I filed FB13732021, which has a sysdiagnose from the source machine.

I just set up a brand new VM, with only my brand new Irish Apple ID account. Before installing our stuff, I could turn a Messages chat into an audio call, and it worked. After installing our stuff, I couldn't. It will fail, but it is doing something, because my phone and/or mac get notified of an incoming FaceTime call. I disabled our stuff -- again, so the handleNewUDPFlow and handleNewFlow methods return false almost immediately -- and then there is no change in behaviour. I added identityservicesd and avconferenced to the list of processes that are always ignore (that is, those methods return false almost immediately) with no change in behaviour as far as I can tell. The signing identifiers I see in the "disabled" state are for com.apple.Safari.SafeBrowsing, com.apple.avconferenced, and com.apple.identityservicesd (I log the signing identifiers more than trying to get pathnames for everything). I'm not sure what to look for in the system logs, and I don't think tcpdump would do me much good here since I assume everything is encrypted. 😄

Correct. (Although I may be running into other issues involving multiple Apple IDs per device. We seem to have lost the test phone. sigh) We check the process' name in the extension to see if we should just ignore it (that is, return false from the method), and I've bypassed identityservicesd and a few others, but it's not clear to me what processes are actually trying. And we don't get informed of inbound connections, of course.

Ok that is much nicer indeed.

Yeah I just found that, and confirmed it worked. :blush: None of the examples I'd, ahem, borrowed from seem to have had the call, so I assumed it was all handled via ARC.

It crashed under lldb so I was able to backtrace -- it was my Swiftian @synchronized replacement, which (in some places) was using a Swift dictionary. I changed all the places to use an NSLock instead, and have been running it since, so far so good.

I can try, but I've really not had a whole lot of success with trying to debug the network extension with a debugger. Anything I should look for or do, other than telling lldb to attach to the correct pid, and wait for a crash?

I can't reproduce it on demand (other than by running our stress tests), but it happens somewhat regularly -- that is, when I ran out stress tests over the weekend on an Intel and AS machine, it crashed on both of them at least a couple of times.

Ok here's the success: after a reboot, the code worked, and sysextd did not crash.

Ok, I've been experimenting off and on. My loop is this (some #if's and stuff removed); proxy is just a normal remoteObjectProxy on the XPC connection, with an error handler just for logging: int counter = 0; while (self.stopRun == NO) { NSNumber *objNum; size_t dataLength = arc4random() % 16384; void *dataBuffer = malloc(dataLength); NSData *data = nil; @synchronized (self) { objNum = [NSNumber numberWithUnsignedLongLong:self.count++]; } NSString *objName = [NSString stringWithFormat:@"Object %@", objNum]; if (dataBuffer != NULL) { arc4random_buf(dataBuffer, dataLength); data = [NSData dataWithBytesNoCopy:dataBuffer length:dataLength freeWhenDone:YES]; } TestObject *to = [TestObject name:objName data:data]; [proxy logDataWithEntry:to]; if ((counter++ & 0x7ff) == 0) { dispatch_semaphore_t sempaphore = dispatch_semaphore_create(0); [self.connection scheduleSendBarrierBlock:^{ printf("In schedule block\n"); dispatch_semaphore_signal(sempaphore); [self updateBandwidth]; return; }]; dispatch_semaphore_wait(sempaphore, DISPATCH_TIME_FOREVER); printf("Done with lock"); } } }); Some screenshots from Instruments -- the allocation graph during the runtime, and then the source code with its annotation for allocation size In the allocation graph, once it exits out of the loop, the memory use goes back to (delightfully!) 0. Until then, however, it doesn't seem to be dong any releasing of memory. The output of both top and Activity Monitor match the allocation size and behavior. Until! If I put an autorelease pool inside the entire contents of the loop, then... it grows, albeit much more slowly. It also runs much faster, which indicates (to me) that Instruments is interfering with it enough to change its behavior. So, in summary: I am still deeply confused about how ARC is reaping when I use it with XPC. 😄 (Our actual application gets into hundreds of mbytes fairly quickly; I've already tried adding in a barrier call.)

I don't have something to compare to -- the goal is to be able to say "if it's any part of Safari, do this; if it's any part of Pages, do this" and so forth. Since many applications can be anywhere, I use the metadata query to find the applications' paths, and then send that down to the extension. So... is there a way to ask for all of the paths for bundles that match the display name? Another thing, that is an error on my part, is that I used the SecInfo to get the path -- but that's the path to the bundle, not the path for the process, so I should use procinfo. I wrote up some Swift code to do that yesterday.

I knew they were the same object (I use stat -s 'cause I'm weird), but... is there a way to deal with this, or should I just do what I thought, and strip out the prefixes? (Although the man page for cryptex says it can be mounted in a random location.) (The workflow for this is a network extension checking the path of a process; the path is lazily looked up and cached using the app unique identifier.)

Ha, ok, I thought it was a synchronous call. 😄 I used a dispatch semaphore, and the memory growth is significantly slower, although it still happens.

I changed the code to int counter = 0; while (self.stopRun == NO) { NSNumber *objNum; @synchronized (self) { objNum = [NSNumber numberWithUnsignedLongLong:self.count++]; } NSString *objName = [NSString stringWithFormat:@"Object %@", objNum]; #ifdef USE_COMPLETION __block TestObject *to = [TestObject name:objName]; [proxy logDataWithEntry:to completion:^(NSString *str) { to = nil; }]; #else TestObject *to = [TestObject name:objName]; [proxy logDataWithEntry:to]; } #endif if ((counter++ & 0x7ff) == 0) { [self.connection scheduleSendBarrierBlock:^{ return; }]; } }); and there is no change in the Activity Monitor-reported memory usage. (Amusingly, this is much worse on Apple Silicon, because it is so much faster.)

Also, if I change it to: while (self.stopRun == NO) { @autoreleasepool { NSNumber *objNum; @synchronized (self) { objNum = [NSNumber numberWithUnsignedLongLong:self.count++]; } NSString *objName = [NSString stringWithFormat:@"Object %@", objNum]; TestObject *to = [TestObject name:objName]; [proxy logDataWithEntry:to]; #endif } } then it still gets up to 500mbytes (according to Activity Monitor) within just a few seconds. So that @autoreleasepool doesn't seem to be doing anything (since it's inside the loop).