The solution of GDB code designed problem in Mac OS X

After MacOS X 10.8, the GDB debugging tool installed will prompt error when used:

Unable to find Mach task port for process-id 28885: (os/kern) failure (0x5).

 (please check gdb is codesigned - see taskgated(8))

This is because the Darwin kernel will refuse to allow gdb to debug another process if you don’t have special rights, since debugging a process means having full control over that process, and that isn’t allowed by default since it would be exploitable by malware. (The kernel won’t refuse if you are root, but of course you don’t want to be root to debug.)
The most up to date method to allow gdb to control another process is to sign it with any system-trusted code signing authority. This is an easy process once you have a certificate (see the section below).


This error occurs because OSX implements a pid access policy which requires a digital signature for binaries to access other processes pids. To enable gdb access to other processes, we must first code sign the binary. This signature depends on a particular certificate, which the user must create and register with the system.


To create a code signing certificate, open the Keychain Access application. Choose menu Keychain Access -> Certificate Assistant -> Create a Certificate…
Choose a name for the certificate (e.g., gdb-cert), set Identity Type to Self Signed Root, set Certificate Type to Code Signing and select the Let me override defaults. Click several times on Continue until you get to the Specify a Location For The Certificate screen, then set Keychain to System.
Double click on the certificate, open Trust section, and set Code Signing to Always Trust. Exit Keychain Access application.


Restart the taskgated service, and sign the binary.

sudokillalltaskgated

s

u

d

o

k

i

l

l

a

l

l

t

a

s

k

g

a

t

e

d

codesign -fs gdb-cert “$(which gdb)”
source http://andresabino.com/2015/04/14/codesign-gdb-on-mac-os-x-yosemite-10-10-2/
On macOS 10.12 (Sierra) and later, you must also
Use gdb 7.12.1 or later Additionally prevent gdb from using a shell to start the program to be debugged. You can use the following command for this inside gdb:
set startup-with-shell off
You can also put this last command in a file called .gdbinit in your home directory, in which case it will be applied automatically every time you start gdb
echo “set startup-with-shell off” >> ~/.gdbinit

Read More: