X-Recipient: archive-cygwin@delorie.com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:reply-to:subject:to:references:from:message-id :date:mime-version:in-reply-to:content-type :content-transfer-encoding; q=dns; s=default; b=hiC3kQmfmo+hUfOR zbmMVKGVABRdMIaOAPBwg3IVx6/pxU+6MX0NNwC1BR3HOx6Br5oJgKei+TzHn3Xn moe++xKT8hfV9KxdVPAJUMpXQ5FHOhtfqPL0TLMLLQLWWUzDm7gap7tpxHw2JeuC 7KDtJrBveeaS5F4ggCwoEQkyTNU= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:reply-to:subject:to:references:from:message-id :date:mime-version:in-reply-to:content-type :content-transfer-encoding; s=default; bh=vt23ZF5eYuuehv7zJqORPE CbKoQ=; b=lE+FSBJpXu/eGItpharMkFzE/Yay7hHJsIHsIqkZTwsDPXloQSwZZF qDJYZWHZ9c/goJUXo7nDcRwlslx9oDe0A2vX3i5UnJCL0Rzla1o7kW58SzZzHfA/ 3x1cgkR5aZ/tll6G18i4WhsWciqzqx3Fvf6Xh0mkitFMkXrMh6+/0= Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Delivered-To: mailing list cygwin@cygwin.com Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_50,RCVD_IN_DNSWL_NONE,URI_HEX autolearn=no version=3.3.1 spammy=Micro, vulnerability, malware, Jon X-HELO: smtp-out-no.shaw.ca Reply-To: Brian.Inglis@SystematicSw.ab.ca Subject: Re: How can I determine why gdb throws unknown exceptions when debugging programs with threads on my Cygwin installation? To: cygwin@cygwin.com References: <0F7D3B1B3C4B894D824F5B822E3E5A178FDF90A8@IRSMSX102.ger.corp.intel.com> <84846bf94ea446ca9e2cab4935c6eebb@OEM26.oemsurplus.local> From: Brian Inglis Openpgp: preference=signencrypt Message-ID: <27085aa1-2a98-deca-56f1-57f106aea5fa@SystematicSw.ab.ca> Date: Fri, 25 Oct 2019 21:20:00 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: <84846bf94ea446ca9e2cab4935c6eebb@OEM26.oemsurplus.local> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-IsSubscribed: yes On 2019-10-25 20:34, Jay P. Elston wrote: > On October 25, 2019 6:48 AM, Michael Soegtrop wrote: >> It has been reported in the past that antivirus software from Trend Micro >> result in STATUS_GUARD_PAGE_VIOLATION in ntdll!RtlAllocateHeap (). >> See: >> http://cygwin.1069669.n5.nabble.com/XWin-startup-crash-x86-64-Windows-10-td126544.html#a126561 > On the advice of Jon Turney, I ran a "bt f" command after gdb caught the > exception, and it appears that a Trend Micro dll (TmUmEvt64.dll) is where > the error occurs:> This is not a Cygwin problem -- the solution is to be to add the Cygwin bin > directory to Trend Micro's exception list. I will give this a try after I get > our IT department to do this. Trend Micro AV product was exploitable last week, from coordinated public disclosure of a vulnerability on Oct 19, not patched until Oct 25: they were notified Sep 9, and confirmed the issue Sep 25. Update immediately! he Trend Micro AV product does not seem to perform as well, or rate as highly, as the default, free MS Windows Defender, and other better AV packages. Some of their vulnerabilities seem head-slappingly obviously *BAD*, like the latest, allowing any malware called cmd.exe or regedit.exe to be downloaded from anywhere and run without any checks! -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada This email may be disturbing to some readers as it contains too much technical detail. Reader discretion is advised. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple