General: DevForums subtopic: App & System Services > Core OS Core OS is a catch-all subtopic for low-level APIs that don’t fall into one of these more specific areas: Processes & Concurrency Resources Files and Storage Resources Networking Resources Network Extension Resources Security Resources Virtualization Resources Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"

Hi, I am currently in the process of writing a fskit extension. My goal is it to implement something similar like unionfs/mergerfs with fskit. For this to work my extension requires access to a set of user provided file paths. I use FSGenericURLResource with query parameters for this. But the sandbox restrictions make this impossible. This is why I tried to implement a privileged helper, but this makes it even more complicated and slower. Is there a way to disable the sandbox restrictions for the extension? I don't plan any app store publishing which makes this even more frustrating. When I remove the sandbox entitlement, I can't load the plugin with pluginkit -a anymore. Or is there any other recommend way, except a privileged helper? Another question I have on my mind: How to write proper tests for an fskit extension? You can load the extension via pluginkit -a and also remove it, but you can't enable it in the system panel. I have no idea how to build automatic tests with this restriction. Lovely greetings, Nils

Does FSKit support the ability to get the process information, such as the pid, when a process accesses a resource? Being able have the process context is important for implementing certain access patterns and security logging in some contexts. For instance, we have a system that utilizes (pre-FSKit) a FUSE mount that, depending on the process has different "views" and "access" based on the process id.

We're experiencing crashes in our production iOS app related to Apple's DeviceCheck framework. The crash occurs in DCAnalytics internal performance tracking, affecting some specific versions of iOS 18 (18.4.1, 18.5.0). Crash Signature CoreFoundation: -[__NSDictionaryM setObject:forKeyedSubscript:] + 460 DeviceCheck: -[DCAnalytics sendPerformanceForCategory:eventType:] + 236 Observed Patterns Scenario 1 - Token Generation: Crashed: com.appQueue EXC_BAD_ACCESS KERN_INVALID_ADDRESS 0x0000000000000010 DeviceCheck: -[DCDevice generateTokenWithCompletionHandler:] Thread: Background dispatch queue Scenario 2 - Support Check: Crashed: com.apple.main-thread EXC_BAD_ACCESS KERN_INVALID_ADDRESS 0x0000000000000008 DeviceCheck: -[DCDevice _isSupportedReturningError:] DeviceCheck: -[DCDevice isSupported] Thread: Main thread Root Cause Analysis The DCAnalytics component within DeviceCheck attempts to insert a nil value into an NSMutableDictionary when recording performance metrics, indicating missing nil validation before dictionary operations. Reproduction Context Crashes occur during standard DeviceCheck API usage: Calling DCDevice.isSupported property Calling DCDevice.generateToken(completionHandler:) (triggered by Firebase App Check SDK) Both operations invoke internal analytics that fail with nil insertion attempts. Concurrency Considerations We've implemented sequential access guards around DeviceCheck token generation to prevent race conditions, yet crashes persist. This suggests the issue likely originates within the DeviceCheck framework's internal implementation rather than concurrent access from our application code. Note: Scenario 2 occurs through Firebase SDK's App Check integration, which internally uses DeviceCheck for attestation. Request Can Apple engineering confirm if this is a known issue with DeviceCheck's analytics subsystem? Is there a recommended workaround to disable DCAnalytics or ensure thread-safe DeviceCheck API usage? Any guidance on preventing these crashes would be appreciated.

The current stable macOS version, 26.1 (build 25B78) is missing a corresponding Kernel Debug Kit (KDK) on the developer downloads page. This means I can't do any kernel-level development tasks currently. For example, if I try to build a new kernel collection with kmutil I get the message Missing Developer Kit: As of macOS 13.0, you will need to install a KDK matching your build 25B78 to rebuild kernel collections. but there is no build 25B78 KDK available to download. The latest 26.1 KDK on the download page is 25B5062e (from a beta I believe) and the final stable KDK for build 25B78 (which kernel development tools require) was never published. Is there any workaround for this to correctly do kernel-level development targeting the latest stable release, or a timeline for when the KDK will release? Thanks!

My team recently released an app to the iOS app store. We are trying to add the Smart App Banner to our website to promote the app, but the banner is not shown. When the page loads, there is a flash of an empty Smart App Banner before it is automatically dismissed. This happens on every page load. If I put use an app ID of other apps the banner appears. I've triple checked that I'm using the correct app ID. So it seems like it is an issue with my app. I can see my app in the App Store, so I know it's available. I've tested on multiple phones.

The iOS application is a Central Manager connected to a Bluetooth Low Energy (BLE) accessory that utilizes the Hands-Free Profile (HFP). When the application plays a notification tone (using AVAudioPlayer or System Sounds), the audio is incorrectly routed to the device's internal speaker instead of the active HFP headset. How do we programmatically ensure that these notification tones are automatically and reliably routed to the connected HFP headset

I want to traverse my local Google Drive folder to calculate the size of all the files on my drive. I'm not interested in files or directories that are not present locally. I use getattrlistbulk for traversing and it takes way too much time. I think it is because FileProvider tries to download metadata for the directories that are not yet materialised. Is there a way to skip non-materialised directories?

Understand dataless files and how to minimize the performance impact as the system materializes them. View Technote TN3150 >

Hi Team, I want to perform bluetooth advertising (no need to pair) from a macOS machine even before the user login to the macOS(i.e before user provide password and submit). Is there a way to achieve this?

When running the currently latest version of macOS (26.1) on a machine with ARM CPU (I could not reproduce the issue with Intel-Based machines) Finder Sync extensions do not work any more in general. Steps to reproduce the problem: In Xcode create a new macOS App project with default settings (in my case I chose XIB for the UI and Objective-C as language, and disabled testing, but that should not make any difference) In Xcode add a new target / "Finder Sync Extension" to the project with default settings, this adds a new Finder Sync Extension with example code to the app. Run the application and open Finder and navigate to "/Users/Shared/MySyncExtension Documents" In the system settings ("Login Items & Extensions") enable the extension (Listed as "File Provider"). On systems where it is working, in the context menu of that folder an entry "Example Menu Item" will appear. On systems where it does not work it is missing. Some findings: Adding the *.appex with "pluginkit -a" registers the extension as expected, it is then visible in the system settings, removing it with "pluginkit -r" is also reflected in the system settings. "pluginkit -m -i " returns the extension on systems where it is working (assuming it is registered while this command is executed), on systems wehre it is not working, nothing is returned, regardless of the registration state. When enabling the extension in the system settings nothing more happens, there is no process started for the extension (unlike as on systems where it is working), and thus no context menu entries and no badges are displayed in Finder. Restarting Finder or the system does not help. Any ideas what I could be missing here?

i'm trying to understand which entitlements i need to ask for in order to be able to read the credit card via NFC. I work for the bank and i'd like the read our card in order to verify there are the bank's credit card. The goal is to be able to use the card as a physical token to verify the user identity. on android we manage to do this without limitation if (await NfcManager.isSupported()) { await NfcManager.requestTechnology(NfcTech.IsoDep) const tag = await NfcManager.getTag() if (tag) toast.success("NFC Tag read successfully", { cancel: undefined, description: tag.id, id }) else toast.error("No NFC Tag found", { cancel: undefined, id }) const ppse = await NfcManager.isoDepHandler.transceive([ 0x00, 0xa4, 0x04, 0x00, 0x0e, 0x32, 0x50, 0x41, 0x59, 0x2e, 0x53, 0x59, 0x53, 0x2e, 0x44, 0x44, 0x46, 0x30, 0x31, 0x00, ]) logger.info("PPSE", ppse.map((c) => fromBase10ToHex(c, 2)).join(" ")) const select = await NfcManager.isoDepHandler.transceive([ 0x00, 0xa4, 0x04, 0x00, 0x07, 0xa0, 0x00, 0x00, 0x00, 0x04, 0x10, 0x10, 0x00, ]) logger.info("Select AID", select.map((c) => fromBase10ToHex(c, 2)).join(" ")) const gpo = await NfcManager.isoDepHandler.transceive([0x80, 0xa8, 0x00, 0x00, 0x02, 0x83, 0x00, 0x00]) logger.info("GPO", gpo.map((c) => fromBase10ToHex(c, 2)).join(" ")) const record = await NfcManager.isoDepHandler.transceive([0x00, 0xb2, 0x01, 0x14, 0x00]) logger.info("record: ", record.map((c) => fromBase10ToHex(c, 2)).join(" ")) logger.info("PAN", findTag(record, [0x5a])) logger.info("expiry", findTag(record, [0x5f, 0x24])?.reverse()) } but on ios we have restricted access and the ppse doesn't work but i can't find which entitlement i need to ask for, since HCE is to make the iphone into a nfc tag himself and the tap to pay is to pay with the iphone, both of those doesn't match my needs and i wouldn't be able to valid the requirement to get them into production. So i am wondering which entitlement i needs to ask for in order to be able to scan the card inside the bank app. We only care about our card

hi all, as soon an audio is played in a whatever app, coreaudiod inserts a sleep prevent assertion for both, the system AND the display. can i somehow stop the insertion of the display sleep assertion? pid 223(coreaudiod): [0x00004e9e00058dc2] 00:03:18 PreventUserIdleDisplaySleep named: "com.apple.audio.AppleGFXHDAEngineOutputDP:10001:0:{B31A-08C6-00000000}.context.preventuseridledisplaysleep" Created for PID: 4145. where PID 4145 is spotify. but it doesn't matter which app is playing the audio. any help would be appreciated thanks

https://developer.apple.com/documentation/fileprovider/nsfileproviderpartialcontentfetching/3923718-fetchpartialcontents fetchPartialContents(for:version:request:minimalRange:aligningTo:options:completionHandler:) I need to use this function to fetch contents of the files partially. But it seems I'm just unable to receive any callback when i try to open the file via double click on finder. I've tried to open files of different types and sizes but still i'm defaulting back to fetchContents(for:version:request:completionHandler:) . I've been thinking if there are any specific configurations or requirements that i have to meet , so i could trigger this callback function for all the fetch Operations for files ? If No, then where am i going wrong ?

I recently switched to Mac OS 12 and XCode 13. I did some work on my application and rebuilt it. Now there is no Help Book. I didn't change the property lists and everything looks right. When I open the Help Book the application either opens a window with a message that the content is currently unavailable or it opens a Help Book window with no content. When this second thing happens the log window shows "entering AHRegistered help Book" but it doesn't appear. Does anyone have any suggestions?

In the context of a NSFileProviderReplicatedExtension I would like to only see the "Move to Bin" Finder action when files have been materlialised ( isDownloaded fileprovider attribute ) I thought it might be possible to get the isDownloaded attribute in my NSFileProviderItemProtocol class capabilities method but that doesn't seem to be the case. Possible ?

Hi everyone, I need help stopping the maintenance wakes due to "CalendarDate". All apparently related UI settings are off (Calendar: manual refresh, no notifications, time to travel OFF, Settings > Time & Date > Automatic time & date OFF) Two days ago, I got hourly dark wakes, but then I turned "Automatic time & date" off, and now I only got 5 wakes instead of 10, but I think this still shouldn't happen with all these settings off. I would appreciate any help. System: macOS 26.1 MacBook Pro 2019 pmset -g VACTDisabled 0 Currently in use: lidwake 1 lowpowermode 0 standbydelayhigh 0 proximitywake 0 standby 0 standbydelaylow 0 ttyskeepawake 0 hibernatemode 3 powernap 0 gpuswitch 2 hibernatefile /var/vm/sleepimage highstandbythreshold 50 displaysleep 10 womp 0 networkoversleep 0 sleep 0 (sleep prevented by bluetoothd, mds_stores) tcpkeepalive 0 halfdim 0 acwake 0 disksleep 10 pmset -g log | grep "due to" 2025-11-16 00:26:38 +0100 DarkWake DarkWake from Deep Idle [CDN] : due to EC.RTC/Maintenance Using AC (Charge:100%) 45 secs 2025-11-16 00:27:23 +0100 Sleep Entering Sleep state due to 'Maintenance Sleep':TCPKeepAlive=disabled Using AC (Charge:100%) 13728 secs 2025-11-16 04:16:11 +0100 DarkWake DarkWake from Deep Idle [CDN] : due to EC.RTC/Maintenance Using AC (Charge:100%) 45 secs 2025-11-16 04:16:56 +0100 Sleep Entering Sleep state due to 'Maintenance Sleep':TCPKeepAlive=disabled Using AC (Charge:100%) 7216 secs 2025-11-16 06:17:12 +0100 DarkWake DarkWake from Deep Idle [CDN] : due to EC.RTC/Maintenance Using AC (Charge:100%) 45 secs 2025-11-16 06:17:57 +0100 Sleep Entering Sleep state due to 'Maintenance Sleep':TCPKeepAlive=disabled Using AC (Charge:100%) 3616 secs 2025-11-16 07:18:13 +0100 DarkWake DarkWake from Deep Idle [CDN] : due to EC.RTC/Maintenance Using AC (Charge:100%) 45 secs 2025-11-16 07:18:58 +0100 Sleep Entering Sleep state due to 'Maintenance Sleep':TCPKeepAlive=disabled Using AC (Charge:100%) 3616 secs 2025-11-16 08:19:14 +0100 DarkWake DarkWake from Deep Idle [CDN] : due to EC.RTC/Maintenance Using AC (Charge:100%) 45 secs 2025-11-16 08:19:59 +0100 Sleep Entering Sleep state due to 'Maintenance Sleep':TCPKeepAlive=disabled Using AC (Charge:100%) 1457 secs log show --predicate '"SMCRTC"' --start "2025-11-16 00:00:00" --end "2025-11-16 08:00:00" --info --debug (showing only the sequence from the first dark wake) 2025-11-16 00:26:29.315541+0100 0x125b50 Default 0x0 0 0 kernel: (AppleSMCRTC) SMCRTC: setPowerState 1 2025-11-16 00:26:29.322608+0100 0x125a3e Default 0x0 0 0 kernel: (AppleSMCRTC) SMCRTC: [PowerByCalendarDate] 0/0/0 0:0:0 (0) 2025-11-16 00:26:29.322625+0100 0x125a3e Default 0x0 0 0 kernel: (AppleSMCRTC) SMCRTC: [PowerByCalendarDate] 0/0/0 0:0:0 (0) 2025-11-16 00:26:38.242885+0100 0x125c15 Default 0x0 0 0 kernel: (AppleSMCRTC) SMCRTC: [PowerByCalendarDate] 0/0/0 0:0:0 (0) 2025-11-16 00:26:38.242889+0100 0x125c15 Default 0x0 0 0 kernel: (AppleSMCRTC) SMCRTC: [PowerByCalendarDate] 0/0/0 0:0:0 (0) 2025-11-16 00:27:40.807018+0100 0x126175 Default 0x0 0 0 kernel: (AppleSMCRTC) SMCRTC: [MaintenanceWakeCalendarDate] 2025/11/16 3:16:0 (0) 2025-11-16 00:27:40.807038+0100 0x126175 Default 0x0 0 0 kernel: (AppleSMCRTC) SMCRTC: [MaintenanceWakeCalendarDate] 2025/11/16 3:16:0 (0) 2025-11-16 00:27:42.262812+0100 0x126290 Default 0x0 0 0 kernel: (AppleSMCRTC) SMCRTC: setPowerState 0 2025-11-16 00:27:42.262823+0100 0x126290 Default 0x0 0 0 kernel: (AppleSMCRTC) SMCRTC: setPowerState 0 2025-11-16 00:27:43.836823+0100 0x1262b2 Default 0x0 0 0 kernel: [143883.997279]: SMCRTC: setAlarmEnable 0xe0000280 2025-11-16 00:27:43.836830+0100 0x1262b2 Default 0x0 0 0 kernel: [143883.999744]: SMCRTC: enabled wake alarm (MaintenanceWakeCalendarDate) in 13697 seconds 2025-11-16 00:27:43.836836+0100 0x1262b2 Default 0x0 0 0 kernel: [143883.999845]: SMCRTC: setAlarmEnable 0xe0000300 2025-11-16 00:27:44.385470+0100 0x126209 Default 0x0 0 0 kernel: IOPlatformWakeAction -> AppleSMCRTC 2025-11-16 00:27:44.385474+0100 0x126209 Default 0x0 0 0 kernel: (AppleSMCRTC) SMCRTC: updated wake type to Maintenance 2025-11-16 00:27:44.385477+0100 0x126209 Default 0x0 0 0 kernel: (AppleSMCRTC) SMCRTC: updated wake type to Maintenance 2025-11-16 00:27:44.385481+0100 0x126209 Default 0x0 0 0 kernel: (AppleSMCRTC) SMCRTC: Maintenance 2025/11/16 03:16:00 2025-11-16 00:27:44.385485+0100 0x126209 Default 0x0 0 0 kernel: (AppleSMCRTC) SMCRTC: Maintenance 2025/11/16 03:16:00

I got several reports about our TestFlight app crashing unconditionally on 2 devices (iOS 18.1 and iOS 18.3.1) on app start with the following reason: Termination Reason: DYLD 4 Symbol missing Symbol not found: _$sScIsE4next7ElementQzSgyYa7FailureQzYKF (terminated at launch; ignore backtrace) The symbol in question demangles to (extension in Swift):Swift.AsyncIteratorProtocol.next() async throws(A.Failure) -> A.Element? Our deploy target is iOS 18.0, this symbol was introduced in Swift 6.0, we're using latest Xcode 16 now - everything should be working, but for some reason aren't. Since this symbol is quite rarely used directly, I was able to pinpoint the exact place in code related to it. Few days ago I added the following code to our app library (details omitted): public struct AsyncRecoveringStream<Base: AsyncSequence>: AsyncSequence { ... public struct AsyncIterator: AsyncIteratorProtocol { ... public mutating func next(isolation actor: isolated (any Actor)? = #isolation) async throws(Failure) -> Element? { ... } } } I tried to switch to Xcode 26 - it was still crashing on affected phone. Then I changed next(isolation:) to its older version, next(): public mutating func next() async throws(Failure) -> Element? And there crashes are gone. However, this change is a somewhat problematic, since I either have to lower Swift version of our library from 6 to 5 and we loose concurrency checks and typed throws or I'm loosing tests due to Swift compiler crash. Performance is also affected, but it's not that critical for our case. Why is this crash happening? How can I solve this problem or elegantly work around it? Thank you! 2025-10-09_17-13-31.7885_+0100-23e00e377f9d43422558d069818879042d4c5c2e.crash

When will Apple mobile phones support some of the optional features of Bluetooth 5... specifically Extended Advertising and LE Coded PHY? There are many applications that benefit from having this capability in the mobile phone.

Is it possible for an iOS app to programmatically detect if its built for TestFlight/App Store distribution versus built for development? The motivation for doing this is so that the app can detect if a push server should send pushes using the Apple production server or the sandbox server - when the app sends the push token to the server, I'd like it to additionally send an indicator to the server so the server knows which of the Apple servers to use. Is there a way to achieve this? TIA

Hello! Some colleagues and work on Jujutsu, a version control system compatible with git, and I think we've uncovered a potential lock contention bug in either APFS or the Darwin kernel. There are four contributing factors to us thinking this is related to APFS or the Kernel: jj's testsuite uses nextest, a test runner for Rust that spawns each individual test as a separate process. The testsuite slowed down by a factor of ~5x on macOS after jj started using fsync. The slowdown increases as additional cores are allocated. A similar slowdown did not occur on ext4. Similar performance issues were reported in the past by a former Mercurial maintainer: https://gregoryszorc.com/blog/2018/10/29/global-kernel-locks-in-apfs/. My friend and colleague André has measured the test suite on an M3 Ultra with both a ramdisk and a traditional SSD and produced this graph: (The most thorough writeup is the discussion on this pull request.) I know I should file a feedback/bug report, but before I do, I'm struggling with profiling and finding kernel/APFS frames in my profiles so that I can properly attribute the cause of this apparent lock contention. Naively, I ran xctrace record --template 'Time Profiler' --output output.trace --launch /Users/dbarsky/.cargo/bin/cargo-nextest nextest run, and while that detected all processes spawned by nextest, it didn't record all processes as part of the same inspectable profile and didn't really show any frames from the kernel/APFS—I had to select individual processes. So I don't waste people's time and so that I can point a frame/smoking gun in the right system, how can I can use instruments to profile where the kernel and/or APFS are spending its time? Do I need to disable SIP?