHOT~449af83b85, baseline=1.47.0-SNAPSHOT~e0242cfadc

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (722.15 ms) : 0, 722150
BytebuddyAgent [candidate] (722.553 ms) : 0, 722553
GlobalTracer [baseline] (241.827 ms) : 0, 241827
GlobalTracer [candidate] (241.193 ms) : 0, 241193
AppSec [baseline] (56.049 ms) : 0, 56049
AppSec [candidate] (55.759 ms) : 0, 55759
Remote Config [baseline] (713.077 µs) : 0, 713
Remote Config [candidate] (706.88 µs) : 0, 707
Telemetry [baseline] (12.285 ms) : 0, 12285
Telemetry [candidate] (11.654 ms) : 0, 11654
section iast
BytebuddyAgent [baseline] (835.883 ms) : 0, 835883
BytebuddyAgent [candidate] (843.257 ms) : 0, 843257
GlobalTracer [baseline] (230.517 ms) : 0, 230517
GlobalTracer [candidate] (231.372 ms) : 0, 231372
AppSec [baseline] (56.916 ms) : 0, 56916
AppSec [candidate] (56.962 ms) : 0, 56962
Remote Config [baseline] (607.674 µs) : 0, 608
Remote Config [candidate] (625.249 µs) : 0, 625
Telemetry [baseline] (8.655 ms) : 0, 8655
Telemetry [candidate] (8.694 ms) : 0, 8694
IAST [baseline] (22.805 ms) : 0, 22805
IAST [candidate] (22.905 ms) : 0, 22905
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (834.77 ms) : 0, 834770
BytebuddyAgent [candidate] (839.556 ms) : 0, 839556
GlobalTracer [baseline] (230.388 ms) : 0, 230388
GlobalTracer [candidate] (230.986 ms) : 0, 230986
AppSec [baseline] (57.284 ms) : 0, 57284
AppSec [candidate] (56.963 ms) : 0, 56963
Remote Config [baseline] (619.472 µs) : 0, 619
Remote Config [candidate] (595.503 µs) : 0, 596
Telemetry [baseline] (8.684 ms) : 0, 8684
Telemetry [candidate] (8.716 ms) : 0, 8716
IAST [baseline] (22.745 ms) : 0, 22745
IAST [candidate] (22.887 ms) : 0, 22887
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (833.209 ms) : 0, 833209
BytebuddyAgent [candidate] (833.813 ms) : 0, 833813
GlobalTracer [baseline] (230.326 ms) : 0, 230326
GlobalTracer [candidate] (230.568 ms) : 0, 230568
AppSec [baseline] (53.931 ms) : 0, 53931
AppSec [candidate] (57.087 ms) : 0, 57087
Remote Config [baseline] (620.325 µs) : 0, 620
Remote Config [candidate] (624.66 µs) : 0, 625
Telemetry [baseline] (8.573 ms) : 0, 8573
Telemetry [candidate] (8.658 ms) : 0, 8658
IAST [baseline] (25.229 ms) : 0, 25229
IAST [candidate] (22.429 ms) : 0, 22429
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2025-02-18T11:43:37 2025-02-18T11:50:44
git_branch master alejandro.gonzalez/fix-stackid-sharing-location
git_commit_date 1739876417 1739878380
git_commit_sha e0242cf 449af83
release_version 1.47.0-SNAPSHOT~e0242cfadc 1.47.0-SNAPSHOT~449af83b85
start_time 2025-02-18T11:43:23 2025-02-18T11:50:30
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1739879803 1739879803
ci_job_id 811725923 811725923
ci_pipeline_id 56139040 56139040
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-xbgzg7x-project-304-concurrent-1-whkk4sbj 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux Linux runner-xbgzg7x-project-304-concurrent-1-whkk4sbj 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 13 metrics, 15 unstable metrics.

Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.47.0-SNAPSHOT~449af83b85, baseline=1.47.0-SNAPSHOT~e0242cfadc
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.35 ms) : 1331, 1370
.   : milestone, 1350,
appsec (1.757 ms) : 1734, 1781
.   : milestone, 1757,
appsec_no_iast (1.774 ms) : 1749, 1799
.   : milestone, 1774,
iast (1.524 ms) : 1500, 1549
.   : milestone, 1524,
profiling (1.53 ms) : 1506, 1553
.   : milestone, 1530,
tracing (1.498 ms) : 1474, 1523
.   : milestone, 1498,
section candidate
no_agent (1.353 ms) : 1334, 1373
.   : milestone, 1353,
appsec (1.756 ms) : 1732, 1780
.   : milestone, 1756,
appsec_no_iast (1.775 ms) : 1752, 1798
.   : milestone, 1775,
iast (1.527 ms) : 1503, 1552
.   : milestone, 1527,
profiling (1.512 ms) : 1489, 1536
.   : milestone, 1512,
tracing (1.523 ms) : 1498, 1547
.   : milestone, 1523,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.35 ms [1.331 ms, 1.37 ms] -
appsec 1.757 ms [1.734 ms, 1.781 ms] 407.007 µs (30.1%)
appsec_no_iast 1.774 ms [1.749 ms, 1.799 ms] 423.365 µs (31.3%)
iast 1.524 ms [1.5 ms, 1.549 ms] 173.977 µs (12.9%)
profiling 1.53 ms [1.506 ms, 1.553 ms] 179.106 µs (13.3%)
tracing 1.498 ms [1.474 ms, 1.523 ms] 147.934 µs (11.0%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.353 ms [1.334 ms, 1.373 ms] -
appsec 1.756 ms [1.732 ms, 1.78 ms] 402.382 µs (29.7%)
appsec_no_iast 1.775 ms [1.752 ms, 1.798 ms] 421.551 µs (31.1%)
iast 1.527 ms [1.503 ms, 1.552 ms] 174.058 µs (12.9%)
profiling 1.512 ms [1.489 ms, 1.536 ms] 159.083 µs (11.8%)
tracing 1.523 ms [1.498 ms, 1.547 ms] 169.338 µs (12.5%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.47.0-SNAPSHOT~449af83b85, baseline=1.47.0-SNAPSHOT~e0242cfadc
    dateFormat X
    axisFormat %s
section baseline
no_agent (381.18 µs) : 361, 401
.   : milestone, 381,
iast (515.847 µs) : 494, 538
.   : milestone, 516,
iast_FULL (751.611 µs) : 730, 774
.   : milestone, 752,
iast_GLOBAL (558.357 µs) : 537, 580
.   : milestone, 558,
iast_HARDCODED_SECRET_DISABLED (520.285 µs) : 497, 543
.   : milestone, 520,
iast_INACTIVE (465.916 µs) : 445, 487
.   : milestone, 466,
iast_TELEMETRY_OFF (505.998 µs) : 483, 529
.   : milestone, 506,
tracing (461.294 µs) : 440, 482
.   : milestone, 461,
section candidate
no_agent (387.4 µs) : 367, 408
.   : milestone, 387,
iast (509.912 µs) : 487, 533
.   : milestone, 510,
iast_FULL (730.387 µs) : 708, 752
.   : milestone, 730,
iast_GLOBAL (568.328 µs) : 545, 591
.   : milestone, 568,
iast_HARDCODED_SECRET_DISABLED (517.447 µs) : 494, 540
.   : milestone, 517,
iast_INACTIVE (471.51 µs) : 450, 493
.   : milestone, 472,
iast_TELEMETRY_OFF (502.212 µs) : 479, 525
.   : milestone, 502,
tracing (466.664 µs) : 445, 488
.   : milestone, 467,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 381.18 µs [361.131 µs, 401.229 µs] -
iast 515.847 µs [494.119 µs, 537.575 µs] 134.667 µs (35.3%)
iast_FULL 751.611 µs [729.659 µs, 773.564 µs] 370.431 µs (97.2%)
iast_GLOBAL 558.357 µs [536.553 µs, 580.161 µs] 177.177 µs (46.5%)
iast_HARDCODED_SECRET_DISABLED 520.285 µs [497.406 µs, 543.164 µs] 139.104 µs (36.5%)
iast_INACTIVE 465.916 µs [444.589 µs, 487.244 µs] 84.736 µs (22.2%)
iast_TELEMETRY_OFF 505.998 µs [482.696 µs, 529.301 µs] 124.818 µs (32.7%)
tracing 461.294 µs [440.423 µs, 482.164 µs] 80.113 µs (21.0%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 387.4 µs [367.028 µs, 407.773 µs] -
iast 509.912 µs [487.308 µs, 532.517 µs] 122.512 µs (31.6%)
iast_FULL 730.387 µs [708.319 µs, 752.455 µs] 342.986 µs (88.5%)
iast_GLOBAL 568.328 µs [545.399 µs, 591.257 µs] 180.928 µs (46.7%)
iast_HARDCODED_SECRET_DISABLED 517.447 µs [494.475 µs, 540.42 µs] 130.047 µs (33.6%)
iast_INACTIVE 471.51 µs [449.942 µs, 493.077 µs] 84.109 µs (21.7%)
iast_TELEMETRY_OFF 502.212 µs [479.075 µs, 525.348 µs] 114.811 µs (29.6%)
tracing 466.664 µs [445.242 µs, 488.086 µs] 79.263 µs (20.5%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/fix-stackid-sharing-location
git_commit_date 1739876417 1739878380
git_commit_sha e0242cf 449af83
release_version 1.47.0-SNAPSHOT~e0242cfadc 1.47.0-SNAPSHOT~449af83b85
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1739880344 1739880344
ci_job_id 811725924 811725924
ci_pipeline_id 56139040 56139040
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-pf96l-bk-project-304-concurrent-4-m954x5gr 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux Linux runner-pf96l-bk-project-304-concurrent-4-m954x5gr 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.47.0-SNAPSHOT~449af83b85, baseline=1.47.0-SNAPSHOT~e0242cfadc
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.92 s) : 14920000, 14920000
.   : milestone, 14920000,
appsec (14.721 s) : 14721000, 14721000
.   : milestone, 14721000,
iast (19.216 s) : 19216000, 19216000
.   : milestone, 19216000,
iast_GLOBAL (17.923 s) : 17923000, 17923000
.   : milestone, 17923000,
profiling (14.987 s) : 14987000, 14987000
.   : milestone, 14987000,
tracing (15.025 s) : 15025000, 15025000
.   : milestone, 15025000,
section candidate
no_agent (14.914 s) : 14914000, 14914000
.   : milestone, 14914000,
appsec (14.786 s) : 14786000, 14786000
.   : milestone, 14786000,
iast (18.948 s) : 18948000, 18948000
.   : milestone, 18948000,
iast_GLOBAL (17.848 s) : 17848000, 17848000
.   : milestone, 17848000,
profiling (14.942 s) : 14942000, 14942000
.   : milestone, 14942000,
tracing (15.19 s) : 15190000, 15190000
.   : milestone, 15190000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.92 s [14.92 s, 14.92 s] -
appsec 14.721 s [14.721 s, 14.721 s] -199.0 ms (-1.3%)
iast 19.216 s [19.216 s, 19.216 s] 4.296 s (28.8%)
iast_GLOBAL 17.923 s [17.923 s, 17.923 s] 3.003 s (20.1%)
profiling 14.987 s [14.987 s, 14.987 s] 67.0 ms (0.4%)
tracing 15.025 s [15.025 s, 15.025 s] 105.0 ms (0.7%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.914 s [14.914 s, 14.914 s] -
appsec 14.786 s [14.786 s, 14.786 s] -128.0 ms (-0.9%)
iast 18.948 s [18.948 s, 18.948 s] 4.034 s (27.0%)
iast_GLOBAL 17.848 s [17.848 s, 17.848 s] 2.934 s (19.7%)
profiling 14.942 s [14.942 s, 14.942 s] 28.0 ms (0.2%)
tracing 15.19 s [15.19 s, 15.19 s] 276.0 ms (1.9%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.47.0-SNAPSHOT~449af83b85, baseline=1.47.0-SNAPSHOT~e0242cfadc
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.472 ms) : 1460, 1483
.   : milestone, 1472,
appsec (2.36 ms) : 2317, 2404
.   : milestone, 2360,
iast (2.105 ms) : 2050, 2160
.   : milestone, 2105,
iast_GLOBAL (2.141 ms) : 2085, 2196
.   : milestone, 2141,
profiling (1.96 ms) : 1916, 2003
.   : milestone, 1960,
tracing (1.932 ms) : 1890, 1974
.   : milestone, 1932,
section candidate
no_agent (1.466 ms) : 1455, 1478
.   : milestone, 1466,
appsec (2.342 ms) : 2299, 2386
.   : milestone, 2342,
iast (2.108 ms) : 2053, 2163
.   : milestone, 2108,
iast_GLOBAL (2.157 ms) : 2101, 2212
.   : milestone, 2157,
profiling (1.985 ms) : 1940, 2031
.   : milestone, 1985,
tracing (1.949 ms) : 1907, 1992
.   : milestone, 1949,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.472 ms [1.46 ms, 1.483 ms] -
appsec 2.36 ms [2.317 ms, 2.404 ms] 888.648 µs (60.4%)
iast 2.105 ms [2.05 ms, 2.16 ms] 633.148 µs (43.0%)
iast_GLOBAL 2.141 ms [2.085 ms, 2.196 ms] 669.041 µs (45.5%)
profiling 1.96 ms [1.916 ms, 2.003 ms] 488.005 µs (33.2%)
tracing 1.932 ms [1.89 ms, 1.974 ms] 460.044 µs (31.3%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.466 ms [1.455 ms, 1.478 ms] -
appsec 2.342 ms [2.299 ms, 2.386 ms] 876.06 µs (59.7%)
iast 2.108 ms [2.053 ms, 2.163 ms] 641.235 µs (43.7%)
iast_GLOBAL 2.157 ms [2.101 ms, 2.212 ms] 690.17 µs (47.1%)
profiling 1.985 ms [1.94 ms, 2.031 ms] 518.864 µs (35.4%)
tracing 1.949 ms [1.907 ms, 1.992 ms] 482.704 µs (32.9%)

@jandro996 jandro996 merged commit d8dc1f2 into master Feb 18, 2025
206 of 207 checks passed
@jandro996 jandro996 deleted the alejandro.gonzalez/fix-stackid-sharing-location branch February 18, 2025 12:44
@github-actions github-actions bot added this to the 1.47.0 milestone Feb 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smola smola smola approved these changes

@manuel-alvarez-alvarez manuel-alvarez-alvarez Awaiting requested review from manuel-alvarez-alvarez manuel-alvarez-alvarez is a code owner automatically assigned from DataDog/asm-java

Assignees
No one assigned
Labels
comp: asm iast Application Security Management (IAST) tag: no release notes Changes to exclude from release notes type: bug Bug report and fix
Projects
None yet
Milestone
1.47.0
Development

Successfully merging this pull request may close these issues.
2 participants
@jandro996 @smola