[IAST] Safeguard Method Replace aspects with try/catch (#5841 -> v2)

[daniel-romano-DD]

Summary of changes

Covered all AspectMethodReplace aspects with try catch clauses to
ensure no crash will bubble up to client, following new analyzer rules.

Disabled some weird casts and processes to support some functions not
present en NetCore 2.0, but present in 2.1 (netstandard2 assembly is
loaded in netcore2.1 apps).

Disabled some overloads receiving generic undefined arguments until
proper callsite support is implemented.

Reason for change

SSI will make the tracer enabled for a lot more of services when
available. We must ensure we do not break any of them, and if so, that
we provide a fast answer.

Implementation details

Apply analyzer suggestions adding a try / catch clause in all
Methodreplace aspects

[andrewlock]

Thanks!

[andrewlock]

Execution-Time Benchmarks Report ⏱️

Execution-time results for samples comparing the following branches/commits:

• This PR (5855)
• master

Execution-time benchmarks measure the whole time it takes to execute a program. And are intended to measure the one-off costs. Cases where the execution time results for the PR are worse than latest master results are shown in red. The following thresholds were used for comparing the execution times:

• Welch test with statistical test for significance of 5%
• Only results indicating a difference greater than 5% and 5 ms are considered.

Note that these results are based on a single point-in-time result for each branch. For full results, see the dashboard.

Graphs show the p99 interval based on the mean and StdDev of the test run, as well as the mean value of the run (shown as a diamond below the graph).

gantt
    title Execution time (ms) FakeDbCommand (.NET Framework 4.6.2) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (5855) - mean (73ms)  : 63, 84
     .   : milestone, 73,
    master - mean (74ms)  : 64, 84
     .   : milestone, 74,

    section CallTarget+Inlining+NGEN
    This PR (5855) - mean (1,027ms)  : 1006, 1048
     .   : milestone, 1027,
    master - mean (1,063ms)  : 1041, 1084
     .   : milestone, 1063,

Loading

gantt
    title Execution time (ms) FakeDbCommand (.NET Core 3.1) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (5855) - mean (109ms)  : 104, 114
     .   : milestone, 109,
    master - mean (110ms)  : 105, 115
     .   : milestone, 110,

    section CallTarget+Inlining+NGEN
    This PR (5855) - mean (717ms)  : 695, 739
     .   : milestone, 717,
    master - mean (747ms)  : 727, 767
     .   : milestone, 747,

Loading

gantt
    title Execution time (ms) FakeDbCommand (.NET 6) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (5855) - mean (92ms)  : 88, 97
     .   : milestone, 92,
    master - mean (92ms)  : 88, 96
     .   : milestone, 92,

    section CallTarget+Inlining+NGEN
    This PR (5855) - mean (665ms)  : 644, 687
     .   : milestone, 665,
    master - mean (703ms)  : 684, 721
     .   : milestone, 703,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET Framework 4.6.2) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (5855) - mean (192ms)  : 188, 196
     .   : milestone, 192,
    master - mean (192ms)  : 189, 196
     .   : milestone, 192,

    section CallTarget+Inlining+NGEN
    This PR (5855) - mean (1,123ms)  : 1103, 1144
     .   : milestone, 1123,
    master - mean (1,169ms)  : 1139, 1200
     .   : milestone, 1169,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET Core 3.1) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (5855) - mean (276ms)  : 273, 280
     .   : milestone, 276,
    master - mean (275ms)  : 271, 280
     .   : milestone, 275,

    section CallTarget+Inlining+NGEN
    This PR (5855) - mean (884ms)  : 861, 906
     .   : milestone, 884,
    master - mean (921ms)  : 896, 947
     .   : milestone, 921,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET 6) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (5855) - mean (265ms)  : 261, 268
     .   : milestone, 265,
    master - mean (266ms)  : 262, 270
     .   : milestone, 266,

    section CallTarget+Inlining+NGEN
    This PR (5855) - mean (872ms)  : 853, 891
     .   : milestone, 872,
    master - mean (905ms)  : 883, 928
     .   : milestone, 905,

Loading

[datadog-ddstaging]

Datadog Report

Branch report: dani/v2/callsite_security_replace
Commit report: d19f44f
Test service: dd-trace-dotnet

✅ 0 Failed, 431846 Passed, 2660 Skipped, 26h 21m 59.68s Total Time
❄️ 1 New Flaky
⌛ 14 Performance Regressions

New Flaky Tests (1)

• ApiSecurityTestMultiThread - Datadog.Trace.Security.Unit.Tests.ApiSecurityTests - Last Failure

  Expand for error

   Expected results to be 1, but found 2.
  

⌛ Performance Regressions vs Default Branch (14)

This report shows up to 5 performance regressions.

• Profiler_cpu_walltime_old_stackwalk - scenarios 3.24s (+899.81ms, +38%) - Details
• Profiler_cpu_walltime - scenarios 3.24s (+898.51ms, +38%) - Details
• Profiler_walltime - scenarios 3.21s (+869.4ms, +37%) - Details
• Profiler_cpu_walltime_timer_create - scenarios 3.24s (+893.27ms, +38%) - Details
• Profiler_liveheap - scenarios 4.2s (+1.03s, +32%) - Details

[andrewlock]

Benchmarks Report for appsec 🐌

Benchmarks for #5855 compared to master:

• All benchmarks have the same speed
• 3 benchmarks have more allocations

The following thresholds were used for comparing the benchmark speeds:

• Mann–Whitney U test with statistical test for significance of 5%
• Only results indicating a difference greater than 10% and 0.3 ns are considered.

Allocation changes below 0.5% are ignored.

Benchmark details

Benchmarks.Trace.Asm.AppSecBodyBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	AllCycleSimpleBody	net6.0	72.6μs	107ns	416ns	0.0723	0	0	6 KB
master	AllCycleSimpleBody	netcoreapp3.1	63.6μs	102ns	381ns	0.0648	0	0	6.95 KB
master	AllCycleSimpleBody	net472	48.2μs	45.4ns	164ns	1.32	0	0	8.33 KB
master	AllCycleMoreComplexBody	net6.0	77.2μs	107ns	400ns	0.116	0	0	9.51 KB
master	AllCycleMoreComplexBody	netcoreapp3.1	69.6μs	121ns	470ns	0.139	0	0	10.36 KB
master	AllCycleMoreComplexBody	net472	56.2μs	75.6ns	293ns	1.88	0.028	0	11.85 KB
master	ObjectExtractorSimpleBody	net6.0	139ns	0.0911ns	0.341ns	0.00394	0	0	280 B
master	ObjectExtractorSimpleBody	netcoreapp3.1	201ns	0.155ns	0.579ns	0.00376	0	0	272 B
master	ObjectExtractorSimpleBody	net472	163ns	0.119ns	0.445ns	0.0446	0	0	281 B
master	ObjectExtractorMoreComplexBody	net6.0	3.14μs	1.46ns	5.67ns	0.0535	0	0	3.78 KB
master	ObjectExtractorMoreComplexBody	netcoreapp3.1	3.84μs	2.28ns	8.55ns	0.0502	0	0	3.69 KB
master	ObjectExtractorMoreComplexBody	net472	3.89μs	2.2ns	8.52ns	0.602	0.0058	0	3.8 KB
#5855	AllCycleSimpleBody	net6.0	72.6μs	106ns	395ns	0.0725	0	0	6 KB
#5855	AllCycleSimpleBody	netcoreapp3.1	62.9μs	73.8ns	286ns	0.0633	0	0	6.95 KB
#5855	AllCycleSimpleBody	net472	47.9μs	41ns	153ns	1.32	0	0	8.34 KB
#5855	AllCycleMoreComplexBody	net6.0	78.8μs	80.3ns	311ns	0.118	0	0	9.51 KB
#5855	AllCycleMoreComplexBody	netcoreapp3.1	70.2μs	111ns	429ns	0.14	0	0	10.36 KB
#5855	AllCycleMoreComplexBody	net472	55.6μs	64.1ns	248ns	1.87	0.0279	0	11.85 KB
#5855	ObjectExtractorSimpleBody	net6.0	147ns	0.193ns	0.749ns	0.00395	0	0	280 B
#5855	ObjectExtractorSimpleBody	netcoreapp3.1	196ns	0.0909ns	0.34ns	0.00363	0	0	272 B
#5855	ObjectExtractorSimpleBody	net472	168ns	0.192ns	0.744ns	0.0446	0	0	281 B
#5855	ObjectExtractorMoreComplexBody	net6.0	3.2μs	1.35ns	5.04ns	0.0526	0	0	3.78 KB
#5855	ObjectExtractorMoreComplexBody	netcoreapp3.1	4.02μs	2.52ns	9.75ns	0.0503	0	0	3.69 KB
#5855	ObjectExtractorMoreComplexBody	net472	3.83μs	2.36ns	8.82ns	0.602	0.00573	0	3.8 KB

Benchmarks.Trace.Asm.AppSecEncoderBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EncodeArgs	net6.0	39.1μs	21.3ns	82.6ns	0.448	0	0	32.4 KB
master	EncodeArgs	netcoreapp3.1	54μs	16.4ns	59ns	0.431	0	0	32.4 KB
master	EncodeArgs	net472	65.1μs	30.2ns	113ns	5.16	0.0653	0	32.5 KB
master	EncodeLegacyArgs	net6.0	72.9μs	410ns	2.9μs	0	0	0	2.14 KB
master	EncodeLegacyArgs	netcoreapp3.1	109μs	79.2ns	307ns	0	0	0	2.14 KB
master	EncodeLegacyArgs	net472	155μs	98.9ns	383ns	0.307	0	0	2.15 KB
#5855	EncodeArgs	net6.0	38.2μs	24.8ns	96.2ns	0.454	0	0	32.4 KB
#5855	EncodeArgs	netcoreapp3.1	54.1μs	17ns	65.8ns	0.431	0	0	32.4 KB
#5855	EncodeArgs	net472	66.2μs	38.4ns	149ns	5.16	0.0657	0	32.5 KB
#5855	EncodeLegacyArgs	net6.0	77.7μs	123ns	476ns	0	0	0	2.14 KB
#5855	EncodeLegacyArgs	netcoreapp3.1	105μs	174ns	672ns	0	0	0	2.14 KB
#5855	EncodeLegacyArgs	net472	153μs	89.5ns	347ns	0.303	0	0	2.15 KB

Benchmarks.Trace.Asm.AppSecWafBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	RunWafRealisticBenchmark	net6.0	186μs	62.3ns	241ns	0	0	0	2.42 KB
master	RunWafRealisticBenchmark	netcoreapp3.1	199μs	188ns	728ns	0	0	0	2.37 KB
master	RunWafRealisticBenchmark	net472	209μs	55.4ns	200ns	0.311	0	0	2.43 KB
master	RunWafRealisticBenchmarkWithAttack	net6.0	122μs	70.5ns	273ns	0	0	0	1.46 KB
master	RunWafRealisticBenchmarkWithAttack	netcoreapp3.1	131μs	210ns	815ns	0	0	0	1.45 KB
master	RunWafRealisticBenchmarkWithAttack	net472	140μs	26.7ns	104ns	0.209	0	0	1.48 KB
#5855	RunWafRealisticBenchmark	net6.0	181μs	50.9ns	197ns	0	0	0	2.42 KB
#5855	RunWafRealisticBenchmark	netcoreapp3.1	193μs	316ns	1.22μs	0	0	0	2.37 KB
#5855	RunWafRealisticBenchmark	net472	210μs	196ns	758ns	0.312	0	0	2.43 KB
#5855	RunWafRealisticBenchmarkWithAttack	net6.0	123μs	68.8ns	266ns	0	0	0	1.46 KB
#5855	RunWafRealisticBenchmarkWithAttack	netcoreapp3.1	129μs	49.1ns	190ns	0	0	0	1.45 KB
#5855	RunWafRealisticBenchmarkWithAttack	net472	139μs	56.4ns	218ns	0.208	0	0	1.48 KB

Benchmarks.Trace.Iast.StringAspectsBenchmark - Same speed ✔️ More allocations ⚠️

More allocations ⚠️ in #5855

Benchmark	Base Allocated	Diff Allocated	Change	Change %
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatBenchmark‑net472	59.06 KB	62.02 KB	2.97 KB	5.03%
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatAspectBenchmark‑netcoreapp3.1	254.01 KB	263.6 KB	9.59 KB	3.78%
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatAspectBenchmark‑net6.0	254.2 KB	256.54 KB	2.34 KB	0.92%

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	StringConcatBenchmark	net6.0	58.9μs	779ns	7.67μs	0	0	0	43.44 KB
master	StringConcatBenchmark	netcoreapp3.1	61.5μs	737ns	7.25μs	0	0	0	42.64 KB
master	StringConcatBenchmark	net472	37.5μs	98.2ns	354ns	0	0	0	59.06 KB
master	StringConcatAspectBenchmark	net6.0	292μs	5.72μs	56.9μs	0	0	0	254.2 KB
master	StringConcatAspectBenchmark	netcoreapp3.1	310μs	5.17μs	51.2μs	0	0	0	254.01 KB
master	StringConcatAspectBenchmark	net472	280μs	6.22μs	60.6μs	0	0	0	278.53 KB
#5855	StringConcatBenchmark	net6.0	53.1μs	222ns	914ns	0	0	0	43.44 KB
#5855	StringConcatBenchmark	netcoreapp3.1	54.3μs	240ns	867ns	0	0	0	42.64 KB
#5855	StringConcatBenchmark	net472	38.3μs	157ns	565ns	0	0	0	62.02 KB
#5855	StringConcatAspectBenchmark	net6.0	309μs	1.53μs	6.49μs	0	0	0	256.54 KB
#5855	StringConcatAspectBenchmark	netcoreapp3.1	333μs	1.31μs	4.52μs	0	0	0	263.6 KB
#5855	StringConcatAspectBenchmark	net472	285μs	5.98μs	58.9μs	0	0	0	278.53 KB

[robertpi]

Approving as we agreed #5841 was good, didn't re-review.