Robert Muir
Robert Muir
> It has a different SIMD instruction set (Neon). The newer amazon instances actually support SVE which is fantastic. This one gets even less attention, because Apple STILL does not...
The best idea I had for this general issue was https://github.com/apache/lucene/tree/main/dev-tools/aws-jmh Maybe we need to tweak it / bring it up to speed (e.g. it should support java 24 and...
@mikemccand the last time i looked at that one, it was unclear how the copying from heapnative space was working and if the benchie was fair. separately, yes, you are...
These instructions may help you: https://github.com/apache/lucene/blob/main/help/jmh.txt My best advice is to run our benchmarks, if you really care, run with perfasm and look and see what instructions get used.
That one is a little different and using linux `perf` tool, which is also good. it might give you a lot of assembly though and might be tricky to sort...
I think the issue is written up correctly. You'll want to set `-Djava.security.manager=allow` from startup scripts (e.g. `.bat`/`.sh`), and from gradle when running tests? Otherwise `System.setSecurityManager()` will fail. Lucene uses...
Separately, as far as alternatives, I can suggest a few things: 1. Keep the [SystemCallFilter](https://github.com/opensearch-project/OpenSearch/blob/996d33adb22ac6a523962166f3677f8dc6ac9c1f/server/src/main/java/org/opensearch/bootstrap/SystemCallFilter.java). This is unrelated to security manager and will stop RCE dead in its tracks, as...
Another win for stuff like `ingest-attachment` would be to just run the tika server (separate service/container) and have this plugin call out to it with a REST call. IMO it...
I've also made my opinion loudly clear on twitter that removing SecurityManager without replacement is a bad idea for java right now. At least providing a "replacement" first (ideally enabled...
if you think of the entire internet (not just opensearch), i really do feel that something similar to the openbsd `pledge()` api would be at least a minimal replacement. process-wide:...