General: DevForums subtopic: App & System Services > Core OS Core OS is a catch-all subtopic for low-level APIs that don’t fall into one of these more specific areas: Processes & Concurrency Resources Files and Storage Resources Networking Resources Network Extension Resources Security Resources Virtualization Resources Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"

I've written an PDF viewing app, and there seems to be a correlation between files opened by the app and files that Time Machine says couldn't be backed up. The files can still "not be backed up", even after the app has closed them. Is there anything I specifically need to do to sever the link between the file and the app?

A user of my app reported that when my app copies files from a QNAP NAS to a folder on their Mac, they get the error "Result too large". When copying the same files from the Desktop, it works. I asked them to reproduce the issue with the sample code below and they confirmed that it reproduces. They contacted QNAP for support who in turn contacted me saying that they are not sure they can do anything about it, and asking if Apple can help. Both the app user and QNAP are willing to help, but at this point I'm also unsure how to proceed. Can someone at Apple say anything about this? Is this something QNAP should solve, or is this a bug in macOS? P.S.: I've had users in the past who reported the same issue with other brands, mostly Synology. import Cocoa @main class AppDelegate: NSObject, NSApplicationDelegate { func applicationDidFinishLaunching(_ aNotification: Notification) { let openPanel = NSOpenPanel() openPanel.canChooseDirectories = true openPanel.runModal() let source = openPanel.urls[0] openPanel.canChooseFiles = false openPanel.runModal() let destination = openPanel.urls[0] do { try copyFile(from: source, to: destination.appendingPathComponent(source.lastPathComponent, isDirectory: false)) } catch { NSAlert(error: error).runModal() } NSApp.terminate(nil) } private func copyFile(from source: URL, to destination: URL) throws { if try source.resourceValues(forKeys: [.isDirectoryKey]).isDirectory == true { try FileManager.default.createDirectory(at: destination, withIntermediateDirectories: false) for source in try FileManager.default.contentsOfDirectory(at: source, includingPropertiesForKeys: nil) { try copyFile(from: source, to: destination.appendingPathComponent(source.lastPathComponent, isDirectory: false)) } } else { try copyRegularFile(from: source, to: destination) } } private func copyRegularFile(from source: URL, to destination: URL) throws { let state = copyfile_state_alloc() defer { copyfile_state_free(state) } var bsize = UInt32(16_777_216) if copyfile_state_set(state, UInt32(COPYFILE_STATE_BSIZE), &bsize) != 0 { throw NSError(domain: NSPOSIXErrorDomain, code: Int(errno)) } else if copyfile_state_set(state, UInt32(COPYFILE_STATE_STATUS_CB), unsafeBitCast(copyfileCallback, to: UnsafeRawPointer.self)) != 0 { throw NSError(domain: NSPOSIXErrorDomain, code: Int(errno)) } else if copyfile(source.path, destination.path, state, copyfile_flags_t(COPYFILE_DATA | COPYFILE_SECURITY | COPYFILE_NOFOLLOW | COPYFILE_EXCL | COPYFILE_XATTR)) != 0 { throw NSError(domain: NSPOSIXErrorDomain, code: Int(errno)) } } private let copyfileCallback: copyfile_callback_t = { what, stage, state, src, dst, ctx in if what == COPYFILE_COPY_DATA { if stage == COPYFILE_ERR { return COPYFILE_QUIT } } return COPYFILE_CONTINUE } }

It's quite common for app bundles to be distributed in .zip files, and to be stored on-disk as filesystem-compressed files. However, having them both appears to be an edge case that's broken for at least two major releases! (FB19048357, FB19329524) I'd expect a simple ditto -x -k appbundle.zip ~/Applications (-x: extract, -k: work on a zip file) to work. Instead it spits out countless errors and leaves 0 Byte files in the aftermath 😭 Please fix.

Description: I have identified a specific issue when recording acoustic guitar and other instruments on the iPhone 17 Pro Max using native applications (Voice Memos, Camera). The recordings contain an unnatural metallic resonance (ringing artifacts) that should not be present. Testing and Methodology: Hardware Verification: Initially, I suspected a hardware defect in the audio chip or microphone. However, extensive testing with third-party software suggests this is likely a software-level issue. AudioShare Test: I conducted a test using the AudioShare app in "Measurement Mode" (which bypasses standard iOS system-wide audio processing). In this mode, the audio remains perfectly clean, and the metallic ringing disappears entirely. Conclusion: The issue is rooted in the DSP (Digital Signal Processing) algorithms that iOS applies for noise suppression or voice enhancement. These algorithms appear to misinterpret the high-frequency overtones of acoustic instruments as background noise and attempt to "filter" them, resulting in audible digital artifacts. Comparison Results: This issue has not been observed on devices from other brands or on older iPhone models (preliminary tests suggest older versions handle this better). Notably, the problem persists even in GarageBand, as the app still utilizes certain system-level processing layers. Proposed Solution: I suggest adding a "Raw Audio" or "Instrument Mode" toggle within the Microphone/Audio settings for native apps. This mode should disable aggressive DSP processing, similar to how the AVAudioSession.Mode.measurement works in specialized apps. Attachments: I am attaching 4 archives, including a final "Measurement Mode" folder with comparative samples (Measurement Mode vs. Standard Mode). The artifacts are most prominent when monitored through headphones.

Hi,Does anyone else encountered a delayed or unresponsive change when trying to change input languageon macos Sierra?Beta1 and 2 same problem.Working great on El Capitan.Thanks in advanced

My team has developed an app with a biref Matter commissioner feature using the Matter framework on the MatterSupport extension. Our app support iOS and Android. However, we ran into a problem that the control certificate generated by the iOS app could not control the device on the Android side. And the control certificate generated by the Android app could not control the device on the iOS side. The Matter library used by Android is compiled by connectedhomeip. Does anyone have the same problem as us? How to solve this? Thank you

Hi there, I have an SwiftUI app that opens a user selected audio file (wave). For each audio file an additional file exists containing events that were extracted from the audio file. This additional file has the same filename and uses the extension bcCalls. I load the audio file using FileImporter view modifier and within access the audio file with a security scoped bookmark. That works well. After loading the audio I create a CallsSidecar NSFilePresenter with the url of the audio file. I make the presenter known to the NSFileCoordinator and upon this add it to the FileCoordinator. This fails with NSFileSandboxingRequestRelatedItemExtension: Failed to issue extension for; Error Domain=NSPOSIXErrorDomain Code=3 "No such process" My Info.plist contains an entry for the document with NSIsRelatedItemType set to YES I am using this kind of FilePresenter code in various live apps developed some years ago. Now when starting from scratch on a fresh macOS26 system with most current Xcode I do not manage to get it running. Any ideas welcome! Here is the code: struct ContentView: View { @State private var sonaImg: CGImage? @State private var calls: Array<CallMeasurements> = Array() @State private var soundContainer: BatSoundContainer? @State private var importPresented: Bool = false var body: some View { VStack { Image(systemName: "globe") .imageScale(.large) .foregroundStyle(.tint) Text("Hello, world!") if self.sonaImg != nil { Image(self.sonaImg!, scale: 1.0, orientation: .left, label: Text("Sonagram")) } if !(self.calls.isEmpty) { List(calls) {aCall in Text("\(aCall.callNumber)") } } Button("Load sound file") { importPresented.toggle() } } .fileImporter(isPresented: $importPresented, allowedContentTypes: [.audio, UTType(filenameExtension: "raw")!], onCompletion: { result in switch result { case .success(let url): let gotAccess = url.startAccessingSecurityScopedResource() if !gotAccess { return } if let soundContainer = try? BatSoundContainer(with: url) { self.soundContainer = soundContainer self.sonaImg = soundContainer.overviewSonagram(expectedWidth: 800) let callsSidecar = CallsSidecar(withSoundURL: url) let data = callsSidecar.readData() print(data) } url.stopAccessingSecurityScopedResource() case .failure(let error): // handle error print(error) } }) .padding() } } The file presenter according to the WWDC 19 example: class CallsSidecar: NSObject, NSFilePresenter { lazy var presentedItemOperationQueue = OperationQueue.main var primaryPresentedItemURL: URL? var presentedItemURL: URL? init(withSoundURL audioURL: URL) { primaryPresentedItemURL = audioURL presentedItemURL = audioURL.deletingPathExtension().appendingPathExtension("bcCalls") } func readData() -> Data? { var data: Data? var error: NSError? NSFileCoordinator.addFilePresenter(self) let coordinator = NSFileCoordinator.init(filePresenter: self) NSFileCoordinator.addFilePresenter(self) coordinator.coordinate(readingItemAt: presentedItemURL!, options: [], error: &error) { url in data = try! Data.init(contentsOf: url) } return data } } And from Info.plist <key>CFBundleDocumentTypes</key> <array> <dict> <key>CFBundleTypeExtensions</key> <array> <string>bcCalls</string> </array> <key>CFBundleTypeName</key> <string>bcCalls document</string> <key>CFBundleTypeRole</key> <string>None</string> <key>LSHandlerRank</key> <string>Alternate</string> <key>LSItemContentTypes</key> <array> <string>com.apple.property-list</string> </array> <key>LSTypeIsPackage</key> <false/> <key>NSIsRelatedItemType</key> <true/> </dict> <dict> <key>CFBundleTypeExtensions</key> <array> <string>wav</string> <string>wave</string> </array> <key>CFBundleTypeName</key> <string>Windows wave</string> <key>CFBundleTypeRole</key> <string>Editor</string> <key>LSHandlerRank</key> <string>Alternate</string> <key>LSItemContentTypes</key> <array> <string>com.microsoft.waveform-audio</string> </array> <key>LSTypeIsPackage</key> <integer>0</integer> <key>NSDocumentClass</key> <string></string> </dict> </array> Note that BatSoundContainer is a custom class for loading audio of various undocumented formats as well as wave, Flac etc. and this is working well displaying a sonogram of the audio. Thx, Volker

I'm scanning for peripherals, and keep references to multiple CBUUIDs - one for each peripheral. I then start a connection to the peripheral. I never get a callback to say the connection succeeded, failed, or disconnected. I have a Mini-Moreph Bluetooth sniffer. The sniffer shows that the iPhone never tried to connect to any of the peripherals. The iPhone HCI logs show that a create connection request was sent, but a cancel connection request was sent 0.018 seconds later. No feedback was given to my application through CoreBluetooth. I've filed this through Feedback Assistant, but expect nothing will come of the report.

We recently migrated our entire product to Apple Unified Logging due to the various benefits it provides. However we immediately started hitting the "log quarantine" problem ("QUARANTINED DUE TO HIGH LOGGING VOLUME"). This is partly because we are indeed over logging in a few cases (which we have to work on fixing), but also partly because it's a complicated product with potentially hundreds of libraries, and some of the code can legitimately be very busy. For example we have a system extension that's implemented both as a NetworkExtension client and an EndpointSecurity client, if we were to log decent information about each network or file system event so we can troubleshoot something, they are bound to be high volume logs. Now when our app is running in a normal user environment, this is not a problem. We can disable certain heavy log levels, or at least disable persisting for certain logs (one of the benefits of Apple Unified Logging we really like is that it allows very flexible controls, log config command, OSLogPreferences, configuration profile, we can employ whatever that suits a specific case). But ultimately, the question is what if we end up with a troubleshooting case we don't know exactly where a problem is so we just need the full logs at debug level? And not only just enabled, but because we might not know when the issue can happen either we also need to persist the full set of logs for as long as possible? We will start hitting log quarantine again. Granted this is a very extreme case, but if worst comes to worst, how can we even do that with Apple Unified Logging? Is there an option that allows us to override the quarantine, if but temporarily? I've searched a few relevant forum posts, some of which described log quarantine but no one had mentioned any solution for it (besides having to stop logging so much from the app but as I explained we do have legitimate cases where log volume can still be huge). I've also read The Eskimo's "Your Friend the System Log" and browsed some of the troubleshooting config profiles provided by Apple hoping to discover some hidden payloads but found none so far. There is an OSLogRateLimit environment variable that I noticed if I run a launchctl print system/<a-launch-daemon-lable> and it's usually 64. Is this something relevant? And knowing Apple it's probably something that can't be tampered with?

When I've tried to use UIDevice on my Mac running my Catalyst application, testing code UIDevice *d=UIDevice.currentDevice; for (NSString *k in @[@"name", @"systemName", @"systemVersion", @"model", @"localizedModel"]) NSLog(@"%@ -> %@", k, [d valueForKey:k]); to my great surprise I am getting name -> iPad systemName -> iPadOS systemVersion -> 26.3 model -> iPad localizedModel -> iPad What the. How do I determine the real values? Thanks!

Hi! I was able to successfully persist my debug log entires using the OSLogPreferences key in my Info.plist and retrieve the logs from my iPhone using log collect. This worked to get log messages created when my app executed a background task tonight (2026-01-20 00:20). But log Debug and Default log messages from a normal run yesterday (2026-01-19 15:34) disappeared. I can query for the missing messages in the log archive I created yesterday but they are missing in the log archive I created today covering also yesterday. I had invoked: % sudo log collect --device-name "<my device name>" --last 25h --output /tmp/system_logs.logarchive ... %sudo log show /tmp/system_logs.logarchive --debug --info --predicate 'subsystem=="com.example.MyApp"' Is this expected and/or is there anything I could do to persist the logs for a longer period? For reference, that's what I have added to my Info.plist for the debug build configuration so far: <key>OSLogPreferences</key> <dict> <key>com.example.MyApp</key> <dict> <key>DEFAULT-OPTIONS</key> <dict> <key>Level</key> <dict> <key>Enable</key> <string>Debug</string> <key>Persist</key> <string>Debug</string> </dict> <key>Enable-Private-Data</key> <true/> </dict> </dict> </dict>

We are using a java program as an installer for a software suite. This program is bundled inside a signed and notarized Mac app, but it uses the system installed Java (from env). For installing software, it requires the App Management permission (currently under System Settings › Privacy & Security › App Management). Since the program runs via the system provided Java executable, that one is the executable, that needs said permission. In the past, it was possible to add java to said permissions list. With macOS 26.2 it is no longer possible. I think, this change happened with 26.2. It was definitely still working with macOS 15 (I can reproduce it there), and I am confident, that it also still worked under 26.1. In Console.app I can see errors like this one /AppleInternal/Library/BuildRoots/4~CCKzugBjdyGA3WHu9ip90KmiFMk4I5oJfOTbSBk/Library/Caches/com.apple.xbs/Sources/SecurityPref/Extension/Privacy/TCC+PrivacyServicesProvider.swift:227 add(record:to:) No bundle or no bundle ID found for record TCCRecord(identifier: "/opt/homebrew/Cellar/sdkman-cli/5.19.0/libexec/candidates/java/11.0.29-tem/bin/rmic", identifierType: SecurityPrivacyExtension.TCCIdentifierType.path, access: SecurityPrivacyExtension.TCCAccess.full, managed: false, allowStandardUserToSetSystemService: false, subjectIdentityBundleIdentifier: nil, indirectObjectIdentityBundleIdentifier: nil, indirectObjectIdentityFileProviderIdentifier: nil, tccAuthorization: <OS_tcc_authorization_record: 0xa97d0ba80>) This is reproducible for various different Java installations. I can also not add Java to the other permissions that I tried. Since Java is not installed in a bundled app but instead as a UNIX executable in a bin-folder, the error No bundle or no bundle ID found for record makes sense. I expect this to also affect other use cases where programs are provided as UNIX executables such as Python or C-Compilers like g++. While it is possible to bundle an entire JRE inside each app, we intentionally chose not to as this massively increases app size. If this issue is not resolved or a workaround can be found, this is the only option that remains for us. I am however worried that there are other use cases where this is not an option.

FB21772424 On any iPhone or iPad running 26.3 beta 3 with UIFileSharingEnabled enabled via Xcode, a file cannot be manually copied to/from macOS or manually deleted from Finder but 26.3 beta 2 works fine running on any iPhone or iPad. The version of macOS is irrelevant as both macOS 26.2.1 and macOS 26.3 beta 3 are unable to affect file changes via macOS Finder on iPhone or iPad running 26.3 beta 3 but can affect file changes via macOS Finder on iPhone or iPad running 26.2.1 Thank you.

When I have to pull in hundreds of commits from upstream, I like to try to make sure things still compile - frequently, to try to limit how far I need to go to back fix things. One issue is missing symbols in the kext, since you won't know until you try to load the kext. And loading the kext each commit is not realistic. So I went and made up a call to something that does not exist, in my case, strqcmp(). I could not get the various tools like kmutil libraries --all-symbols to print out that this function was going to fail, so I wrote a little script (thanks ChatGPT); ./scripts/kpi_check.py --arch arm64e -k module/os/macos/zfs.kext/ First missing symbols: _crfree _crhold _strqcmp Hurrah. But sadly, my brain was then curious as to why crhold() and crfree() work. Worked for years. Only dtrace calls them in XNU sources but otherwise not mentioned there, not listed in my frameworks, nm is not seeing it. Somewhat of a rabbit hole. I don't even need to know, it does work after all. I should just let it go right? and yet... how does it work? My best guess is a symbols.alias pointing it to kauth_cred_ref() somewhere? Maybe? Anyway, pretty low priority but it's an itch...

Our app attempts to install a PDF workflow in ~/Library/PDF Services but on a clean install of newer macOS versions, that directory no longer exists. Attempting to create the folder requires prompting for user permission to access the ~/Library directory and then prompting the user to access the newly created ~/Library/PDF Services directory. This is annoying and awkward. Creating the PDF Service in the sandbox Library directory does nothing useful since the PDF workflow does not show up in the PDF workflow list in the print dialog. We would like to create both directories in one step, or have the OS create the folder like it used to. Is there an entitlement that will allow our app access to the ~/Library directory without requiring Full Disk Access? Is there a way to have the OS create a symlink in ~/Library for the PDF Services directory that works with macOS 14 and later?

As the title states, I’ve been trying to emulate some older Direct9 games, and rosetta can’t handle it because of that https://github.com/WineAndAqua/rosettax87 I’ve had to use this, but it really seems like something that I shouldn’t have to do I’ve tried Wineskin, wine, D9VK, MoltenVK, GPTk, and the only thing that’s close to working is using devel wine + d9vk with the xrosetta87 running like its a VPN, and then you play Without xrosetta87 it’s 0-0.5 FPS? with it, it’s like a buttery smooth 60+

I am developing an iOS/iPadOS application and have encountered some behavior regarding Files App and security-scoped bookmarks that I would like to clarify. Additionally, I would like to report some behavior which might include a potential issue. Question1: Accessing deleted files via bookmark (Specification clarification) Our app saves file URLs as bookmarks, which file that user has selected on Files App or app-created so to open a file which user has modified previously in the next launch. When a user deletes a file in Files App (moves a file to Recently Deleted), the app can still resolve the bookmark and access the file for read/write operations. Is this behavior intended? In other words, is it correct that a bookmark can access a file that has been deleted in Files App but not permanently removed? Question2: Overwriting a file in Recently Deleted (Potential bug) We noticed that overwriting a file in Recently Deleted behaves differently depending on the method used. Current implementation 1.Create a temporary file in the same directory 2.Write content to the temporary file 3.Delete the original file ([NSFileManager removeItemAtURL:error:]) 4.Move the temporary file to the original file path ([NSFileManager moveItemAtURL:toURL:error:]) Result: The file disappears from Files App Recently Deleted. In contrast, using [NSFileManager replaceItemAtURL:withItemAtURL:] keeps the file visible in Recently Deleted. Is this difference designed behavior? If not, this may be a bug. Question3: Detecting files in Recently Deleted We want to detect whether a file resides in Recently Deleted, but we cannot find a reliable and officially supported method. Recently Deleted files appear under .Trash, but using the path alone is not a reliable method. We have tried the following APIs without success: [NSURL getResourceValue:forKey:NSURLIsHiddenKey error:] [NSURL checkResourceIsReachableAndReturnError:] [NSFileManager fileExistsAtPath:] [NSFileManager isReadableFileAtPath:] [NSFileManager getRelationship:ofDirectory:NSTrashDirectory inDomain:NSUserDomainMask toItemAtURL:error:] We could not obtain the Recently Deleted folder URL using standard APIs. [NSFileManager URLsForDirectory:NSTrashDirectory inDomains:NSUserDomainMask] [NSFileManager URLForDirectory:NSTrashDirectory inDomain:NSUserDomainMask appropriateForURL:url create:error:] Could you advise a safe and supported way to detect Recently Deleted files properly by the app?

Is it possible to use the Matter.xcframework without the MatterSupport extension for onboarding a Matter device to our own ecosystem(own OTBR and matter controller) for an official App Store release? Currently, we can achieve this in developer mode by adding the Bluetooth Central Matter Client Developer mode profile (as outlined here https://github.com/project-chip/connectedhomeip/blob/master/docs/guides/darwin.md). For an official release, what entitlements or capabilities do we need to request approval from Apple to replace the Bluetooth Central Matter Client Developer mode profile? Thank you for your assistance.

My team has developed an app with a Matter commissioner feature (for own ecosystem) using the Matter framework on the MatterSupport extension. Recently, we've noticed that commissioning Matter devices with the MatterSupport extension has become very unstable. Occasionally, the HomeUIService stops the flow after commissioning to the first fabric successfully, displaying the error: "Failed to perform Matter device setup: Error Domain=HMErrorDomain Code=2." (normally, it should send open commissioning window to the device and then add the device to the 2nd fabric). The issue is never seen before until recently few weeks and there is no code changes in the app. We are suspected that there is some data that fail to download from the icloud or apple account that cause this problem. For evaluation, we tried removing the HomeSupport extension and run the Matter framework directly in developer mode, this issue disappears, and commissioning works without any problems.

I'm pleased to share some significant updates that have recently been released for our Hypervisor and Virtualization frameworks. We've focused on enhancing efficiency, expanding capabilities, and addressing common developer needs. I believe these will be valuable for many of you. Here’s a look at what’s new: Hypervisor Updates We've introduced support for configuring the intermediate physical address (IPA) memory granularity of a VM. This allows for more granular memory mappings, enabling granularity sizes down to 4KB. This is particularly useful for certain specialized device drivers requiring finer memory control. Virtualization Framework Updates More Efficient VM Image Storage with ASIF: We've integrated support for the Apple Sparse Image Format (ASIF). This results in a smaller disk footprint and optimized transfer for VM disk images when using VZDiskImageStorageDeviceAttachment, improving storage efficiency. Custom Network Topologies with vmnet: We've added support for vmnet custom network topologies. This enables more flexible VM-to-VM communication based on logical networks with customized configurations, useful for complex testing or development environments. See VZVmnetNetworkDeviceAttachment to get started. Simplified VM Queue Discovery: It's now easier to discover a VM’s on-process thanks to a new property on VZVirtualMachine. This should aid in development and debugging when interacting directly with the VM's queue. These are some of the key highlights of the first beta, and I'm looking forward to seeing how these improvements will be utilized. I encourage you to explore the documentation for full details on these features.