General: DevForums subtopic: App & System Services > Core OS Core OS is a catch-all subtopic for low-level APIs that don’t fall into one of these more specific areas: Processes & Concurrency Resources Files and Storage Resources Networking Resources Network Extension Resources Security Resources Virtualization Resources Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"

Installing ZFSFSKit.appex ? /Library/ExtensionKit/Extensions/ Substituting real Mach-O (libtool wrapper ? .libs/ZFSFSKit) Installing zfs.fs ? /Library/Filesystems/ mount_zfs: Mach-O 64-bit executable arm64 Done. Signing (before pluginkit, so it sees a valid signature)... Re-signing /Library/ExtensionKit/Extensions/ZFSFSKit.appex ad-hoc (no identity). Note: requires amfi_get_out_of_my_way=1 in boot-args. Team ID: ADHOC /Library/ExtensionKit/Extensions/ZFSFSKit.appex: replacing existing signature Done. Signature: Identifier=org.openzfsonosx.filesystems.zfs.fsext Signature=adhoc TeamIdentifier=not set Entitlements: <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "https://www.apple.com/DTDs/PropertyList-1.0.dtd"><plist version="1.0"><dict><key>com.apple.application-identifier</key><string>ADHOC.org.openzfsonosx.filesystems.zfs.fsext</string><key>com.apple.developer.fskit.fsmodule</key><true/><key>com.apple.developer.team-identifier</key><string>ADHOC</string><key>com.apple.security.app-sandbox</key><true/></dict></plist> Registering with pluginkit... pluginkit -a done. Restarting fskitd... # sudo pluginkit -v -m -p com.apple.fskit.fsmodule + org.openzfsonosx.filesystems.zfs.fsext((null)) 6A12A41280FB-4190-B957-FA94DC89BB1E 2026-05-29 01:17:58 +0000 /Library/ExtensionKit/Extensions/ZFSFSKit.appex # sudo mkdir /Volumes/tank # sudo mount -F -t zfs /dev/disk4 /Volumes/tank # ls -la /Volumes/tank total 3 drwxr-xr-x 3 lundman staff 4 May 29 09:21 . drwxr-xr-x 4 root wheel 128 May 29 10:18 .. -rw-r--r-- 1 lundman staff 11 May 29 09:21 file.txt drwxr-xr-x 2 lundman staff 2 May 29 09:21 HelloWorld # cat /Volumes/tank/file.txt HelloWorld Even though FSKit isn't quite ready, I built a proof-of-concept FSKit extension to understand what the migration path looks like. This post shares what we got working, specific technical findings that weren't documented, and the gaps we hit that would need Apple's attention for a production implementation. Luckily, OpenZFS already compiles in userland for the "zdb" utility so not much work was required on that side. There were certain amount of desperation applied when we came across hurdles, so possibly some assumptions we formed are not correct. (We didn't go back and confirm the problem after it started working).

Hi, we're only seeing 15.6.1 IPSW available for VMs. Where can we find latest and secure versions of macOS IPSW on https://updates.cdn-apple.com/*/fullrestores/ ? Is there an official list somewhere that Apple provides? We need to be sure we can create the latest 15.7.7 VMs with automation and not rely on inner VM upgrades of MacOS.

I have an app with a system network extension. After app upgrade some customers experience broken XPC that they fix by restarting the computer. The app cannot recover by re-launching the tunnel or retrying xpc after 3 seconds. I do OSSystemExtensionRequest.activationRequest on app start and actionForReplacingExtension has .replace. I haven't experienced this before and I don't think I've changed anything, so perhaps macOS 26 has changed xpc handling. Current fix proposal is to deactivate&activate the sysext when vpn is connected, but xpc fails to connect. It's better than computer restart, but it's still not a nice user experience, because user action is required to reenable the sysext. Do you have better ideas? The system logs below show failed xpc connection after upgrade 2026-05-21 12:09:43.017192-0700 0x5b640 Default 0x0 1 0 launchd: [system:] service inactive: NetworkExtension.com.company.macos.stg.tunnelprovider.2026.124.124909 2026-05-21 12:09:43.132350-0700 0x5b7f5 Default 0x0 1 0 launchd: [system/NetworkExtension.com.company.macos.stg.tunnelprovider.2026.124.124909 [78132]:] Successfully spawned com.company.macos.stg.tunnelprovider[78132] because xpc event 2026-05-21 12:09:43.192084-0700 0x5bd02 Default 0x0 78132 0 com.company.macos.stg.tunnelprovider: (libxpc.dylib) [com.apple.xpc:connection] [0x103b01f70] activating connection: mach=true listener=true peer=false name=6GX8KVTR9H.com.company.stg.service 2026-05-21 12:09:43.195957-0700 0x5b640 Default 0x0 1 0 launchd: [system:] failed lookup: name = com.apple.pasteboard.1, requestor = com.company.ma[78132], error = 3: No such process 2026-05-21 12:09:43.246588-0700 0x5b640 Default 0x0 1 0 launchd: [system:] failed lookup: name = com.apple.securityd.xpc, requestor = com.company.ma[78132], error = 3: No such process 2026-05-21 12:09:43.994210-0700 0x5b47a Default 0x0 1 0 launchd: [gui/501 [100025]:] service inactive: application.com.company.macos.stg.155106945.155106951 2026-05-21 12:09:43.996937-0700 0x5b47a Default 0x0 1 0 launchd: [gui/501 [100025]:] removing service: application.com.company.macos.stg.155106945.155106951 2026-05-21 12:09:50.175890-0700 0x5be9d Default 0x0 78205 0 Company Stg: (libxpc.dylib) [com.apple.xpc:connection] [0xc32c92080] activating connection: mach=true listener=false peer=false name=com.company.macos.stg-spks 2026-05-21 12:09:50.175937-0700 0x5b7f5 Default 0x0 1 0 launchd: [gui/501 [100025]:] failed lookup: name = com.company.macos.stg-spks, requestor = Company Stg[78205], error = 3: No such process 2026-05-21 12:09:50.602809-0700 0x5b7f5 Default 0x0 1 0 launchd: [system/NetworkExtension.com.company.macos.stg.tunnelprovider.2026.140.125099:] The endpoint "6GX8KVTR9H.com.company.stg.service" defined in plist already exists and is owned by: NetworkExtension.com.company.macos.stg.tunnelprovider.2026.124.124909 2026-05-21 12:09:50.605301-0700 0x5b7f5 Default 0x0 1 0 launchd: [system:] service inactive: NetworkExtension.com.company.macos.stg.tunnelprovider.2026.124.124909 2026-05-21 12:09:50.605302-0700 0x5b7f5 Default 0x0 1 0 launchd: [system:] removing service: NetworkExtension.com.company.macos.stg.tunnelprovider.2026.124.124909 2026-05-21 12:09:50.662682-0700 0x5b47a Default 0x0 1 0 launchd: [system/NetworkExtension.com.company.macos.stg.tunnelprovider.2026.140.125099 [78238]:] Successfully spawned com.company.macos.stg.tunnelprovider[78238] because xpc event 2026-05-21 12:09:52.396190-0700 0x5bfd6 Default 0x0 78238 0 com.company.macos.stg.tunnelprovider: (libxpc.dylib) [com.apple.xpc:connection] [0x103839c60] activating connection: mach=true listener=true peer=false name=6GX8KVTR9H.com.company.stg.service 2026-05-21 12:09:52.396217-0700 0x5bfcf Default 0x0 1 0 launchd: [system:] failed activation: name = 6GX8KVTR9H.com.company.stg.service, flags = 0x0, requestor = com.company.ma[78238], error = 1: Operation not permitted 2026-05-21 12:09:52.399064-0700 0x5b47a Default 0x0 1 0 launchd: [system:] failed lookup: name = com.apple.pasteboard.1, requestor = com.company.ma[78238], error = 3: No such process 2026-05-21 12:09:52.450706-0700 0x5bfcf Default 0x0 1 0 launchd: [system:] failed lookup: name = com.apple.securityd.xpc, requestor = com.company.ma[78238], error = 3: No such process 2026-05-21 12:09:52.607836-0700 0x5be9d Default 0x0 78205 0 Company Stg: (libxpc.dylib) [com.apple.xpc:connection] [0xc3295d7c0] activating connection: mach=true listener=false peer=false name=6GX8KVTR9H.com.company.stg.service 2026-05-21 12:09:52.607964-0700 0x5b47a Default 0x0 1 0 launchd: [system:] failed lookup: name = 6GX8KVTR9H.com.company.stg.service, flags = 0x8, requestor = Company Stg[78205], error = 3: No such process 2026-05-21 12:09:55.610528-0700 0x5be9d Default 0x0 78205 0 Company Stg: (libxpc.dylib) [com.apple.xpc:connection] [0xc3295de00] activating connection: mach=true listener=false peer=false name=6GX8KVTR9H.com.company.stg.service 2026-05-21 12:09:55.610694-0700 0x5b47a Default 0x0 1 0 launchd: [system:] failed lookup: name = 6GX8KVTR9H.com.company.stg.service, flags = 0x8, requestor = Company Stg[78205], error = 3: No such process

Hello, I filed Feedback FB22859649 about nested virtualization for macOS guests and would like to confirm the supported API surface / limitation through Developer Forums as well. We are using Virtualization.framework to run macOS guests on Apple silicon hosts. The use case is isolated macOS VM workspaces for development and AI-agent automation. In those workspaces, developers often need to run container or VM-backed tooling inside the guest, for example Apple Container workflows, Docker/Colima/Lima-style Linux VM workflows, local Kubernetes, CI sandboxes, testcontainers, or local MCP server stacks that expect hardware-assisted virtualization from inside macOS. Environment I used for the Feedback: Apple silicon host: MacBook Air with Apple M4 Host OS: macOS 26.5 build 25F71 Xcode: 26.5, macOS SDK 26.5 Guest type: macOS VM configured through Virtualization.framework with VZMacOSBootLoader and VZMacPlatformConfiguration From the current SDK headers, I see nested virtualization support exposed on VZGenericPlatformConfiguration via nestedVirtualizationSupported and nestedVirtualizationEnabled. VZMacOSBootLoader says a macOS guest must use VZMacPlatformConfiguration, and VZMacPlatformConfiguration does not appear to expose an equivalent nested virtualization property. Could Apple/DTS please confirm the intended support boundary? Is nested virtualization currently supported for macOS guests created with Virtualization.framework on Apple silicon using VZMacPlatformConfiguration? If not, should this be treated as an intentional current limitation of macOS guests / VZMacPlatformConfiguration rather than a missing configuration option? Is there a supported host-side API or validation behavior to detect this limitation before creating or starting the VM? Is there any supported workaround for container workflows inside a macOS guest that require a nested Linux VM or hypervisor, or is the recommended architecture to run those container/VM workloads on the host or in a Linux guest instead? I am not asking for roadmap or ETA. I am trying to document the correct supported behavior and avoid misleading users of macOS VM workspace tools when container or AI-agent workflows fail because the macOS guest cannot run its own virtualization backend. The broader impact is that disposable macOS VM workspaces are a strong isolation boundary for GUI automation, browser/app state, credentials, local files, and agent runtime state. Without a supported nested virtualization path, the GUI side of the workspace can run in a macOS guest, but common container-backed developer workflows have to move outside that workspace. Thank you.

Environment macOS Version: 26.1 Xcode Version: 16.2 Description I'm developing a custom file system using FSKit and have encountered an issue where the removeItem(_:named:fromDirectory:) method in my FSVolume.Operations implementation is not being invoked when attempting to delete files or directories through Finder or the command line. Implementation My volume implements the required FSVolume.Operations protocol with the following removeItem implementation: func removeItem( _ item: FSItem, named name: FSFileName, fromDirectory directory: FSItem ) async throws { logger.info("remove: \(name)") if let item = item as? MyFSItem, let directory = directory as? MyFSItem { directory.removeItem(item) } else { throw fs_errorForPOSIXError(POSIXError.EIO.rawValue) } } Steps to Reproduce Mount the custom FSKit-based file system using: mount -F -t MyFS /dev/diskX /tmp/mountpoint Create files using Finder or terminal (works correctly - createItem is called) Attempt to delete a file using any of the following methods: Terminal command: rm -rf /path/to/mounted/file option + cmd + delete to remove the file in Finder Expected Behavior The removeItem(_:named:fromDirectory:) method should be called, logging "remove: [filename]" and removing the item from the directory's children collection. Actual Behavior The removeItem method is never invoked. No logs appear from this method in Console.app. The deletion operation either fails silently or returns an error, but the callback never occurs. Additional Context Working operations: Other operations work correctly including: createItem - files and directories can be created lookupItem - items can be looked up successfully enumerateDirectory - directory listing works read and write - file I/O operations work correctly Volume state: The volume is properly mounted and accessible Files can be created, read, and written successfully Volume capabilities configured: var supportedVolumeCapabilities: FSVolume.SupportedCapabilities { let capabilities = FSVolume.SupportedCapabilities() capabilities.supportsHardLinks = true capabilities.supportsSymbolicLinks = true capabilities.supportsPersistentObjectIDs = true capabilities.doesNotSupportVolumeSizes = true capabilities.supportsHiddenFiles = true capabilities.supports64BitObjectIDs = true capabilities.caseFormat = .insensitiveCasePreserving return capabilities } Questions Are there specific volume capabilities or entitlements required for removeItem to be invoked? Is there a specific way deletion operations need to be enabled in FSKit? Could this be related to how file permissions or attributes are set during createItem? Are there any known issues with deletion operations in the current FSKit implementation? Do I need to implement additional protocols or set specific flags to support item deletion? Any guidance would be greatly appreciated. Has anyone successfully implemented deletion operations in FSKit? Thank you!

We are developing a DLP agent that uses a NETransparentProxyProvider to perform traffic inspection and modification. Our architecture currently includes: LaunchAgent, which monitors user session activity (login/logout, session activation) Container App, which: installs and activates a System Extension creates and saves the NETransparentProxyManager configuration starts the transparent proxy via startVPNTunnel. We would like to automate the startup of the Transparent Proxy for all users, including newly created users, in a way that is fully supported by macOS. We are looking for official guidance on the correct and supported mechanism for starting a user‑level Network Extension (specifically NETransparentProxyProvider) automatically at user login. Questions: What is the recommended and supported way to automatically start a NETransparentProxyProvider at user login? Are there any constraints or best practices we should follow when designing an automatic startup flow for a Network Extension such as NETransparentProxyProvider? We would appreciate official clarification on the supported deployment patterns for starting a user‑level Transparent Proxy Network Extension automatically in multi‑user enterprise environments.

I face this issue only on macOS 26 and only on the Intel architecture. I'm unable to download files from a file provider's folder when I make them read-only. STEPS TO REPRODUCE Download the sample from https://developer.apple.com/documentation/fileprovider/synchronizing-files-using-file-provider-extensions?language=objc Follow the steps on the page to configure the project. Build the project. Run it. Add a domain. Open the domain's folder in the Finder. Move a file to the domain's folder. Right-click on the file in the domain's folder and select "Remove Download". Close the Finder's window with the domain's folder and kill all the "Provider" processes to get rid of running instances of the extension. Change Item's capabilities in Item.swift to make the items read-only: var result: NSFileProviderItemCapabilities = [ .allowsContentEnumerating, .allowsReading ] Rebuild the project and run it. Open the domain's folder and try to drag and drop the file from the extension's folder to, let's say, the Desktop folder. EXPECTED RESULT The file is copied ACTUAL RESULT A dialog pops up with text "The file “filename” cannot be downloaded. Do you want to skip it?" Stop/Skip

Hello, I am working on a DLP (Data Leak Prevention) agent which must programmatically install our custom Root CA certificate into the System Keychain with the "Always Trust" policy. This is required for our network inspection module. The installation process is currently handled by a LaunchDaemon. I am using the following command: security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain The certificate is successfully added to the System Keychain, but the "Always Trust" policy is completely ignored. The certificate remains untrusted until the user manually opens System Settings and explicitly changes the trust settings. Our DLP agent is specifically designed for environment where MDM is not present and we can not rely on MDM to push profiles. Is it officially possible to set "Always Trust" for certificate programmatically from a LaunchDaemon? Thank you in advance!

Just wondering if anyone ran into this issue. I use NetFSMountURLSync for my application with which I allow the user to use a custom path as a mount point (instead of "/Volumes"). This has worked just fine for at least a decade now, but ... since the Tahoe 26.4 "update" mounting to a custom path only generates errors. Note: Mounting to "/Volumes" works correctly (mountpoint = NIL). Since I'm unaware of any changes; is this a bug introduced by Tahoe 26.4, or should I be using a different function to mount a network share?

The total physical memory of 3GB iOS devices is very tight. After system memory occupation, the available memory for third-party apps is extremely insufficient, leading to frequent OOM termination. Enabling or disabling JavaScriptCore causes a huge difference in app memory crash threshold. Without JSC, the app will crash at only 1.52GB memory usage, which severely restricts normal business running. The common 4MB and 8MB memory allocation used in our project falls into the high memory fragmentation range defined by libmalloc, resulting in the lowest memory crash limit and worst stability. Our core business relies heavily on JSC environment for JS interaction, resource rendering and dynamic logic execution. We cannot shut down JSC, but 3GB devices still face serious memory shortage even with JSC enabled. Mass users with 3GB RAM old iOS devices suffer from frequent app crashes, freeze, background kill and loading failure, which badly damage user experience and product reputation. We have finished all app-level memory optimization: adjust allocation size, optimize memory release, reduce resident memory, but still cannot break through the fixed memory crash limit. There is no effective solution on application layer. We sincerely ask Apple official engineers to provide official suggestions, system-level memory tuning solutions and JSC memory scheduling optimization guidance to solve the memory limit bottleneck on 3GB RAM iOS devices.

Hello, I am working on a DLP system for macOS. The application must analyze and potentially block network traffic. Currently, I am using NETransparentProxyProvider for traffic analysis and looking for the best solution to block network traffic. I believe the blocking can be implemented by capturing the flow and choosing not to proxy/forward it further (dropping it). However, I am unsure how the OS and other applications will react to this approach. As far as I know, macOS provides a dedicated NEFilterDataProvider (Content Filter) specifically designed for traffic filtering and blocking. I have two questions regarding the architecture: Is it safe to block flows directly using a Transparent Proxy? Will dropping/ignoring the flow without forwarding it cause any unexpected system behavior, socket hangups, or performance issues? Or is it highly recommended to strictly use a Content Filter (NEFilterDataProvider) for the blocking aspect? Can a single container app install and manage more than one Network Extension in the system? For example, if the best practice dictates separating the logic, can my single DLP macOS application bundle and install both a Transparent Proxy (for analysis/routing) and a Content Filter (for blocking) simultaneously? Thank you in advance!

I’ve developed a virtual machine manager application using the macOS Virtualization framework. The application currently supports both NAT and bridged networking configurations. I’m now looking to implement host-only networking, where the guest VM can communicate with the host but not with external networks. Is this networking mode supported by the Virtualization framework, and if so, what is the recommended approach to set it up? Additionally, I would like to implement port forwarding from the host to the guest (e.g., redirecting traffic from a specific port on the host to a port on the guest). Is there a way to configure port forwarding using the built-in APIs of the Virtualization framework, or would this require a custom networking solution? Any guidance or best practices for implementing these features within the constraints of the framework would be greatly appreciated.

I’m trying to understand the intended macOS File Provider behavior when unsynchronised local files exist inside a provider volume that gets deleted. Scenario: A local file is moved (not copied) from a normal filesystem location into a File Provider-backed cloud volume. The provider is disabled/offline or upload is pending, so the file has not yet synchronised to the cloud. The File Provider volume/domain is then deleted from Finder and the deletion is confirmed. In this situation, the unsynchronised file appears to be lost entirely instead of being moved to ~/.Trash. My question is: Why doesn’t macOS preserve unsynchronised local content by automatically moving it to Trash before removing the File Provider domain? From a user perspective, Finder presents the provider volume as a normal filesystem hierarchy, so deleting the volume feels equivalent to deleting a local folder or mounted drive, where local-only files would normally be recoverable via Trash. Is the current behavior expected because: File Provider storage is treated as provider-managed cache rather than canonical filesystem data? Finder delegates deletion semantics entirely to the provider extension? The backing files may not exist as normal files at deletion time? Or are providers expected to implement their own recovery/trash logic? More generally: Is there an Apple-recommended pattern for preventing loss of unsynchronised files during domain removal? Are providers expected to retain pending uploads somewhere recoverable? Is there any supported API for preserving unsynced local items before deleting a domain? I’m asking because this behavior can easily lead to unexpected data loss when users assume Finder trash semantics apply to File Provider volumes.

I’m trying to understand the intended macOS File Provider behavior when unsynchronised local files exist inside a provider volume that gets deleted. Scenario: A local file is moved (not copied) from a normal filesystem location into a File Provider-backed cloud volume. The provider is disabled/offline or upload is pending, so the file has not yet synchronised to the cloud. The File Provider volume/domain is then deleted from Finder and the deletion is confirmed. In this situation, the unsynchronised file appears to be lost entirely instead of being moved to ~/.Trash. My question is: Why doesn’t macOS preserve unsynchronised local content by automatically moving it to Trash before removing the File Provider domain? From a user perspective, Finder presents the provider volume as a normal filesystem hierarchy, so deleting the volume feels equivalent to deleting a local folder or mounted drive, where local-only files would normally be recoverable via Trash. Is the current behavior expected because: File Provider storage is treated as provider-managed cache rather than canonical filesystem data? Finder delegates deletion semantics entirely to the provider extension? The backing files may not exist as normal files at deletion time? Or are providers expected to implement their own recovery/trash logic? More generally: Is there an Apple-recommended pattern for preventing loss of unsynchronised files during domain removal? Are providers expected to retain pending uploads somewhere recoverable? Is there any supported API for preserving unsynced local items before deleting a domain? I’m asking because this behavior can easily lead to unexpected data loss when users assume Finder trash semantics apply to File Provider volumes.

I’m trying to understand which storage capacity key is the correct one to use when deciding whether my app can start downloading offline video content. I read the documentation here: https://developer.apple.com/documentation/foundation/checking-volume-storage-capacity but I still don’t fully understand the intended usage difference between: volumeAvailableCapacityKey volumeAvailableCapacityForImportantUsageKey My app allows users to download videos for offline viewing. These downloads may remain on the device for a long time (days or even months), so they are not just temporary cache files. On one hand, this seems to match the description of “storing data based on a user request”, which suggests using volumeAvailableCapacityForImportantUsageKey. On the other hand, my understanding is that this value may assume the system is willing to aggressively purge caches and reclaim space for this “important usage”. I’m worried this could lead to unexpected or unpleasant side effects for the user if my app relies on that space. What confuses me even more is that the values are significantly different on my device: iPhone Settings reports about 142 GB free volumeAvailableCapacityKey returns only ~56 GB volumeAvailableCapacityForImportantUsageKey returns ~132 GB So my question is: For an app that downloads videos for offline playback — where the user explicitly requested the download, but the content may stay on device for a long time — which value is the recommended one to use when deciding whether there is enough free space to start the download? Should offline media downloads generally be treated as “important usage” in the sense intended by this API?

Model Name: MacBook Air Model Identifier: Mac17,3 I know it's possible to retrive model-identifier by running the command "sysctl hw.model", but is there another key to retrieve the model-name? ("MacBook Air" instead of "Mac17,3")

Hi, I am displaying the running linux ubuntu VM in VzVirtualMachineView. I wouldl like to simulate right click by calling vZVirtualMachineView.rightMouseDown to trigger right click on the guest. I tried it and it does not work. For mac os guests it is working. For linux guests it is not working Any help would be appreciated to fix the issue.

Hi guys, I am building a custom virtualization utility for macOS using the native Virtualization Framework. My goal is to allow local guest virtual machines to run in Bridged Mode (VZBridgedNetworkDeviceAttachment) so they can acquire their own distinct local IP address from my router and expose service ports directly to the local network. When attempting to compile and run my app with the com.apple.vm.networking entitlement, Xcode throws the following error:"Entitlement com.apple.vm.networking not found and could not be included in profile. This likely is not a valid entitlement and should be removed from your entitlements file" I understand that this is a restricted capability that is hidden from the standard Apple Developer Portal by default. I have already reached out via email to Apple Developer Support to request it, but I have not received a definitive answer on the process or exact entitlement string name. For those who have successfully shipped or tested a virtualization app with bridged networking, Is com.apple.vm.networking the correct string name for modern macOS versions, or is there a newer, specific identifier required? What is the actual entitlement that i should see in my developer account? I can't seem to find it in the docs as well. Would it be called "VM Networking" Thanks,

On macOS Tahoe 26.5 and happening since 26.0 each time I search for document inside iCloud I get a jetsam event.

Hello Everyone, Like probably several other Enterprise customers and more, we have been bitten by a bug with regards to VPN and Endpoint Security and the new M5 / M5 Pro SoCs shipping in the latest MacBook devices. I have raised the following feedback IDFB22753954 (which itself references an internal issue I believe, if we need to mark it as a dupe: 172793638 ). The technical sequence leading to the crash is as follows I believe: The macOS system process neagent successfully initializes the GlobalProtect network extension. The GP Network extension transitions from an 'inactive' state to a 'running' state. As network traffic begins flowing through the extension, a critical flaw in the macOS kernel's memory allocation (specifically related to the Apple Network Extension framework) is triggered. This memory management failure at the kernel level results in a kernel panic at an unpredictable point during packet processing. Because this is a core operating system vulnerability, any third-party application or security solution that leverages Apple's Network Extension framework is susceptible to these crashes. This has been confirmed across multiple vendors within the cybersecurity industry from what I understand. Crashes_M5Pro_1.txt Thank you in advance for your help! Kind Regards, Goffredo