This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

BitDefender again


BitDefender AntiVirus 2009 and Cygwin got along fine, but when I upgraded to 2010 all my Cygwin-based apps started crashing. If I turn off their "Active Virus Control" the problem goes away.

They offer this advice:

=====================================
There is an incompatibility between cygwin and BitDefender AVC (Behavioral Scanner).


I'm going to get a little bit technical here in order to explain in detail what is happening :

Unfortunately, cygwin1.dll has a hardcoded image loading base (0x61000000) wich conflicts with one of the BitDefender AVC plugins injected into processes for monitoring their behaviour. Since, to offer maximum protection, the BitDefender AVC dlls are among the first to be loaded in the address space of any process, and well before cygwin1.dll, the cygwin1.dll cannot load at its desired image base, thus generating crashes. In a general purpose DLL written for Windows, this is not a problem, since such dll can work being loaded at any imagebase. But this is not the case for cygwin, wich insists on loading at the fixed address, and if not, generating crashes.

Now, how to fix :

1. Temporary disable AVC (BitDefender->Antivirus->Advanced Settings, uncheck AVC).
2. Make sure all cygwin applications are closed.
3. Open a cmd line and enter the following :
cd c:\cygwin\bin
copy cygwin1.dll cygwin_orig.dll
copy cygwin1.dll cygwin_tmp.dll
rebase -b 0x35000000 cygwin_tmp.dll
copy cygwin_tmp.dll cygwin1.dll
4. Reenable AVC (BitDefender->Antivirus->Advanced Settings, check AVC)


Try now to run cygwin.

By doing the above, we remapped cygwin1.dll to another imagebase (0x35000000). If it still does not work, please try remapping at various imagebases (such as 0x30000000 or 0x40000000 or 0x25000000 etc) until you find one that works.
=======================================


I have a very limited understanding here, enough to run rebaseall (which I've done) and that's about it. Can someone please interpret the above for me and tell me if there's anything I can do besides shop for a new AV vendor (again :)



--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]