General: DevForums subtopic: App & System Services > Core OS Core OS is a catch-all subtopic for low-level APIs that don’t fall into one of these more specific areas: Processes & Concurrency Resources Files and Storage Resources Networking Resources Network Extension Resources Security Resources Virtualization Resources Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"

I'll try to ask a question that makes sense this time :) . I'm using the following method on NSFileManager: (BOOL) getRelationship:(NSURLRelationship *) outRelationship ofDirectoryAtURL:(NSURL *) directoryURL toItemAtURL:(NSURL *) otherURL error:(NSError * *) error; Sets 'outRelationship' to NSURLRelationshipContains if the directory at 'directoryURL' directly or indirectly contains the item at 'otherURL', meaning 'directoryURL' is found while enumerating parent URLs starting from 'otherURL'. Sets 'outRelationship' to NSURLRelationshipSame if 'directoryURL' and 'otherURL' locate the same item, meaning they have the same NSURLFileResourceIdentifierKey value. If 'directoryURL' is not a directory, or does not contain 'otherURL' and they do not locate the same file, then sets 'outRelationship' to NSURLRelationshipOther. If an error occurs, returns NO and sets 'error'. So this method falsely returns NSURLRelationshipSame for different directories. One is empty, one is not. Really weird behavior. Two file path urls pointing to two different file paths have the same NSURLFileResourceIdentifierKey? Could it be related to https://developer.apple.com/forums/thread/813641 ? One url in the check lived at the same file path as the other url at one time (but no longer does). No symlinks or anything going on. Just plain directory urls. And YES calling -removeCachedResourceValueForKey: with NSURLFileResourceIdentifierKey causes proper result of NSURLRelationshipOther to be returned. And I'm doing the check on a background queue.

I developed a cloud drive using fskit, but after mounting it, it did not appear in the Finder sidebar and the disk tool could not list it. How should I adapt? The mounting looks successful, and you can also open and see the fixed files I wrote in the code. I have also turned on the Finder sidebar settings function

A macOS privileged helper tool that uses SubProcess crashes on intel Macs (running macOS 13 - 15: unable to test on macOS 26 on intel) with the error that libswiftCompatibilitySpan.dylib cannot be loaded when built with XCode 26.3. The same helper tool works as expected with XCode 26.2. The helper is installed using SMAppService. When I remove the dependency for SubProcess, the crash no longer occurs (but important functionality is also disabled).

Environment: macOS 26.3 (25D125) Terminal.app 2.15 (466) Apple Silicon Input method: Japanese (Romaji) - built-in Kotoeri Issue: Terminal.app crashes consistently when typing Japanese text using the built-in Japanese input method (Romaji) and the input line wraps beyond the terminal width. Steps to Reproduce: Open Terminal.app with default profile (Basic) Set terminal window width to ~80 columns Start typing Japanese text using macOS built-in Japanese input (Romaji) Continue typing until the text wraps to the next line Wait a few seconds after the wrap occurs Terminal.app crashes Key info from crash report: Crash thread name: (input method 992 com.apple.inputmethod.Kotoeri.RomajiTyping) ASI: BUG IN CLIENT OF LIBMALLOC: memory corruption of free block Exception: EXC_BREAKPOINT (SIGTRAP) Stack trace involves: IMKInputSession_Modern setMarkedText → SendTextInputEvent → NSTextInputContext The crash occurs in _xzm_xzone_malloc_freelist_outlined called from _CFRuntimeCreateInstance → __CFStringCreateImmutableFunnel3 → +[NSString stringWithUTF8String:] Notes: Does NOT occur with paste input, only with live IME typing Does NOT occur with ASCII-only input Reproducible multiple times per week with normal Japanese usage iTerm2 does not exhibit this issue The crash appears to be a use-after-free or buffer miscalculation in Terminal.app's handling of marked text (未確定文字列) during line wrapping Has anyone else experienced this? Any known workarounds other than switching to iTerm2?

Mounting NFS to the application's own container directory using NetFSMountURLSync failed. Mounted to /Users/li/Library/Containers/com.xxxxx.navm.MyNavm/Data/Documents/NFSMount Do sandbox applications not allow mounting NFS cloud storage? code: // 1. NFS 服务器 URL（指定 NFSv3） let urlString = "nfs://192.168.64.4/seaweed?vers=3&resvport&nolocks&locallocks&soft&intr&timeo=600" guard let nfsURL = URL(string: urlString) else { os_log("❌ 无效的 URL: %@", log: netfsLog, type: .error, urlString) return } // 2. 挂载点（必须在沙盒容器内） let fileManager = FileManager.default guard let documentsURL = fileManager.urls(for: .documentDirectory, in: .userDomainMask).first else { os_log("❌ 无法获取 Documents 目录", log: netfsLog, type: .error) return } let mountPointURL = documentsURL.appendingPathComponent("NFSMount", isDirectory: true) // 创建挂载点目录 do { try fileManager.createDirectory(at: mountPointURL, withIntermediateDirectories: true, attributes: nil) os_log("✅ 挂载点目录已准备: %@", log: netfsLog, type: .info, mountPointURL.path) } catch { os_log("❌ 创建挂载点目录失败: %@", log: netfsLog, type: .error, error.localizedDescription) return } // 3. 挂载选项（使用 NSMutableDictionary 以匹配 CFMutableDictionary） let mountOptions = NSMutableDictionary() // 如果需要，可以添加选项，例如： // mountOptions[kNetFSNoUserAuthenticationKey as String] = true // 4. 调用 NetFSMountURLSync var mountPoints: Unmanaged<CFArray>? = nil let status = NetFSMountURLSync( nfsURL as CFURL, mountPointURL as CFURL, nil, // user nil, // password nil, // open_options mountOptions, // 直接传递 NSMutableDictionary，自动桥接为 CFMutableDictionary &mountPoints ) log: 0 sandboxd: (TCC) [com.apple.TCC:cache] REMOVE: (kTCCServiceSystemPolicyAppData, <Credential (0x7ed0b4230) | Audit Token, 42834.109774/501>) 2026-03-03 21:38:27.656702+0800 0x2de8d8 Info 0x867e9d 408 0 sandboxd: (TCC) [com.apple.TCC:cache] SET: (kTCCServiceSystemPolicyAppData, <Credential (0x7ed0b4230) | Audit Token, 42834.109774/501>) -> <Authorization Record (0x7ecca8180) | Service: kTCCServiceSystemPolicyAppData, AuthRight: Unknown, Reason: None, Version: 1, Session pid: 42832, Session pid version: 109769, Boot UUID: 7DDB03FC-132C-4E56-BA65-5C858D2CC8DD, > 2026-03-03 21:38:27.656753+0800 0x2de8d8 Default 0x867e9d 408 0 sandboxd: (libxpc.dylib) [com.apple.xpc:connection] [0x7ecc88640] invalidated after the last release of the connection object 2026-03-03 21:38:27.656772+0800 0x2de8d8 Debug 0x867e9b 408 0 sandboxd: (TCC) [com.apple.TCC:access] disposing: 0x7ecc3aa80(OS_tcc_message_options) 2026-03-03 21:38:27.656779+0800 0x2de8d8 Debug 0x867e9b 408 0 sandboxd: (TCC) [com.apple.TCC:access] disposing: 0x7ecc44820(OS_tcc_server) 2026-03-03 21:38:27.656788+0800 0x2de8d8 Info 0x867e9b 408 0 sandboxd: [com.apple.sandbox:sandcastle] kTCCServiceSystemPolicyAppData would require prompt by TCC for mount_nfs

Hi, I'm encountering a weird issue on iOS that happens: for files with diacritics in their name, like "Gòmez.pdf" or "Télé.mp4", when the iPhone or iPad main language is not set to English, if the file has been created with a relatively low-level Unix function like fopen() or copyfile(). Then, the file cannot be previsualized using QuickLook or opened using other apps. Most of the time it fails silently, but on some occasions I get the following error message: "You do not have permission to save the file "filename.pdf" in the folder "myFolder"". The issue is present in, at least, iOS 16 and 26. It seems worse in iOS 26. It seems that all three conditions are required, I don't see the issue when the iPhone or iPad is set to use English as the main language. I also don't see the issue if I rename the files in the Files app. I'm probably doing something wrong, but what can it be? (it's kind of weird that my recommendation for users becomes: if you want to use international characters in your file names, you need to set the iPad language to English...)

Is there an FSKit sample available? I have tried sample code from https://github.com/KhaosT/FSKitSample on macOS Tahoe 26. I am able to compile the code, with signed/unsigned code, the mount always hangs on Apple Silicon macOS Tahoe 26. Here is the mount script: mkfile -n 100m dummy // create a dummy file hdiutil attach -imagekey diskimage-class=CRawDiskImage -nomount dummy // mount the newly created file as a raw block device mkdir /tmp/TestVol mount -F -t MyFS diskX /tmp/TestVol Any idea why the mount hangs.

Hi， Apps crashed when GCDAsyncSocket closeWithError，since iOS 16 。 Crash stack like this： Hardware Model: iPhone10,1 Code Type: ARM-64 (Native) Parent Process: [1] Date/Time: 2022-06-09 08:59:02.201 +0800 OS Version: 16.0 (20A5283p) Report Version: 104 Last Exception : 0 libsystem_platform.dylib 0x000000021bc1f08c 0x000000021bc19000 + 24716 1 libsystem_platform.dylib 0x000000021bc19898 0x000000021bc19000 + 2200 2 CoreFoundation 0x00000001a4dfa3e0 CFSocketInvalidate + 132 3 CFNetwork 0x00000001a5667830 _CFNetworkErrorGetLocalizedDescription + 307856 4 CoreFoundation 0x00000001a4d55f4c CFArrayApplyFunction + 72 5 CFNetwork 0x00000001a56453ac _CFNetworkErrorGetLocalizedDescription + 167436 6 CoreFoundation 0x00000001a4d5d118 0x00000001a4d49000 + 82200 7 CoreFoundation 0x00000001a4dfa718 CFSocketInvalidate + 956 8 CFNetwork 0x00000001a5651e84 _CFNetworkErrorGetLocalizedDescription + 219364 9 CoreFoundation 0x00000001a4d631d4 0x00000001a4d49000 + 106964 10 *** 0x000000010c1bc490 -[GCDAsyncSocket closeWithError:] + 260 11 *** 0x000000010c1c0b54 -[GCDAsyncSocket doReadEOF] + 360 12 *** 0x000000010c1bf1fc __69-[GCDAsyncSocket setupReadAndWriteSourcesForNewlyConnectedSocket:]_block_invoke + 88 13 libdispatch.dylib 0x00000001a4a330f4 0x00000001a4a2f000 + 16628 14 libdispatch.dylib 0x00000001a4a36584 0x00000001a4a2f000 + 30084 15 libdispatch.dylib 0x00000001a4a49b04 0x00000001a4a2f000 + 109316 16 libdispatch.dylib 0x00000001a4a3a684 0x00000001a4a2f000 + 46724 17 libdispatch.dylib 0x00000001a4a3b2f8 0x00000001a4a2f000 + 49912 18 libdispatch.dylib 0x00000001a4a45ebc 0x00000001a4a2f000 + 93884 19 libsystem_pthread.dylib 0x000000021bc210a8 _pthread_wqthread + 288

I’m encountering a strange, sporadic error in FileManager.replaceItemAt(_:withItemAt:) when trying to update files that happen to be stored in cloud containers such as iCloud Drive or Dropbox. Here’s my setup: I have an NSDocument-based app which uses a zip file format (although the error can be reproduced using any kind of file). In my NSDocument.writeToURL: implementation, I do the following: Create a temp folder using FileManager.url(for: .itemReplacementDirectory, in: .userDomainMask, appropriateFor: fileURL, create: true). Copy the original zip file into the temp directory. Update the zip file in the temp directory. Move the updated zip file into place by moving it from the temp directory to the original location using FileManager.replaceItemAt(_:withItemAt:). This all works perfectly - most of the time. However, very occasionally I receive a save error caused by replaceItemAt(_withItemAt:) failing. Saving can work fine for hundreds of times, but then, once in a while, I’ll receive an “operation not permitted” error in replaceItemAt. I have narrowed the issue down and found that it only occurs when the original file is in a cloud container - when FileManager.isUbiquitousItem(at:) returns true for the original fileURL I am trying to replace. (e.g. Because the user has placed the file in iCloud Drive.) Although strangely, the permissions issue seems to be with the temp file rather than with the original (if I try copying or deleting the temp file after this error occurs, I’m not allowed; I am allowed to delete the original though - not that I’d want to of course). Here’s an example of the error thrown by replaceItemAt: Error Domain=NSCocoaErrorDomain Code=513 "You don’t have permission to save the file “test-file.txt” in the folder “Dropbox”." UserInfo={NSFileBackupItemLeftBehindLocationKey=file:///var/folders/mt/0snrr8fx7270rm0b14ll5k500000gn/T/TemporaryItems/NSIRD_TempFolderBug_y3UvzP/test-file.txt, NSFileOriginalItemLocationKey=file:///var/folders/mt/0snrr8fx7270rm0b14ll5k500000gn/T/TemporaryItems/NSIRD_TempFolderBug_y3UvzP/test-file.txt, NSURL=file:///Users/username/Library/CloudStorage/Dropbox/test-file.txt, NSFileNewItemLocationKey=file:///Users/username/Library/CloudStorage/Dropbox/test-file.txt, NSUnderlyingError=0xb1e22ff90 {Error Domain=NSCocoaErrorDomain Code=513 "You don’t have permission to save the file “test-file.txt” in the folder “NSIRD_TempFolderBug_y3UvzP”." UserInfo={NSURL=file:///var/folders/mt/0snrr8fx7270rm0b14ll5k500000gn/T/TemporaryItems/NSIRD_TempFolderBug_y3UvzP/test-file.txt, NSFilePath=/var/folders/mt/0snrr8fx7270rm0b14ll5k500000gn/T/TemporaryItems/NSIRD_TempFolderBug_y3UvzP/test-file.txt, NSUnderlyingError=0xb1e22ffc0 {Error Domain=NSPOSIXErrorDomain Code=1 "Operation not permitted"}}}} And here’s some very simple sample code that reproduces the issue in a test app: // Ask user to choose this via a save panel. var savingURL: URL? { didSet { setUpSpamSave() } } var spamSaveTimer: Timer? // Set up a timer to save the file every 0.2 seconds so that we can see the sporadic save problem quickly. func setUpSpamSave() { spamSaveTimer?.invalidate() let timer = Timer(fire: Date(), interval: 0.2, repeats: true) { [weak self] _ in self?.spamSave() } spamSaveTimer = timer RunLoop.main.add(timer, forMode: .default) } func spamSave() { guard let savingURL else { return } let fileManager = FileManager.default // Create a new file in a temp folder. guard let replacementDirURL = try? fileManager.url(for: .itemReplacementDirectory, in: .userDomainMask, appropriateFor: savingURL, create: true) else { return } let tempURL = replacementDirURL.appendingPathComponent(savingURL.lastPathComponent) guard (try? "Dummy text".write(to: tempURL, atomically: false, encoding: .utf8)) != nil else { return } do { // Use replaceItemAt to safely move the new file into place. _ = try fileManager.replaceItemAt(savingURL, withItemAt: tempURL) print("save succeeded!") try? fileManager.removeItem(at: replacementDirURL) // Clean up. } catch { print("save failed with error: \(error)") // Note: if we try to remove replaceDirURL here or do anything with tempURL we will be refused permission. NSAlert(error: error).runModal() } } If you run this code and set savingURL to a location in a non-cloud container such as your ~/Documents directory, it will run forever, resaving the file over and over again without any problems. But if you run the code and set savingURL to a location in a cloud container, such as in an iCloud Drive folder, it will work fine for a while, but after a few minutes - after maybe 100 saves, maybe 500 - it will throw a permissions error in replaceItemAt. (Note that my real app has all the save code wrapped in file coordination via NSDocument methods, so I don’t believe file coordination to be the problem.) What am I doing wrong here? How do I avoid this error? Thanks in advance for any suggestions.

I have this code in my Virutalization application let process = Process() process.executableURL = URL(fileURLWithPath: "/usr/sbin/diskutil") process.arguments = ["image", "create", "blank", "--fs", "none", "--format", "ASIF", "--size", "2GiB", url.path ] try process.run() process.waitUntilExit() if process.terminationStatus == 0 { print("✅ Disk image creation succeeded.") } else { print("❌ Disk image creation failed with exit code \(process.terminationStatus)") } } catch { print("Process failed to launch: \(error.localizedDescription)") return } this code was working fine until Tahoe 26.2. with the update of 26.3 the system freezes at process.waitUntilExit() The code never exits and i get beech balls. This is working fine with intel macs. i am getting the problem in apple silicon m4 mac mini. Any help would be appreciated.

We’re evaluating a Bluetooth device that supports Hands Free Profile (HFP) as the “Hands-Free Unit”. You can think of this as a Bluetooth telephone headset. This device interacts with our iOS application. We observed the following. The iPhone 17 HFP Wide-Band Speech (WBS) mSBC decoder requires the WBS packet (H2 header + mSBC frame) to be sent aligned. Aligned meaning, the H2 header must be first in every packet. The WBS packet cannot span multiple eSCO packets or else the iPhone will discard the audio. This is a different implementation than the iPad (iPad Pro 11-inch M4) , presumably due to Apple’s new N1 chip. In other words, we’ve identified that older iPhones and iPads do not require this alignment. They have implemented a stateful parser/decoder of the HFP WBS audio. A quick picture to help illustrate. The iPhone 17 requires: | Frame | Frame | Frame | Frame | However, a Bluetooth implementation we are evaluating does: | me Fra | me Fra | me Fra | me Fra | Does Apple intend to keep this implementation and continue discarding audio frames that are not aligned? Page 115 of the Bluetooth HFP 1.8 specification mentions at the bottom that this behavior is “left up to the implementation” but that the “synchronization header enables unaligned codec audio frames to be recovered by the receiving side.” We understand and acknowledge that one whole frame per eSCO packet is the intended, optimal method for delivering WBS mSBC audio for reduced jitter, latency, and memory usage. However, the more robust solution would be to maintain a stateful receiver as previously implemented. Any input would be appreciated.

Rosetta 2 Deadlock on M4 Pro January 2026 Blizzard update causes a deadlock in Rosetta 2 on M4 chips. CodeWeavers (the developer of CrossOver) has analyzed the issue and identified it as a Rosetta translation failure, not a CrossOver application-level bug. Hardware: M4 Pro Mac Book Pro System: Tahoe 26.2 Impacted Software: CrossOver 25.1.1 Diablo II: Resurrected

Several of my users are reporting on at lest recent and current versions of iOS the value from one characteristic can be swapped with another. Originally I thought this was a library issue but it doesn't happen on Android and now a user with two iPhones using the exact same app and iOS 26.3 on both has the issue on one phone but not the other. I've gone into more detail here which also includes a little data dumping to prove the values between characteristics can be mixed up. https://github.com/dotintent/react-native-ble-plx/issues/1316 One user reported cycling Bluetooth on/off fixed the issue but the latest user says it does not. For the peripheral the services can only change if the device enters firmware update mode (in which case the service UUID is different). Otherwise the characteristics on a service never change. This would make it a strange one to be caching related since the cache should always be correct.

Hello, We're seeing a high rate of providerDidReset callbacks in production across a large user base (iOS 16, 17, 18, and 26). I'd like to understand both the correct way to handle this delegate method and strategies to reduce its frequency. Background The callback occurs across all iOS versions we support and is not isolated to a specific device or region. The callback can occur in any app state (foreground, background, inactive), however it is most dominant in the background state — particularly during VoIP push notification handling. The callback is more prevalent during long app sessions — for example, when the app has been running continuously for a day or overnight. We do not call CXProvider.invalidate() anywhere in our codebase explicitly. After providerDidReset fires, subsequent transactions fail with CXErrorCodeRequestTransactionErrorUnknownCallUUID (error code 4). Re-initializing the provider via initializeProvider() resolves this error. Our Implementation We use a singleton proxy class (CallKitProxy) that owns the CXProvider. Below is a simplified version — some logging and non-essential parts have been removed for brevity. @objcMembers public final class CallKitProxy: NSObject { private var cxProvider: CXProvider? private let cxCallController: CXCallController private let cxCallObserver: CXCallObserver private override init() { cxCallObserver = CXCallObserver() cxCallController = CXCallController() super.init() initializeProvider() cxCallObserver.setDelegate(self, queue: nil) } private func initializeProvider() { let configuration = providerConfiguration() cxProvider = CXProvider(configuration: configuration) cxProvider?.setDelegate(self, queue: nil) } private func providerConfiguration() -> CXProviderConfiguration { let soundName = SharedUDHelper.shared.string(forKey: .pushNotificationSoundNameForCall) let sound = CallNotificationSounds(name: soundName ?? "ringtoneDefault") let configuration = CXProviderConfiguration() configuration.supportsVideo = true configuration.maximumCallsPerCallGroup = 1 configuration.maximumCallGroups = 1 configuration.supportedHandleTypes = [.phoneNumber, .generic] configuration.iconTemplateImageData = UIImage( named: "callkit_mask", in: .main, compatibleWith: nil )?.pngData() configuration.ringtoneSound = sound.name return configuration } public func requestTransaction( action: CXCallAction, completion: @escaping (Error?) -> Void ) { let transaction = CXTransaction(action: action) cxCallController.request(transaction) { error in completion(error) } } } extension CallKitProxy: CXProviderDelegate { public func providerDidReset(_ provider: CXProvider) { // End any active calls, then re-initialize the provider initializeProvider() } } Questions 1. Is re-initializing the provider inside providerDidReset the correct approach? The documentation states that providerDidReset signals the provider has been reset and all calls should be considered terminated. Should we be calling CXProvider.invalidate() on the old instance before creating a new one? Or is assigning a new CXProvider to cxProvider (which releases the old instance) sufficient? 2. What could be causing providerDidReset to fire so frequently, and how can we reduce it? We're particularly concerned about cases triggered during VoIP push handling in the background and inactive states. Are there known conditions — such as provider configuration changes, app lifecycle events, or system memory pressure — that commonly trigger this callback? And are there any recommended patterns to make the provider more resilient in these scenarios? Thank you.

https://developer.apple.com/feedback-assistant/profiles-and-logs/ There is no iOS profile in this link.

As a part of the video editing app I’m working on, I want to efficiently copy a folder of resources on the same (local) filesystem. Because iOS is on APFS, cloning (CoW) is an option. I read the documentation for clonefile(2) which states that cloning a folder works but is strongly discouraged. I did a small sample project which demonstrates that using clonefile on a folder works correctly and is 10× faster than using FileManager’s copyItem method. My questions: The main one I’m interested in: Why is using clonefile for a folder strongly discouraged? Is FileManager using cloning behind the scenes? Or more exactly how guaranteed are we it will use it? (I know it does, I tried manually cping the resources and it was thousands of times slower.)

I set the value of NSURLHasHiddenExtensionKey. I provide a textfield to rename a file and I set this flag based on whether the user has deleted or left on the path extension. So -setResourceValue:forKey:error: returns YES, does not populate the error, but does not honor the value I just set it to. I'm always setting it off the main thread on the same serial queue. Works the first time I rename the file then it just starts failing (silently). For example: NSError *setError = nil; if ([theURL setResourceValue:@(NO) forKey:NSURLHasHiddenExtensionKey error:&setError]) { [theURL removeAllCachedResourceValues]; NSNumber *freshRead = nil; NSError *getError = nil; if ([theURL getResourceValue:&freshRead forKey:NSURLHasHiddenExtensionKey error:&getError]) { if (freshRead.boolValue) { NSLog(@"it is yes when it should be NO."); } } if (getError != nil) { NSLog(@"Get error: %@",getError); } } if (setError != nil) { NSLog(@"Set error: %@",setError); } While I get that it is possible for there to be other apps setting this value at the same time as my app, doesn't really seem possible in my local environment right now. No errors log out but "it is yes when it should be NO." does log out.

Hi, I’m implementing ePassport reading in an iOS app using a third-party KYC identity verification SDK (the SDK handles the NFC logic internally). Before adding any specific AID, the NFC session would start normally and iOS showed the system popup asking the user to hold the passport near the device. However, the passport was never read , the session just stayed there with no progress or data returned. I then tried enabling the ICAO ePassport AID: A0000002471001 After adding this, the build failed with the following signing error: Provisioning profile "iOS Team Provisioning Profile: com.sandrotbilisi.DigitalCurrency" doesn't include the com.apple.developer.nfc.readersession.iso7816.select-identifiers entitlement. Has anyone encountered this behavior when working with ePassports? Do I need special entitlement approval from Apple for this AID? Thank you.

We are observing a reproducible issue on some (not all) iPad models equipped with A16, where BLE streaming from multiple peripherals at ≥33–40 Hz results in uneven packet distribution, burst delivery, and application-level lag. The same application, peripherals, firmware, iOS version, and physical environment do not exhibit this behaviour on A14-based iPads (iPad 10). Affected Hardware: • iPad 11" with A16 • iOS versions: identical across tested devices • Issue affects some devices of the same model, not all Internal field data • ~25 affected • ~5 unaffected • Customers actively prefer iPad 10 (A14) due to stability When two or more BLE peripherals stream data concurrently at frequencies ≥33–40 Hz, affected iPads exhibit: • Uneven packet arrival timing • Burst delivery instead of uniform intervals • Increasing latency over time • Observable application-level lag This does not present as simple packet loss. Instead, packets arrive in clusters, breaking real-time assumptions. At ≤30–33 Hz, the issue does not reproduce. We tested: • One affected iPad 11 • One unaffected iPad 11 • Same iOS version • Same app build • Same peripherals • Same firmware • Same physical location • Same Wi-Fi state Only the affected device reproduces the issue. This rules out: • App logic • Peripheral firmware • iOS version • Environmental RF noise • Wi-Fi coexistence configuration Evidence Available We can provide: • Screenshots from a minimal test app showing packet counts • CSV files of packet timestamps • Source code for the BLE test app • Side-by-side comparison logs (affected vs unaffected device) All evidence is from the same app, built solely to measure packet timing. Additional Technical Notes • Issue persists after factory reset • Occurs without third-party BLE libraries (CoreBluetooth only) • Occurs regardless of foreground/background state • Not correlated with MTU size • Appears threshold-based (~33–40 Hz) • Appears device-specific, not model-wide

macOS 26.4 Beta appears to have changed how built-in MacBook keyboard events are routed through IOHIDSystem. Third-party virtual HID devices loaded via DriverKit no longer receive events from the built-in keyboard. External keyboards are unaffected. This is already confirmed across multiple users: https://github.com/pqrs-org/Karabiner-Elements/issues/4402 One possible lead (from LLM-assisted code analysis, not independently verified): this could be related to a security policy referred to as com.apple.iohid.protectedDeviceAccess, which may block IOHIDDeviceOpen for the Apple Internal Keyboard via SPI transport (AppleHIDTransportHIDDevice). A "GamePolicy" check in IOHIDDeviceClass.m that gates HID device access could be involved. This is a hint, not a confirmed root cause. The impact goes well beyond a single project. Keyboard remapping on macOS is a thriving ecosystem — used for accessibility, ergonomics, developer productivity, and multilingual input. This is one of macOS's strengths as a platform. Many professionals specifically choose Mac because this level of customization is possible. If this capability is being removed without an alternative, it would significantly diminish what makes macOS attractive for power users and developers. Is this an intentional architectural change to the input event pipeline for built-in keyboards, or a beta regression? If intentional, what is the recommended alternative for developers?