Add support for scanning jar from loaded class

[jpbempel]

What Does This Do

when a class is loaded we are now locating the jar containing the
class and push the jar to a queue to be scanned by a background thread
like for the initial process of SymDB enablement
Add more information into SymDB report of total class count processed
total jars scanned and histogram of class count by scanned jar

Motivation

Additional Notes

Contributor Checklist

• Format the title according the contribution guidelines
• Assign the type: and (comp: or inst:) labels in addition to any usefull labels
• Don't use close, fix or any linking keywords when referencing an issue.
  Use solves instead, and assign the PR milestone to the issue
• Update the public documentation in case of new configuration flag or behavior

Jira ticket: [PROJ-IDENT]

[pr-commenter]

Debugger benchmarks

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
ci_job_date	1740574746	1740575116
end_time	2025-02-26T13:00:24	2025-02-26T13:06:33
git_branch	master	jpbempel/symdb-scan-jar
git_commit_sha	cb1d8ed	62c40a3
start_time	2025-02-26T12:59:07	2025-02-26T13:05:17

See matching parameters

	Baseline	Candidate
ci_job_id	823806000	823806000
ci_pipeline_id	57037809	57037809
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
git_commit_date	1740573979	1740573979

Summary

Found 0 performance improvements and 4 performance regressions! Performance is the same for 4 metrics, 7 unstable metrics.

scenario	Δ mean agg_http_req_duration_min	Δ mean agg_http_req_duration_p50	Δ mean agg_http_req_duration_p75	Δ mean agg_http_req_duration_p99	Δ mean throughput
scenario:loop	worse [+163.228µs; +265.361µs] or [+1.634%; +2.657%]	worse [+173.312µs; +291.009µs] or [+1.710%; +2.871%]	worse [+179.749µs; +326.977µs] or [+1.757%; +3.195%]	worse [+146.217µs; +506.516µs] or [+1.391%; +4.820%]	unsure [-3.233op/s; -0.465op/s] or [-3.330%; -0.479%]

See unchanged results

scenario	Δ mean agg_http_req_duration_min	Δ mean agg_http_req_duration_p50	Δ mean agg_http_req_duration_p75	Δ mean agg_http_req_duration_p99	Δ mean throughput
scenario:noprobe	unstable [-39.208µs; +35.149µs] or [-14.008%; +12.558%]	unstable [-53.887µs; +46.353µs] or [-16.801%; +14.453%]	unstable [-68.568µs; +58.268µs] or [-20.307%; +17.257%]	unstable [-145.684µs; +88.193µs] or [-23.276%; +14.091%]	unstable [-97.805op/s; +164.405op/s] or [-3.814%; +6.412%]
scenario:basic	same	same	same	unstable [-51.838µs; +39.995µs] or [-9.238%; +7.127%]	unstable [-126.847op/s; +248.798op/s] or [-5.201%; +10.201%]

Request duration reports for reports

gantt
    title reports - request duration [CI 0.99] : candidate=None, baseline=None
    dateFormat X
    axisFormat %s
section baseline
noprobe (320.726 µs) : 271, 370
.   : milestone, 321,
basic (317.455 µs) : 306, 329
.   : milestone, 317,
loop (10.136 ms) : 10092, 10180
.   : milestone, 10136,
section candidate
noprobe (316.959 µs) : 271, 363
.   : milestone, 317,
basic (312.348 µs) : 303, 321
.   : milestone, 312,
loop (10.368 ms) : 10304, 10431
.   : milestone, 10368,

Loading

• baseline results

Scenario	Request median duration [CI 0.99]
noprobe	320.726 µs [271.126 µs, 370.326 µs]
basic	317.455 µs [306.329 µs, 328.581 µs]
loop	10.136 ms [10.092 ms, 10.18 ms]

• candidate results

Scenario	Request median duration [CI 0.99]
noprobe	316.959 µs [271.101 µs, 362.817 µs]
basic	312.348 µs [303.381 µs, 321.314 µs]
loop	10.368 ms [10.304 ms, 10.431 ms]

[pr-commenter]

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	jpbempel/symdb-scan-jar
git_commit_date	1740573851	1740573979
git_commit_sha	cb1d8ed	62c40a3
release_version	1.47.0-SNAPSHOT~cb1d8ed79d	1.47.0-SNAPSHOT~62c40a3a4c

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1740576506	1740576506
ci_job_id	823805994	823805994
ci_pipeline_id	57037809	57037809
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-ot4zckib-project-304-concurrent-0-yl5b75jr 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-ot4zckib-project-304-concurrent-0-yl5b75jr 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
module	Agent	Agent
parent	None	None
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 59 metrics, 4 unstable metrics.

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.47.0-SNAPSHOT~62c40a3a4c, baseline=1.47.0-SNAPSHOT~cb1d8ed79d

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.051 s) : 0, 1050991
Total [baseline] (8.691 s) : 0, 8691230
Agent [candidate] (1.057 s) : 0, 1057238
Total [candidate] (8.702 s) : 0, 8702474
section iast
Agent [baseline] (1.169 s) : 0, 1169303
Total [baseline] (9.214 s) : 0, 9214243
Agent [candidate] (1.17 s) : 0, 1169749
Total [candidate] (9.164 s) : 0, 9163874
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.175 s) : 0, 1175158
Total [baseline] (9.184 s) : 0, 9184429
Agent [candidate] (1.172 s) : 0, 1172362
Total [candidate] (9.168 s) : 0, 9168374
section iast_TELEMETRY_OFF
Agent [baseline] (1.168 s) : 0, 1167663
Total [baseline] (9.184 s) : 0, 9183679
Agent [candidate] (1.169 s) : 0, 1169134
Total [candidate] (9.195 s) : 0, 9195101

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.051 s	-
Agent	iast	1.169 s	118.313 ms (11.3%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.175 s	124.167 ms (11.8%)
Agent	iast_TELEMETRY_OFF	1.168 s	116.672 ms (11.1%)
Total	tracing	8.691 s	-
Total	iast	9.214 s	523.013 ms (6.0%)
Total	iast_HARDCODED_SECRET_DISABLED	9.184 s	493.199 ms (5.7%)
Total	iast_TELEMETRY_OFF	9.184 s	492.449 ms (5.7%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.057 s	-
Agent	iast	1.17 s	112.51 ms (10.6%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.172 s	115.124 ms (10.9%)
Agent	iast_TELEMETRY_OFF	1.169 s	111.896 ms (10.6%)
Total	tracing	8.702 s	-
Total	iast	9.164 s	461.401 ms (5.3%)
Total	iast_HARDCODED_SECRET_DISABLED	9.168 s	465.9 ms (5.4%)
Total	iast_TELEMETRY_OFF	9.195 s	492.627 ms (5.7%)

gantt
    title insecure-bank - break down per module: candidate=1.47.0-SNAPSHOT~62c40a3a4c, baseline=1.47.0-SNAPSHOT~cb1d8ed79d

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (726.357 ms) : 0, 726357
BytebuddyAgent [candidate] (726.718 ms) : 0, 726718
GlobalTracer [baseline] (241.642 ms) : 0, 241642
GlobalTracer [candidate] (246.622 ms) : 0, 246622
AppSec [baseline] (56.255 ms) : 0, 56255
AppSec [candidate] (55.955 ms) : 0, 55955
Remote Config [baseline] (711.781 µs) : 0, 712
Remote Config [candidate] (741.723 µs) : 0, 742
Telemetry [baseline] (10.891 ms) : 0, 10891
Telemetry [candidate] (11.751 ms) : 0, 11751
section iast
BytebuddyAgent [baseline] (835.539 ms) : 0, 835539
BytebuddyAgent [candidate] (833.17 ms) : 0, 833170
GlobalTracer [baseline] (229.262 ms) : 0, 229262
GlobalTracer [candidate] (232.465 ms) : 0, 232465
AppSec [baseline] (57.283 ms) : 0, 57283
AppSec [candidate] (56.72 ms) : 0, 56720
Remote Config [baseline] (616.16 µs) : 0, 616
Remote Config [candidate] (613.767 µs) : 0, 614
Telemetry [baseline] (8.785 ms) : 0, 8785
Telemetry [candidate] (8.672 ms) : 0, 8672
IAST [baseline] (22.903 ms) : 0, 22903
IAST [candidate] (22.907 ms) : 0, 22907
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (840.312 ms) : 0, 840312
BytebuddyAgent [candidate] (833.525 ms) : 0, 833525
GlobalTracer [baseline] (230.117 ms) : 0, 230117
GlobalTracer [candidate] (233.861 ms) : 0, 233861
AppSec [baseline] (57.037 ms) : 0, 57037
AppSec [candidate] (57.465 ms) : 0, 57465
Remote Config [baseline] (612.202 µs) : 0, 612
Remote Config [candidate] (628.55 µs) : 0, 629
Telemetry [baseline] (8.77 ms) : 0, 8770
Telemetry [candidate] (8.744 ms) : 0, 8744
IAST [baseline] (23.138 ms) : 0, 23138
IAST [candidate] (22.943 ms) : 0, 22943
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (833.36 ms) : 0, 833360
BytebuddyAgent [candidate] (831.907 ms) : 0, 831907
GlobalTracer [baseline] (230.614 ms) : 0, 230614
GlobalTracer [candidate] (233.45 ms) : 0, 233450
AppSec [baseline] (52.455 ms) : 0, 52455
AppSec [candidate] (53.871 ms) : 0, 53871
Remote Config [baseline] (611.485 µs) : 0, 611
Remote Config [candidate] (618.804 µs) : 0, 619
Telemetry [baseline] (8.62 ms) : 0, 8620
Telemetry [candidate] (8.624 ms) : 0, 8624
IAST [baseline] (26.983 ms) : 0, 26983
IAST [candidate] (25.368 ms) : 0, 25368

Loading

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.47.0-SNAPSHOT~62c40a3a4c, baseline=1.47.0-SNAPSHOT~cb1d8ed79d

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.037 s) : 0, 1036696
Total [baseline] (10.386 s) : 0, 10385532
Agent [candidate] (1.047 s) : 0, 1047231
Total [candidate] (10.514 s) : 0, 10514399
section appsec
Agent [baseline] (1.185 s) : 0, 1185212
Total [baseline] (10.75 s) : 0, 10750192
Agent [candidate] (1.191 s) : 0, 1190551
Total [candidate] (10.753 s) : 0, 10753392
section iast
Agent [baseline] (1.17 s) : 0, 1169606
Total [baseline] (11.076 s) : 0, 11076420
Agent [candidate] (1.172 s) : 0, 1172092
Total [candidate] (11.028 s) : 0, 11028282
section profiling
Agent [baseline] (1.259 s) : 0, 1259494
Total [baseline] (10.821 s) : 0, 10820640
Agent [candidate] (1.269 s) : 0, 1269004
Total [candidate] (10.923 s) : 0, 10923169

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.037 s	-
Agent	appsec	1.185 s	148.516 ms (14.3%)
Agent	iast	1.17 s	132.909 ms (12.8%)
Agent	profiling	1.259 s	222.798 ms (21.5%)
Total	tracing	10.386 s	-
Total	appsec	10.75 s	364.66 ms (3.5%)
Total	iast	11.076 s	690.888 ms (6.7%)
Total	profiling	10.821 s	435.108 ms (4.2%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.047 s	-
Agent	appsec	1.191 s	143.321 ms (13.7%)
Agent	iast	1.172 s	124.861 ms (11.9%)
Agent	profiling	1.269 s	221.774 ms (21.2%)
Total	tracing	10.514 s	-
Total	appsec	10.753 s	238.993 ms (2.3%)
Total	iast	11.028 s	513.883 ms (4.9%)
Total	profiling	10.923 s	408.77 ms (3.9%)

gantt
    title petclinic - break down per module: candidate=1.47.0-SNAPSHOT~62c40a3a4c, baseline=1.47.0-SNAPSHOT~cb1d8ed79d

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (715.703 ms) : 0, 715703
BytebuddyAgent [candidate] (720.63 ms) : 0, 720630
GlobalTracer [baseline] (238.302 ms) : 0, 238302
GlobalTracer [candidate] (244.274 ms) : 0, 244274
AppSec [baseline] (55.643 ms) : 0, 55643
AppSec [candidate] (55.502 ms) : 0, 55502
Remote Config [baseline] (693.872 µs) : 0, 694
Remote Config [candidate] (718.057 µs) : 0, 718
Telemetry [baseline] (11.406 ms) : 0, 11406
Telemetry [candidate] (10.838 ms) : 0, 10838
section appsec
BytebuddyAgent [baseline] (736.744 ms) : 0, 736744
BytebuddyAgent [candidate] (737.419 ms) : 0, 737419
GlobalTracer [baseline] (236.648 ms) : 0, 236648
GlobalTracer [candidate] (241.226 ms) : 0, 241226
AppSec [baseline] (177.208 ms) : 0, 177208
AppSec [candidate] (176.736 ms) : 0, 176736
Remote Config [baseline] (655.733 µs) : 0, 656
Remote Config [candidate] (657.749 µs) : 0, 658
Telemetry [baseline] (8.284 ms) : 0, 8284
Telemetry [candidate] (8.259 ms) : 0, 8259
IAST [baseline] (21.284 ms) : 0, 21284
IAST [candidate] (21.932 ms) : 0, 21932
section iast
BytebuddyAgent [baseline] (834.478 ms) : 0, 834478
BytebuddyAgent [candidate] (834.511 ms) : 0, 834511
GlobalTracer [baseline] (229.773 ms) : 0, 229773
GlobalTracer [candidate] (233.086 ms) : 0, 233086
AppSec [baseline] (57.648 ms) : 0, 57648
AppSec [candidate] (57.08 ms) : 0, 57080
Remote Config [baseline] (626.636 µs) : 0, 627
Remote Config [candidate] (620.056 µs) : 0, 620
Telemetry [baseline] (8.876 ms) : 0, 8876
Telemetry [candidate] (8.744 ms) : 0, 8744
IAST [baseline] (23.227 ms) : 0, 23227
IAST [candidate] (22.805 ms) : 0, 22805
section profiling
BytebuddyAgent [baseline] (707.761 ms) : 0, 707761
BytebuddyAgent [candidate] (711.311 ms) : 0, 711311
GlobalTracer [baseline] (350.261 ms) : 0, 350261
GlobalTracer [candidate] (354.729 ms) : 0, 354729
AppSec [baseline] (55.591 ms) : 0, 55591
AppSec [candidate] (54.632 ms) : 0, 54632
Remote Config [baseline] (675.206 µs) : 0, 675
Remote Config [candidate] (704.056 µs) : 0, 704
Telemetry [baseline] (8.98 ms) : 0, 8980
Telemetry [candidate] (8.914 ms) : 0, 8914
ProfilingAgent [baseline] (96.061 ms) : 0, 96061
ProfilingAgent [candidate] (96.234 ms) : 0, 96234
Profiling [baseline] (96.086 ms) : 0, 96086
Profiling [candidate] (96.259 ms) : 0, 96259

Loading

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
end_time	2025-02-26T12:58:43	2025-02-26T13:05:49
git_branch	master	jpbempel/symdb-scan-jar
git_commit_date	1740573851	1740573979
git_commit_sha	cb1d8ed	62c40a3
release_version	1.47.0-SNAPSHOT~cb1d8ed79d	1.47.0-SNAPSHOT~62c40a3a4c
start_time	2025-02-26T12:58:29	2025-02-26T13:05:35

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1740575507	1740575507
ci_job_id	823805995	823805995
ci_pipeline_id	57037809	57037809
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-ot4zckib-project-304-concurrent-1-gzqmmuqu 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-ot4zckib-project-304-concurrent-1-gzqmmuqu 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 16 unstable metrics.

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.47.0-SNAPSHOT~62c40a3a4c, baseline=1.47.0-SNAPSHOT~cb1d8ed79d
    dateFormat X
    axisFormat %s
section baseline
no_agent (386.763 µs) : 367, 406
.   : milestone, 387,
iast (514.208 µs) : 493, 536
.   : milestone, 514,
iast_FULL (731.172 µs) : 709, 753
.   : milestone, 731,
iast_GLOBAL (561.335 µs) : 539, 583
.   : milestone, 561,
iast_HARDCODED_SECRET_DISABLED (515.184 µs) : 494, 537
.   : milestone, 515,
iast_INACTIVE (465.995 µs) : 445, 487
.   : milestone, 466,
iast_TELEMETRY_OFF (509.394 µs) : 486, 533
.   : milestone, 509,
tracing (459.611 µs) : 438, 481
.   : milestone, 460,
section candidate
no_agent (381.395 µs) : 361, 402
.   : milestone, 381,
iast (512.334 µs) : 490, 534
.   : milestone, 512,
iast_FULL (740.268 µs) : 718, 762
.   : milestone, 740,
iast_GLOBAL (563.352 µs) : 541, 586
.   : milestone, 563,
iast_HARDCODED_SECRET_DISABLED (506.888 µs) : 485, 528
.   : milestone, 507,
iast_INACTIVE (465.931 µs) : 444, 487
.   : milestone, 466,
iast_TELEMETRY_OFF (503.227 µs) : 481, 526
.   : milestone, 503,
tracing (458.662 µs) : 437, 480
.   : milestone, 459,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	386.763 µs [367.14 µs, 406.386 µs]	-
iast	514.208 µs [492.701 µs, 535.714 µs]	127.445 µs (33.0%)
iast_FULL	731.172 µs [709.222 µs, 753.121 µs]	344.409 µs (89.0%)
iast_GLOBAL	561.335 µs [539.316 µs, 583.353 µs]	174.572 µs (45.1%)
iast_HARDCODED_SECRET_DISABLED	515.184 µs [493.564 µs, 536.804 µs]	128.422 µs (33.2%)
iast_INACTIVE	465.995 µs [444.897 µs, 487.092 µs]	79.232 µs (20.5%)
iast_TELEMETRY_OFF	509.394 µs [485.831 µs, 532.956 µs]	122.631 µs (31.7%)
tracing	459.611 µs [438.329 µs, 480.893 µs]	72.848 µs (18.8%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	381.395 µs [361.036 µs, 401.753 µs]	-
iast	512.334 µs [490.328 µs, 534.339 µs]	130.939 µs (34.3%)
iast_FULL	740.268 µs [718.482 µs, 762.054 µs]	358.873 µs (94.1%)
iast_GLOBAL	563.352 µs [540.754 µs, 585.95 µs]	181.957 µs (47.7%)
iast_HARDCODED_SECRET_DISABLED	506.888 µs [485.31 µs, 528.465 µs]	125.493 µs (32.9%)
iast_INACTIVE	465.931 µs [444.497 µs, 487.364 µs]	84.536 µs (22.2%)
iast_TELEMETRY_OFF	503.227 µs [480.5 µs, 525.953 µs]	121.832 µs (31.9%)
tracing	458.662 µs [437.206 µs, 480.117 µs]	77.267 µs (20.3%)

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.47.0-SNAPSHOT~62c40a3a4c, baseline=1.47.0-SNAPSHOT~cb1d8ed79d
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.351 ms) : 1331, 1371
.   : milestone, 1351,
appsec (1.749 ms) : 1725, 1773
.   : milestone, 1749,
appsec_no_iast (1.772 ms) : 1748, 1796
.   : milestone, 1772,
iast (1.507 ms) : 1483, 1531
.   : milestone, 1507,
profiling (1.545 ms) : 1520, 1571
.   : milestone, 1545,
tracing (1.493 ms) : 1469, 1517
.   : milestone, 1493,
section candidate
no_agent (1.359 ms) : 1340, 1378
.   : milestone, 1359,
appsec (1.753 ms) : 1730, 1777
.   : milestone, 1753,
appsec_no_iast (1.744 ms) : 1720, 1767
.   : milestone, 1744,
iast (1.505 ms) : 1481, 1530
.   : milestone, 1505,
profiling (1.527 ms) : 1502, 1552
.   : milestone, 1527,
tracing (1.488 ms) : 1463, 1513
.   : milestone, 1488,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.351 ms [1.331 ms, 1.371 ms]	-
appsec	1.749 ms [1.725 ms, 1.773 ms]	397.926 µs (29.5%)
appsec_no_iast	1.772 ms [1.748 ms, 1.796 ms]	420.938 µs (31.2%)
iast	1.507 ms [1.483 ms, 1.531 ms]	156.078 µs (11.6%)
profiling	1.545 ms [1.52 ms, 1.571 ms]	194.224 µs (14.4%)
tracing	1.493 ms [1.469 ms, 1.517 ms]	141.581 µs (10.5%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.359 ms [1.34 ms, 1.378 ms]	-
appsec	1.753 ms [1.73 ms, 1.777 ms]	394.13 µs (29.0%)
appsec_no_iast	1.744 ms [1.72 ms, 1.767 ms]	384.468 µs (28.3%)
iast	1.505 ms [1.481 ms, 1.53 ms]	146.125 µs (10.8%)
profiling	1.527 ms [1.502 ms, 1.552 ms]	167.725 µs (12.3%)
tracing	1.488 ms [1.463 ms, 1.513 ms]	129.184 µs (9.5%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	jpbempel/symdb-scan-jar
git_commit_date	1740573851	1740573979
git_commit_sha	cb1d8ed	62c40a3
release_version	1.47.0-SNAPSHOT~cb1d8ed79d	1.47.0-SNAPSHOT~62c40a3a4c

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1740576001	1740576001
ci_job_id	823805996	823805996
ci_pipeline_id	57037809	57037809
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-2rtlzjgm-project-304-concurrent-0-d4p4dgbe 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-2rtlzjgm-project-304-concurrent-0-d4p4dgbe 6.8.0-1021-aws #23~22.04.1-Ubuntu SMP Tue Dec 10 16:50:46 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
variant	appsec	appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.47.0-SNAPSHOT~62c40a3a4c, baseline=1.47.0-SNAPSHOT~cb1d8ed79d
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.879 s) : 14879000, 14879000
.   : milestone, 14879000,
appsec (14.926 s) : 14926000, 14926000
.   : milestone, 14926000,
iast (19.101 s) : 19101000, 19101000
.   : milestone, 19101000,
iast_GLOBAL (17.822 s) : 17822000, 17822000
.   : milestone, 17822000,
profiling (14.965 s) : 14965000, 14965000
.   : milestone, 14965000,
tracing (14.968 s) : 14968000, 14968000
.   : milestone, 14968000,
section candidate
no_agent (15.231 s) : 15231000, 15231000
.   : milestone, 15231000,
appsec (14.903 s) : 14903000, 14903000
.   : milestone, 14903000,
iast (18.58 s) : 18580000, 18580000
.   : milestone, 18580000,
iast_GLOBAL (18.081 s) : 18081000, 18081000
.   : milestone, 18081000,
profiling (14.963 s) : 14963000, 14963000
.   : milestone, 14963000,
tracing (15.014 s) : 15014000, 15014000
.   : milestone, 15014000,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	14.879 s [14.879 s, 14.879 s]	-
appsec	14.926 s [14.926 s, 14.926 s]	47.0 ms (0.3%)
iast	19.101 s [19.101 s, 19.101 s]	4.222 s (28.4%)
iast_GLOBAL	17.822 s [17.822 s, 17.822 s]	2.943 s (19.8%)
profiling	14.965 s [14.965 s, 14.965 s]	86.0 ms (0.6%)
tracing	14.968 s [14.968 s, 14.968 s]	89.0 ms (0.6%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.231 s [15.231 s, 15.231 s]	-
appsec	14.903 s [14.903 s, 14.903 s]	-328.0 ms (-2.2%)
iast	18.58 s [18.58 s, 18.58 s]	3.349 s (22.0%)
iast_GLOBAL	18.081 s [18.081 s, 18.081 s]	2.85 s (18.7%)
profiling	14.963 s [14.963 s, 14.963 s]	-268.0 ms (-1.8%)
tracing	15.014 s [15.014 s, 15.014 s]	-217.0 ms (-1.4%)

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.47.0-SNAPSHOT~62c40a3a4c, baseline=1.47.0-SNAPSHOT~cb1d8ed79d
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.477 ms) : 1465, 1488
.   : milestone, 1477,
appsec (2.363 ms) : 2319, 2406
.   : milestone, 2363,
iast (2.113 ms) : 2058, 2169
.   : milestone, 2113,
iast_GLOBAL (2.161 ms) : 2106, 2216
.   : milestone, 2161,
profiling (1.981 ms) : 1937, 2026
.   : milestone, 1981,
tracing (1.945 ms) : 1903, 1987
.   : milestone, 1945,
section candidate
no_agent (1.477 ms) : 1465, 1489
.   : milestone, 1477,
appsec (2.353 ms) : 2309, 2396
.   : milestone, 2353,
iast (2.112 ms) : 2057, 2167
.   : milestone, 2112,
iast_GLOBAL (2.157 ms) : 2102, 2213
.   : milestone, 2157,
profiling (1.976 ms) : 1932, 2019
.   : milestone, 1976,
tracing (1.942 ms) : 1900, 1984
.   : milestone, 1942,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.477 ms [1.465 ms, 1.488 ms]	-
appsec	2.363 ms [2.319 ms, 2.406 ms]	886.024 µs (60.0%)
iast	2.113 ms [2.058 ms, 2.169 ms]	636.904 µs (43.1%)
iast_GLOBAL	2.161 ms [2.106 ms, 2.216 ms]	684.416 µs (46.4%)
profiling	1.981 ms [1.937 ms, 2.026 ms]	504.796 µs (34.2%)
tracing	1.945 ms [1.903 ms, 1.987 ms]	468.46 µs (31.7%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.477 ms [1.465 ms, 1.489 ms]	-
appsec	2.353 ms [2.309 ms, 2.396 ms]	875.658 µs (59.3%)
iast	2.112 ms [2.057 ms, 2.167 ms]	635.171 µs (43.0%)
iast_GLOBAL	2.157 ms [2.102 ms, 2.213 ms]	680.302 µs (46.1%)
profiling	1.976 ms [1.932 ms, 2.019 ms]	498.677 µs (33.8%)
tracing	1.942 ms [1.9 ms, 1.984 ms]	465.016 µs (31.5%)

[github-actions]

Hi! 👋 Thanks for your pull request! 🎉

To help us review it, please make sure to:

• Add at least one type, and one component or instrumentation label to the pull request

If you need help, please check our contributing guidelines.

[ojung]

Awesome, thanks! I've added a few comments for discussion, nothing blocking from my end.

[ojung]

Are we going to re-try at some point? If we load another class from that jar I think. But then again, my feeling would be that most classes of a jar are loaded at the same time. 🤔

[jpbempel]

Clearly if the queue is full we will drop jars, but don't want to wait or retry here because we are on critical path for class loading, so we will slow down the user app.

[ojung]

These strings aren't very large and the processing is async, should we consider more capacity?

[jpbempel]

64 unique not already processed jars in one shot seems already large to me.

[jpbempel]

I will bump to 128

[ojung]

Isn't this going to stop the thread? Should we log instead?

[jpbempel]

ah yes good catch!

[ojung]

Thinking about situations where there could be a lot of jars to scan in the middle of the execution of an application. I know that we're scanning a lot on startup, which I think is fine. If we suddenly have a large number of jarsToScan long after startup, this might induce non-negligible overhead. Maybe we should fan it out over time and scan one jar per second or some such?

[jpbempel]

That's an interesting topic. Mot sure how bad it could be and the impact. probably IO is the dominant thing and not CPU therefore the problem does not exist.
I think we will see in time. But thanks to bring this issue.

[ojung]

So by the usage of the NO_OP report, I assume we only want a symdb report on the initial scan, not on the continuous ones? I think it might be cool if we had a periodic report as well. Not required, just nice to have.

[jpbempel]

Yes I focus on the initial process. It would be interesting to have it periodically, but not sure if relevant right now as the usage of logs in the wild is pretty heterogeneous.
will consider it if we still have issues with the coutnuous scan process