public inbox for
 help / color / mirror / Atom feed
From: Brian Cowan <>
To: Jon Turney <>,
	"" <>
Subject: RE: Does the Cygwin setup program do internal sanity checks on startup?
Date: Thu, 25 Aug 2022 18:14:15 +0000	[thread overview]
Message-ID: <> (raw)
In-Reply-To: <>

And this was exactly it. I downloaded the latest UPX version, and it crashed on startup. I downloaded the Linux version on another host, copied the setup program to that host and extracted it there. NOW I can update Cygwin...

Brian Cowan
HCL Software
Technical Specialist, ClearCase SWAT

-----Original Message-----
From: Jon Turney <>
Sent: Thursday, August 25, 2022 1:12 PM
To:; Brian Cowan <>
Subject: Re: Does the Cygwin setup program do internal sanity checks on startup?

[CAUTION: This Email is from outside the Organization. Unless you trust the sender, Don't click links or open attachments as it may be a Phishing email, which can steal your Information and compromise your Computer.]

On 25/08/2022 17:52, Adam Dinwoodie wrote:
> On Wed, Aug 24, 2022 at 08:46:10PM +0000, Brian Cowan via Cygwin wrote:
 >>Does the Cygwin setup program do internal sanity checks on startup?

Not as such.  And if it did, the behaviour when the fails should be to say those checks have failed, rather than crash apparently randomly...

>> Why would I ask that question? Because I have a host running a
>> hodgepodge of company-mandated security software, and -- only on that
>> host -- the Cygwin setup tool crashes...
>> Oddities:
>> 1. The crash generates 3 dump files when I use procdump, which is odd
>> since I "normally" only get 2 identical dumps from procdump.
>> 2. A Websense ForcePoint DLP DLL is loaded in the process space,
>> apparently through DLL injection.
>> 3. There seem to be 3 threads started, only one of which is the setup
>> program's "main" function. I had to get that out of a Process Monitor
>> log since the dump files are largely content free.
>> 4. The crash is unique to the setup program. Nothing else appears to
>> fail.
>> The crash is an "illegal instruction" dump, which of course doesn't
>> make a lot of sense... This could be one of the other security
>> packages/policies on this host being "helpful."
>> I need ammunition to take to my internal Mordak's so I can update
>> Cygwin... Sure I can use WSL, but not for everything.
> This sounds like classic "BLODA": applications that interfere with how
> Cygwin provides *nix compatibility.  There's more info in the FAQs at
>;sdata=k%2FghFN8u0Yp5xDsUp8fJ61uceTUpwLEKdF8SRMCFGOk%3D&amp;reserved=0, but in short it seems very likely that this problem is caused by some security software running on this system.

This does indeed sound like interference by some other software.

But the setup program is not a Cygwin executable (it's not linked with the cygwin DLL because (i) it's not present before setup has installed it, and (ii) updating that DLL from setup while setup is using is problematic...

Note that the Cygwin setup executable as distributed is packed with UPX, which could very well interfere with the expectations of a poorly written injected DLL.

(You can reverse that compression by running 'upx -d' on the setup
The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only. E-mail transmission is not guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or may contain viruses in transmission. The e mail and its contents (with or without referred errors) shall therefore not attach any liability on the originator or HCL or its affiliates. Views or opinions, if any, presented in this email are solely those of the author and may not necessarily reflect the views or opinions of HCL or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of this message without the prior written consent of authorized representative of HCL is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately. Before opening any email and/or attachments, please check them for viruses and other defects.

  reply	other threads:[~2022-08-25 18:14 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-08-24 20:46 Brian Cowan
2022-08-25 16:52 ` Adam Dinwoodie
2022-08-25 17:11   ` Jon Turney
2022-08-25 18:14     ` Brian Cowan [this message]
2022-08-28 15:46       ` Jon Turney
2022-08-31 12:14         ` Brian Cowan
2022-09-03 13:02           ` Andrey Repin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).