Refactoring and hardening of security coordinator

[anna-git]

Summary of changes

Security coordinator should NEVER be able to be instantiated if http context is null

Reason for change

Refering to several errors at customers with NullReferenceException or waf additive contexts disposed

Implementation details

Test coverage

Other details

[andrewlock]

Execution-Time Benchmarks Report ⏱️

Execution-time results for samples comparing the following branches/commits:

• This PR (6143)
• master

Execution-time benchmarks measure the whole time it takes to execute a program. And are intended to measure the one-off costs. Cases where the execution time results for the PR are worse than latest master results are shown in red. The following thresholds were used for comparing the execution times:

• Welch test with statistical test for significance of 5%
• Only results indicating a difference greater than 5% and 5 ms are considered.

Note that these results are based on a single point-in-time result for each branch. For full results, see the dashboard.

Graphs show the p99 interval based on the mean and StdDev of the test run, as well as the mean value of the run (shown as a diamond below the graph).

gantt
    title Execution time (ms) FakeDbCommand (.NET Framework 4.6.2) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6143) - mean (70ms)  : 67, 72
     .   : milestone, 70,
    master - mean (70ms)  : 67, 72
     .   : milestone, 70,

    section CallTarget+Inlining+NGEN
    This PR (6143) - mean (1,112ms)  : 1093, 1131
     .   : milestone, 1112,
    master - mean (1,110ms)  : 1085, 1135
     .   : milestone, 1110,

Loading

gantt
    title Execution time (ms) FakeDbCommand (.NET Core 3.1) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6143) - mean (109ms)  : 106, 112
     .   : milestone, 109,
    master - mean (109ms)  : 105, 112
     .   : milestone, 109,

    section CallTarget+Inlining+NGEN
    This PR (6143) - mean (766ms)  : 749, 783
     .   : milestone, 766,
    master - mean (771ms)  : 757, 786
     .   : milestone, 771,

Loading

gantt
    title Execution time (ms) FakeDbCommand (.NET 6) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6143) - mean (92ms)  : 89, 94
     .   : milestone, 92,
    master - mean (92ms)  : 89, 95
     .   : milestone, 92,

    section CallTarget+Inlining+NGEN
    This PR (6143) - mean (724ms)  : 708, 741
     .   : milestone, 724,
    master - mean (727ms)  : 710, 744
     .   : milestone, 727,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET Framework 4.6.2) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6143) - mean (189ms)  : 185, 193
     .   : milestone, 189,
    master - mean (189ms)  : 186, 192
     .   : milestone, 189,

    section CallTarget+Inlining+NGEN
    This PR (6143) - mean (1,196ms)  : 1175, 1217
     .   : milestone, 1196,
    master - mean (1,201ms)  : 1179, 1222
     .   : milestone, 1201,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET Core 3.1) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6143) - mean (274ms)  : 270, 279
     .   : milestone, 274,
    master - mean (274ms)  : 269, 278
     .   : milestone, 274,

    section CallTarget+Inlining+NGEN
    This PR (6143) - mean (938ms)  : 920, 955
     .   : milestone, 938,
    master - mean (943ms)  : 926, 960
     .   : milestone, 943,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET 6) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6143) - mean (262ms)  : 258, 266
     .   : milestone, 262,
    master - mean (263ms)  : 259, 267
     .   : milestone, 263,

    section CallTarget+Inlining+NGEN
    This PR (6143) - mean (921ms)  : 906, 937
     .   : milestone, 921,
    master - mean (924ms)  : 908, 940
     .   : milestone, 924,

Loading

[datadog-ddstaging]

Datadog Report

Branch report: anna/asm/harden-security-coordinator
Commit report: 2acfc80
Test service: dd-trace-dotnet

✅ 0 Failed, 368856 Passed, 2114 Skipped, 16h 6m 48.71s Total Time

[andrewlock]

Throughput/Crank Report ⚡

Throughput results for AspNetCoreSimpleController comparing the following branches/commits:

• This PR (6143)
• master
• benchmarks/2.9.0

Cases where throughput results for the PR are worse than latest master (5% drop or greater), results are shown in red.

Note that these results are based on a single point-in-time result for each branch. For full results, see one of the many, many dashboards!

gantt
    title Throughput Linux x64 (Total requests) 
    dateFormat  X
    axisFormat %s
    section Baseline
    This PR (6143) (11.177M)   : 0, 11177351
    master (11.252M)   : 0, 11251784
    benchmarks/2.9.0 (11.081M)   : 0, 11080577

    section Automatic
    This PR (6143) (7.498M)   : 0, 7498175
    master (7.466M)   : 0, 7465753
    benchmarks/2.9.0 (7.732M)   : 0, 7732233

    section Trace stats
    master (7.766M)   : 0, 7765791

    section Manual
    master (11.114M)   : 0, 11114354

    section Manual + Automatic
    This PR (6143) (6.959M)   : 0, 6959133
    master (6.846M)   : 0, 6845872

    section DD_TRACE_ENABLED=0
    master (10.389M)   : 0, 10388612

Loading

gantt
    title Throughput Linux arm64 (Total requests) 
    dateFormat  X
    axisFormat %s
    section Baseline
    This PR (6143) (9.419M)   : 0, 9418736
    master (9.539M)   : 0, 9539093
    benchmarks/2.9.0 (9.798M)   : 0, 9798067

    section Automatic
    This PR (6143) (6.704M)   : 0, 6703737
    master (6.648M)   : 0, 6647799

    section Trace stats
    master (6.855M)   : 0, 6855301

    section Manual
    master (9.525M)   : 0, 9525425

    section Manual + Automatic
    This PR (6143) (6.113M)   : 0, 6113305
    master (6.161M)   : 0, 6160600

    section DD_TRACE_ENABLED=0
    master (8.832M)   : 0, 8832117

Loading

gantt
    title Throughput Windows x64 (Total requests) 
    dateFormat  X
    axisFormat %s
    section Baseline
    This PR (6143) (10.140M)   : 0, 10140105
    master (10.064M)   : 0, 10064242
    benchmarks/2.9.0 (10.067M)   : 0, 10067315

    section Automatic
    This PR (6143) (6.506M)   : 0, 6506058
    master (6.841M)   : 0, 6841333
    benchmarks/2.9.0 (7.552M)   : 0, 7552193

    section Trace stats
    master (7.427M)   : 0, 7426854

    section Manual
    master (10.084M)   : 0, 10084210

    section Manual + Automatic
    This PR (6143) (6.075M)   : 0, 6074832
    master (6.348M)   : 0, 6347556

    section DD_TRACE_ENABLED=0
    master (9.577M)   : 0, 9576577

Loading

[andrewlock]

Benchmarks Report for appsec 🐌

Benchmarks for #6143 compared to master:

• All benchmarks have the same speed
• 2 benchmarks have more allocations

The following thresholds were used for comparing the benchmark speeds:

• Mann–Whitney U test with statistical test for significance of 5%
• Only results indicating a difference greater than 10% and 0.3 ns are considered.

Allocation changes below 0.5% are ignored.

Benchmark details

Benchmarks.Trace.Asm.AppSecBodyBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	AllCycleSimpleBody	net6.0	73.3μs	69.2ns	250ns	0.0729	0	0	6.01 KB
master	AllCycleSimpleBody	netcoreapp3.1	62.9μs	129ns	499ns	0.0616	0	0	6.95 KB
master	AllCycleSimpleBody	net472	48.7μs	70.8ns	265ns	1.31	0	0	8.34 KB
master	AllCycleMoreComplexBody	net6.0	79.4μs	171ns	662ns	0.119	0	0	9.51 KB
master	AllCycleMoreComplexBody	netcoreapp3.1	68.4μs	96.6ns	374ns	0.137	0	0	10.37 KB
master	AllCycleMoreComplexBody	net472	55.5μs	56.5ns	204ns	1.88	0.0276	0	11.85 KB
master	ObjectExtractorSimpleBody	net6.0	144ns	0.139ns	0.538ns	0.00391	0	0	280 B
master	ObjectExtractorSimpleBody	netcoreapp3.1	214ns	0.224ns	0.84ns	0.00376	0	0	272 B
master	ObjectExtractorSimpleBody	net472	163ns	0.216ns	0.838ns	0.0446	0	0	281 B
master	ObjectExtractorMoreComplexBody	net6.0	3.16μs	1.78ns	6.88ns	0.0536	0	0	3.78 KB
master	ObjectExtractorMoreComplexBody	netcoreapp3.1	4.2μs	2.3ns	8.89ns	0.0502	0	0	3.69 KB
master	ObjectExtractorMoreComplexBody	net472	3.77μs	3.19ns	11.9ns	0.601	0.00564	0	3.8 KB
#6143	AllCycleSimpleBody	net6.0	73.3μs	101ns	391ns	0.0733	0	0	6 KB
#6143	AllCycleSimpleBody	netcoreapp3.1	64μs	71.2ns	266ns	0.064	0	0	6.95 KB
#6143	AllCycleSimpleBody	net472	49.2μs	62.9ns	244ns	1.3	0	0	8.34 KB
#6143	AllCycleMoreComplexBody	net6.0	81.6μs	128ns	496ns	0.12	0	0	9.51 KB
#6143	AllCycleMoreComplexBody	netcoreapp3.1	70.4μs	150ns	582ns	0.105	0	0	10.37 KB
#6143	AllCycleMoreComplexBody	net472	57.9μs	107ns	414ns	1.88	0.0294	0	11.85 KB
#6143	ObjectExtractorSimpleBody	net6.0	145ns	0.159ns	0.594ns	0.00395	0	0	280 B
#6143	ObjectExtractorSimpleBody	netcoreapp3.1	211ns	0.225ns	0.87ns	0.00372	0	0	272 B
#6143	ObjectExtractorSimpleBody	net472	169ns	0.169ns	0.656ns	0.0446	0	0	281 B
#6143	ObjectExtractorMoreComplexBody	net6.0	3.2μs	2.37ns	9.18ns	0.0532	0	0	3.78 KB
#6143	ObjectExtractorMoreComplexBody	netcoreapp3.1	4.05μs	1.8ns	6.48ns	0.0506	0	0	3.69 KB
#6143	ObjectExtractorMoreComplexBody	net472	3.91μs	5.67ns	22ns	0.601	0.00584	0	3.8 KB

Benchmarks.Trace.Asm.AppSecEncoderBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EncodeArgs	net6.0	37.3μs	28.3ns	110ns	0.445	0	0	32.4 KB
master	EncodeArgs	netcoreapp3.1	54.1μs	17.9ns	69.4ns	0.433	0	0	32.4 KB
master	EncodeArgs	net472	66.6μs	35.2ns	132ns	5.14	0.0667	0	32.5 KB
master	EncodeLegacyArgs	net6.0	78μs	398ns	1.83μs	0	0	0	2.14 KB
master	EncodeLegacyArgs	netcoreapp3.1	105μs	393ns	1.52μs	0	0	0	2.14 KB
master	EncodeLegacyArgs	net472	151μs	122ns	473ns	0.306	0	0	2.15 KB
#6143	EncodeArgs	net6.0	37.2μs	19.5ns	75.4ns	0.446	0	0	32.4 KB
#6143	EncodeArgs	netcoreapp3.1	55.5μs	34.4ns	133ns	0.44	0	0	32.4 KB
#6143	EncodeArgs	net472	67.9μs	46.8ns	169ns	5.16	0.0679	0	32.5 KB
#6143	EncodeLegacyArgs	net6.0	72.9μs	75.5ns	282ns	0	0	0	2.14 KB
#6143	EncodeLegacyArgs	netcoreapp3.1	109μs	89.2ns	334ns	0	0	0	2.14 KB
#6143	EncodeLegacyArgs	net472	155μs	94.4ns	366ns	0.313	0	0	2.15 KB

Benchmarks.Trace.Asm.AppSecWafBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	RunWafRealisticBenchmark	net6.0	184μs	115ns	445ns	0	0	0	2.44 KB
master	RunWafRealisticBenchmark	netcoreapp3.1	197μs	158ns	568ns	0	0	0	2.39 KB
master	RunWafRealisticBenchmark	net472	210μs	68.8ns	257ns	0.317	0	0	2.46 KB
master	RunWafRealisticBenchmarkWithAttack	net6.0	121μs	106ns	409ns	0	0	0	1.47 KB
master	RunWafRealisticBenchmarkWithAttack	netcoreapp3.1	129μs	34ns	127ns	0	0	0	1.46 KB
master	RunWafRealisticBenchmarkWithAttack	net472	140μs	52.2ns	202ns	0.209	0	0	1.49 KB
#6143	RunWafRealisticBenchmark	net6.0	187μs	229ns	889ns	0	0	0	2.44 KB
#6143	RunWafRealisticBenchmark	netcoreapp3.1	201μs	193ns	747ns	0	0	0	2.39 KB
#6143	RunWafRealisticBenchmark	net472	213μs	117ns	454ns	0.318	0	0	2.46 KB
#6143	RunWafRealisticBenchmarkWithAttack	net6.0	124μs	92.8ns	360ns	0	0	0	1.47 KB
#6143	RunWafRealisticBenchmarkWithAttack	netcoreapp3.1	132μs	163ns	632ns	0	0	0	1.46 KB
#6143	RunWafRealisticBenchmarkWithAttack	net472	140μs	72.7ns	282ns	0.21	0	0	1.49 KB

Benchmarks.Trace.Iast.StringAspectsBenchmark - Same speed ✔️ More allocations ⚠️

More allocations ⚠️ in #6143

Benchmark	Base Allocated	Diff Allocated	Change	Change %
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatAspectBenchmark‑net6.0	253.47 KB	266.42 KB	12.95 KB	5.11%
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatAspectBenchmark‑netcoreapp3.1	252.25 KB	254.41 KB	2.16 KB	0.86%

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	StringConcatBenchmark	net6.0	54.8μs	538ns	5.35μs	0	0	0	43.44 KB
master	StringConcatBenchmark	netcoreapp3.1	62.4μs	857ns	8.26μs	0	0	0	42.64 KB
master	StringConcatBenchmark	net472	36.6μs	123ns	427ns	0	0	0	59.01 KB
master	StringConcatAspectBenchmark	net6.0	306μs	1.76μs	13.3μs	0	0	0	253.47 KB
master	StringConcatAspectBenchmark	netcoreapp3.1	330μs	1.73μs	9.63μs	0	0	0	252.25 KB
master	StringConcatAspectBenchmark	net472	271μs	6μs	56.9μs	0	0	0	278.53 KB
#6143	StringConcatBenchmark	net6.0	60μs	812ns	7.99μs	0	0	0	43.44 KB
#6143	StringConcatBenchmark	netcoreapp3.1	56μs	425ns	4.06μs	0	0	0	42.64 KB
#6143	StringConcatBenchmark	net472	37.3μs	152ns	608ns	0	0	0	58.84 KB
#6143	StringConcatAspectBenchmark	net6.0	329μs	6.76μs	66.9μs	0	0	0	266.42 KB
#6143	StringConcatAspectBenchmark	netcoreapp3.1	347μs	1.85μs	10.3μs	0	0	0	254.41 KB
#6143	StringConcatAspectBenchmark	net472	277μs	5.44μs	51μs	0	0	0	278.53 KB

[andrewlock]

Benchmarks Report for tracer 🐌

Benchmarks for #6143 compared to master:

• All benchmarks have the same speed
• All benchmarks have the same allocations

The following thresholds were used for comparing the benchmark speeds:

• Mann–Whitney U test with statistical test for significance of 5%
• Only results indicating a difference greater than 10% and 0.3 ns are considered.

Allocation changes below 0.5% are ignored.

Benchmark details

Benchmarks.Trace.ActivityBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	StartStopWithChild	net6.0	7.77μs	44.4ns	327ns	0.0155	0.00774	0	5.43 KB
master	StartStopWithChild	netcoreapp3.1	10.1μs	50.2ns	230ns	0.0209	0.0105	0	5.62 KB
master	StartStopWithChild	net472	17μs	46.1ns	179ns	1.01	0.298	0.0828	6.06 KB
#6143	StartStopWithChild	net6.0	7.72μs	42.4ns	268ns	0.0116	0.00388	0	5.43 KB
#6143	StartStopWithChild	netcoreapp3.1	9.89μs	48.4ns	211ns	0.0148	0.00492	0	5.62 KB
#6143	StartStopWithChild	net472	16.7μs	73.8ns	286ns	1.03	0.322	0.107	6.06 KB

Benchmarks.Trace.AgentWriterBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	WriteAndFlushEnrichedTraces	net6.0	474μs	114ns	395ns	0	0	0	2.7 KB
master	WriteAndFlushEnrichedTraces	netcoreapp3.1	635μs	560ns	2.1μs	0	0	0	2.7 KB
master	WriteAndFlushEnrichedTraces	net472	867μs	535ns	2.07μs	0.434	0	0	3.3 KB
#6143	WriteAndFlushEnrichedTraces	net6.0	478μs	457ns	1.77μs	0	0	0	2.7 KB
#6143	WriteAndFlushEnrichedTraces	netcoreapp3.1	638μs	455ns	1.76μs	0	0	0	2.7 KB
#6143	WriteAndFlushEnrichedTraces	net472	845μs	586ns	2.27μs	0.419	0	0	3.3 KB

Benchmarks.Trace.AspNetCoreBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	SendRequest	net6.0	225μs	1.26μs	8.29μs	0.209	0	0	18.45 KB
master	SendRequest	netcoreapp3.1	226μs	1.29μs	9.84μs	0.216	0	0	20.61 KB
master	SendRequest	net472	0.00205ns	0.00102ns	0.00381ns	0	0	0	0 b
#6143	SendRequest	net6.0	231μs	1.49μs	14.7μs	0.215	0	0	18.46 KB
#6143	SendRequest	netcoreapp3.1	230μs	1.27μs	7.73μs	0.235	0	0	20.61 KB
#6143	SendRequest	net472	0.00104ns	0.000566ns	0.00219ns	0	0	0	0 b

Benchmarks.Trace.CIVisibilityProtocolWriterBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	WriteAndFlushEnrichedTraces	net6.0	572μs	2.95μs	13.5μs	0.282	0	0	41.63 KB
master	WriteAndFlushEnrichedTraces	netcoreapp3.1	744μs	4.35μs	41.9μs	0.332	0	0	41.79 KB
master	WriteAndFlushEnrichedTraces	net472	855μs	2.38μs	8.58μs	8.42	2.66	0.443	53.35 KB
#6143	WriteAndFlushEnrichedTraces	net6.0	580μs	3.19μs	20.4μs	0.561	0	0	41.7 KB
#6143	WriteAndFlushEnrichedTraces	netcoreapp3.1	747μs	3.72μs	15.8μs	0.381	0	0	41.75 KB
#6143	WriteAndFlushEnrichedTraces	net472	867μs	4.28μs	18.2μs	8.25	2.6	0.434	53.33 KB

Benchmarks.Trace.DbCommandBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	ExecuteNonQuery	net6.0	1.29μs	0.853ns	3.3ns	0.0142	0	0	1.02 KB
master	ExecuteNonQuery	netcoreapp3.1	1.82μs	1.7ns	6.58ns	0.0136	0	0	1.02 KB
master	ExecuteNonQuery	net472	2.1μs	1.48ns	5.34ns	0.156	0	0	987 B
#6143	ExecuteNonQuery	net6.0	1.25μs	0.947ns	3.54ns	0.0143	0	0	1.02 KB
#6143	ExecuteNonQuery	netcoreapp3.1	1.76μs	1.21ns	4.53ns	0.0132	0	0	1.02 KB
#6143	ExecuteNonQuery	net472	2.12μs	3.36ns	13ns	0.156	0.00106	0	987 B

Benchmarks.Trace.ElasticsearchBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	CallElasticsearch	net6.0	1.21μs	0.6ns	2.24ns	0.0139	0	0	976 B
master	CallElasticsearch	netcoreapp3.1	1.6μs	4.95ns	19.2ns	0.0132	0	0	976 B
master	CallElasticsearch	net472	2.41μs	1.27ns	4.41ns	0.158	0	0	995 B
master	CallElasticsearchAsync	net6.0	1.25μs	0.526ns	1.97ns	0.0131	0	0	952 B
master	CallElasticsearchAsync	netcoreapp3.1	1.63μs	0.99ns	3.83ns	0.0139	0	0	1.02 KB
master	CallElasticsearchAsync	net472	2.59μs	1.19ns	4.47ns	0.166	0	0	1.05 KB
#6143	CallElasticsearch	net6.0	1.25μs	1.52ns	5.69ns	0.0138	0	0	976 B
#6143	CallElasticsearch	netcoreapp3.1	1.55μs	1.18ns	4.25ns	0.0133	0	0	976 B
#6143	CallElasticsearch	net472	2.43μs	3ns	11.6ns	0.157	0	0	995 B
#6143	CallElasticsearchAsync	net6.0	1.33μs	0.88ns	3.29ns	0.0134	0	0	952 B
#6143	CallElasticsearchAsync	netcoreapp3.1	1.71μs	2.68ns	10ns	0.0136	0	0	1.02 KB
#6143	CallElasticsearchAsync	net472	2.55μs	1.19ns	4.61ns	0.167	0	0	1.05 KB

Benchmarks.Trace.GraphQLBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	ExecuteAsync	net6.0	1.34μs	0.788ns	2.95ns	0.0134	0	0	952 B
master	ExecuteAsync	netcoreapp3.1	1.66μs	0.345ns	1.24ns	0.0124	0	0	952 B
master	ExecuteAsync	net472	1.76μs	0.564ns	2.11ns	0.145	0	0	915 B
#6143	ExecuteAsync	net6.0	1.25μs	1.24ns	4.79ns	0.0131	0	0	952 B
#6143	ExecuteAsync	netcoreapp3.1	1.64μs	0.375ns	1.4ns	0.0125	0	0	952 B
#6143	ExecuteAsync	net472	1.8μs	0.783ns	3.03ns	0.145	0	0	915 B

Benchmarks.Trace.HttpClientBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	SendAsync	net6.0	4.2μs	2.3ns	8.6ns	0.0295	0	0	2.22 KB
master	SendAsync	netcoreapp3.1	5.01μs	3.35ns	13ns	0.0375	0	0	2.76 KB
master	SendAsync	net472	7.66μs	0.961ns	3.47ns	0.498	0	0	3.15 KB
#6143	SendAsync	net6.0	4.31μs	8.62ns	33.4ns	0.0299	0	0	2.22 KB
#6143	SendAsync	netcoreapp3.1	4.99μs	1.16ns	4.35ns	0.0375	0	0	2.76 KB
#6143	SendAsync	net472	7.84μs	1.78ns	6.89ns	0.496	0	0	3.15 KB

Benchmarks.Trace.ILoggerBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	1.52μs	0.766ns	2.87ns	0.0228	0	0	1.64 KB
master	EnrichedLog	netcoreapp3.1	2.14μs	1.03ns	3.87ns	0.0225	0	0	1.64 KB
master	EnrichedLog	net472	2.61μs	0.729ns	2.82ns	0.249	0	0	1.57 KB
#6143	EnrichedLog	net6.0	1.48μs	1.7ns	6.35ns	0.023	0	0	1.64 KB
#6143	EnrichedLog	netcoreapp3.1	2.27μs	1.17ns	4.51ns	0.0218	0	0	1.64 KB
#6143	EnrichedLog	net472	2.53μs	0.57ns	2.13ns	0.249	0	0	1.57 KB

Benchmarks.Trace.Log4netBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	116μs	125ns	469ns	0.0584	0	0	4.28 KB
master	EnrichedLog	netcoreapp3.1	121μs	194ns	701ns	0.0603	0	0	4.28 KB
master	EnrichedLog	net472	153μs	117ns	454ns	0.685	0.228	0	4.46 KB
#6143	EnrichedLog	net6.0	117μs	160ns	597ns	0.0585	0	0	4.28 KB
#6143	EnrichedLog	netcoreapp3.1	122μs	199ns	769ns	0	0	0	4.28 KB
#6143	EnrichedLog	net472	151μs	254ns	985ns	0.69	0.23	0	4.46 KB

Benchmarks.Trace.NLogBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	2.96μs	0.872ns	3.26ns	0.031	0	0	2.2 KB
master	EnrichedLog	netcoreapp3.1	4.1μs	1.26ns	4.88ns	0.0288	0	0	2.2 KB
master	EnrichedLog	net472	4.96μs	1.14ns	4.41ns	0.321	0	0	2.02 KB
#6143	EnrichedLog	net6.0	3.04μs	1.14ns	4.43ns	0.0306	0	0	2.2 KB
#6143	EnrichedLog	netcoreapp3.1	4.26μs	1.25ns	4.85ns	0.0298	0	0	2.2 KB
#6143	EnrichedLog	net472	4.84μs	1.41ns	5.29ns	0.32	0	0	2.02 KB

Benchmarks.Trace.RedisBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	SendReceive	net6.0	1.43μs	0.82ns	3.18ns	0.0164	0	0	1.14 KB
master	SendReceive	netcoreapp3.1	1.76μs	0.655ns	2.54ns	0.0154	0	0	1.14 KB
master	SendReceive	net472	2.11μs	0.84ns	3.25ns	0.184	0.00105	0	1.16 KB
#6143	SendReceive	net6.0	1.34μs	0.736ns	2.85ns	0.0161	0	0	1.14 KB
#6143	SendReceive	netcoreapp3.1	1.75μs	0.994ns	3.72ns	0.0157	0	0	1.14 KB
#6143	SendReceive	net472	2.08μs	1.41ns	5.47ns	0.183	0	0	1.16 KB

Benchmarks.Trace.SerilogBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	2.8μs	2.58ns	9.65ns	0.0222	0	0	1.6 KB
master	EnrichedLog	netcoreapp3.1	3.96μs	1.04ns	3.9ns	0.0218	0	0	1.65 KB
master	EnrichedLog	net472	4.43μs	2.15ns	8.32ns	0.322	0	0	2.04 KB
#6143	EnrichedLog	net6.0	2.85μs	1.07ns	4ns	0.0229	0	0	1.6 KB
#6143	EnrichedLog	netcoreapp3.1	3.9μs	2.3ns	8.9ns	0.0213	0	0	1.65 KB
#6143	EnrichedLog	net472	4.34μs	1.79ns	6.92ns	0.322	0	0	2.04 KB

Benchmarks.Trace.SpanBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	StartFinishSpan	net6.0	404ns	0.213ns	0.824ns	0.0081	0	0	576 B
master	StartFinishSpan	netcoreapp3.1	655ns	0.38ns	1.47ns	0.00786	0	0	576 B
master	StartFinishSpan	net472	701ns	0.453ns	1.7ns	0.0917	0	0	578 B
master	StartFinishScope	net6.0	485ns	0.239ns	0.924ns	0.00976	0	0	696 B
master	StartFinishScope	netcoreapp3.1	758ns	0.391ns	1.46ns	0.00957	0	0	696 B
master	StartFinishScope	net472	873ns	0.405ns	1.57ns	0.104	0	0	658 B
#6143	StartFinishSpan	net6.0	407ns	0.187ns	0.698ns	0.00816	0	0	576 B
#6143	StartFinishSpan	netcoreapp3.1	626ns	0.246ns	0.953ns	0.00788	0	0	576 B
#6143	StartFinishSpan	net472	703ns	0.349ns	1.31ns	0.0916	0	0	578 B
#6143	StartFinishScope	net6.0	483ns	0.317ns	1.23ns	0.0097	0	0	696 B
#6143	StartFinishScope	netcoreapp3.1	728ns	0.479ns	1.85ns	0.00947	0	0	696 B
#6143	StartFinishScope	net472	903ns	0.646ns	2.5ns	0.104	0	0	658 B

Benchmarks.Trace.TraceAnnotationsBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	RunOnMethodBegin	net6.0	671ns	0.323ns	1.25ns	0.00977	0	0	696 B
master	RunOnMethodBegin	netcoreapp3.1	974ns	1.03ns	3.84ns	0.0092	0	0	696 B
master	RunOnMethodBegin	net472	1.16μs	0.465ns	1.8ns	0.104	0	0	658 B
#6143	RunOnMethodBegin	net6.0	640ns	0.272ns	1.05ns	0.00961	0	0	696 B
#6143	RunOnMethodBegin	netcoreapp3.1	983ns	1.16ns	4.47ns	0.00934	0	0	696 B
#6143	RunOnMethodBegin	net472	1.08μs	0.431ns	1.61ns	0.104	0	0	658 B

[NachoEchevarria]

Should we still check for securityCoordinator.IsAdditiveContextDisposed() as we do in fingerprints?

[anna-git]

so it is still checked here:

 public IResult? RunWaf(Dictionary<string, object> args, bool lastWafCall = false, bool runWithEphemeral = false, bool isRasp = false)
    {
        LogAddressIfDebugEnabled(args);
        IResult? result = null;
        try
        {
            var additiveContext = _httpTransport.GetAdditiveContext();

            if (additiveContext == null)
            {
                additiveContext = _security.CreateAdditiveContext();
                // prevent very cases where waf has been disposed between here and has been passed as argument until the 2nd line of constructor..
                if (additiveContext != null)
                {
                    _httpTransport.SetAdditiveContext(additiveContext);
                }
            }
            else if (_httpTransport.IsAdditiveContextDisposed())
            {
                Log.Warning("Waf could not run as waf additive context is disposed");
                return null;
            }

[anna-git]

also because if the context is disposed, in all cases, we never want to run the waf

[NachoEchevarria]

LGTM

[andrewlock]

Note that you're already logging a warning in this scenario when you call TryGet - it's probably unnecessary to do both?

[anna-git]

fixed in 2acfc80 thank you