General: DevForums subtopic: App & System Services > Core OS Core OS is a catch-all subtopic for low-level APIs that don’t fall into one of these more specific areas: Processes & Concurrency Resources Files and Storage Resources Networking Resources Network Extension Resources Security Resources Virtualization Resources Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"

Hello, When an iOS app runs on Vision Pro in compatible mode, is there a flag such as isiOSAppOnVision to determine the underlying OS at runtime? Just like the ProcessInfo.isiOSAppOnMac. It will be useful to optimize the app for visionOS. Already checked but not useful: #if os(xrOS) does not work in compatible mode since no code is recompiled. UIDevice.userInterfaceIdiom returns .pad instead of .reality. Thanks.

We are working with Bluetooth peripherals using CoreBluetooth, and I've noticed that the CBPeripheral.name property seems to be cached. Has anyone else encountered this behavior? Is this caching expected behavior in CoreBluetooth? Is there a recommended way to force refresh or invalidate the cached name? Most importantly: Is there a reliable method to get the most accurate and up-to-date name of a peripheral?

Note This issue has already been reported via Feedback Assistant as FB20512074, but the status is Investigation Complete – Unable to Diagnose with Current Information. Since this bug does not produce a crash log and is therefore difficult to capture through Feedback, I am also posting it here on the Developer Forum to provide additional details and to open discussion. ⸻ Description When formatting floating-point numbers with %a or %A, macOS libc sometimes rounds incorrectly when the guard digit equals 8. This leads to non-conformance with C99’s round-to-nearest, ties-to-even rule. ⸻ Steps to Reproduce #include <stdio.h> int main(void) { // precision 0 printf("%.0a\n", 1.5); printf("%.0a\n", 1.53); printf("%.0a\n", 1.55); printf("%.0a\n", 1.56); // precision 1 printf("%.1a\n", 0x1.380p+0); printf("%.1a\n", 0x1.381p+0); printf("%.1a\n", 0x1.382p+0); printf("%.1a\n", 0x1.383p+0); return 0; } Expected Results (per C99/C11) %.0a with inputs (1.5, 1.53, 1.55, 1.56): 0x2p+0 0x2p+0 0x2p+0 0x2p+0 %.1a with inputs (0x1.380p+0, 0x1.381p+0, 0x1.382p+0, 0x1.383p+0): 0x1.4p+0 0x1.4p+0 0x1.4p+0 0x1.4p+0 Actual Results (macOS observed) %.0a with inputs (1.5, 1.53, 1.55, 1.56): 0x1p+0 0x2p+0 0x1p+0 0x2p+0 %.1a with inputs (0x1.380p+0, 0x1.381p+0, 0x1.382p+0, 0x1.383p+0): 0x1.3p+0 0x1.4p+0 0x1.3p+0 0x1.4p+0 This shows that values slightly above half are sometimes treated as ties and rounded down incorrectly. ⸻ Root Cause Analysis Inside Libc/gdtoa/FreeBSD/_hdtoa.c, rounding is decided in dorounding(): if ((s0[ndigits] > 8) || (s0[ndigits] == 8 && (s0[ndigits + 1] & 1))) adjust = roundup(s0, ndigits); This logic has two mistakes: Half detection Correct: When the guard nibble is 8, all lower discarded digits must be checked. Current: Only the LSB of the next nibble is checked (& 1). Consequence: Cases like ...8C... (e.g. 1.55 ≈ 0x1.8C…) are strictly greater than half, but are treated as exact halves and rounded down. Tie-to-even parity check Correct: For a true half (all lower digits zero), rounding should use the parity of the last kept digit. Current: The code incorrectly uses the parity of the next discarded nibble instead. Consequence: True ties are not rounded to even reliably. ⸻ Proposed Fix (behavioral) if (s0[ndigits] > 8) { adjust = roundup(...); // strictly > half } else if (s0[ndigits] == 8) { if (any_nonzero_tail(s0 + ndigits + 1)) { adjust = roundup(...); // > half } else { // exact tie: round-to-even if (s0[ndigits - 1] & 1) adjust = roundup(...); } } ⸻ Impact This bug is not limited to %.0a; it occurs for any precision when the guard nibble is 8. It causes exact halves to round incorrectly and greater-than-half values to be rounded down. The effect is alternating outputs (zigzag) instead of consistent monotonic rounding. This is a C99 compliance violation.

Is there any recent and a bit authoritative documentation which explains how to debug recent versions of macos kernel? I have found some blog posts from other users but those are either outdated or don't work for some other reason. I am guessing kernel debugging is pretty common for developers working on macos itself, so I'm hoping someone in this forum would have some working instructions for that.

Hello, we have a file provider based macOS app. Around June we started receiving reports that our users have problems when opening files. Sometimes they get "Invalid argument" alerts after double-clicking on a dataless file. We receive similar errors when trying to materialize the files programmatically from our app (not FP extension)(*): "The operation could not be completed. Invalid argument" code: 22 domain: "NSPOSIXErrorDomain" underlyingError: "cannotMaterialize" code: 33 domain: "libfssync.VFSFileError" We also see those errors with matching timestamps in the output from fileproviderctl dump: > (...) update-item: 🔶 last:(...) (-1min27s) (...) error:'NSError: POSIX 22 "The operation couldn’t be completed. Invalid argument" Underlying={NSError: libfssync.VFSFileError 33 "cannotMaterialize" }}' domain:none category:<nil> (...) At the same time our file provider extension receives fetchPartialContents call or no call at all. If it receives the call it finishes with success and returns correct range: requestedRange: "{0, 15295}" returnedRange: "{0, 524288}" alignment: "16384" Sadly we don't know how to reproduce those issues. We will be grateful for any hints that could be useful in debugging. Some more context: if materializing a file fails with this error, subsequent materialization attempts fail similarly in local testing when downloading a file with the code below, or double-click, we only get regular fetchContents call file returned by fetchPartialContents should have correct size the app is built with XCode 16.1, customers reporting this issue have OS/FP versions: 24F74/2882.120.74 and 24G90/2882.140.30 (*) More or less the code that we use to materialize files func materializeURL(_ url: URL) throws { if try url.isDataless() { var error: NSError? = nil let coordinator = NSFileCoordinator(filePresenter: nil) coordinator.coordinate(readingItemAt: url, error: &error) { _ in } if let error { throw error } } } private extension URL { func isDataless() throws -> Bool { let downloadStatus = try self .resourceValues(forKeys: [.ubiquitousItemDownloadingStatusKey]) .ubiquitousItemDownloadingStatus return downloadStatus == .notDownloaded || downloadStatus == .none } }

Hey team, received Entitlement for Endpoint security frameworks from Apple Developer Program for mac os application, SDK is missing from local XCODE 15.2 , trying to find out on internet but nothing works. Is we are missing something for getting download the SDK for this framework integration with our softwares.

I’m developing an iOS application using CoreNFC and working with ISO7816 tags. My use case involves exchanging APDU commands with a hardware device, but some operations can take more than 20 seconds. From my testing, I see that: The NFC reader session itself lasts about 60 seconds. But once a tag is connected, the connection seems to drop after ~20 seconds, and I receive a “connection lost” / session invalidated error. My questions are: Is this ~20-second connection window a hard limit enforced by iOS? Is there any way to extend this timeout for long-running APDU operations? If not, what’s the recommended design pattern for handling these scenarios? For example, should I split the process into smaller APDU commands and prompt the user to re-tap when the session times out? Any guidance or best practices for handling long NFC exchanges on iOS would be greatly appreciated.

Has any one come across file corruption issues with tvOS 26? I am tracking an issue where files in my app's NSCachesDirectory are getting corrupted (not deleted) when my app is in the background. The issue is sporadic and very hard to reproduce, but is definitely a new issue with 26.

Any ideas where it could be published? Nothing on Developer Download, I presume they have been built but not publicly available.

Is there a way to retrieve memory pressure information from macOS using Swift or C/C++? In Activity Monitor, there’s a chart labeled “Memory Pressure” which provides a discrete metric of RAM usage: Green = system memory usage is fine Yellow = moderate pressure Red = high memory pressure I’d like to know how to programmatically access this metric.

When I run this command, the value looks a bit strange. Sometimes it returns 0, and other times it shows unexpected numbers like 1725 or 1012. What exactly does this information represent? I just want to retrieve one of the three possibles values for the memory pressure information (ok, warning, critical).

Title's basically the whole question. I'm writing an SMS/Call Reporting extension (ILClassificationUIExtensionViewController). My goal is to keep everything on device and not use the built-in SMS/network reporting. To that end, I'm trying to write to a file in the App Group container from the classificationResponse handler. I'm getting Error 513: "You don’t have permission to save the file “classification_log.txt” in the [app group container folder]". I haven't been able to find much in the documentation on whether this behavior is enforced in classificationResponse handlers. Apple's barebones page on "SMS and Call Spam Reporting"[1] says "the system always deletes your extension’s container after your extension terminates," but that doesn't answer whether you can write to an App Group container. I haven't been able to find that answer elsewhere. ChatGPT and Gemini are both very sure it can be done. Any thoughts? [1] https://developer.apple.com/documentation/identitylookup/sms-and-call-spam-reporting

As of now, there is no Kernel Debug Kit (KDK) available for macOS 26.0 Developer Betas after the first build. Kernel Debug Kits are crucial for understanding panics and other bugs within custom Kernel Extensions. Without the KDK for the corresponding macOS version, tools like kmutil fail to recognize a KDK and certain functions are disabled. Additionally, as far as I am aware, a KDK for one build of macOS isn't able to be used on a differing build. Especially since this is a developer beta, where developers are updating their software to function with the latest versions of macOS, I'd expect a KDK to be available for more than one build.

Hello, appreciate any help here. Objective: perform a scoped write to a removable block device (using low-level system frameworks in C). Issue: launchd-run privileged helper (as root) denied permission to open block device. Manual 'sudo ./helper' call succeeds, however. Importantly: the entire process works flawlessly if the main app is granted Full Disk Access in Privacy & Security. However, this should be completely unnecessary for this objective, as scoped access should be sufficient, and FDA is in fact not required for other apps which perform this task. Architecture and flow: Main GUI process collects ISO path and target removable device path (queried via IOKit). Main GUI process installs a Privileged Helper via SMJobBless. The Privileged Helper is started on demand by launchd as root (UID 0, EUID 0). Main GUI process communicates selected ISO and device paths to Privileged Helper via XPC. Privileged Helper conducts security and sanity checks, unmounts volumes from target device via DiskArbitration. Privileged Helper obtains file handles to ISO and target block device (e.g.: "/dev/disk4"). Privileged Helper performs a byte-by-byte write to the target block device. Problematic area: Simplified example using C syscalls (via Zig): const path = "/dev/disk5"; // Note that even with readonly flag this fails const fd = c.open(path, c.O_RDONLY, @as(c_uint, 0)); defer _ = c.close(fd); if (fd < 0) { const err_num = c.__error().*; const err_str = c.strerror(err_num); log("open() failed with errno {}: {s}", .{ err_num, err_str }); } Output (when run by launchd - UID 0, EUID 0, domain: system): open() failed with errno 1: Operation not permitted Simplified example with Zig open interface: const directory = try std.fs.openDirAbsolute(deviceDir, .{ .no_follow = true }); const device = try directory.openFile("/dev/disk5", .{ .mode = .read_write, .lock = .exclusive }); errdefer device.close(); Output (when run by launchd - UID 0, EUID 0, domain: system): Error: error.AccessDenied Running the same examples by manually launching the binary with a test argument succeeds: sudo ./helper "/dev/disk5" ... Notable points: Both Main GUI process and the Privileged Helper binary are codesigned (via codesign ...). Privileged Helper has both Info.plist and Launchd.plist symbols exported into its binary. Privileged Helper has no codesign flags (e.g.: for hardened runtime or others): CodeDirectory v=20400 size=8130 flags=0x0(none) hashes=248+2 location=embedded Output of sudo launchctl print system/<helper-bundle-id> shows nothing of interest to indicate any security restrictions. Appreciate any advice here!

I am facing an issue while codesigning the Content/MacOS executable. The executable name is exactly similar to the .app file, and the signing certificates have not expired yet. Steps followed to generate signed files: Executed codesign on files within the .app folder. Then executed codesign on the .app folder. Tried to notarize with the new notarization tool. Do we have to sign each individual file and folder? Observations: .DS_Store files were removed from the .app before signing. Another app with the same certificate is able to sign correctly. Content/MacOS contains multiple files, including the app executable. These files are signed except the main executable. same installed_app after copying at another location showing signed. Getting: App Sandbox-Not enabled Hardening-Enabled - Version 10.9.0 Notarization-Granted Gatekeeper-Can't evaluate Signed By- Can't verify signature

With the RC version of macOS 26, an issue persists when you try to create a bookmark with security scope for the root folder "/". This leads to an error "The file couldn’t be opened.". However, you can create bookmark for /Applications, /System, /Users... This is quite annoying for one of my app because a user can create a cartography of his disk usage, and the access to the root folder "/" is the only way to do so! Is there a workaround? PS: reported the issue with ID FB20186406 let openPanel = NSOpenPanel() openPanel.canChooseDirectories = true openPanel.canChooseFiles = false openPanel.beginSheetModal(for: self.view.window!) { (result) in guard result == .OK, let folderURL = openPanel.url else { return } openPanel.close() do { let data = try folderURL.bookmarkData(options: .withSecurityScope, includingResourceValuesForKeys: nil, relativeTo: nil) print("Bookmark data was created for \(folderURL.path)") } catch (let error) { print("Error creating bookmark for \(folderURL.path), with error: \(error.localizedDescription)") } }

I am able to symbolicate kernel backtraces for addresses that belong to my kext. Is it possible to symbolicate kernel backtraces for addresses that lie beyond my kext and reference kernel code? Sample kernel panic log

I have a project that need to get serial number and network SSID. I have looking anywhere to get those 2 value but no luck to find it. is there anyway i can get those information from the device?

Recently, I've noticed that background Bluetooth scanning stops when I move an app to the background on an iPhone 17 device with Bluetooth 6. I'm curious about a solution. Background Bluetooth scanning doesn't stop on devices older than iOS 26, or on devices that were updated from an iPhone 17 or earlier to iOS 26.

PLATFORM AND VERSION Model - iPhone 13 Pro Max (Potentially for other models also) OS - iOS 26 DESCRIPTION OF PROBLEM : BLE discoverability (advertising) is not working on iOS 26 but works reliably on older iOS versions. Details: Our app acts as a Bluetooth peripheral. When advertising, the app only adds CBAdvertisementDataLocalNameKey in advertisement data. Format of local name - "NTDI:103202400001" We have observed that in iOS 26, the local name is getting truncated. This breaks the parsing logic in our IOT device central code, which expects the full local name to be present. We have also observed that some extra data is getting added to the advertisement data by the OS. As of now, updating the IOT device logic for parsing is not possible. STEPS TO REPRODUCE Create an instance of CBPeripheralManager. Start advertising with a local name with the format "NTDI:103202400001" Capture the advertisement data using a Bluetooth sniffer tool. Observe that the local name is getting truncated Legacy ADV_IND as received by IoT device (truncated name): HCI Event: LE Meta Event (0x3e) plen 27 LE Advertising Report (0x02) Event type: ADV_IND (0x00) Data length: 15 Flags: 0x1a TX power: 12 dBm 12 09 4e 54 44 49 3a 31 30 ..NTDI:10 RSSI: -47 dBm Only partial Local Name (“NTDI:10…”) is present in this primary PDU. Is it possible to avoid the extra data introduced by iOS or avoid local name truncation?