Skip to content

Optimize AppSecRequestContext numeric conversion to eliminate exceptions on hot path #10520

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jandro996 wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Optimize AppSecRequestContext numeric conversion to eliminate exceptions on hot path #10520

jandro996 wants to merge 3 commits into from
+409 −6

Conversation

@jandro996
Copy link
Member

@jandro996 jandro996 commented Feb 4, 2026
edited
Loading

What Does This Do

Replaces exception-driven numeric parsing in AppSecRequestContext.convertToNumericAttribute() with fast-path validation to eliminate NumberFormatException overhead when processing non-numeric attribute values.

Key changes:

  • Adds pre-validation check before attempting numeric parsing (validates format: optional sign, digits, single decimal, scientific notation)
  • Trims whitespace before validation (fixes strings like " 42 ")
  • Maintains try-catch as fallback for overflow edge cases
  • Adds comprehensive test coverage (49 new edge case tests)
  • Adds JMH benchmarks demonstrating performance improvement

Motivation

Fixes #10494 - Memory growth/overhead in production services with DD_APPSEC_ENABLED=true.

Root cause: AppSec request processing frequently attempts to parse non-numeric attribute values (health check responses, request IDs, headers) as numbers. Each failed parse throws a NumberFormatException, causing ~1000ns overhead + allocation per call. Under profiling, this amplifies into observable memory pressure.

Additional Notes

Why numeric parsing matters: The tracer must distinguish numeric from string values for semantic correctness in Datadog backend. The traceSegment.setTagTop(key, value) method has type-specific overloads (Number, String, Boolean) that encode metadata for backend processing.

Performance impact (JMH benchmarks):

  • Valid numeric inputs: 50-95 ns/op (optimized path maintained)
  • Invalid inputs: 40-70 ns/op (fast rejection without exceptions)
  • Estimated improvement: ~10-25x faster vs exception-driven parsing (based on known Java exception cost of ~1000ns+)

Contributor Checklist

Jira ticket: APPSEC-61110

@jandro996 jandro996 added type: bug Bug report and fix comp: asm waf Application Security Management (WAF) labels Feb 4, 2026
@jandro996 jandro996 marked this pull request as ready for review February 4, 2026 12:07
@jandro996 jandro996 requested a review from a team as a code owner February 4, 2026 12:07
chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Feb 4, 2026
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 414bf71220

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@jandro996 jandro996 force-pushed the alejandro.gonzalez/issue-10494 branch from 414bf71 to 49d9f79 Compare February 4, 2026 12:10
@pr-commenter
Copy link

pr-commenter bot commented Feb 4, 2026

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/issue-10494
git_commit_date 1770170949 1770208357
git_commit_sha f9f47f3 fb3d48b
release_version 1.60.0-SNAPSHOT~f9f47f3e84 1.60.0-SNAPSHOT~fb3d48bcf5
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1770210316 1770210316
ci_job_id 1400079071 1400079071
ci_pipeline_id 94571812 94571812
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-kmou2mp7 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-kmou2mp7 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 61 metrics, 10 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.60.0-SNAPSHOT~fb3d48bcf5, baseline=1.60.0-SNAPSHOT~f9f47f3e84

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.067 s) : 0, 1066971
Total [baseline] (10.912 s) : 0, 10912414
Agent [candidate] (1.064 s) : 0, 1064195
Total [candidate] (11.004 s) : 0, 11004152
section appsec
Agent [baseline] (1.24 s) : 0, 1240148
Total [baseline] (11.11 s) : 0, 11110044
Agent [candidate] (1.241 s) : 0, 1240703
Total [candidate] (11.015 s) : 0, 11015350
section iast
Agent [baseline] (1.234 s) : 0, 1233940
Total [baseline] (11.091 s) : 0, 11091419
Agent [candidate] (1.232 s) : 0, 1232454
Total [candidate] (11.167 s) : 0, 11166567
section profiling
Agent [baseline] (1.198 s) : 0, 1198176
Total [baseline] (10.909 s) : 0, 10909474
Agent [candidate] (1.198 s) : 0, 1198334
Total [candidate] (11.011 s) : 0, 11011360
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.067 s -
Agent appsec 1.24 s 173.176 ms (16.2%)
Agent iast 1.234 s 166.969 ms (15.6%)
Agent profiling 1.198 s 131.205 ms (12.3%)
Total tracing 10.912 s -
Total appsec 11.11 s 197.629 ms (1.8%)
Total iast 11.091 s 179.004 ms (1.6%)
Total profiling 10.909 s -2.94 ms (-0.0%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.064 s -
Agent appsec 1.241 s 176.508 ms (16.6%)
Agent iast 1.232 s 168.259 ms (15.8%)
Agent profiling 1.198 s 134.139 ms (12.6%)
Total tracing 11.004 s -
Total appsec 11.015 s 11.198 ms (0.1%)
Total iast 11.167 s 162.414 ms (1.5%)
Total profiling 11.011 s 7.208 ms (0.1%) 
gantt
    title petclinic - break down per module: candidate=1.60.0-SNAPSHOT~fb3d48bcf5, baseline=1.60.0-SNAPSHOT~f9f47f3e84

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.19 ms) : 0, 1190
crashtracking [candidate] (1.19 ms) : 0, 1190
BytebuddyAgent [baseline] (629.557 ms) : 0, 629557
BytebuddyAgent [candidate] (628.288 ms) : 0, 628288
AgentMeter [baseline] (28.766 ms) : 0, 28766
AgentMeter [candidate] (28.618 ms) : 0, 28618
GlobalTracer [baseline] (258.013 ms) : 0, 258013
GlobalTracer [candidate] (257.529 ms) : 0, 257529
AppSec [baseline] (32.852 ms) : 0, 32852
AppSec [candidate] (32.901 ms) : 0, 32901
Debugger [baseline] (60.988 ms) : 0, 60988
Debugger [candidate] (61.186 ms) : 0, 61186
Remote Config [baseline] (618.707 µs) : 0, 619
Remote Config [candidate] (617.259 µs) : 0, 617
Telemetry [baseline] (13.326 ms) : 0, 13326
Telemetry [candidate] (11.548 ms) : 0, 11548
Flare Poller [baseline] (6.251 ms) : 0, 6251
Flare Poller [candidate] (6.931 ms) : 0, 6931
section appsec
crashtracking [baseline] (1.188 ms) : 0, 1188
crashtracking [candidate] (1.193 ms) : 0, 1193
BytebuddyAgent [baseline] (658.113 ms) : 0, 658113
BytebuddyAgent [candidate] (658.668 ms) : 0, 658668
AgentMeter [baseline] (11.809 ms) : 0, 11809
AgentMeter [candidate] (11.817 ms) : 0, 11817
GlobalTracer [baseline] (258.938 ms) : 0, 258938
GlobalTracer [candidate] (259.016 ms) : 0, 259016
AppSec [baseline] (168.122 ms) : 0, 168122
AppSec [candidate] (168.099 ms) : 0, 168099
Debugger [baseline] (67.404 ms) : 0, 67404
Debugger [candidate] (67.66 ms) : 0, 67660
Remote Config [baseline] (679.591 µs) : 0, 680
Remote Config [candidate] (666.508 µs) : 0, 667
Telemetry [baseline] (9.244 ms) : 0, 9244
Telemetry [candidate] (9.128 ms) : 0, 9128
Flare Poller [baseline] (3.76 ms) : 0, 3760
Flare Poller [candidate] (3.753 ms) : 0, 3753
IAST [baseline] (25.458 ms) : 0, 25458
IAST [candidate] (25.266 ms) : 0, 25266
section iast
crashtracking [baseline] (1.191 ms) : 0, 1191
crashtracking [candidate] (1.187 ms) : 0, 1187
BytebuddyAgent [baseline] (797.085 ms) : 0, 797085
BytebuddyAgent [candidate] (796.314 ms) : 0, 796314
AgentMeter [baseline] (11.168 ms) : 0, 11168
AgentMeter [candidate] (11.132 ms) : 0, 11132
GlobalTracer [baseline] (248.459 ms) : 0, 248459
GlobalTracer [candidate] (247.86 ms) : 0, 247860
AppSec [baseline] (32.923 ms) : 0, 32923
AppSec [candidate] (33.226 ms) : 0, 33226
Debugger [baseline] (67.961 ms) : 0, 67961
Debugger [candidate] (67.702 ms) : 0, 67702
Remote Config [baseline] (542.932 µs) : 0, 543
Remote Config [candidate] (549.739 µs) : 0, 550
Telemetry [baseline] (8.736 ms) : 0, 8736
Telemetry [candidate] (8.621 ms) : 0, 8621
Flare Poller [baseline] (3.461 ms) : 0, 3461
Flare Poller [candidate] (3.383 ms) : 0, 3383
IAST [baseline] (27.035 ms) : 0, 27035
IAST [candidate] (27.075 ms) : 0, 27075
section profiling
crashtracking [baseline] (1.23 ms) : 0, 1230
crashtracking [candidate] (1.224 ms) : 0, 1224
BytebuddyAgent [baseline] (687.123 ms) : 0, 687123
BytebuddyAgent [candidate] (686.781 ms) : 0, 686781
AgentMeter [baseline] (8.682 ms) : 0, 8682
AgentMeter [candidate] (8.729 ms) : 0, 8729
GlobalTracer [baseline] (217.357 ms) : 0, 217357
GlobalTracer [candidate] (217.257 ms) : 0, 217257
AppSec [baseline] (32.905 ms) : 0, 32905
AppSec [candidate] (32.723 ms) : 0, 32723
Debugger [baseline] (68.264 ms) : 0, 68264
Debugger [candidate] (67.958 ms) : 0, 67958
Remote Config [baseline] (602.202 µs) : 0, 602
Remote Config [candidate] (621.044 µs) : 0, 621
Telemetry [baseline] (8.752 ms) : 0, 8752
Telemetry [candidate] (8.938 ms) : 0, 8938
Flare Poller [baseline] (3.756 ms) : 0, 3756
Flare Poller [candidate] (3.779 ms) : 0, 3779
ProfilingAgent [baseline] (99.12 ms) : 0, 99120
ProfilingAgent [candidate] (100.086 ms) : 0, 100086
Profiling [baseline] (99.707 ms) : 0, 99707
Profiling [candidate] (100.672 ms) : 0, 100672
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.60.0-SNAPSHOT~fb3d48bcf5, baseline=1.60.0-SNAPSHOT~f9f47f3e84

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.064 s) : 0, 1064343
Total [baseline] (8.735 s) : 0, 8735442
Agent [candidate] (1.068 s) : 0, 1067997
Total [candidate] (8.73 s) : 0, 8729541
section iast
Agent [baseline] (1.228 s) : 0, 1227820
Total [baseline] (9.386 s) : 0, 9386370
Agent [candidate] (1.238 s) : 0, 1237921
Total [candidate] (9.425 s) : 0, 9425388
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.064 s -
Agent iast 1.228 s 163.477 ms (15.4%)
Total tracing 8.735 s -
Total iast 9.386 s 650.928 ms (7.5%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.068 s -
Agent iast 1.238 s 169.924 ms (15.9%)
Total tracing 8.73 s -
Total iast 9.425 s 695.847 ms (8.0%) 
gantt
    title insecure-bank - break down per module: candidate=1.60.0-SNAPSHOT~fb3d48bcf5, baseline=1.60.0-SNAPSHOT~f9f47f3e84

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.189 ms) : 0, 1189
crashtracking [candidate] (1.193 ms) : 0, 1193
BytebuddyAgent [baseline] (628.581 ms) : 0, 628581
BytebuddyAgent [candidate] (630.197 ms) : 0, 630196
AgentMeter [baseline] (28.792 ms) : 0, 28792
AgentMeter [candidate] (28.756 ms) : 0, 28756
GlobalTracer [baseline] (257.853 ms) : 0, 257853
GlobalTracer [candidate] (258.289 ms) : 0, 258289
AppSec [baseline] (32.926 ms) : 0, 32926
AppSec [candidate] (33.09 ms) : 0, 33090
Debugger [baseline] (61.353 ms) : 0, 61353
Debugger [candidate] (64.337 ms) : 0, 64337
Remote Config [baseline] (616.127 µs) : 0, 616
Remote Config [candidate] (616.323 µs) : 0, 616
Telemetry [baseline] (12.208 ms) : 0, 12208
Telemetry [candidate] (9.894 ms) : 0, 9894
Flare Poller [baseline] (5.379 ms) : 0, 5379
Flare Poller [candidate] (6.154 ms) : 0, 6154
section iast
crashtracking [baseline] (1.18 ms) : 0, 1180
crashtracking [candidate] (1.179 ms) : 0, 1179
BytebuddyAgent [baseline] (793.615 ms) : 0, 793615
BytebuddyAgent [candidate] (801.05 ms) : 0, 801050
AgentMeter [baseline] (11.11 ms) : 0, 11110
AgentMeter [candidate] (11.242 ms) : 0, 11242
GlobalTracer [baseline] (247.334 ms) : 0, 247334
GlobalTracer [candidate] (248.96 ms) : 0, 248960
AppSec [baseline] (34.759 ms) : 0, 34759
AppSec [candidate] (34.102 ms) : 0, 34102
Debugger [baseline] (65.053 ms) : 0, 65053
Debugger [candidate] (66.012 ms) : 0, 66012
Remote Config [baseline] (531.963 µs) : 0, 532
Remote Config [candidate] (552.256 µs) : 0, 552
Telemetry [baseline] (8.741 ms) : 0, 8741
Telemetry [candidate] (8.743 ms) : 0, 8743
Flare Poller [baseline] (3.48 ms) : 0, 3480
Flare Poller [candidate] (3.524 ms) : 0, 3524
IAST [baseline] (26.762 ms) : 0, 26762
IAST [candidate] (27.24 ms) : 0, 27240
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/issue-10494
git_commit_date 1770170949 1770208357
git_commit_sha f9f47f3 fb3d48b
release_version 1.60.0-SNAPSHOT~f9f47f3e84 1.60.0-SNAPSHOT~fb3d48bcf5
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1770210556 1770210556
ci_job_id 1400079073 1400079073
ci_pipeline_id 94571812 94571812
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-ikumkzm3 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-ikumkzm3 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 2 performance regressions! Performance is the same for 18 metrics, 16 unstable metrics.

scenario Δ mean agg_http_req_duration_p50 Δ mean agg_http_req_duration_p95 Δ mean throughput candidate mean agg_http_req_duration_p50 candidate mean agg_http_req_duration_p95 candidate mean throughput baseline mean agg_http_req_duration_p50 baseline mean agg_http_req_duration_p95 baseline mean throughput
scenario:load:petclinic:profiling:high_load worse
[+0.601ms; +1.675ms] or [+3.312%; +9.227%]		 worse
[+0.935ms; +2.441ms] or [+3.175%; +8.286%]		 unstable
[-40.374op/s; +11.937op/s] or [-15.968%; +4.721%]		 19.290ms 31.147ms 238.625op/s 18.152ms 29.459ms 252.844op/s
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.60.0-SNAPSHOT~fb3d48bcf5, baseline=1.60.0-SNAPSHOT~f9f47f3e84
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.18 ms) : 1169, 1192
.   : milestone, 1180,
iast (3.233 ms) : 3186, 3279
.   : milestone, 3233,
iast_FULL (5.843 ms) : 5784, 5901
.   : milestone, 5843,
iast_GLOBAL (3.53 ms) : 3486, 3575
.   : milestone, 3530,
profiling (2.037 ms) : 2019, 2056
.   : milestone, 2037,
tracing (1.873 ms) : 1856, 1890
.   : milestone, 1873,
section candidate
no_agent (1.215 ms) : 1203, 1228
.   : milestone, 1215,
iast (3.302 ms) : 3253, 3351
.   : milestone, 3302,
iast_FULL (5.717 ms) : 5660, 5773
.   : milestone, 5717,
iast_GLOBAL (3.506 ms) : 3446, 3565
.   : milestone, 3506,
profiling (2.011 ms) : 1993, 2030
.   : milestone, 2011,
tracing (1.794 ms) : 1778, 1811
.   : milestone, 1794,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.18 ms [1.169 ms, 1.192 ms] -
iast 3.233 ms [3.186 ms, 3.279 ms] 2.053 ms (173.9%)
iast_FULL 5.843 ms [5.784 ms, 5.901 ms] 4.662 ms (395.1%)
iast_GLOBAL 3.53 ms [3.486 ms, 3.575 ms] 2.35 ms (199.1%)
profiling 2.037 ms [2.019 ms, 2.056 ms] 857.237 µs (72.6%)
tracing 1.873 ms [1.856 ms, 1.89 ms] 692.679 µs (58.7%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.215 ms [1.203 ms, 1.228 ms] -
iast 3.302 ms [3.253 ms, 3.351 ms] 2.087 ms (171.7%)
iast_FULL 5.717 ms [5.66 ms, 5.773 ms] 4.501 ms (370.4%)
iast_GLOBAL 3.506 ms [3.446 ms, 3.565 ms] 2.29 ms (188.5%)
profiling 2.011 ms [1.993 ms, 2.03 ms] 795.997 µs (65.5%)
tracing 1.794 ms [1.778 ms, 1.811 ms] 578.976 µs (47.6%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.60.0-SNAPSHOT~fb3d48bcf5, baseline=1.60.0-SNAPSHOT~f9f47f3e84
    dateFormat X
    axisFormat %s
section baseline
no_agent (19.141 ms) : 18943, 19338
.   : milestone, 19141,
appsec (18.602 ms) : 18409, 18796
.   : milestone, 18602,
code_origins (17.656 ms) : 17478, 17834
.   : milestone, 17656,
iast (17.65 ms) : 17471, 17828
.   : milestone, 17650,
profiling (18.46 ms) : 18275, 18645
.   : milestone, 18460,
tracing (17.495 ms) : 17320, 17669
.   : milestone, 17495,
section candidate
no_agent (19.043 ms) : 18846, 19241
.   : milestone, 19043,
appsec (18.57 ms) : 18381, 18759
.   : milestone, 18570,
code_origins (17.543 ms) : 17366, 17719
.   : milestone, 17543,
iast (17.648 ms) : 17469, 17827
.   : milestone, 17648,
profiling (19.563 ms) : 19362, 19764
.   : milestone, 19563,
tracing (17.666 ms) : 17492, 17840
.   : milestone, 17666,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 19.141 ms [18.943 ms, 19.338 ms] -
appsec 18.602 ms [18.409 ms, 18.796 ms] -538.662 µs (-2.8%)
code_origins 17.656 ms [17.478 ms, 17.834 ms] -1.485 ms (-7.8%)
iast 17.65 ms [17.471 ms, 17.828 ms] -1.491 ms (-7.8%)
profiling 18.46 ms [18.275 ms, 18.645 ms] -680.944 µs (-3.6%)
tracing 17.495 ms [17.32 ms, 17.669 ms] -1.646 ms (-8.6%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 19.043 ms [18.846 ms, 19.241 ms] -
appsec 18.57 ms [18.381 ms, 18.759 ms] -473.463 µs (-2.5%)
code_origins 17.543 ms [17.366 ms, 17.719 ms] -1.501 ms (-7.9%)
iast 17.648 ms [17.469 ms, 17.827 ms] -1.395 ms (-7.3%)
profiling 19.563 ms [19.362 ms, 19.764 ms] 519.624 µs (2.7%)
tracing 17.666 ms [17.492 ms, 17.84 ms] -1.377 ms (-7.2%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/issue-10494
git_commit_date 1770170949 1770208357
git_commit_sha f9f47f3 fb3d48b
release_version 1.60.0-SNAPSHOT~f9f47f3e84 1.60.0-SNAPSHOT~fb3d48bcf5
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1770210262 1770210262
ci_job_id 1400079074 1400079074
ci_pipeline_id 94571812 94571812
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-dvjfu5g9 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-dvjfu5g9 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 0 unstable metrics.

scenario Δ mean execution_time candidate mean execution_time baseline mean execution_time
scenario:dacapo:tomcat:appsec better
[-1.453ms; -1.105ms] or [-38.520%; -29.292%]		 2.493ms 3.772ms
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.60.0-SNAPSHOT~fb3d48bcf5, baseline=1.60.0-SNAPSHOT~f9f47f3e84
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.312 s) : 15312000, 15312000
.   : milestone, 15312000,
appsec (14.716 s) : 14716000, 14716000
.   : milestone, 14716000,
iast (18.01 s) : 18010000, 18010000
.   : milestone, 18010000,
iast_GLOBAL (17.652 s) : 17652000, 17652000
.   : milestone, 17652000,
profiling (15.446 s) : 15446000, 15446000
.   : milestone, 15446000,
tracing (14.681 s) : 14681000, 14681000
.   : milestone, 14681000,
section candidate
no_agent (15.298 s) : 15298000, 15298000
.   : milestone, 15298000,
appsec (14.789 s) : 14789000, 14789000
.   : milestone, 14789000,
iast (18.192 s) : 18192000, 18192000
.   : milestone, 18192000,
iast_GLOBAL (17.802 s) : 17802000, 17802000
.   : milestone, 17802000,
profiling (14.855 s) : 14855000, 14855000
.   : milestone, 14855000,
tracing (14.916 s) : 14916000, 14916000
.   : milestone, 14916000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.312 s [15.312 s, 15.312 s] -
appsec 14.716 s [14.716 s, 14.716 s] -596.0 ms (-3.9%)
iast 18.01 s [18.01 s, 18.01 s] 2.698 s (17.6%)
iast_GLOBAL 17.652 s [17.652 s, 17.652 s] 2.34 s (15.3%)
profiling 15.446 s [15.446 s, 15.446 s] 134.0 ms (0.9%)
tracing 14.681 s [14.681 s, 14.681 s] -631.0 ms (-4.1%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.298 s [15.298 s, 15.298 s] -
appsec 14.789 s [14.789 s, 14.789 s] -509.0 ms (-3.3%)
iast 18.192 s [18.192 s, 18.192 s] 2.894 s (18.9%)
iast_GLOBAL 17.802 s [17.802 s, 17.802 s] 2.504 s (16.4%)
profiling 14.855 s [14.855 s, 14.855 s] -443.0 ms (-2.9%)
tracing 14.916 s [14.916 s, 14.916 s] -382.0 ms (-2.5%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.60.0-SNAPSHOT~fb3d48bcf5, baseline=1.60.0-SNAPSHOT~f9f47f3e84
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.474 ms) : 1463, 1486
.   : milestone, 1474,
appsec (3.772 ms) : 3550, 3994
.   : milestone, 3772,
iast (2.246 ms) : 2177, 2315
.   : milestone, 2246,
iast_GLOBAL (2.303 ms) : 2233, 2373
.   : milestone, 2303,
profiling (2.076 ms) : 2021, 2132
.   : milestone, 2076,
tracing (2.081 ms) : 2026, 2135
.   : milestone, 2081,
section candidate
no_agent (1.474 ms) : 1462, 1485
.   : milestone, 1474,
appsec (2.493 ms) : 2438, 2549
.   : milestone, 2493,
iast (2.254 ms) : 2184, 2323
.   : milestone, 2254,
iast_GLOBAL (2.301 ms) : 2231, 2371
.   : milestone, 2301,
profiling (2.116 ms) : 2059, 2173
.   : milestone, 2116,
tracing (2.057 ms) : 2003, 2111
.   : milestone, 2057,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.474 ms [1.463 ms, 1.486 ms] -
appsec 3.772 ms [3.55 ms, 3.994 ms] 2.298 ms (155.9%)
iast 2.246 ms [2.177 ms, 2.315 ms] 771.891 µs (52.4%)
iast_GLOBAL 2.303 ms [2.233 ms, 2.373 ms] 828.698 µs (56.2%)
profiling 2.076 ms [2.021 ms, 2.132 ms] 602.169 µs (40.8%)
tracing 2.081 ms [2.026 ms, 2.135 ms] 606.348 µs (41.1%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.474 ms [1.462 ms, 1.485 ms] -
appsec 2.493 ms [2.438 ms, 2.549 ms] 1.02 ms (69.2%)
iast 2.254 ms [2.184 ms, 2.323 ms] 779.96 µs (52.9%)
iast_GLOBAL 2.301 ms [2.231 ms, 2.371 ms] 827.238 µs (56.1%)
profiling 2.116 ms [2.059 ms, 2.173 ms] 642.487 µs (43.6%)
tracing 2.057 ms [2.003 ms, 2.111 ms] 583.31 µs (39.6%)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

@manuel-alvarez-alvarez manuel-alvarez-alvarez Awaiting requested review from manuel-alvarez-alvarez manuel-alvarez-alvarez is a code owner automatically assigned from DataDog/asm-java

@daniel-romano-DD daniel-romano-DD Awaiting requested review from daniel-romano-DD daniel-romano-DD is a code owner automatically assigned from DataDog/asm-java

@smola smola Awaiting requested review from smola

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

comp: asm waf Application Security Management (WAF) type: bug Bug report and fix

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

High number of java.lang.NumberFormatException thrown by AppSecRequestContext

2 participants

@jandro996