HttpClientHandler.DangerousAcceptAnyServerCertificateValidator backing field is not being trimmed

[eerhardt]

See the code here:

https://github.com/dotnet/runtime/blob/bd6cbe3642f51d70839912a6a666e5de747ad581/src/libraries/System.Net.Http/src/System/Net/Http/HttpClientHandler.cs#L225

public static Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> DangerousAcceptAnyServerCertificateValidator { get; } = delegate { return true; };

When this public property is not used, the public property is getting trimmed away. However, the private backing field is not getting trimmed. This is causing X509Certificate2 and X509Chain (just the empty classes) to be preserved as well.

The linker should be able to see there are no callers of this backing field and remove it.

cc @vitek-karas @MichalStrehovsky @marek-safar

[MichalStrehovsky]

I see initonly so I assume this is assigned in the .cctor - hence the field is used.

Proving that the store is safe to remove is a pretty hard problem because the store might have side effects.

E.g. here is an example of a field that is only written to and never read in the crossgen2 codebase: https://github.com/dotnet/runtime/blob/a96a64e44f9ebab0ee1b6cab04f57643051a22e9/src/coreclr/src/tools/Common/JitInterface/JitConfigProvider.cs#L31

The purpose of the field is to keep some delegates used from native code alive.

If linker were to remove such "useless" stores, pretty ugly bugs would ensue once GC collects the objects that the native side is not done with.

[marek-safar]

Yeah, this is the size price of static constructors (partially applies to instance ctors as well) and why they ideally should be avoided in size sensitive implementations.

In your case as Michal wrote the linker would have to rewrite .cctor implementation but it has no reasons to do so. You are initializing class field "eagerly" and linker has no reason not to accept that this is what you want to do even if you never read that field.

In theory, we could add very expensive analysis for cases like that but that would have a bad impact on performance whereas a fix on C# side is trivial.

In your case you can fix it with something like

public static DangerousAcceptAnyServerCertificateValidator { get; } = delegate { return true; };

	public static Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> DangerousAcceptAnyServerCertificateValidator => validator ??= delegate { return true; };

	static Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> validator;

[eerhardt]

I've opened dotnet/runtime#37909 to change the pattern used in System.Net.Http.

Thanks for the explanation. Closing.