I am developing an iOS 26+ navigation app. The app has the default navigation entitlement, MKDirectionsModeCar, MKDirectionsRequest / com.apple.maps.directionsrequest handling, a routing coverage file, phone navigation, CarPlay navigation, and CarPlay Dashboard support. However, when the user says “Navigate to [insert city/place/address] using [name of app],” Siri opens Apple Maps instead. My app receives no URL event, no MKDirections.Request, no App Intent event, and no CarPlay scene URL event. I found a related thread here: https://developer.apple.com/forums/thread/759653. I followed the recommendation there and filed Feedback Assistant enhancement request FB22804661. Please let me know if you need any additional information from me.

For some reason since watchOS 26.5 my workout app can no longer receive action button presses during a workout unless the action button is configured to start a specified activity type. If the action button is configured to just open the app but not start an activity then at the start of a workout the app donates a StartWorkoutIntent. The result parameter is set to a 'NextButtonPress' intent so that the app is notified when the action button is pressed. This has been working fine since the action button first appeared back in 2022, but has suddenly stopped working with watchOS 26.5. Now when the app tries to donate the intent then it fails with the following error: The operation couldn’t be completed. (LNTranscriptErrorDomain error 1003.) Does anyone know what has changed and how I can get around it? Thanks.

Hi, I am displaying the running linux ubuntu VM in VzVirtualMachineView. I wouldl like to simulate right click by calling vZVirtualMachineView.rightMouseDown to trigger right click on the guest. I tried it and it does not work. For mac os guests it is working. For linux guests it is not working Any help would be appreciated to fix the issue.

When i use the MFMailComposeViewController in visionOS, there is no cancel button for the controller. The button at the bottom closes the app. Is anyone else experiencing this? if([MFMailComposeViewController canSendMail]) { MFMailComposeViewController* controller = [[MFMailComposeViewController alloc] init]; controller.mailComposeDelegate = (id <MFMailComposeViewControllerDelegate>)view; [controller setToRecipients:toAddresses]; [controller setSubject:subject]; [controller setMessageBody:body isHTML:isHtml]; [view presentViewController:controller animated:YES completion:nil]; }

Hi everyone, I’m working with UDP Multicasting on iOS (iOS 15+) using Network.framework and facing a confusing issue. Setup: Multicast IP: 239.255.0.1 Port: 45454 Using NWConnectionGroup / NWMulticastGroup NSLocalNetworkUsageDescription is present in Info.plist Devices are on the same Wi-Fi network Problem: Receiving multicast packets works perfectly Sending multicast packets does NOT work No errors are thrown send() completion handler reports success stateUpdateHandler sometimes doesn’t transition to .ready No packets are actually transmitted on the network Observations: The app can receive data from other multicast senders Sending appears to be silently blocked Reinstalling the app fixes the issue This points to a Local Network permission problem If permission was denied once, iOS does not re-prompt Inbound multicast works, outbound multicast is blocked Questions: Is it expected on iOS that receiving multicast works even when sending is blocked? Is reinstalling the app the only way to recover if Local Network permission was denied? Is there any reliable runtime way to detect that outbound multicast is blocked? Is NWConnectionGroup the correct and only supported way to send multicast on iOS? Any clarification or official guidance would really help. Thanks in advance!

Hi guys, I am building a custom virtualization utility for macOS using the native Virtualization Framework. My goal is to allow local guest virtual machines to run in Bridged Mode (VZBridgedNetworkDeviceAttachment) so they can acquire their own distinct local IP address from my router and expose service ports directly to the local network. When attempting to compile and run my app with the com.apple.vm.networking entitlement, Xcode throws the following error:"Entitlement com.apple.vm.networking not found and could not be included in profile. This likely is not a valid entitlement and should be removed from your entitlements file" I understand that this is a restricted capability that is hidden from the standard Apple Developer Portal by default. I have already reached out via email to Apple Developer Support to request it, but I have not received a definitive answer on the process or exact entitlement string name. For those who have successfully shipped or tested a virtualization app with bridged networking, Is com.apple.vm.networking the correct string name for modern macOS versions, or is there a newer, specific identifier required? What is the actual entitlement that i should see in my developer account? I can't seem to find it in the docs as well. Would it be called "VM Networking" Thanks,

On macOS Tahoe 26.5 and happening since 26.0 each time I search for document inside iCloud I get a jetsam event.

Hello Everyone, Like probably several other Enterprise customers and more, we have been bitten by a bug with regards to VPN and Endpoint Security and the new M5 / M5 Pro SoCs shipping in the latest MacBook devices. I have raised the following feedback IDFB22753954 (which itself references an internal issue I believe, if we need to mark it as a dupe: 172793638 ). The technical sequence leading to the crash is as follows I believe: The macOS system process neagent successfully initializes the GlobalProtect network extension. The GP Network extension transitions from an 'inactive' state to a 'running' state. As network traffic begins flowing through the extension, a critical flaw in the macOS kernel's memory allocation (specifically related to the Apple Network Extension framework) is triggered. This memory management failure at the kernel level results in a kernel panic at an unpredictable point during packet processing. Because this is a core operating system vulnerability, any third-party application or security solution that leverages Apple's Network Extension framework is susceptible to these crashes. This has been confirmed across multiple vendors within the cybersecurity industry from what I understand. Crashes_M5Pro_1.txt Thank you in advance for your help! Kind Regards, Goffredo

Hello everyone, We are in the process of migrating a high-performance storage KEXT to DriverKit. During our initial validation phase, we noticed a performance gap between the DEXT and the KEXT, which prompted us to try and optimize our I/O handling process. Background and Motivation: Our test hardware is a RAID 0 array of two HDDs. According to AJA System Test, our legacy KEXT achieves a write speed of about 645 MB/s on this hardware, whereas the new DEXT reaches about 565 MB/s. We suspect the primary reason for this performance gap might be that the DEXT, by default, uses a serial work-loop to submit I/O commands, which fails to fully leverage the parallelism of the hardware array. Therefore, to eliminate this bottleneck and improve performance, we configured a dedicated parallel dispatch queue (MyParallelIOQueue) for the UserProcessParallelTask method. However, during our implementation attempt, we encountered a critical issue that caused a system-wide crash. The Operation Causing the Panic: We configured MyParallelIOQueue using the following combination of methods: In the .iig file: We appended the QUEUENAME(MyParallelIOQueue) macro after the override keyword of the UserProcessParallelTask method declaration. In the .cpp file: We manually created a queue with the same name by calling the IODispatchQueue::Create() function within our UserInitializeController method. The Result: This results in a macOS kernel panic during the DEXT loading process, forcing the user to perform a hard reboot. After the reboot, checking with the systemextensionsctl list command reveals the DEXT's status as [activated waiting for user], which indicates that it encountered an unrecoverable, fatal error during its initialization. Key Code Snippets to Reproduce the Panic: In .iig file - this was our exact implementation: class DRV_MAIN_CLASS_NAME: public IOUserSCSIParallelInterfaceController { public: virtual kern_return_t UserProcessParallelTask(...) override QUEUENAME(MyParallelIOQueue); }; In .h file: struct DRV_MAIN_CLASS_NAME_IVars { // ... IODispatchQueue* MyParallelIOQueue; }; In UserInitializeController implementation: kern_return_t IMPL(DRV_MAIN_CLASS_NAME, UserInitializeController) { // ... // We also included code to manually create the queue. kern_return_t ret = IODispatchQueue::Create("MyParallelIOQueue", kIODispatchQueueReentrant, 0, &ivars->MyParallelIOQueue); if (ret != kIOReturnSuccess) { // ... error handling ... } // ... return kIOReturnSuccess; } Our Question: What is the officially recommended and most stable method for configuring UserProcessParallelTask_Impl() to use a parallel I/O queue? Clarifying this is crucial for all developers pursuing high-performance storage solutions with DriverKit. Any explanation or guidance would be greatly appreciated. Best Regards, Charles

Hi! I'm trying to create an iOS peripheral service with UUID=180F which stands for standard GATT BAS. I'm getting the error: CBErrorDomain Code=8 "The specified UUID is not allowed for this operation." Is this prohibited by the system?

ES_EVENT_TYPE_AUTH_SIGNAL DENY causes Dock icon to disappear and LaunchServices to lose track of the process Platform: macOS 11.0 (Big Sur) – macOS 15 (Sequoia) Xcode: 16.4 (16F6) Language: Swift, EndpointSecurity framework Testing OS: macOS 15.5 (primary), reproduced on macOS 11.0+ [1]Description I'm developing a System Extension using the EndpointSecurity framework for a security product. My extension subscribes to ES_EVENT_TYPE_AUTH_SIGNAL to block unauthorized signals sent to protected GUI applications (self-protection feature). When I respond with ES_AUTH_RESULT_DENY to an AUTH_SIGNAL event targeting a GUI application, the system enters an inconsistent state: The Dock icon disappears — loginwindow removes the app's UI via its applicationQuit event, even though the process is still running LaunchServices loses track of the application's PID — it can no longer determine the PID from the LSASN Activity Monitor's subsequent Force Quit attempts fail silently — no kill() syscall is issued because LaunchServices cannot resolve the PID The issue only resolves after: Restarting Activity Monitor (clears its internal cache), or Relaunching the protected application (re-registers with LaunchServices) Expected: Signal is denied, the process keeps running, Dock icon remains visible, and Activity Monitor can still force-quit the process normally. Actual: Dock icon disappears after the first blocked signal. Subsequent Force Quit attempts do nothing — no kill() syscall is issued. The process remains alive but is invisible to the system. [2]Minimal Reproducible Code Requires System Extension entitlement: com.apple.developer.endpoint-security.client entitlements.plist <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.developer.endpoint-security.client</key> <true/> </dict> </plist> SignalBlockingDemo.swift import EndpointSecurity import Foundation var client: OpaquePointer? es_new_client(&client) { _, message in guard message.pointee.event_type == ES_EVENT_TYPE_AUTH_SIGNAL else { return } let sig = message.pointee.event.signal.sig let target = message.pointee.event.signal.target.pointee let targetPid = audit_token_to_pid(target.audit_token) // es_string_token_t does not guarantee null-termination — read via buffer let esToken = target.executable.pointee.path let targetPath: String let count = Int(esToken.length) if count > 0, let rawPtr = esToken.data { let buf = UnsafeBufferPointer( start: UnsafeRawPointer(rawPtr).assumingMemoryBound(to: UInt8.self), count: count) targetPath = String(decoding: buf, as: UTF8.self) } else { targetPath = "" } // Protect a specific GUI app — replace with your target path let protectedPath = "/Applications/Numbers.app/Contents/MacOS/Numbers" guard targetPath == protectedPath else { es_respond_auth_result(client!, message, ES_AUTH_RESULT_ALLOW, false) return } print("[ES] Blocking signal \(sig) -> pid \(targetPid) (\(targetPath))") // After this DENY: Dock icon disappears, LaunchServices loses the PID es_respond_auth_result(client!, message, ES_AUTH_RESULT_DENY, false) } let events: [es_event_type_t] = [ES_EVENT_TYPE_AUTH_SIGNAL] es_subscribe(client!, events, UInt32(events.count)) print("Signal blocking active. Press Enter to stop.") _ = readLine() es_unsubscribe_all(client!) es_delete_client(client!) Build & run: swiftc -o SignalBlockingDemo SignalBlockingDemo.swift codesign --force --sign - --entitlements entitlements.plist SignalBlockingDemo sudo ./SignalBlockingDemo [3]Steps to Reproduce Build and run SignalBlockingDemo as above (targets Numbers.app) Launch Numbers.app — note its PID Open Activity Monitor In Activity Monitor, select Numbers → click Force Quit (⊗) Observe: ES extension logs "Blocking signal 15" — signal is denied Bug: Numbers.app Dock icon disappears, even though the process is alive Press Enter in the demo terminal to stop signal blocking In Activity Monitor, click Force Quit again on the Numbers process Bug: No error shown in Activity Monitor UI, but the process is NOT terminated In Console.app (filter: LaunchServices), observe: "Unable to determine pid of LSASN:{hi=0x1;lo=0x...}" Confirm: No kill() syscall is issued — verify with DTrace script below DTrace verification (trace_kill.d): syscall::kill:entry /execname == "Activity Monitor"/ { printf("%Y: Activity Monitor calling kill(%d, %d)\n", walltimestamp, arg0, arg1); } sudo dtrace -s trace_kill.d During the broken Force Quit: no output (no kill() issued). After restarting Activity Monitor and retrying: kill() appears and process terminates. [4 What We've Tried Allowing ALL signals → Dock icon never disappears, behavior is normal Subscribing to AUTH_SIGNAL but always returning ALLOW → no issue Denying signals only on headless daemon processes → no issue observed Always allowing signals from launchd (PID 1) → does not prevent the Dock issue Always allowing SIGCHLD, SIGWINCH, SIGCONT → does not prevent the Dock issue Hypothesis: loginwindow observes the AUTH_SIGNAL event (or a related notification) and proactively removes the Dock UI entry when a termination signal targets a GUI app — regardless of whether the signal was ultimately denied. This seems like a coordination gap between EndpointSecurity's signal interception and loginwindow/LaunchServices' app lifecycle management. [5] Specific Questions Is it expected that loginwindow removes the Dock UI entry for a GUI app when AUTH_SIGNAL is received, even if the signal is ultimately denied (ES_AUTH_RESULT_DENY)? Is there a known coordination mechanism between EndpointSecurity's AUTH_SIGNAL and loginwindow / LaunchServices that we should be aware of when implementing self-protection for GUI apps? Is there a recommended pattern or API for protecting a GUI app from termination signals via AUTH_SIGNAL without disrupting its Dock presence and LaunchServices registration? Should we notify loginwindow or LaunchServices to re-register the application after denying a signal, and if so, how? [6] Additional Context The issue reproduces on macOS 11.0 through macOS 15.5 Tested with Numbers.app and other GUI applications — all reproduce the same behavior The issue is NOT reproducible when the protected process is a headless daemon (no Dock presence) launchd (PID 1) senders are always allowed in our policy SIGCHLD, SIGWINCH, SIGCONT are excluded from our deny list DTS Case ID: 19226051 Feedback ID :FB22338746

Hi, Overview I have a SwiftData project which automatically syncs with CloudKit. When I run the app, I see the following error in Xcode logs. Error updating background task request: Error Domain=BGSystemTaskSchedulerErrorDomain Code=3 "(null)" My attempt I can enable Background processing (under Signing & Capabilities > Background modes), but I don't know the BGTaskSchedulerPermittedIdentifiers to add in the Info.plist Questions How can I resolve this? If I should enable background processing, what are the BGTaskSchedulerPermittedIdentifiers to add in Info.plist?

I am working on a cross-platform application where, on Android and Windows, I explicitly load dynamic libraries at runtime (e.g., LoadLibrary/GetProcAddress on Windows and equivalent mechanisms on Android). This allows me to control when and how modules are loaded, and to transfer execution flow from the main executable into the dynamically loaded library. I want to follow a similar approach on macOS (and also iOS) and explicitly load a framework (instead of relying on implicit linking via import). From my exploration so far, I have come across the following options: Using Bundle (NSBundle) - Load framework using: let bundle = Bundle(path: path) try bundle?.load() Access functionality via NSPrincipalClass and @objc methods (class-based entry) Using dlopen + dlsym Load the framework binary and resolve symbols: let handle = dlopen(path, RTLD_NOW) let sym = dlsym(handle, "EntryPoint") Expose Swift functions using @_cdecl Using a hybrid approach (Bundle + dlsym) - Use Bundle for loading and dlsym for symbol access From what I understand: Bundle works well for class-based/plugin-style designs using the Objective-C runtime while dlopen/dlsym works at the symbol level and is closer to what I am doing on other platforms However, my requirement is specifically: Explicit runtime loading (not compile-time linking) Ability to transfer execution flow from the main executable into the dynamically loaded framework **What is the recommended approach on macOS for this kind of explicit dynamic loading, or is implicit loading the way to go? Also, would it differ for interactive and non-interactive apps? ** In what scenarios would Apple recommend using Bundle instead of dlopen? Is there any other methods best for this explicit loading of frameworks on Apple?

Hi, I developed a network extension program on macOS. I tried to update the program by changing the version number. My update process was to first turn off network filtering via "NEFilterManager.sharedManager.enabled = NO", and then use "[OSSystemExtensionRequest activationRequestForExtension:bundleid queue:dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_HIGH, 0)];" to let the system replace the old network extension program. However, sometimes the old network extension process will become a zombie process like pid=86621 in the figure. As long as the zombie process exists, the network cannot be used. After about 10 minutes, it will be cleared and the network will be available. Restarting Wi-Fi can also clear the zombie process immediately. Why is this? How to avoid this problem?

We see a major delay for the first open("disk.img", O_RDONLY); we perform. If it helps, we use clonefile() to copy a sparsed image. if (-1 == (fd = open(path, (mode & O_ACCMODE) | O_CLOEXEC))) return -1; 1791 Thread_1071327 DispatchQueue_1: com.apple.main-thread (serial) 1791 start (in dyld) + 6076 [0x189f72b98] 1791 main (in anka_image) + 20 [0x102171bb8] 1791 clp_main (in libpolicy.dylib) + 2120 [0x102a49eac] 1790 process_info (in anka_image) + 68 [0x1021723f4] + 1790 vdsk_open (in libvdsk.dylib) + 92 [0x1021d90e8] + 1790 vdsk_open_native (in libvdsk.dylib) + 164 [0x1021d91c0] + 1790 open (in libsystem_kernel.dylib) + 64 [0x18a2dd6a4] + 1790 __open (in libsystem_kernel.dylib) + 8 [0x18a2d2678] What advice do you have for diagnosing what is causing the first open to do this? Is this some sort of security scan happening? Indexing?

Since the update to macOS 26.5, SetFocusFilterIntent is broken in two ways: When using a SetFocusFilterIntent where the user can select one AppEntity out of a list, the selection is broken. Instead of the selected item, the first or two items at the same time are highlighted. The perform method of the SetFocusFilterIntent is never called. On iOS there seems to be a strange fix when the focus filter doesn't work, just conform the focus filter to a LiveActivityIntent: struct FocusFilter: SetFocusFilterIntent, LiveActivityIntent No solution for macOS yet.

When an auto renewing subscription is "Developer removed from sale", any auto renewal should fail. Will this make the subscription enter billing "Grace Period"? Our expectation is that the rewal would fail without entering a "Grace Period".

In my basement I have a couple of raspberry PIs that are collecting sensor data. They cannot send the data to any server because there is no signal in the basement. So my idea was to develop an app that would host a web server so that I can take my phone, go into the basement and enable the hotspot so that the raspberrys can connect to my phones Wifi and send their sensor data via API calls to the web server that is running on the phone. I have read about Vapor but somehow that feels like overkill for this problem. Do you guys have any recommendations how to solve this problem or better ideas than running a web server on the iPhone (and no, extending the wifi signal into the basement is not an option here)?

MacOS (15.7) local host (expressjs: light weight REST API server) NOT able to configure to access from my iPhone physically connected via thunderbolt BUT I am able to access it from localhost via Browser of the Macbook (locally), But NOT from iPhone server running at '0.0.0.0' Firewall is turned off(by default) I hope someone can get me the steps in enabling the port

Summary: Starting from iPadOS 26.4, the maximum memory available to a single app has been reduced from approximately 6GB to 3GB on an 8GB iPad. This change persists in iPadOS 26.5 and has not been addressed. This breaks core functionality of memory-intensive applications such as 3D scanning apps that require large amounts of RAM to process models. Device: iPad with 8GB RAM Affected versions: iPadOS 26.4, iPadOS 26.5 Working version: iPadOS 26.0 / 26.1 / 26.2 / 26.3 Measured Data: iPadOS 26.0–26.3: App available memory ≈ 6GB (75% of total RAM) iPadOS 26.4–26.5: App available memory ≈ 3GB (37.5% of total RAM) Measurement method: Apple system API Impact: This is a regression, not expected behavior. The available memory per app has been cut by 50% without any official documentation or release notes mentioning this change. As a result, our 3D scanning application crashes immediately when attempting to process 3D models on iPadOS 26.4 and later. The app requires substantial RAM to load and process 3D model data. With only 3GB available, memory allocation fails during model processing, causing the app to crash (EXC_RESOURCE / OOM kill). This core functionality was working correctly on iPadOS 26.3 and earlier with the same device and same app binary. This regression makes our app's primary feature completely unusable for all users on iPadOS 26.4+. Steps to Reproduce: On an 8GB iPad, install iPadOS 26.0 Measure available app memory using Apple system API Upgrade to iPadOS 26.4 or 26.5 Measure available app memory again Observe: available memory drops from ~6GB to ~3GB Expected Result: Available memory per app should remain consistent across minor OS updates, or any changes should be documented. Actual Result: Available memory per app dropped by 50% starting in iPadOS 26.4, with no documentation of this change. Additional Notes: Disabling Apple Intelligence does not resolve the issue This issue was not fixed in iPadOS 26.5 Other developers have reported increased crash rates starting in iPadOS 26.4 (Apple Developer Forums)