tags:

views:

120

answers:

2
+1  Q: 

Under a debugger

How do I detect in my program that it's being run under a debugger? I am aware that this seems to indicate that I try to do something I shouldn't, and that is too messy. I think it is an interesting question tho. Specifically, is there a way to do it in a POSIX environment? For example using sigaction (2) to detect that some handler is installed? Even a worse thought; is there some inline assembly code I could use on an x86 architecture?

As we discuss it -- would it eventually be possible to launch a debugger, such as gdb (1), and break at the place where you perform this possible hack. Thanks for any dirty one-liners or unlikely references to standards related to this.

+3  A: 

Does this article help?

It suggests, amongst other things:

  • file descriptors leaking from the parent process
  • environment variables ($_)
  • process state (getsid(), etc).

Note that most (if not all) of these rely on the debugger spawning the process that's being debugged. They're not so effective if the debugger is attached to a process that's already running.

Alnitak  2009-05-09 13:01:25
seems that the heuristic (getsid()!=getppid() there's no stable way to do this. The best I found till now is to check $_ with an ending in "/gdb". Thanks!
hept  2009-05-09 16:07:30
+1  A: 

There is no reliable way to detect that you are running under a debugger. That's because a debugger may use any number of methods to actually debug your code, some of which will almost certainly not be caught by your method.

My question is, why would you care? Unless you're trying to hide something :-)

paxdiablo  2009-05-09 13:02:52
I'm not hiding anything. A few times I've thought it would be nice to set breakpoints automatically in my program in the case that theres a debugger on me. But what I've much more wanted at difficult times is to spawn a gdb (1) from my daemon attaching it to my daemon and to some local TCP port as its stdio. I would await on that port to start my session. Say there appears to be a broken invariant in the process that occurs only in a production network.
hept  2009-05-09 16:16:20
I have a vague recollection that xdb (another debugger I used a while ago) was scriptable (load program, set breakpoint, run, etc). That may be one approach to automatically do it albeit by the debugger rather than your program.
paxdiablo  2009-05-10 00:03:34

related questions

any good tool for makefile generation?
How do you pass a function as a parameter in C?
Where should a veteran C programmer start in order to master Java ?
Any good book on best practice and guidelines in developing a SDK in C?
How do you determine the size of a file in C?
Decoding printf statements in C (Printf Primer)
Shift operator in C
How to avoid redefining VERSION, PACKAGE, etc.
Alpha blending sprites in Nintendo DS Homebrew
When should I use type abstraction in embedded systems
How to implement continuations?
What are the barriers to understanding pointers and what can be done to overcome them?
Anyone have experience creating a shared library in MATLAB?
String.indexOf function in C
Passing multidimensional arrays as function arguments in C
C/C++ library for reading MIDI signals from a USB MIDI device
Choosing a static code analysis tool
How do you printf an unsigned long long int?
Good STL-like library for C.
Rockbox audio format
Why am I getting a malloc: double free error with realloc()?
Should I learn C?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS