I'm writing some code, intended to be run on macOS (not IOS). My code could greatly benefit from using IOReport, which is an undocumented IOKit API for obtaining various metrics like energy consumption on an Apple processor. I don't plan to submit my program to the App Store, but I do plan on making the Git repo containing my code public. My understanding is that using undocumented IOKit APIs is strictly forbidden for IOS or macOS applications intended to be made available on the App Store. But what about programs not intended to be submitted to the App Store, like in my case? I'm wondering if anybody knows what Apple's policy is regarding using undocumented APIs in such a way on macOS.

I have been trying to investigate some of the kernel crashes I have noticed on my IOS crash logs. Some of these are in device driver software for the peripheral interfaces. Given that the driver code executes with kernel privileges, these kind of crashes leave the device vulnerable to remote code injection, with no user interaction required in some cases. Crash Report from IOS 18.2.1 If Apple can provide the symbol table for IOS 18.2.1 blue tooth driver and source code, I can gladly help investigate this further.

I get the ApplicationSupportDirectory path like this: let path = NSSearchPathForDirectoriesInDomains(.applicationSupportDirectory, .userDomainMask, true)[0] as String however for FileProvider plugin it looks like: /var/mobile/Containers/Data/PluginKitPlugin/.../Library/Application Support/rclone.conf instead of what I get for an Application: /var/mobile/Containers/Data/Application/.../Library/Application Support I need a way to get the Application's Support Directory from the FileProvider plugin. Is that possible? If not, what other shared location I could use to access shared file between these two?

Hi, I need to write an application (possibly using C) to communicate with a USB High Speed Device CDC class I am developing, but unfortunately I have no development experience under Mac OS, so I am here to ask for a few help/advice. I hope I am in the right place. Since I have a working code using libusb on Linux, I have first tried to use such lib on a Mac OS without success. The device is listed correctly using ioreg -w0 -l -p but it seems to be always busy: MYUSBDEVICE@fa410000 <class IOUSBHostDevice, id 0x100001769, registered, matched, active, busy 0 (262 ms), retain 24> in fact, attempting to use libusb always results in error: LIBUSB_ERROR_NOT_FOUND libusb_bulk_transfer: Entity not found After searching a bit, I have read that it is impossible (?) to use libusb on MacOS. Then I came across these following pages: https://developer.apple.com/library/archive/documentation/DeviceDrivers/Conceptual/USBBook/USBDeviceInterfaces/USBDevInterfaces.html https://developer.apple.com/documentation/usbdriverkit I would possible avoid to write a CDC kernel driver for my application, so link #2 seems more appropriate to what I need. But isn't it available any API to develop USB CDC communications C application on MacOS ? Any suggestion is appreciated. Thanks in advance. Regards, Simon

Can I launch all the launchAgents associated with a user before they log in? If so, is there an event or mechanism I can use or simulate to achieve this? Is it possible to delay the login mechanism, till all the launchAgents are loaded. Looking for guidance on how to approach this.

yesterday my Xcode app worked, I upgraded my Xcode and simulator today, but now i suddenly get: error: the replacement path doesn't exist: "/var/folders/61/cs5w33tx7m92yq6t55h9w7k00000gn/T/swift-generated-sources/@__swiftmacro_6Fikser8FeedViewV4jobs33_842833018C1C855C625C2C0F4D027584LL5QueryfMa_.swift" error: the replacement path doesn't exist: "/var/folders/61/cs5w33tx7m92yq6t55h9w7k00000gn/T/swift-generated-sources/@__swiftmacro_6Fikser8FeedViewV4jobs33_842833018C1C855C625C2C0F4D027584LL5QueryfMa_.swift" error: the replacement path doesn't exist: "/var/folders/61/cs5w33tx7m92yq6t55h9w7k00000gn/T/swift-generated-sources/@__swiftmacro_6Fikser4UserC8username18_PersistedPropertyfMa_.swift" error: the replacement path doesn't exist: "/var/folders/61/cs5w33tx7m92yq6t55h9w7k00000gn/T/swift-generated-sources/@__swiftmacro_6Fikser4UserC8username18_PersistedPropertyfMa_.swift" error: the replacement path doesn't exist: "/var/folders/61/cs5w33tx7m92yq6t55h9w7k00000gn/T/swift-generated-sources/@__swiftmacro_6Fikser4UserC8username18_PersistedPropertyfMa_.swift" and i also get this: objc[11474]: Class AKBiometricRatchetUtility is implemented in both /Library/Developer/CoreSimulator/Volumes/iOS_22C150/Library/Developer/CoreSimulator/Profiles/Runtimes/iOS 18.2.simruntime/Contents/Resources/RuntimeRoot/System/Library/PrivateFrameworks/AuthKitUI.framework/AuthKitUI (0x12ff2d898) and /Library/Developer/CoreSimulator/Volumes/iOS_22C150/Library/Developer/CoreSimulator/Profiles/Runtimes/iOS 18.2.simruntime/Contents/Resources/RuntimeRoot/System/Library/PrivateFrameworks/AuthKit.framework/AuthKit (0x114a0b1f0). One of the two will be used. Which one is undefined. ``` can it be that they are some how relatet? Or what else can it be? I have tried to delete derrieved data, clean folder eg.

I am having difficulty getting my container app with an embedded endpoint security extension to work on a virtual Mac. My virtual Mac has system integrity protection turned off. I have used spctl and System Settings to allow applications from anywhere. I am using the development entitlement profile to sign my container app. When I run my app, it crashes with Termination Reason: COODESIGNING 1 Taskgated Invalid Signature. I assume this has to do with the app being signed with my developer profile that contains a list of Macs that can run the software. How can test my endpoint security extension on a virtual Mac?

Phenomenon We've found operator new/delete override in iOS app, only works for the first time when the app launches on iOS16, operator override is not working in the second and subsequent launch of the same app. Steps to reproduce Development environment: XCode 16.2 Create a new iOS Objective-C project in XCode In the project options page, choose the following settings: Name the project: OverrideNew Interface: Storyboard Language: Objective-C Testing System: None Add test code Change AppDelegate.m's file name to AppDelegate.mm to add the following C++ test code. Add the following code after #import "AppDelegate.h" #include &lt;os/log.h&gt; #include &lt;string&gt; static bool needLog = false; void* operator new(size_t size) { void* ptr = malloc(size); if(needLog) { // Log to prove override new works os_log_error(OS_LOG_DEFAULT, "Overrided new called. ptr: %p\n", ptr); } return ptr; } void operator delete(void* ptr) noexcept { free(ptr); if(needLog) { // Log to prove override delete works os_log_error(OS_LOG_DEFAULT, "Overrided delete called. ptr: %p\n", ptr); } } void StringConstructTest(void) { needLog = true; os_log_error(OS_LOG_DEFAULT, "Enter StringConstructTest1\n"); { std::string str; // a long string will trigger memory allocation on heap str = "Hello world and this is a long string.\n"; os_log_error(OS_LOG_DEFAULT, "%{public}s\n", str.c_str()); } os_log_error(OS_LOG_DEFAULT, "Exit StringConstructTest1\n"); needLog = false; } Call StringConstructTest() in didFinishLaunchingWithOptions method: - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions { // Override point for customization after application launch. StringConstructTest(); return YES; } Change build settings Change Minimum Deployments: iOS 16. Build and run the project on an iOS16 device, emulator can not reproduce the problem. Observe logs in Console app on Mac Use the following log filters: message type: error process: OverrideNew First launch First launch on device(not from a XCode debug launch), the log is: Enter StringConstructTest1 Overrided new called. ptr: 0x281f2f450 Hello world and this is a long string. Overrided delete called. ptr: 0x281f2f450 Exit StringConstructTest1 "Overrided new called" proved the override new operator is called. Second and subsequence launch Second and subsequence launch on device(not from a XCode debug launch), the log is: Enter StringConstructTest1 Hello world and this is a long string. Exit StringConstructTest1 No log for "Overrided new called", the subsequence launch, the override operator new is not called anymore. Expected behavior For every app launch, log "Overrided new called" will happen and operator override works. On iOS16, operator override only works for the first launch. I've also tested on iOS18, operator override works every time as expected. Question Is there a way to force operator override works every time on iOS16?

I am developing an App that will enable voice calls between users through webrtc. When the user opens the App and switches the App to the background, the user will receive the incoming call notification through Silent Push Notifications (not PushKit). My question is as follows, If set UIBackgroundModes to voip and do not use PushKit and CallKit, will this cause the background App to be unable to use webrtc voice calls (requires network, microphone, and audio permissions)? Can I set UIBackgroundModes = audio combined with AVAudioSession playAndRecord instead of setting UIBackgroundModes to voip, so that I can use the microphone and audio in the background to implement webrtc voice calls? Thanks for your help.

My question is: Do I need two App IDs? One for my launch daemon in order to sign it properly, allowing it to use the Endpoint Security framework. One for the container app. My understanding is that my existing launch daemon can perform the endpoint security requirements I need. So far, I have had just one App ID for my container app that lives in /Applications. I have applied for the endpoint security restricted entitlement and have this for development now. Do endpoint security items have go in Library/SystemExtension? Can my launch daemon live in Library/LaunchDaemons and still use the Endpoint Security framework?

For a component operating as a peripheral in a BLE connection, is it possible to tell if the user taps "Cancel" in the system's pairing request dialog? None of the methods in CBPeripheralManagerDelegate appear to apply.

Hi. I am facing a panic in distributed virtual filesystem of my own making. The panic arises on attempt of copying a large folder, or writing a large file (both around 20gb). An important note here is that the amount of files we try to copy is larger than available space (for testing purposes, the virtual file system had a capacity of 18 gigabytes). The panic arises somewhere on 12-14gigabytes deep into copying. On the moment of panic, there are still several gigabytes of storage left. The problem is present for sure for such architectures and macOS versions: Sonoma 14.7.1 arm64e Monterey 12.7.5 arm64e Ventura 13.7.1 intel Part from panic log from Ventura 13.7.1 intel, with symbolicated addresses: panic(cpu 2 caller 0xffffff80191a191a): watchdog timeout: no checkins from watchdogd in 90 seconds (48 total checkins since monitoring last enabled) Panicked task 0xffffff907c99f698: 191 threads: pid 0: kernel_task Backtrace (CPU 2), panicked thread: 0xffffff86e359cb30, Frame : Return Address 0xffffffff001d7bb0 : 0xffffff8015e70c7d mach_kernel : _handle_debugger_trap + 0x4ad 0xffffffff001d7c00 : 0xffffff8015fc52e4 mach_kernel : _kdp_i386_trap + 0x114 0xffffffff001d7c40 : 0xffffff8015fb4df7 mach_kernel : _kernel_trap + 0x3b7 0xffffffff001d7c90 : 0xffffff8015e11971 mach_kernel : _return_from_trap + 0xc1 0xffffffff001d7cb0 : 0xffffff8015e70f5d mach_kernel : _DebuggerTrapWithState + 0x5d 0xffffffff001d7da0 : 0xffffff8015e70607 mach_kernel : _panic_trap_to_debugger + 0x1a7 0xffffffff001d7e00 : 0xffffff80165db9a3 mach_kernel : _panic_with_options + 0x89 0xffffffff001d7ef0 : 0xffffff80191a191a com.apple.driver.watchdog : IOWatchdog::userspacePanic(OSObject*, void*, IOExternalMethodArguments*) (.cold.1) 0xffffffff001d7f20 : 0xffffff80191a10a1 com.apple.driver.watchdog : IOWatchdog::checkWatchdog() + 0xd7 0xffffffff001d7f50 : 0xffffff80174f960b com.apple.driver.AppleSMC : SMCWatchDogTimer::watchdogThread() + 0xbb 0xffffffff001d7fa0 : 0xffffff8015e1119e mach_kernel : _call_continuation + 0x2e Kernel Extensions in backtrace: com.apple.driver.watchdog(1.0)[BD08CE2D-77F5-358C-8F0D-A570540A0BE7]@0xffffff801919f000->0xffffff80191a1fff com.apple.driver.AppleSMC(3.1.9)[DD55DA6A-679A-3797-947C-0B50B7B5B659]@0xffffff80174e7000->0xffffff8017503fff dependency: com.apple.driver.watchdog(1)[BD08CE2D-77F5-358C-8F0D-A570540A0BE7]@0xffffff801919f000->0xffffff80191a1fff dependency: com.apple.iokit.IOACPIFamily(1.4)[D342E754-A422-3F44-BFFB-DEE93F6723BC]@0xffffff8018446000->0xffffff8018447fff dependency: com.apple.iokit.IOPCIFamily(2.9)[481BF782-1F4B-3F54-A34A-CF12A822C40D]@0xffffff80188b6000->0xffffff80188e7fff Process name corresponding to current thread (0xffffff86e359cb30): kernel_task Boot args: keepsyms=1 Mac OS version: 22H221 Kernel version: Darwin Kernel Version 22.6.0: Thu Sep 5 20:48:48 PDT 2024; root:xnu-8796.141.3.708.1~1/RELEASE_X86_64 The origin of the problem is surely inside my filesystem. However, the panic happens not there but somewhere in watchdog. As far as I can tell, the source code for watchdog is not available for public. I can't understand what causes the panic. Let's say we have run out of space. Couldn't write data. Writing received a proper error message and aborted. That's what is expected. However, it is unclear for why the panic arises.

Is there a way to detect an incoming call with a React Native app? I have a fitness app and would like to pause the workout during the phone call.

When I set the option parameter to OSLogEnumeratorReverse, the iteration order of OSLogEnumerator is still from front to back in time When I set the options parameter to 0 and the position parameter to the first 5 seconds of the current time, OSLogEnumerator can still iterate over the previous 5 seconds #import "ViewController.h" #import <OSLog/OSLog.h> @interface ViewController () @property(strong, nonatomic)OSLogStore *logStore; @property(strong, nonatomic)NSDateFormatter *formatter; @end @implementation ViewController - (void)viewDidLoad { [super viewDidLoad]; NSError *err = nil; self.logStore = [OSLogStore storeWithScope:OSLogStoreCurrentProcessIdentifier error:&err]; if (!self.logStore || err) { NSLog(@"error: %@", err); NSAssert(0, @""); } self.formatter = [[NSDateFormatter alloc] init]; [self.formatter setDateFormat:@"[yyyy-MM-dd HH:mm:ss:SSS]"]; } - (IBAction)addLog:(id)sender { static int i = 0; NSLog(@"[test] %@ this is a log with index:%d", [self.formatter stringFromDate:[NSDate date]], i++); } - (IBAction)printLogWithReverse:(id)sender { NSError *err = nil; NSPredicate *preeicate = [NSPredicate predicateWithFormat:@"composedMessage contains %@" argumentArray:@[@"[test]"]]; OSLogEnumerator *enumer = [self.logStore entriesEnumeratorWithOptions:OSLogEnumeratorReverse position:nil predicate:preeicate error:&err]; if (err) { NSLog(@"enumer error:%@", err); NSAssert(0, @""); } OSLogEntryLog *entry = nil; while (entry = [enumer nextObject]) { NSString *message = [entry composedMessage]; printf("log: %s\n", message.UTF8String); } } - (IBAction)printLogWithPosition:(id)sender { NSError *err = nil; NSPredicate *preeicate = [NSPredicate predicateWithFormat:@"composedMessage contains %@" argumentArray:@[@"[test]"]]; NSDate *posDate = [NSDate dateWithTimeIntervalSinceNow:-5]; OSLogPosition *pos = [self.logStore positionWithDate:posDate]; OSLogEnumerator *enumer = [self.logStore entriesEnumeratorWithOptions:0 position:pos predicate:preeicate error:&err]; if (err) { NSLog(@"enumer error:%@", err); NSAssert(0, @""); } const char *now = [self.formatter stringFromDate:[NSDate date]].UTF8String; const char *posStart = [self.formatter stringFromDate:posDate].UTF8String; OSLogEntryLog *entry = nil; while (entry = [enumer nextObject]) { NSString *message = [entry composedMessage]; printf("log(now:%s, pos:%s): %s\n", now, posStart, message.UTF8String); } } @end The method of - (IBAction)printLogWithReverse:(id)sender print result not reversed by time. log: [test] [2025-02-18 17:35:50:175] this is a log with index:0 log: [test] [2025-02-18 17:35:51:040] this is a log with index:1 log: [test] [2025-02-18 17:35:51:174] this is a log with index:2 log: [test] [2025-02-18 17:35:51:323] this is a log with index:3 log: [test] [2025-02-18 17:35:51:473] this is a log with index:4 log: [test] [2025-02-18 17:35:51:640] this is a log with index:5 log: [test] [2025-02-18 17:35:51:773] this is a log with index:6 log: [test] [2025-02-18 17:35:51:923] this is a log with index:7 The method of - (IBAction)printLogWithPosition:(id) print result should not contain the log from 5 seconds ago because I set the start time position in the position argument [test] [2025-02-18 17:43:58:741] this is a log with index:0 [test] [2025-02-18 17:43:58:940] this is a log with index:1 [test] [2025-02-18 17:43:59:458] this is a log with index:2 [test] [2025-02-18 17:43:59:923] this is a log with index:3 log(now:[2025-02-18 17:44:51:132], pos:[2025-02-18 17:44:46:032]): [test] [2025-02-18 17:43:58:741] this is a log with index:0 log(now:[2025-02-18 17:44:51:132], pos:[2025-02-18 17:44:46:032]): [test] [2025-02-18 17:43:58:940] this is a log with index:1 log(now:[2025-02-18 17:44:51:132], pos:[2025-02-18 17:44:46:032]): [test] [2025-02-18 17:43:59:458] this is a log with index:2 log(now:[2025-02-18 17:44:51:132], pos:[2025-02-18 17:44:46:032]): [test] [2025-02-18 17:43:59:923] this is a log with index:3

We built a time verification feature as part of our iPadOS/iOS app where recording an accurate timestamp is part of a core feature of ours. We want to maintain integrity of recorded data, but our app must still be able to operate offline. To accomplish this, we established a baseline between the device's internal clock (CLOCK_MONOTONIC_RAW) and our servers via an initial network request. Once that baseline is established, we can reliably calculate the true time, or detect when a user may have tampered their device's time, especially while offline. Of course, this baseline falls apart after the device reboots. We have been using kern.bootsessionuuid locally to detect when a device has rebooted so we know to wipe the baseline and try to establish a new one. Unfortunately (I'm sure due to issues with device fingerprinting), Apple has removed access to kern.bootsessionuuid in iOS 18, silently and without warning. This has compromised the integrity of our feature. https://developer.apple.com/documentation/ios-ipados-release-notes/ios-ipados-18-release-notes#Deprecations Is there any other way that our app can detect or be notified that a device reboot has occurred? Alternatively, Google has just provided a "TrustedTime" API that looks to do the heavy lifting for what we have been solving ourselves. Would it be possible for Apple to provide a similar API? https://android-developers.googleblog.com/2025/02/trustedtime-api-introducing-reliable-approach-to-time-keeping-for-apps.html We would appreciate any guidance here. Thanks!

Hello, We are developing a multimedia routing platform written in Rust and uses gstreamer 1.20. We are targeting running on Mac Minis (older intel and newer M1/2/3/... w/ 8GB ram) using macOS 14.6.1 I have profiled memory usage using XCode instruments with the allocation tool, stack and heap memory is very stable once the pipelines are up and running. There are between 50 to 100 incoming RTSP streams with multiple webrtc connections, so lots of network and memory bandwidth is being used. However, we eventually see real memory usage increasing in Activity Monitor along with memory pressure increasing, but the heap/stack usage is constant in instruments, so we do not understand this behavior. Page fragmentation is a possibility, but have not been able to prove this with instruments. Please see attached image.You can see that 10-minute run had a total of approx 4.3 GB of allocations, but only 50.17MB persistent. Eventually we see kernel panics in either userspace watchdog timeout: no successful checkins from WindowServer (2 induced crashes) in 120 second or apcie[2:lan-1gb]::handleCompletionTimeoutInterrupt: completion timeout which I believe are caused by high system load and the kernel becoming unresponsive while the kernel is doing page compressions. We tested running with je-malloc for a while, but the kernel panics still occur. We have multiple kernel panic recordings available, but they are too large to upload here. We are also having multiple kernel panics per day while running this application. Any suggestions on how to prevent these kernel panics? If the system is out of memory, shouldn't our application crash with an out-of-memory and the kernel should NOT panic? Thanks, Jeremy Prater

Recently we started facing BLE disconnect issues between our BLE peripheral (microphone) and iOS app that we're having trouble solving. iOS App: Ionic Capacitor using @capacitor-community/bluetooth-le Microphone Peripheral: esp32 board using ESP-IDF Apache NimBLE stack App use case: Our app records a sound clip using the BLE microphone and sends data via a characteristic. The sound clip is broken up into several packets and all sent over ( over 1600 packets ). The microphone has an antenna and boosted signal as well. The Issue: Recently, we've been facing consistent disconnects between the microphone and the iOS app that we think we've narrowed down to the iOS device is disconnecting due to too many dropped packets. It seems the phone can't get further than roughly 10 feet before we see packet loss. Up until recently we had little to no range issues with transferring data and settings disconnected from the microphone while being much further away. Nothing has changed on our end on either the app or microphone firmware side. We use the same microphone firmware and app on Android and have no issues with range or dropped packets. It also seems like we can transfer a couple recording , like 2 or 3 ( each with its own connection i.e scan and connect , subscribe to characteristic and gather all the packets , do some processing then disconnect and start over ), without issue than every attempt at gathering the packets starts failing because of disconnects. Does anyone have any idea what might be going on? Do we need to fix our connection parameters? This seems to be mostly an issue since the newest iOS updates ( 18.3,18.3.1 ) however we've tested on previous versions and are now seeing same ble range issues. Any help or guidance on tracking down what's going on is appreciated. Relevant logs: `32mI (273409) Task_send_audio:: esp_ble_tx_power_get(ESP_BLE_PWR_TYPE_DEFAULT) = 255 [39m [31mE (286869) main:: No MBUFs available from pool, retry.. [39m [23;1H [31mE (287519) main:: No MBUFs available from pool, retry.. [39m [23;1H [31mE (287769) main:: No MBUFs available from pool, retry.. [39m [23;1H [31mE (287919) main:: No MBUFs available from pool, retry.. [39m [23;1H` ... ... ... 31mE (1622829) Task_send_audio:: send_audio_ble, couldn't send the audio totally, ***** unsubscribe from charactaristic [39m [23;1H Peripheral connections parameters:

Hello, I'm trying to use the CardSession sample code in an iPhone app I have received the HCE entitlement, the select identifier array contains only one AID of 8 bytes: FAEBDA5003020000, that is a custom AID that we use on ou custom access control system. We have the complete control of the NFC reader, when we detect a MiFare card, the reader application send the SELECT AID command and the card number is return and checked We want to do the same with an iPhone instead of the MiFare card, so we use the CardSesion sample in our app, here is the log of the reader application when we present the iPhone on it: TX: 0x04 0xfc 0xd4 0x4a 0x01 0x00 0xe1 0x00 RX: 0x00 0x00 0xff 0x00 0xff 0x00 ACK RX: 0x00 0x00 0xff 0x11 0xef 0xd5 0x4b 0x01 0x01 0x00 0x04 0x20 0x04 0x08 0x10 0x53 0x17 0x05 0x78 0x80 0x71 0x00 0xc6 0x00 // SMARTPHONE NFC type 1 pn532InSelect TX: 0x03 0xfd 0xd4 0x54 0x01 0xd7 0x00 RX: 0x00 0x00 0xff 0x00 0xff 0x00 ACK RX: 0x00 0x00 0xff 0x03 0xfd 0xd5 0x55 0x00 0xd6 0x00 pn532InDataExchange TX: 0x12 0xee 0xd4 0x40 0x01 0x00 0xa4 0x04 0x00 0x08 0xfa 0xeb 0xda 0x50 0x03 0x02 0x00 0x00 0x00 0x00 0x27 0x00 RX: 0x00 0x00 0xff 0x00 0xff 0x00 ACK RX: 0x00 0x00 0xff 0x05 0xfb 0xd5 0x41 0x00 0x6a 0x81 0xff 0x00 we use the select application command and give our 8 bytes AID number: 0xfa 0xeb 0xda 0x50 0x03 0x02 0x00 0x00 the reader receives 6A 81 which means according to our apdu documentation: "Function not supported" How can we make it work ?

Does iOS limit the number of packets per connection event to 4? When transmitting GATT data, each packet is 244 bytes. However, starting from the second packet, the updateValue method returns false, and the waiting time for peripheralManagerIsReadyToUpdateSubscribers callback varies significantly, ranging from 50ms to 100ms. Is this behavior normal?

i recently upgraded to sequoia, and now, more often than not, when running in the debugger, opening my database causes a hang: When i run outside the debugger, it opens just fine. I suspect it has to do with "full disk access"? but i've given my app full disk access. i've also set Qt and Xcode to have "Allow apps to use developer tools" permissions. as a test i also added my app into that permission group, all to no avail. the path to the DB being opened is in my user's Music folder, and having full disk access gives permission for everything, including things in that folder. confused!