On 10/04/2024 11:34, Christian Franke via Cygwin wrote:
J M via Cygwin wrote:

Specifically for this problem, I have investigated the problem and can be
related to pipes and antivirus.

while true
echo ABC | grep AAA

It makes the cpu of that antivirus go up.

This is as expected because malware scanners hook into Win32 API's
CreateProcess*() calls which are also used by the fork()/exec()
emulation of Cygwin. Each run of 'grep' above uses at least two
CreateProcess*() calls.

This is very true and depends greatly on the AV being used. I find Trend
is particularly bad, even if you exclude all the Cygwin directories and
directories of files being accessed. Somehow, the way the hooks are
implemented stalls process creation and file open in ways that Windows
Defender does not. This is particularly noticeable when using
Cygwin-based build tools - build times generally increase at least
10-fold after installing Trend.

On one job, I wasted a lot of time and client's money collecting logs
for Trend to analyse to no avail. I think the product is basically very
badly written. The fact that it creates dozens of processes with
hundreds of threads just to do AV scanning does not fill me with confidence!

Wherever possible, I remove third-party AV from Windows machines and
install group policy to enforce Windows Defender and malware detection
in the browser and/or a proxy & the email server instead. Saves a lot of
CPU cycles. :-)

Sam Edge

Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

Reply via email to