Add helper rewrite in rust

[cataphract]

Description

Passing integration and system-tests.

Further integration into sidecar and protocol changes pending.

Reviewer checklist

• Test coverage seems ok.
• Appropriate labels assigned.

[datadog-datadog-prod-us1]

⚠️ Tests

✨ Fix all issues with BitsAI or with Cursor

⚠️ Warnings

🧪 1028 Tests failed

testSearchPhpBinaries from integration.DDTrace\Tests\Integration\PHPInstallerTest (Datadog) (Fix with Cursor)

DDTrace\Tests\Integration\PHPInstallerTest::testSearchPhpBinaries
Test code or tested code printed unexpected output: Searching for available php binaries, this operation might take a while.

testSimplePushAndProcess from laravel-58-test.DDTrace\Tests\Integrations\Laravel\V5_8\QueueTest (Datadog) (Fix with Cursor)

DDTrace\Tests\Integrations\Laravel\V5_8\QueueTest::testSimplePushAndProcess
Test code or tested code printed unexpected output: spanLinksTraceId: 69b44374000000008730e98ca452f657
tid: 69b4437400000000
hexProcessTraceId: 8730e98ca452f657
hexProcessSpanId: 191c0eae453e9c1a
processTraceId: 9741542784263976535
processSpanId: 1809337291944926234

phpvfscomposer://tests/vendor/phpunit/phpunit/phpunit:106

testSimplePushAndProcess from laravel-8x-test.DDTrace\Tests\Integrations\Laravel\V8_x\QueueTest (Datadog) (Fix with Cursor)

DDTrace\Tests\Integrations\Laravel\V8_x\QueueTest::testSimplePushAndProcess
Test code or tested code printed unexpected output: spanLinksTraceId: 69b4439500000000d4476abb67a30a20
tid: 69b4439500000000
hexProcessTraceId: d4476abb67a30a20
hexProcessSpanId: 7fb4f4546a74dd5e
processTraceId: 15296312012517345824
processSpanId: 9202248582025239902

View all

ℹ️ Info

No other issues found (see more)

❄️ No new flaky tests detected

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: f71ed6b | Docs | Datadog PR Page | Was this helpful? React with 👍/👎 or give us feedback!}

[codecov-commenter]

Codecov Report

❌ Patch coverage is 84.80088% with 832 lines in your changes missing coverage. Please review.
✅ Project coverage is 68.72%. Comparing base (147f3c2) to head (f71ed6b).

Files with missing lines	Patch %	Lines
appsec/helper-rust/src/client.rs	89.30%	101 Missing ⚠️
appsec/helper-rust/src/lib.rs	53.47%	87 Missing ⚠️
appsec/helper-rust/src/rc.rs	85.71%	68 Missing ⚠️
appsec/src/extension/ddappsec.c	25.31%	52 Missing and 7 partials ⚠️
appsec/helper-rust/src/service.rs	90.95%	57 Missing ⚠️
appsec/helper-rust/src/telemetry/sidecar.rs	79.10%	56 Missing ⚠️
appsec/src/extension/helper_process.c	8.19%	56 Missing ⚠️
appsec/helper-rust/src/lock.rs	68.37%	37 Missing ⚠️
appsec/helper-rust/src/service/sampler.rs	90.76%	34 Missing ⚠️
appsec/helper-rust/src/service/waf_diag.rs	88.38%	28 Missing ⚠️
... and 19 more

❌ Your patch status has failed because the patch coverage (84.80%) is below the target coverage (90.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #3581      +/-   ##
==========================================
+ Coverage   62.32%   68.72%   +6.40%     
==========================================
  Files         142      166      +24     
  Lines       13586    19030    +5444     
  Branches     1775     1797      +22     
==========================================
+ Hits         8467    13079    +4612     
- Misses       4311     5136     +825     
- Partials      808      815       +7     

Flag	Coverage Δ
helper-rust-integration	78.82% <78.82%> (?)
helper-rust-unit	49.36% <49.36%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
appsec/helper-rust/src/service/metrics.rs	100.00% <100.00%> (ø)
appsec/src/extension/configuration.h	100.00% <ø> (ø)
appsec/src/extension/user_tracking.c	75.00% <100.00%> (+0.08%)	⬆️
appsec/src/helper/client.cpp	75.46% <100.00%> (+0.05%)	⬆️
appsec/src/helper/client.hpp	89.58% <ø> (ø)
appsec/src/helper/engine.cpp	91.73% <100.00%> (ø)
appsec/src/helper/engine.hpp	100.00% <ø> (ø)
appsec/src/helper/network/proto.hpp	93.22% <ø> (ø)
appsec/src/helper/subscriber/base.hpp	100.00% <ø> (ø)
appsec/src/helper/subscriber/waf.cpp	71.57% <100.00%> (+0.04%)	⬆️
... and 30 more

... and 1 file with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 147f3c2...f71ed6b. Read the comment docs.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[pr-commenter]

Benchmarks [ appsec ]

Benchmark execution time: 2026-03-13 17:35:25

Comparing candidate commit f71ed6b in PR branch glopes/helper-rust with baseline commit 147f3c2 in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

[pr-commenter]

Benchmarks [ tracer ]

Benchmark execution time: 2026-03-04 12:25:07

Comparing candidate commit e162af9 in PR branch glopes/helper-rust with baseline commit 8cd0131 in branch master.

Found 2 performance improvements and 0 performance regressions! Performance is the same for 190 metrics, 2 unstable metrics.

scenario:MessagePackSerializationBench/benchMessagePackSerialization

• 🟩 execution_time [-6.504µs; -5.736µs] or [-5.806%; -5.120%]

scenario:MessagePackSerializationBench/benchMessagePackSerialization-opcache

• 🟩 execution_time [-3.486µs; -2.554µs] or [-3.201%; -2.345%]

[morrisonlevi]

This PR is so large that github will only permit me to review it one file at a time. I didn't even know that was a thing! You're going to need to break it down into a series of smaller PRs, probably.

[bwoebi]

@morrisonlevi I've had success for very big PRs with the PHPStorm/CLion github integrations in the past. Doesn't matter for small PRs, but can definitely recommend it for extra-large PRs :-)

[estringana]

I find this "installation" folder a bit dealigned with the rest of example. Is it require?

[cataphract]

It's there to manually test whether the packages generated from CI are installable, since what's on CI is basic and can never test fully against staging. Whether it should be here or on another repository, it's open for discussion

[estringana]

what is this for?

[cataphract]

It's used in the test test_sidecar_symbol_resolve_and_call

[pr-commenter]

Benchmarks [ profiler ]

Benchmark execution time: 2026-03-12 15:21:08

Comparing candidate commit 0d79129 in PR branch glopes/helper-rust with baseline commit 237080d in branch master.

Found 0 performance improvements and 2 performance regressions! Performance is the same for 28 metrics, 6 unstable metrics.

scenario:php-profiler-timeline-memory-control

• 🟥 cpu_user_time [+28.023ms; +36.773ms] or [+4.594%; +6.028%]
• 🟥 execution_time [+27.602ms; +33.008ms] or [+4.307%; +5.151%]

[cataphract]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 025f3110d3

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".