[ASM] iast: Tainting of DefaultInterpolatedStringHandler

[e-n-0]

Summary of changes

This PR introduce the support of DefaultInterpolatedStringHandler for IAST.
The resulting strings of DefaultInterpolatedStringHandler will now be tainted.

Reason for change

Since the release of .NET Core 6, interpolated strings got a performance optimisation and now use DefaultInterpolatedStringHandler to build strings.

Some vulnerabilities couldn't be detected because strings built with DefaultInterpolatedStringHandler weren't tainted.

Implementation details

As DefaultInterpolatedStringHandler is a ref struct, we call some IL to get it's own stack pointer value and taint it.
We need to get that pointer value to track it and its tainted sources.

Test coverage

• New unit tests were added:
  • testing all aspects with an explicit call to the DefaultInterpolatedStringHandler ref struct
  • testing implicit interpolated strings ($"") in various complex cases

Other details

This PR don't handle the correct values for start and length of tainted Sources.

[datadog-ddstaging]

Datadog Report

Branch report: flavien/iast/interpolatedstring
Commit report: b9ea3d2
Test service: dd-trace-dotnet

✅ 0 Failed, 462284 Passed, 3577 Skipped, 32h 53m 37.66s Total Time

[andrewlock]

Execution-Time Benchmarks Report ⏱️

Execution-time results for samples comparing the following branches/commits:

• This PR (6340)
• master

Execution-time benchmarks measure the whole time it takes to execute a program. And are intended to measure the one-off costs. Cases where the execution time results for the PR are worse than latest master results are shown in red. The following thresholds were used for comparing the execution times:

• Welch test with statistical test for significance of 5%
• Only results indicating a difference greater than 5% and 5 ms are considered.

Note that these results are based on a single point-in-time result for each branch. For full results, see the dashboard.

Graphs show the p99 interval based on the mean and StdDev of the test run, as well as the mean value of the run (shown as a diamond below the graph).

gantt
    title Execution time (ms) FakeDbCommand (.NET Framework 4.6.2) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6340) - mean (72ms)  : 62, 82
     .   : milestone, 72,
    master - mean (73ms)  : 60, 86
     .   : milestone, 73,

    section CallTarget+Inlining+NGEN
    This PR (6340) - mean (985ms)  : 952, 1018
     .   : milestone, 985,
    master - mean (984ms)  : 961, 1007
     .   : milestone, 984,

Loading

gantt
    title Execution time (ms) FakeDbCommand (.NET Core 3.1) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6340) - mean (108ms)  : 106, 110
     .   : milestone, 108,
    master - mean (108ms)  : 106, 110
     .   : milestone, 108,

    section CallTarget+Inlining+NGEN
    This PR (6340) - mean (682ms)  : 668, 697
     .   : milestone, 682,
    master - mean (685ms)  : 670, 699
     .   : milestone, 685,

Loading

gantt
    title Execution time (ms) FakeDbCommand (.NET 6) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6340) - mean (92ms)  : 89, 95
     .   : milestone, 92,
    master - mean (92ms)  : 90, 94
     .   : milestone, 92,

    section CallTarget+Inlining+NGEN
    This PR (6340) - mean (639ms)  : 620, 657
     .   : milestone, 639,
    master - mean (637ms)  : 623, 651
     .   : milestone, 637,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET Framework 4.6.2) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6340) - mean (191ms)  : 185, 196
     .   : milestone, 191,
    master - mean (192ms)  : 185, 198
     .   : milestone, 192,

    section CallTarget+Inlining+NGEN
    This PR (6340) - mean (1,102ms)  : 1073, 1131
     .   : milestone, 1102,
    master - mean (1,098ms)  : 1076, 1120
     .   : milestone, 1098,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET Core 3.1) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6340) - mean (276ms)  : 272, 279
     .   : milestone, 276,
    master - mean (276ms)  : 272, 280
     .   : milestone, 276,

    section CallTarget+Inlining+NGEN
    This PR (6340) - mean (880ms)  : 845, 914
     .   : milestone, 880,
    master - mean (872ms)  : 847, 897
     .   : milestone, 872,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET 6) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6340) - mean (265ms)  : 261, 269
     .   : milestone, 265,
    master - mean (265ms)  : 260, 271
     .   : milestone, 265,

    section CallTarget+Inlining+NGEN
    This PR (6340) - mean (860ms)  : 829, 892
     .   : milestone, 860,
    master - mean (866ms)  : 824, 907
     .   : milestone, 866,

Loading

[andrewlock]

Benchmarks Report for tracer 🐌

Benchmarks for #6340 compared to master:

• 2 benchmarks are faster, with geometric mean 1.122
• 2 benchmarks are slower, with geometric mean 1.117
• All benchmarks have the same allocations

The following thresholds were used for comparing the benchmark speeds:

• Mann–Whitney U test with statistical test for significance of 5%
• Only results indicating a difference greater than 10% and 0.3 ns are considered.

Allocation changes below 0.5% are ignored.

Benchmark details

Benchmarks.Trace.ActivityBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	StartStopWithChild	net6.0	7.82μs	38.6ns	189ns	0.0154	0.00769	0	5.6 KB
master	StartStopWithChild	netcoreapp3.1	9.94μs	54ns	301ns	0.0236	0.00943	0	5.8 KB
master	StartStopWithChild	net472	16.2μs	44.4ns	172ns	1.05	0.314	0.0966	6.2 KB
#6340	StartStopWithChild	net6.0	7.93μs	45.9ns	381ns	0.0192	0.00384	0	5.61 KB
#6340	StartStopWithChild	netcoreapp3.1	9.92μs	52.7ns	264ns	0.0248	0.00992	0	5.8 KB
#6340	StartStopWithChild	net472	16.4μs	55.5ns	215ns	1.07	0.323	0.105	6.21 KB

Benchmarks.Trace.AgentWriterBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	WriteAndFlushEnrichedTraces	net6.0	483μs	180ns	650ns	0	0	0	2.7 KB
master	WriteAndFlushEnrichedTraces	netcoreapp3.1	668μs	417ns	1.56μs	0	0	0	2.7 KB
master	WriteAndFlushEnrichedTraces	net472	850μs	376ns	1.46μs	0.425	0	0	3.3 KB
#6340	WriteAndFlushEnrichedTraces	net6.0	483μs	417ns	1.5μs	0	0	0	2.7 KB
#6340	WriteAndFlushEnrichedTraces	netcoreapp3.1	655μs	112ns	404ns	0	0	0	2.7 KB
#6340	WriteAndFlushEnrichedTraces	net472	852μs	262ns	1.01μs	0.422	0	0	3.3 KB

Benchmarks.Trace.AspNetCoreBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	SendRequest	net6.0	143μs	725ns	5.07μs	0.142	0	0	14.47 KB
master	SendRequest	netcoreapp3.1	172μs	1.29μs	12.9μs	0.169	0	0	17.27 KB
master	SendRequest	net472	0.000476ns	0.00034ns	0.00122ns	0	0	0	0 b
#6340	SendRequest	net6.0	153μs	892ns	7.98μs	0.145	0	0	14.47 KB
#6340	SendRequest	netcoreapp3.1	170μs	997ns	9.03μs	0.16	0	0	17.27 KB
#6340	SendRequest	net472	0.000602ns	0.000304ns	0.00118ns	0	0	0	0 b

Benchmarks.Trace.CIVisibilityProtocolWriterBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	WriteAndFlushEnrichedTraces	net6.0	572μs	2.64μs	9.87μs	0.546	0	0	41.61 KB
master	WriteAndFlushEnrichedTraces	netcoreapp3.1	683μs	3.44μs	19.5μs	0.331	0	0	41.79 KB
master	WriteAndFlushEnrichedTraces	net472	853μs	3.66μs	14.2μs	8.33	2.5	0.417	53.28 KB
#6340	WriteAndFlushEnrichedTraces	net6.0	572μs	2.92μs	13.4μs	0.558	0	0	41.66 KB
#6340	WriteAndFlushEnrichedTraces	netcoreapp3.1	677μs	3.61μs	18.4μs	0.338	0	0	41.68 KB
#6340	WriteAndFlushEnrichedTraces	net472	853μs	2.56μs	9.59μs	8.28	2.48	0.414	53.27 KB

Benchmarks.Trace.DbCommandBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	ExecuteNonQuery	net6.0	1.37μs	0.911ns	3.41ns	0.0144	0	0	1.02 KB
master	ExecuteNonQuery	netcoreapp3.1	1.7μs	1.32ns	5.11ns	0.0134	0	0	1.02 KB
master	ExecuteNonQuery	net472	2.06μs	1.1ns	4.1ns	0.157	0.00103	0	987 B
#6340	ExecuteNonQuery	net6.0	1.25μs	1.87ns	7ns	0.0142	0	0	1.02 KB
#6340	ExecuteNonQuery	netcoreapp3.1	1.76μs	1.27ns	4.91ns	0.0135	0	0	1.02 KB
#6340	ExecuteNonQuery	net472	2.05μs	2.38ns	8.92ns	0.156	0.00102	0	987 B

Benchmarks.Trace.ElasticsearchBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	CallElasticsearch	net6.0	1.25μs	0.421ns	1.52ns	0.0141	0	0	976 B
master	CallElasticsearch	netcoreapp3.1	1.59μs	0.621ns	2.4ns	0.0127	0	0	976 B
master	CallElasticsearch	net472	2.49μs	1.23ns	4.75ns	0.157	0	0	995 B
master	CallElasticsearchAsync	net6.0	1.24μs	0.969ns	3.62ns	0.013	0	0	952 B
master	CallElasticsearchAsync	netcoreapp3.1	1.67μs	3.33ns	12.9ns	0.0135	0	0	1.02 KB
master	CallElasticsearchAsync	net472	2.61μs	0.865ns	3.12ns	0.166	0	0	1.05 KB
#6340	CallElasticsearch	net6.0	1.39μs	0.841ns	3.15ns	0.0139	0	0	976 B
#6340	CallElasticsearch	netcoreapp3.1	1.55μs	1.5ns	5.8ns	0.0133	0	0	976 B
#6340	CallElasticsearch	net472	2.57μs	0.722ns	2.6ns	0.158	0	0	995 B
#6340	CallElasticsearchAsync	net6.0	1.23μs	0.764ns	2.86ns	0.0136	0	0	952 B
#6340	CallElasticsearchAsync	netcoreapp3.1	1.61μs	0.426ns	1.59ns	0.0139	0	0	1.02 KB
#6340	CallElasticsearchAsync	net472	2.63μs	0.855ns	3.2ns	0.166	0	0	1.05 KB

Benchmarks.Trace.GraphQLBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	ExecuteAsync	net6.0	1.32μs	0.985ns	3.69ns	0.0133	0	0	952 B
master	ExecuteAsync	netcoreapp3.1	1.64μs	0.61ns	2.36ns	0.0132	0	0	952 B
master	ExecuteAsync	net472	1.82μs	0.871ns	3.26ns	0.145	0	0	915 B
#6340	ExecuteAsync	net6.0	1.27μs	1.44ns	5.57ns	0.0134	0	0	952 B
#6340	ExecuteAsync	netcoreapp3.1	1.61μs	0.725ns	2.61ns	0.013	0	0	952 B
#6340	ExecuteAsync	net472	1.88μs	1.74ns	6.75ns	0.145	0	0	915 B

Benchmarks.Trace.HttpClientBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	SendAsync	net6.0	4.54μs	2.12ns	7.93ns	0.0317	0	0	2.31 KB
master	SendAsync	netcoreapp3.1	5.38μs	3.56ns	13.8ns	0.0377	0	0	2.85 KB
master	SendAsync	net472	7.27μs	2ns	7.73ns	0.495	0	0	3.12 KB
#6340	SendAsync	net6.0	4.35μs	1.61ns	6.24ns	0.0326	0	0	2.31 KB
#6340	SendAsync	netcoreapp3.1	5.23μs	3.42ns	12.8ns	0.0392	0	0	2.85 KB
#6340	SendAsync	net472	7.33μs	2.41ns	9.04ns	0.494	0	0	3.12 KB

Benchmarks.Trace.ILoggerBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	1.45μs	0.724ns	2.71ns	0.0232	0	0	1.64 KB
master	EnrichedLog	netcoreapp3.1	2.22μs	1.68ns	6.07ns	0.022	0	0	1.64 KB
master	EnrichedLog	net472	2.75μs	1.88ns	7.27ns	0.25	0	0	1.57 KB
#6340	EnrichedLog	net6.0	1.58μs	0.895ns	3.47ns	0.0227	0	0	1.64 KB
#6340	EnrichedLog	netcoreapp3.1	2.19μs	1.11ns	4.32ns	0.022	0	0	1.64 KB
#6340	EnrichedLog	net472	2.56μs	1.5ns	5.83ns	0.25	0	0	1.57 KB

Benchmarks.Trace.Log4netBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	117μs	153ns	572ns	0.0583	0	0	4.28 KB
master	EnrichedLog	netcoreapp3.1	123μs	189ns	709ns	0	0	0	4.28 KB
master	EnrichedLog	net472	152μs	45.3ns	164ns	0.68	0.227	0	4.46 KB
#6340	EnrichedLog	net6.0	120μs	193ns	747ns	0	0	0	4.28 KB
#6340	EnrichedLog	netcoreapp3.1	123μs	243ns	909ns	0	0	0	4.28 KB
#6340	EnrichedLog	net472	150μs	134ns	520ns	0.671	0.224	0	4.46 KB

Benchmarks.Trace.NLogBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	3.15μs	0.972ns	3.77ns	0.03	0	0	2.2 KB
master	EnrichedLog	netcoreapp3.1	4.22μs	1.59ns	6.17ns	0.0295	0	0	2.2 KB
master	EnrichedLog	net472	4.93μs	2.01ns	7.79ns	0.32	0	0	2.02 KB
#6340	EnrichedLog	net6.0	3.05μs	0.602ns	2.25ns	0.031	0	0	2.2 KB
#6340	EnrichedLog	netcoreapp3.1	4.21μs	1.22ns	4.58ns	0.0293	0	0	2.2 KB
#6340	EnrichedLog	net472	4.91μs	0.873ns	3.15ns	0.32	0	0	2.02 KB

Benchmarks.Trace.RedisBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	SendReceive	net6.0	1.32μs	0.798ns	2.88ns	0.0159	0	0	1.14 KB
master	SendReceive	netcoreapp3.1	1.74μs	0.448ns	1.68ns	0.0156	0	0	1.14 KB
master	SendReceive	net472	2.16μs	1.02ns	3.96ns	0.183	0	0	1.16 KB
#6340	SendReceive	net6.0	1.38μs	1.19ns	4.43ns	0.0158	0	0	1.14 KB
#6340	SendReceive	netcoreapp3.1	1.8μs	0.913ns	3.29ns	0.0153	0	0	1.14 KB
#6340	SendReceive	net472	2.21μs	2.54ns	9.83ns	0.183	0	0	1.16 KB

Benchmarks.Trace.SerilogBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	2.73μs	0.819ns	3.17ns	0.0218	0	0	1.6 KB
master	EnrichedLog	netcoreapp3.1	3.74μs	2.37ns	9.2ns	0.0205	0	0	1.65 KB
master	EnrichedLog	net472	4.44μs	1.33ns	4.98ns	0.323	0	0	2.04 KB
#6340	EnrichedLog	net6.0	2.78μs	0.915ns	3.54ns	0.0222	0	0	1.6 KB
#6340	EnrichedLog	netcoreapp3.1	3.89μs	0.894ns	3.46ns	0.0214	0	0	1.65 KB
#6340	EnrichedLog	net472	4.58μs	0.831ns	3ns	0.323	0	0	2.04 KB

Benchmarks.Trace.SpanBenchmark - Slower ⚠️ Same allocations ✔️

Slower ⚠️ in #6340

Benchmark	diff/base	Base Median (ns)	Diff Median (ns)	Modality
Benchmarks.Trace.SpanBenchmark.StartFinishSpan‑netcoreapp3.1	1.119	592.18	662.74

Faster 🎉 in #6340

Benchmark	base/diff	Base Median (ns)	Diff Median (ns)	Modality
Benchmarks.Trace.SpanBenchmark.StartFinishScope‑net472	1.127	940.88	834.76
Benchmarks.Trace.SpanBenchmark.StartFinishSpan‑net6.0	1.118	451.76	404.12

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	StartFinishSpan	net6.0	452ns	0.363ns	1.4ns	0.00807	0	0	576 B
master	StartFinishSpan	netcoreapp3.1	588ns	2.7ns	10.1ns	0.00773	0	0	576 B
master	StartFinishSpan	net472	663ns	0.871ns	3.26ns	0.0916	0	0	578 B
master	StartFinishScope	net6.0	482ns	1.05ns	4.07ns	0.00976	0	0	696 B
master	StartFinishScope	netcoreapp3.1	778ns	1.41ns	5.45ns	0.00935	0	0	696 B
master	StartFinishScope	net472	939ns	1.39ns	5.37ns	0.104	0	0	658 B
#6340	StartFinishSpan	net6.0	404ns	0.529ns	2.05ns	0.00806	0	0	576 B
#6340	StartFinishSpan	netcoreapp3.1	660ns	2.04ns	7.9ns	0.00786	0	0	576 B
#6340	StartFinishSpan	net472	700ns	1.73ns	6.71ns	0.0915	0	0	578 B
#6340	StartFinishScope	net6.0	476ns	0.654ns	2.53ns	0.0098	0	0	696 B
#6340	StartFinishScope	netcoreapp3.1	753ns	1.11ns	4.32ns	0.00939	0	0	696 B
#6340	StartFinishScope	net472	832ns	1.79ns	6.93ns	0.104	0	0	658 B

Benchmarks.Trace.TraceAnnotationsBenchmark - Slower ⚠️ Same allocations ✔️

Slower ⚠️ in #6340

Benchmark	diff/base	Base Median (ns)	Diff Median (ns)	Modality
Benchmarks.Trace.TraceAnnotationsBenchmark.RunOnMethodBegin‑net6.0	1.114	637.96	710.68

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	RunOnMethodBegin	net6.0	636ns	1.43ns	5.55ns	0.00977	0	0	696 B
master	RunOnMethodBegin	netcoreapp3.1	982ns	1.11ns	4.29ns	0.00935	0	0	696 B
master	RunOnMethodBegin	net472	1.1μs	2.46ns	9.52ns	0.104	0	0	658 B
#6340	RunOnMethodBegin	net6.0	711ns	0.772ns	2.99ns	0.00976	0	0	696 B
#6340	RunOnMethodBegin	netcoreapp3.1	971ns	2.09ns	8.08ns	0.00922	0	0	696 B
#6340	RunOnMethodBegin	net472	1.09μs	2.92ns	11.3ns	0.104	0	0	658 B

[andrewlock]

Benchmarks Report for appsec 🐌

Benchmarks for #6340 compared to master:

• 1 benchmarks are slower, with geometric mean 1.216
• 1 benchmarks have fewer allocations
• 1 benchmarks have more allocations

The following thresholds were used for comparing the benchmark speeds:

• Mann–Whitney U test with statistical test for significance of 5%
• Only results indicating a difference greater than 10% and 0.3 ns are considered.

Allocation changes below 0.5% are ignored.

Benchmark details

Benchmarks.Trace.Asm.AppSecBodyBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	AllCycleSimpleBody	net6.0	215μs	72.9ns	273ns	2.47	0	0	176.82 KB
master	AllCycleSimpleBody	netcoreapp3.1	318μs	229ns	825ns	2.44	0	0	184.26 KB
master	AllCycleSimpleBody	net472	279μs	95.2ns	343ns	33.3	2.53	0	210.04 KB
master	AllCycleMoreComplexBody	net6.0	220μs	98.5ns	369ns	2.54	0	0	180.33 KB
master	AllCycleMoreComplexBody	netcoreapp3.1	331μs	86.5ns	324ns	2.49	0	0	187.68 KB
master	AllCycleMoreComplexBody	net472	286μs	144ns	518ns	33.8	2.58	0	213.56 KB
master	ObjectExtractorSimpleBody	net6.0	140ns	0.0778ns	0.291ns	0.00395	0	0	280 B
master	ObjectExtractorSimpleBody	netcoreapp3.1	210ns	0.153ns	0.573ns	0.00359	0	0	272 B
master	ObjectExtractorSimpleBody	net472	211ns	0.21ns	0.784ns	0.0446	0	0	281 B
master	ObjectExtractorMoreComplexBody	net6.0	3.04μs	2.02ns	7.83ns	0.0541	0	0	3.78 KB
master	ObjectExtractorMoreComplexBody	netcoreapp3.1	3.89μs	1.71ns	6.63ns	0.0506	0	0	3.69 KB
master	ObjectExtractorMoreComplexBody	net472	4.43μs	2.73ns	10.6ns	0.603	0.00665	0	3.8 KB
#6340	AllCycleSimpleBody	net6.0	217μs	118ns	455ns	2.5	0.109	0	176.82 KB
#6340	AllCycleSimpleBody	netcoreapp3.1	318μs	49.4ns	178ns	2.4	0	0	184.26 KB
#6340	AllCycleSimpleBody	net472	286μs	75.3ns	282ns	33.4	2.55	0	210.04 KB
#6340	AllCycleMoreComplexBody	net6.0	227μs	59.6ns	223ns	2.48	0	0	180.33 KB
#6340	AllCycleMoreComplexBody	netcoreapp3.1	324μs	123ns	443ns	2.5	0	0	187.68 KB
#6340	AllCycleMoreComplexBody	net472	294μs	138ns	533ns	33.8	2.51	0	213.56 KB
#6340	ObjectExtractorSimpleBody	net6.0	140ns	0.0909ns	0.352ns	0.00393	0	0	280 B
#6340	ObjectExtractorSimpleBody	netcoreapp3.1	211ns	0.125ns	0.486ns	0.00372	0	0	272 B
#6340	ObjectExtractorSimpleBody	net472	212ns	0.148ns	0.573ns	0.0446	0	0	281 B
#6340	ObjectExtractorMoreComplexBody	net6.0	2.99μs	1.67ns	6.03ns	0.0537	0	0	3.78 KB
#6340	ObjectExtractorMoreComplexBody	netcoreapp3.1	4.08μs	1.71ns	6.18ns	0.0489	0	0	3.69 KB
#6340	ObjectExtractorMoreComplexBody	net472	4.48μs	2.43ns	9.42ns	0.601	0.00447	0	3.8 KB

Benchmarks.Trace.Asm.AppSecEncoderBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EncodeArgs	net6.0	37.2μs	19.3ns	74.7ns	0.465	0	0	32.4 KB
master	EncodeArgs	netcoreapp3.1	54.5μs	17.2ns	66.6ns	0.435	0	0	32.4 KB
master	EncodeArgs	net472	66μs	81.1ns	314ns	5.15	0.066	0	32.5 KB
master	EncodeLegacyArgs	net6.0	71.8μs	30.1ns	117ns	0	0	0	2.14 KB
master	EncodeLegacyArgs	netcoreapp3.1	104μs	498ns	1.93μs	0	0	0	2.14 KB
master	EncodeLegacyArgs	net472	156μs	65.6ns	246ns	0.309	0	0	2.15 KB
#6340	EncodeArgs	net6.0	37.7μs	11.5ns	43.1ns	0.451	0	0	32.4 KB
#6340	EncodeArgs	netcoreapp3.1	54.5μs	33.1ns	128ns	0.433	0	0	32.4 KB
#6340	EncodeArgs	net472	67.3μs	25.3ns	91.2ns	5.14	0.0672	0	32.5 KB
#6340	EncodeLegacyArgs	net6.0	76.4μs	26.6ns	99.6ns	0	0	0	2.14 KB
#6340	EncodeLegacyArgs	netcoreapp3.1	104μs	58.9ns	220ns	0	0	0	2.14 KB
#6340	EncodeLegacyArgs	net472	159μs	67.5ns	253ns	0.316	0	0	2.15 KB

Benchmarks.Trace.Asm.AppSecWafBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	RunWafRealisticBenchmark	net6.0	182μs	218ns	846ns	0	0	0	2.44 KB
master	RunWafRealisticBenchmark	netcoreapp3.1	195μs	85.6ns	320ns	0	0	0	2.39 KB
master	RunWafRealisticBenchmark	net472	208μs	35.7ns	134ns	0.311	0	0	2.46 KB
master	RunWafRealisticBenchmarkWithAttack	net6.0	122μs	41.7ns	150ns	0	0	0	1.47 KB
master	RunWafRealisticBenchmarkWithAttack	netcoreapp3.1	129μs	160ns	619ns	0	0	0	1.46 KB
master	RunWafRealisticBenchmarkWithAttack	net472	139μs	39.8ns	149ns	0.209	0	0	1.49 KB
#6340	RunWafRealisticBenchmark	net6.0	183μs	197ns	764ns	0	0	0	2.44 KB
#6340	RunWafRealisticBenchmark	netcoreapp3.1	197μs	187ns	724ns	0	0	0	2.39 KB
#6340	RunWafRealisticBenchmark	net472	213μs	96.3ns	334ns	0.319	0	0	2.46 KB
#6340	RunWafRealisticBenchmarkWithAttack	net6.0	123μs	101ns	391ns	0	0	0	1.47 KB
#6340	RunWafRealisticBenchmarkWithAttack	netcoreapp3.1	130μs	158ns	611ns	0	0	0	1.46 KB
#6340	RunWafRealisticBenchmarkWithAttack	net472	142μs	38.5ns	133ns	0.212	0	0	1.49 KB

Benchmarks.Trace.Iast.StringAspectsBenchmark - Slower ⚠️ More allocations ⚠️

Slower ⚠️ in #6340

Benchmark	diff/base	Base Median (ns)	Diff Median (ns)	Modality
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatBenchmark‑netcoreapp3.1	1.216	53,700.00	65,300.00	bimodal

More allocations ⚠️ in #6340

Benchmark	Base Allocated	Diff Allocated	Change	Change %
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatAspectBenchmark‑net6.0	253.39 KB	254.85 KB	1.46 KB	0.57%

Fewer allocations 🎉 in #6340

Benchmark	Base Allocated	Diff Allocated	Change	Change %
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatBenchmark‑net472	62.16 KB	57.67 KB	-4.49 KB	-7.22%

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	StringConcatBenchmark	net6.0	58.9μs	534ns	5.34μs	0	0	0	43.44 KB
master	StringConcatBenchmark	netcoreapp3.1	53.9μs	170ns	700ns	0	0	0	42.64 KB
master	StringConcatBenchmark	net472	37.5μs	169ns	653ns	0	0	0	62.16 KB
master	StringConcatAspectBenchmark	net6.0	299μs	1.66μs	10.8μs	0	0	0	253.39 KB
master	StringConcatAspectBenchmark	netcoreapp3.1	344μs	1.9μs	16.6μs	0	0	0	253.57 KB
master	StringConcatAspectBenchmark	net472	286μs	5μs	47.9μs	0	0	0	278.53 KB
#6340	StringConcatBenchmark	net6.0	62.2μs	892ns	8.92μs	0	0	0	43.44 KB
#6340	StringConcatBenchmark	netcoreapp3.1	66.3μs	937ns	9.32μs	0	0	0	42.64 KB
#6340	StringConcatBenchmark	net472	38.3μs	111ns	446ns	0	0	0	57.67 KB
#6340	StringConcatAspectBenchmark	net6.0	317μs	1.58μs	9.48μs	0	0	0	254.85 KB
#6340	StringConcatAspectBenchmark	netcoreapp3.1	326μs	6.94μs	68μs	0	0	0	253.17 KB
#6340	StringConcatAspectBenchmark	net472	302μs	6.8μs	67.3μs	0	0	0	278.53 KB