🍒 8549 - Prevent before callsites targeting constructors in super calls #8582

manuel-alvarez-alvarez · 2025-03-18T11:51:32Z

Backport #8549 to release/v1.47.x

(cherry picked from commit e20ae64)

(cherry picked from commit 70c362c)

...ava-agent/agent-tooling/src/main/java/datadog/trace/agent/tooling/bytebuddy/csi/Advices.java

dd-java-agent/agent-tooling/src/main/java/datadog/trace/agent/tooling/csi/CallSites.java

pr-commenter · 2025-03-18T12:37:33Z

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	malvarez/backport-pr-8549
git_commit_date	1742298123	1742298686
git_commit_sha	`6a24044`	`dcedbe8`
release_version	1.48.0-SNAPSHOT~6a2404487f	1.48.0-SNAPSHOT~dcedbe87cb

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1742301406	1742301406
ci_job_id	852519396	852519396
ci_pipeline_id	59158571	59158571
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zztqartb-project-304-concurrent-0-0b15h0kh 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zztqartb-project-304-concurrent-0-0b15h0kh 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module	Agent	Agent
parent	None	None
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 60 metrics, 3 unstable metrics.

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.48.0-SNAPSHOT~dcedbe87cb, baseline=1.48.0-SNAPSHOT~6a2404487f

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.041 s) : 0, 1040794
Total [baseline] (10.458 s) : 0, 10458226
Agent [candidate] (1.041 s) : 0, 1041066
Total [candidate] (10.481 s) : 0, 10480600
section appsec
Agent [baseline] (1.185 s) : 0, 1184551
Total [baseline] (10.807 s) : 0, 10807487
Agent [candidate] (1.188 s) : 0, 1188094
Total [candidate] (10.773 s) : 0, 10772720
section iast
Agent [baseline] (1.18 s) : 0, 1179619
Total [baseline] (10.977 s) : 0, 10976725
Agent [candidate] (1.17 s) : 0, 1169727
Total [candidate] (10.948 s) : 0, 10947555
section profiling
Agent [baseline] (1.26 s) : 0, 1260494
Total [baseline] (10.889 s) : 0, 10888967
Agent [candidate] (1.269 s) : 0, 1268667
Total [candidate] (10.891 s) : 0, 10890951

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.041 s	-
Agent	appsec	1.185 s	143.757 ms (13.8%)
Agent	iast	1.18 s	138.825 ms (13.3%)
Agent	profiling	1.26 s	219.7 ms (21.1%)
Total	tracing	10.458 s	-
Total	appsec	10.807 s	349.261 ms (3.3%)
Total	iast	10.977 s	518.499 ms (5.0%)
Total	profiling	10.889 s	430.741 ms (4.1%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.041 s	-
Agent	appsec	1.188 s	147.028 ms (14.1%)
Agent	iast	1.17 s	128.661 ms (12.4%)
Agent	profiling	1.269 s	227.601 ms (21.9%)
Total	tracing	10.481 s	-
Total	appsec	10.773 s	292.12 ms (2.8%)
Total	iast	10.948 s	466.955 ms (4.5%)
Total	profiling	10.891 s	410.351 ms (3.9%)

gantt
    title petclinic - break down per module: candidate=1.48.0-SNAPSHOT~dcedbe87cb, baseline=1.48.0-SNAPSHOT~6a2404487f

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (718.502 ms) : 0, 718502
BytebuddyAgent [candidate] (718.263 ms) : 0, 718263
GlobalTracer [baseline] (239.675 ms) : 0, 239675
GlobalTracer [candidate] (240.312 ms) : 0, 240312
AppSec [baseline] (54.549 ms) : 0, 54549
AppSec [candidate] (55.327 ms) : 0, 55327
Remote Config [baseline] (687.975 µs) : 0, 688
Remote Config [candidate] (681.16 µs) : 0, 681
Telemetry [baseline] (12.229 ms) : 0, 12229
Telemetry [candidate] (11.517 ms) : 0, 11517
section appsec
BytebuddyAgent [baseline] (737.419 ms) : 0, 737419
BytebuddyAgent [candidate] (737.647 ms) : 0, 737647
GlobalTracer [baseline] (236.181 ms) : 0, 236181
GlobalTracer [candidate] (237.788 ms) : 0, 237788
AppSec [baseline] (175.908 ms) : 0, 175908
AppSec [candidate] (177.909 ms) : 0, 177909
Remote Config [baseline] (667.281 µs) : 0, 667
Remote Config [candidate] (668.403 µs) : 0, 668
Telemetry [baseline] (8.355 ms) : 0, 8355
Telemetry [candidate] (8.286 ms) : 0, 8286
IAST [baseline] (21.69 ms) : 0, 21690
IAST [candidate] (21.745 ms) : 0, 21745
section iast
BytebuddyAgent [baseline] (844.606 ms) : 0, 844606
BytebuddyAgent [candidate] (835.873 ms) : 0, 835873
GlobalTracer [baseline] (231.036 ms) : 0, 231036
GlobalTracer [candidate] (230.028 ms) : 0, 230028
AppSec [baseline] (56.458 ms) : 0, 56458
AppSec [candidate] (56.72 ms) : 0, 56720
Remote Config [baseline] (607.028 µs) : 0, 607
Remote Config [candidate] (614.561 µs) : 0, 615
Telemetry [baseline] (8.677 ms) : 0, 8677
Telemetry [candidate] (8.683 ms) : 0, 8683
IAST [baseline] (22.921 ms) : 0, 22921
IAST [candidate] (22.919 ms) : 0, 22919
section profiling
ProfilingAgent [baseline] (96.27 ms) : 0, 96270
ProfilingAgent [candidate] (96.841 ms) : 0, 96841
BytebuddyAgent [baseline] (709.793 ms) : 0, 709793
BytebuddyAgent [candidate] (713.918 ms) : 0, 713918
GlobalTracer [baseline] (349.451 ms) : 0, 349451
GlobalTracer [candidate] (352.475 ms) : 0, 352475
AppSec [baseline] (54.604 ms) : 0, 54604
AppSec [candidate] (54.916 ms) : 0, 54916
Remote Config [baseline] (666.588 µs) : 0, 667
Remote Config [candidate] (681.346 µs) : 0, 681
Telemetry [baseline] (8.885 ms) : 0, 8885
Telemetry [candidate] (9.177 ms) : 0, 9177
Profiling [baseline] (96.299 ms) : 0, 96299
Profiling [candidate] (96.866 ms) : 0, 96866

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.48.0-SNAPSHOT~dcedbe87cb, baseline=1.48.0-SNAPSHOT~6a2404487f

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.044 s) : 0, 1043712
Total [baseline] (8.691 s) : 0, 8690591
Agent [candidate] (1.039 s) : 0, 1038587
Total [candidate] (8.703 s) : 0, 8703280
section iast
Agent [baseline] (1.172 s) : 0, 1172402
Total [baseline] (9.233 s) : 0, 9232851
Agent [candidate] (1.172 s) : 0, 1172012
Total [candidate] (9.23 s) : 0, 9229631
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.17 s) : 0, 1170166
Total [baseline] (9.179 s) : 0, 9178978
Agent [candidate] (1.171 s) : 0, 1170747
Total [candidate] (9.213 s) : 0, 9212590
section iast_TELEMETRY_OFF
Agent [baseline] (1.167 s) : 0, 1166520
Total [baseline] (9.257 s) : 0, 9257274
Agent [candidate] (1.169 s) : 0, 1169063
Total [candidate] (9.275 s) : 0, 9275326

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.044 s	-
Agent	iast	1.172 s	128.691 ms (12.3%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.17 s	126.454 ms (12.1%)
Agent	iast_TELEMETRY_OFF	1.167 s	122.808 ms (11.8%)
Total	tracing	8.691 s	-
Total	iast	9.233 s	542.26 ms (6.2%)
Total	iast_HARDCODED_SECRET_DISABLED	9.179 s	488.387 ms (5.6%)
Total	iast_TELEMETRY_OFF	9.257 s	566.683 ms (6.5%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.039 s	-
Agent	iast	1.172 s	133.425 ms (12.8%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.171 s	132.16 ms (12.7%)
Agent	iast_TELEMETRY_OFF	1.169 s	130.476 ms (12.6%)
Total	tracing	8.703 s	-
Total	iast	9.23 s	526.35 ms (6.0%)
Total	iast_HARDCODED_SECRET_DISABLED	9.213 s	509.31 ms (5.9%)
Total	iast_TELEMETRY_OFF	9.275 s	572.046 ms (6.6%)

gantt
    title insecure-bank - break down per module: candidate=1.48.0-SNAPSHOT~dcedbe87cb, baseline=1.48.0-SNAPSHOT~6a2404487f

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (720.741 ms) : 0, 720741
BytebuddyAgent [candidate] (716.61 ms) : 0, 716610
GlobalTracer [baseline] (239.96 ms) : 0, 239960
GlobalTracer [candidate] (239.608 ms) : 0, 239608
AppSec [baseline] (54.87 ms) : 0, 54870
AppSec [candidate] (55.365 ms) : 0, 55365
Remote Config [baseline] (695.099 µs) : 0, 695
Remote Config [candidate] (679.121 µs) : 0, 679
Telemetry [baseline] (12.214 ms) : 0, 12214
Telemetry [candidate] (11.395 ms) : 0, 11395
section iast
BytebuddyAgent [baseline] (838.712 ms) : 0, 838712
BytebuddyAgent [candidate] (837.75 ms) : 0, 837750
GlobalTracer [baseline] (230.399 ms) : 0, 230399
GlobalTracer [candidate] (230.178 ms) : 0, 230178
IAST [baseline] (22.793 ms) : 0, 22793
IAST [candidate] (22.825 ms) : 0, 22825
AppSec [baseline] (56.003 ms) : 0, 56003
AppSec [candidate] (57.005 ms) : 0, 57005
Remote Config [baseline] (608.434 µs) : 0, 608
Remote Config [candidate] (614.39 µs) : 0, 614
Telemetry [baseline] (8.642 ms) : 0, 8642
Telemetry [candidate] (8.683 ms) : 0, 8683
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (837.343 ms) : 0, 837343
BytebuddyAgent [candidate] (836.376 ms) : 0, 836376
GlobalTracer [baseline] (229.787 ms) : 0, 229787
GlobalTracer [candidate] (230.075 ms) : 0, 230075
IAST [baseline] (23.482 ms) : 0, 23482
IAST [candidate] (22.924 ms) : 0, 22924
AppSec [baseline] (55.02 ms) : 0, 55020
AppSec [candidate] (57.179 ms) : 0, 57179
Remote Config [baseline] (597.647 µs) : 0, 598
Remote Config [candidate] (606.389 µs) : 0, 606
Telemetry [baseline] (8.697 ms) : 0, 8697
Telemetry [candidate] (8.683 ms) : 0, 8683
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (834.197 ms) : 0, 834197
BytebuddyAgent [candidate] (834.575 ms) : 0, 834575
GlobalTracer [baseline] (229.406 ms) : 0, 229406
GlobalTracer [candidate] (230.351 ms) : 0, 230351
IAST [baseline] (22.12 ms) : 0, 22120
IAST [candidate] (22.563 ms) : 0, 22563
AppSec [baseline] (56.326 ms) : 0, 56326
AppSec [candidate] (57.337 ms) : 0, 57337
Remote Config [baseline] (608.585 µs) : 0, 609
Remote Config [candidate] (618.944 µs) : 0, 619
Telemetry [baseline] (8.644 ms) : 0, 8644
Telemetry [candidate] (8.676 ms) : 0, 8676

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
end_time	2025-03-18T12:06:59	2025-03-18T12:14:44
git_branch	master	malvarez/backport-pr-8549
git_commit_date	1742298123	1742298686
git_commit_sha	`6a24044`	`dcedbe8`
release_version	1.48.0-SNAPSHOT~6a2404487f	1.48.0-SNAPSHOT~dcedbe87cb
start_time	2025-03-18T12:06:45	2025-03-18T12:14:29

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1742300484	1742300484
ci_job_id	852519397	852519397
ci_pipeline_id	59158571	59158571
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-pzkyxzcm-project-304-concurrent-0-r568l426 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-pzkyxzcm-project-304-concurrent-0-r568l426 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 14 metrics, 16 unstable metrics.

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.48.0-SNAPSHOT~dcedbe87cb, baseline=1.48.0-SNAPSHOT~6a2404487f
    dateFormat X
    axisFormat %s
section baseline
no_agent (391.162 µs) : 371, 411
.   : milestone, 391,
iast (517.882 µs) : 496, 540
.   : milestone, 518,
iast_FULL (738.238 µs) : 716, 760
.   : milestone, 738,
iast_GLOBAL (565.34 µs) : 543, 588
.   : milestone, 565,
iast_HARDCODED_SECRET_DISABLED (515.966 µs) : 494, 538
.   : milestone, 516,
iast_INACTIVE (466.279 µs) : 445, 488
.   : milestone, 466,
iast_TELEMETRY_OFF (503.452 µs) : 482, 525
.   : milestone, 503,
tracing (462.675 µs) : 441, 484
.   : milestone, 463,
section candidate
no_agent (383.232 µs) : 364, 403
.   : milestone, 383,
iast (514.467 µs) : 493, 536
.   : milestone, 514,
iast_FULL (735.754 µs) : 714, 758
.   : milestone, 736,
iast_GLOBAL (571.944 µs) : 549, 595
.   : milestone, 572,
iast_HARDCODED_SECRET_DISABLED (516.812 µs) : 495, 539
.   : milestone, 517,
iast_INACTIVE (466.226 µs) : 445, 487
.   : milestone, 466,
iast_TELEMETRY_OFF (503.794 µs) : 481, 526
.   : milestone, 504,
tracing (458.802 µs) : 438, 480
.   : milestone, 459,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	391.162 µs [371.271 µs, 411.053 µs]	-
iast	517.882 µs [496.192 µs, 539.572 µs]	126.72 µs (32.4%)
iast_FULL	738.238 µs [715.984 µs, 760.492 µs]	347.076 µs (88.7%)
iast_GLOBAL	565.34 µs [542.753 µs, 587.927 µs]	174.178 µs (44.5%)
iast_HARDCODED_SECRET_DISABLED	515.966 µs [494.374 µs, 537.558 µs]	124.804 µs (31.9%)
iast_INACTIVE	466.279 µs [444.868 µs, 487.69 µs]	75.117 µs (19.2%)
iast_TELEMETRY_OFF	503.452 µs [481.898 µs, 525.005 µs]	112.29 µs (28.7%)
tracing	462.675 µs [441.397 µs, 483.953 µs]	71.513 µs (18.3%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	383.232 µs [363.707 µs, 402.757 µs]	-
iast	514.467 µs [492.781 µs, 536.153 µs]	131.235 µs (34.2%)
iast_FULL	735.754 µs [713.637 µs, 757.871 µs]	352.522 µs (92.0%)
iast_GLOBAL	571.944 µs [549.278 µs, 594.609 µs]	188.712 µs (49.2%)
iast_HARDCODED_SECRET_DISABLED	516.812 µs [494.991 µs, 538.634 µs]	133.58 µs (34.9%)
iast_INACTIVE	466.226 µs [445.095 µs, 487.357 µs]	82.993 µs (21.7%)
iast_TELEMETRY_OFF	503.794 µs [481.273 µs, 526.315 µs]	120.562 µs (31.5%)
tracing	458.802 µs [438.075 µs, 479.53 µs]	75.57 µs (19.7%)

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.48.0-SNAPSHOT~dcedbe87cb, baseline=1.48.0-SNAPSHOT~6a2404487f
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.364 ms) : 1344, 1385
.   : milestone, 1364,
appsec (1.74 ms) : 1716, 1763
.   : milestone, 1740,
appsec_no_iast (1.759 ms) : 1735, 1783
.   : milestone, 1759,
code_origins (1.68 ms) : 1652, 1707
.   : milestone, 1680,
iast (1.508 ms) : 1484, 1531
.   : milestone, 1508,
profiling (1.513 ms) : 1489, 1536
.   : milestone, 1513,
tracing (1.475 ms) : 1450, 1500
.   : milestone, 1475,
section candidate
no_agent (1.381 ms) : 1361, 1400
.   : milestone, 1381,
appsec (1.725 ms) : 1702, 1749
.   : milestone, 1725,
appsec_no_iast (1.735 ms) : 1711, 1760
.   : milestone, 1735,
code_origins (1.698 ms) : 1663, 1732
.   : milestone, 1698,
iast (1.516 ms) : 1492, 1540
.   : milestone, 1516,
profiling (1.546 ms) : 1522, 1571
.   : milestone, 1546,
tracing (1.511 ms) : 1487, 1535
.   : milestone, 1511,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.364 ms [1.344 ms, 1.385 ms]	-
appsec	1.74 ms [1.716 ms, 1.763 ms]	375.032 µs (27.5%)
appsec_no_iast	1.759 ms [1.735 ms, 1.783 ms]	394.291 µs (28.9%)
code_origins	1.68 ms [1.652 ms, 1.707 ms]	315.301 µs (23.1%)
iast	1.508 ms [1.484 ms, 1.531 ms]	143.075 µs (10.5%)
profiling	1.513 ms [1.489 ms, 1.536 ms]	148.119 µs (10.9%)
tracing	1.475 ms [1.45 ms, 1.5 ms]	110.897 µs (8.1%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.381 ms [1.361 ms, 1.4 ms]	-
appsec	1.725 ms [1.702 ms, 1.749 ms]	344.885 µs (25.0%)
appsec_no_iast	1.735 ms [1.711 ms, 1.76 ms]	354.722 µs (25.7%)
code_origins	1.698 ms [1.663 ms, 1.732 ms]	317.204 µs (23.0%)
iast	1.516 ms [1.492 ms, 1.54 ms]	135.371 µs (9.8%)
profiling	1.546 ms [1.522 ms, 1.571 ms]	165.725 µs (12.0%)
tracing	1.511 ms [1.487 ms, 1.535 ms]	130.164 µs (9.4%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	malvarez/backport-pr-8549
git_commit_date	1742298123	1742298686
git_commit_sha	`6a24044`	`dcedbe8`
release_version	1.48.0-SNAPSHOT~6a2404487f	1.48.0-SNAPSHOT~dcedbe87cb

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1742300822	1742300822
ci_job_id	852519398	852519398
ci_pipeline_id	59158571	59158571
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-azwvsuur-project-304-concurrent-0-hfxync4f 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-azwvsuur-project-304-concurrent-0-hfxync4f 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant	appsec	appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.48.0-SNAPSHOT~dcedbe87cb, baseline=1.48.0-SNAPSHOT~6a2404487f
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.003 s) : 15003000, 15003000
.   : milestone, 15003000,
appsec (15.165 s) : 15165000, 15165000
.   : milestone, 15165000,
iast (18.3 s) : 18300000, 18300000
.   : milestone, 18300000,
iast_GLOBAL (18.227 s) : 18227000, 18227000
.   : milestone, 18227000,
profiling (15.054 s) : 15054000, 15054000
.   : milestone, 15054000,
tracing (14.875 s) : 14875000, 14875000
.   : milestone, 14875000,
section candidate
no_agent (14.718 s) : 14718000, 14718000
.   : milestone, 14718000,
appsec (15.127 s) : 15127000, 15127000
.   : milestone, 15127000,
iast (19.048 s) : 19048000, 19048000
.   : milestone, 19048000,
iast_GLOBAL (18.209 s) : 18209000, 18209000
.   : milestone, 18209000,
profiling (14.94 s) : 14940000, 14940000
.   : milestone, 14940000,
tracing (14.648 s) : 14648000, 14648000
.   : milestone, 14648000,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.003 s [15.003 s, 15.003 s]	-
appsec	15.165 s [15.165 s, 15.165 s]	162.0 ms (1.1%)
iast	18.3 s [18.3 s, 18.3 s]	3.297 s (22.0%)
iast_GLOBAL	18.227 s [18.227 s, 18.227 s]	3.224 s (21.5%)
profiling	15.054 s [15.054 s, 15.054 s]	51.0 ms (0.3%)
tracing	14.875 s [14.875 s, 14.875 s]	-128.0 ms (-0.9%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	14.718 s [14.718 s, 14.718 s]	-
appsec	15.127 s [15.127 s, 15.127 s]	409.0 ms (2.8%)
iast	19.048 s [19.048 s, 19.048 s]	4.33 s (29.4%)
iast_GLOBAL	18.209 s [18.209 s, 18.209 s]	3.491 s (23.7%)
profiling	14.94 s [14.94 s, 14.94 s]	222.0 ms (1.5%)
tracing	14.648 s [14.648 s, 14.648 s]	-70.0 ms (-0.5%)

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.48.0-SNAPSHOT~dcedbe87cb, baseline=1.48.0-SNAPSHOT~6a2404487f
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.469 ms) : 1457, 1480
.   : milestone, 1469,
appsec (2.336 ms) : 2292, 2380
.   : milestone, 2336,
iast (2.12 ms) : 2064, 2176
.   : milestone, 2120,
iast_GLOBAL (2.165 ms) : 2108, 2221
.   : milestone, 2165,
profiling (1.985 ms) : 1940, 2031
.   : milestone, 1985,
tracing (1.96 ms) : 1917, 2003
.   : milestone, 1960,
section candidate
no_agent (1.471 ms) : 1459, 1482
.   : milestone, 1471,
appsec (2.331 ms) : 2288, 2374
.   : milestone, 2331,
iast (2.101 ms) : 2046, 2157
.   : milestone, 2101,
iast_GLOBAL (2.15 ms) : 2095, 2206
.   : milestone, 2150,
profiling (1.976 ms) : 1931, 2021
.   : milestone, 1976,
tracing (1.947 ms) : 1905, 1989
.   : milestone, 1947,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.469 ms [1.457 ms, 1.48 ms]	-
appsec	2.336 ms [2.292 ms, 2.38 ms]	867.075 µs (59.0%)
iast	2.12 ms [2.064 ms, 2.176 ms]	651.14 µs (44.3%)
iast_GLOBAL	2.165 ms [2.108 ms, 2.221 ms]	696.193 µs (47.4%)
profiling	1.985 ms [1.94 ms, 2.031 ms]	516.637 µs (35.2%)
tracing	1.96 ms [1.917 ms, 2.003 ms]	491.145 µs (33.4%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.471 ms [1.459 ms, 1.482 ms]	-
appsec	2.331 ms [2.288 ms, 2.374 ms]	859.731 µs (58.4%)
iast	2.101 ms [2.046 ms, 2.157 ms]	630.337 µs (42.9%)
iast_GLOBAL	2.15 ms [2.095 ms, 2.206 ms]	679.471 µs (46.2%)
profiling	1.976 ms [1.931 ms, 2.021 ms]	505.178 µs (34.3%)
tracing	1.947 ms [1.905 ms, 1.989 ms]	476.036 µs (32.4%)

manuel-alvarez-alvarez · 2025-03-18T13:10:39Z

Merged even though muzzle test fails (fixed in this PR)

| Package | Type | Package file | Manager | Update | Change | |---|---|---|---|---|---| | [com.google.cloud:google-cloud-logging](https://github.com/googleapis/java-logging) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `3.21.4` -> `3.22.0` | | [com.datadoghq:dd-trace-api](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.47.1` -> `1.47.2` | | [com.datadoghq:dd-trace-ot](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `1.47.1` -> `1.47.2` | | [software.amazon.awssdk:sdk-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.2` -> `2.31.3` | | [software.amazon.awssdk:sqs](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.2` -> `2.31.3` | | [software.amazon.awssdk:dynamodb-enhanced](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.2` -> `2.31.3` | | [software.amazon.awssdk:dynamodb](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.2` -> `2.31.3` | | [software.amazon.awssdk:aws-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.2` -> `2.31.3` | | [software.amazon.awssdk:bom](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.2` -> `2.31.3` | | [software.amazon.awssdk:auth](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.2` -> `2.31.3` | --- ### Release Notes <details> <summary>googleapis/java-logging (com.google.cloud:google-cloud-logging)</summary> ### [`v3.22.0`](https://github.com/googleapis/java-logging/blob/HEAD/CHANGELOG.md#3220-2025-03-18) ##### Features - Next release from main branch is 3.22.0 ([#1776](googleapis/java-logging#1776)) ([7736073](googleapis/java-logging@7736073)) ##### Bug Fixes - **deps:** Update the Java code generator (gapic-generator-java) to 2.55.1 ([dd25992](googleapis/java-logging@dd25992)) ##### Dependencies - Update dependency com.google.cloud:sdk-platform-java-config to v3.45.1 ([#1779](googleapis/java-logging#1779)) ([a643ab0](googleapis/java-logging@a643ab0)) - Update googleapis/sdk-platform-java action to v2.55.1 ([#1780](googleapis/java-logging#1780)) ([505557e](googleapis/java-logging@505557e)) </details> <details> <summary>datadog/dd-trace-java (com.datadoghq:dd-trace-api)</summary> ### [`v1.47.2`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.47.2): 1.47.2 ##### Components ##### Application Security Management (IAST) - 🐛 🍒 8549 - Prevent before callsites targeting constructors in super calls ([#8582](DataDog/dd-trace-java#8582) - [@manuel-alvarez-alvarez](https://github.com/manuel-alvarez-alvarez)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 6pm every weekday,before 2am every weekday" in timezone Australia/Melbourne, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Never, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). GitOrigin-RevId: c85f514ebfa65c5b35193726cb1f6737a22f959b

manuel-alvarez-alvarez added 2 commits March 18, 2025 12:51

Prevent before callsites targeting calls to super in constructors

36a381c

(cherry picked from commit e20ae64)

Fix failing tests

dcedbe8

(cherry picked from commit 70c362c)

manuel-alvarez-alvarez requested review from a team as code owners March 18, 2025 11:51

manuel-alvarez-alvarez added the type: bug label Mar 18, 2025

manuel-alvarez-alvarez requested a review from a team as a code owner March 18, 2025 11:51

manuel-alvarez-alvarez added the comp: asm iast Application Security Management (IAST) label Mar 18, 2025

manuel-alvarez-alvarez requested review from smola and jandro996 March 18, 2025 11:51

datadog-datadog-prod-us1 bot reviewed Mar 18, 2025

View reviewed changes

smola approved these changes Mar 18, 2025

View reviewed changes

manuel-alvarez-alvarez added this to the 1.47.2 milestone Mar 18, 2025

jandro996 approved these changes Mar 18, 2025

View reviewed changes

sezen-datadog approved these changes Mar 18, 2025

View reviewed changes

manuel-alvarez-alvarez merged commit feebc3c into release/v1.47.x Mar 18, 2025
238 of 240 checks passed

manuel-alvarez-alvarez deleted the malvarez/backport-pr-8549 branch March 18, 2025 13:11

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

🍒 8549 - Prevent before callsites targeting constructors in super calls #8582

🍒 8549 - Prevent before callsites targeting constructors in super calls #8582

Uh oh!

manuel-alvarez-alvarez commented Mar 18, 2025

Uh oh!

Uh oh!

Uh oh!

Uh oh!

pr-commenter bot commented Mar 18, 2025

Uh oh!

manuel-alvarez-alvarez commented Mar 18, 2025

Uh oh!

Uh oh!

Uh oh!

🍒 8549 - Prevent before callsites targeting constructors in super calls #8582

🍒 8549 - Prevent before callsites targeting constructors in super calls #8582

Uh oh!

Conversation

manuel-alvarez-alvarez commented Mar 18, 2025

Uh oh!

Uh oh!

Uh oh!

Uh oh!

pr-commenter bot commented Mar 18, 2025

Benchmarks

Startup

Parameters

Summary

Load

Parameters

Summary

Dacapo

Parameters

Summary

Uh oh!

manuel-alvarez-alvarez commented Mar 18, 2025

Uh oh!

Uh oh!

Uh oh!