This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Confusion re: use of rebaseall vs. rebase to relieve BitDefender woes REDUX


Eliot Moss wrote:

Any progress?



Well, I still don't have it working. But I did learn some rather startling things about ash.exe and cygwin1.dll.

As always, this will seem overlong.  But I've worked in the IT industry for
28 years, and I've learned that it's always the one datum you don't mention
that contains the key to the problem solution.

I have a tool called ProcessExplorer which shows me a much richer
information set than does windows's task manager.  In particular, it lets
me search all running processes for file handles or DLLs containing a given
string.  So after I reconstituted the input files, I began to run through
your process, monitoring closely to see which DLLs got opened as I did.

So before I ran cmd.exe, I opened ProcessExplorer and searched for the
strings "cyg" and "bash."  ProcessExplorer find no instance of those strings
among the running process's DLLs or handles.

Then I opened the cmd.exe window:

    Microsoft Windows [Version 6.1.7600]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

And repeaded the ProcessExplorer test.  As before, it shows no handles or DLLs
containing the strings "cyg" or "bash".

Now cd to c:\cygwin,

C:\Users\Ed>cd \cygwin\

and a ProcessExplorer search for string "cyg" finds the following:

    Handle or DLL substring:	cyg
    ===============================
    Process		PID	Type	Handle or DLL
    -------------------------------------------------
    cmd.exe		5460	Handle	C:\cygwin

Harmless. That's just cmd.exe's handle for the cygwin directory.

Now start ash from within cmd.exe window with "bin\ash.exe":

    C:\cygwin>bin\ash.exe
    $ pwd
    /
    $

And the ProcessExplorer search for string "cyg" shows the following quite
disappointing results:

    Handle or DLL substring:	cyg
    ===============================
    Process	PID	Type	Handle or DLL
    -------------------------------------------------
    ash.exe	3444	DLL	C:\cygwin\bin\ash.exe
    ash.exe	3444	DLL	C:\cygwin\bin\cygwin1.dll
    ash.exe	3444	Handle	C:\cygwin
    ash.exe	3444	Handle	\BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb
    ash.exe	3444	Handle	\BaseNamedObjects\cygwin1S5-c5e39b7a9d22fafb\shared.5
    ash.exe	3444	Handle	\Sessions\1\BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb
    ash.exe	3444	Handle	\BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb\S-1-5-21-960314295-2209531045-2725553256-1000.1
    ash.exe	3444	Handle	\BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb\tty_list:mutex.0
    ash.exe	3444	Handle	\BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb\cygpid.3444
    ash.exe	5460	Handle	C:\cygwin

Now exit ash:

$ exit

C:\cygwin>

and ProcessExplorer's search on string "cyg" reverts to looking precisely as
it did prior to firing up ash.exe:

    Handle or DLL substring:	cyg
    ===============================
    Process		PID	Type	Handle or DLL
    -------------------------------------------------
    cmd.exe		5460	Handle	C:\cygwin

Now for completeness's sake, and not as an exercise in grasping at straws,
I now retried the above from the cmd.exe window WITHOUT cd'ing to the \cygwin
directory (No, I can't think of any reason why it should work differently,
either.  I was just looking for anomalies.).

Performing the ProcessExplorer search for string "cyg" again shows us almost
the exact same results as the last time we ran ash.exe,
disappointing results:

    Handle or DLL substring:	cyg
    ===============================
    Process	PID	Type	Handle or DLL
    -------------------------------------------------
    ash.exe	4368	DLL	C:\cygwin\bin\ash.exe
    ash.exe	4368	DLL	C:\cygwin\bin\cygwin1.dll
    ash.exe	4368	Handle	\BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb
    ash.exe	4368	Handle	\BaseNamedObjects\cygwin1S5-c5e39b7a9d22fafb\shared.5
    ash.exe	4368	Handle	\Sessions\1\BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb
    ash.exe	4368	Handle	\BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb\S-1-5-21-960314295-2209531045-2725553256-1000.1
    ash.exe	4368	Handle	\BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb\tty_list:mutex.0
    ash.exe	4368	Handle	\BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb\cygpid.3444

And as a final test, and because I am a masochist, I decided to see if things
worked differently if I launched ash.exe by double-clicking its icon from
within a Windows Explorer window. The results were the same as running ash.exe
from within cmd.exe:

    Handle or DLL substring:	cyg
    ===============================
    Process	  PID	  Type	  Handle or DLL
    -------------------------------------------------
    explorer.exe  1576	  Handle  C:\cygwin
    explorer.exe  1576	  Handle  C:\cygwin
    explorer.exe  1576	  Handle  C:\cygwin\bin
    explorer.exe  1576	  Handle  C:\cygwin\bin
    ash.exe	  4140	  DLL	  C:\cygwin\bin\ash.exe
    ash.exe	  4140	  DLL	  C:\cygwin\bin\cygwin1.dll
    ash.exe	  4140	  Handle  C:\cygwin\bin
    ash.exe	  4140	  Handle  \BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb
    ash.exe	  4140	  Handle  \BaseNamedObjects\cygwin1S5-c5e39b7a9d22fafb\shared.5
    ash.exe	  4140	  Handle  \Sessions\1\BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb
    ash.exe	  4140	  Handle  \BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb\S-1-5-21-960314295-2209531045-2725553256-1000.1
    ash.exe	  4140	  Handle  \BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb\tty_list:mutex.0
    ash.exe	  4140	  Handle  \BaseNamedObjects\cygwin1S5-c5e39b7a9d22bafb\cygpid.4140

Again, I could think of no reason why the results should have been different,
but windows being what it is, I thought it best to check.

I'm flummoxed by all this, frankly.  I've been told many times that ash.exe
does not tickle the cygwin1.dll libraries, and I believe that.  But for some
obscure reason, when ash.exe runs on MY system, the first thing it does is
flout that fact by running off and getting in bed with cygwin1.dll.

Any ideas?

Any reason I can't run the rebase and peflags commands from with cmd.exe?  Are
they "pure" windows executables, in other words?

Thanks!

-- Ed










-- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]