[Bug] EXC_BAD_ACCESS in libFirebaseCppApp initialisation when used with com.unity.xr.arkit on iOS15.

[AlkisFortuneFish]

Description

This is a separate ticket for issue 1268, with a repro project attached.

Submitting this so that the issue template is followed. We are getting an 100% reproducible EXC_BAD_ACCESS crash on loading the UnityFramework when using Unity 6, Firebase App, and the XR ARKit plugin, on iOS 15 only.

The call stack is:

Thread 1 Queue : com.apple.main-thread (serial)
#0 0x0000000000000000 in 0x00000000 ()
#1 0x000000010aede368 in type metadata completion function for RoomCaptureSessionView ()
#2 0x0000000185b07870 in swift::MetadataCacheEntryBase<(anonymous namespace)::SingletonMetadataCacheEntry, int>::doInitialization ()
#3 0x0000000185af8974 in swift_getSingletonMetadata ()
#4 0x000000010aed9164 in type metadata accessor for RoomCaptureSessionView ()
#5 0x000000010aede544 in ObjC metadata update function for RoomCaptureSessionView ()
#6 0x0000000198911908 in realizeAllClasses ()
#7 0x0000000198912c74 in objc_copyClassList ()
#8 0x000000010af1ce90 in firebase::util::ForEachAppDelegateClass ()
#9 0x000000010af26b5c in +[UIApplication(FIRFBI) load] ()
#10 0x00000001988fe8dc in load_images ()
#11 0x00000001046f99d4 in dyld4::RuntimeState::notifyObjCInit ()
#12 0x00000001046fdb54 in dyld4::Loader::runInitializersBottomUp ()
#13 0x0000000104703840 in dyld4::Loader::runInitializersBottomUpPlusUpwardLinks ()
#14 0x00000001046fd36c in dyld4::APIs::dlopen_from ()
#15 0x000000018116d29c in _CFBundleDlfcnLoadFramework ()
#16 0x0000000181100b3c in _CFBundleLoadExecutableAndReturnError ()
#17 0x00000001827cf030 in -[NSBundle loadAndReturnError:] ()
#18 0x000000010468fc2c in UnityFrameworkLoad at /Users/leonardodavinci/Desktop/CrashRepro/MainApp/main.mm:10
#19 0x000000010468fcb4 in main at /Users/leonardodavinci/Desktop/CrashRepro/MainApp/main.mm:25
#20 0x000000010470c4d0 in start ()

What appears to be happening is that the libFirebaseCppApp swizzle code calls objc_copyClassList. libUnityARKit contains classes that are not supported on iOS 15 and swiftlang issue 61215 results in those classes being instantiated.

Reproducing the issue

I have built a minimal repro. Firebase has been stripped to just libFirebaseCppApp with none of the Unity-side wrappers, the crash happens before engine initialisation.

• FirebaseARFoundationCrashRepro.zip
• Add a google services file.
• Build for iOS.
• Run on a device running iOS15. It does not reproduce on iOS 14, 16, 18.

Firebase Unity SDK Version

12.8.0

Unity editor version

6000.0.51

Installation Method

.unitypackage

Problematic Firebase Component(s)

All

Other Firebase Component(s) in use

In-App Messaging

Additional SDKs you are using

com.unity.xr.arkit:6.1.1

Targeted Platform(s)

Apple Platforms

Unity editor platform

Mac

Scripting Runtime

IL2CPP

Release Distribution Type

Pre-built SDK from https://firebase.google.com/download/unity

Relevant Log Output

2025-06-16 15:45:52.751074+0100 <redacted>[57788:2164193] Loading UIApplication category for Firebase App

Thread 1 Queue : com.apple.main-thread (serial)
#0 0x0000000000000000 in 0x00000000 ()
#1	0x000000010aede368 in type metadata completion function for RoomCaptureSessionView ()
#2	0x0000000185b07870 in swift::MetadataCacheEntryBase<(anonymous namespace)::SingletonMetadataCacheEntry, int>::doInitialization ()
#3	0x0000000185af8974 in swift_getSingletonMetadata ()
#4	0x000000010aed9164 in type metadata accessor for RoomCaptureSessionView ()
#5	0x000000010aede544 in ObjC metadata update function for RoomCaptureSessionView ()
#6	0x0000000198911908 in realizeAllClasses ()
#7	0x0000000198912c74 in objc_copyClassList ()
#8	0x000000010af1ce90 in firebase::util::ForEachAppDelegateClass ()
#9	0x000000010af26b5c in +[UIApplication(FIRFBI) load] ()
#10	0x00000001988fe8dc in load_images ()
#11	0x00000001046f99d4 in dyld4::RuntimeState::notifyObjCInit ()
#12	0x00000001046fdb54 in dyld4::Loader::runInitializersBottomUp ()
#13	0x0000000104703840 in dyld4::Loader::runInitializersBottomUpPlusUpwardLinks ()
#14	0x00000001046fd36c in dyld4::APIs::dlopen_from ()
#15	0x000000018116d29c in _CFBundleDlfcnLoadFramework ()
#16	0x0000000181100b3c in _CFBundleLoadExecutableAndReturnError ()
#17	0x00000001827cf030 in -[NSBundle loadAndReturnError:] ()
#18	0x000000010468fc2c in UnityFrameworkLoad at <redacted>/CrashRepro/MainApp/main.mm:10
#19	0x000000010468fcb4 in main at <redacted>/CrashRepro/MainApp/main.mm:25
#20	0x000000010470c4d0 in start ()

If using CocoaPods for Apple platforms, the project's Podfile.lock

Expand Podfile.lock snippet

PODS:
  - Firebase/Core (11.14.0):
    - Firebase/CoreOnly
    - FirebaseAnalytics (~> 11.14.0)
  - Firebase/CoreOnly (11.14.0):
    - FirebaseCore (~> 11.14.0)
  - FirebaseAnalytics (11.14.0):
    - FirebaseAnalytics/Default (= 11.14.0)
    - FirebaseCore (~> 11.14.0)
    - FirebaseInstallations (~> 11.0)
    - GoogleUtilities/AppDelegateSwizzler (~> 8.1)
    - GoogleUtilities/MethodSwizzler (~> 8.1)
    - GoogleUtilities/Network (~> 8.1)
    - "GoogleUtilities/NSData+zlib (~> 8.1)"
    - nanopb (~> 3.30910.0)
  - FirebaseAnalytics/Default (11.14.0):
    - FirebaseCore (~> 11.14.0)
    - FirebaseInstallations (~> 11.0)
    - GoogleAppMeasurement/Default (= 11.14.0)
    - GoogleUtilities/AppDelegateSwizzler (~> 8.1)
    - GoogleUtilities/MethodSwizzler (~> 8.1)
    - GoogleUtilities/Network (~> 8.1)
    - "GoogleUtilities/NSData+zlib (~> 8.1)"
    - nanopb (~> 3.30910.0)
  - FirebaseCore (11.14.0):
    - FirebaseCoreInternal (~> 11.14.0)
    - GoogleUtilities/Environment (~> 8.1)
    - GoogleUtilities/Logger (~> 8.1)
  - FirebaseCoreInternal (11.14.0):
    - "GoogleUtilities/NSData+zlib (~> 8.1)"
  - FirebaseInstallations (11.14.0):
    - FirebaseCore (~> 11.14.0)
    - GoogleUtilities/Environment (~> 8.1)
    - GoogleUtilities/UserDefaults (~> 8.1)
    - PromisesObjC (~> 2.4)
  - GoogleAdsOnDeviceConversion (2.0.0):
    - GoogleUtilities/Logger (~> 8.1)
    - GoogleUtilities/Network (~> 8.1)
    - nanopb (~> 3.30910.0)
  - GoogleAppMeasurement/Core (11.14.0):
    - GoogleUtilities/AppDelegateSwizzler (~> 8.1)
    - GoogleUtilities/MethodSwizzler (~> 8.1)
    - GoogleUtilities/Network (~> 8.1)
    - "GoogleUtilities/NSData+zlib (~> 8.1)"
    - nanopb (~> 3.30910.0)
  - GoogleAppMeasurement/Default (11.14.0):
    - GoogleAdsOnDeviceConversion (= 2.0.0)
    - GoogleAppMeasurement/Core (= 11.14.0)
    - GoogleAppMeasurement/IdentitySupport (= 11.14.0)
    - GoogleUtilities/AppDelegateSwizzler (~> 8.1)
    - GoogleUtilities/MethodSwizzler (~> 8.1)
    - GoogleUtilities/Network (~> 8.1)
    - "GoogleUtilities/NSData+zlib (~> 8.1)"
    - nanopb (~> 3.30910.0)
  - GoogleAppMeasurement/IdentitySupport (11.14.0):
    - GoogleAppMeasurement/Core (= 11.14.0)
    - GoogleUtilities/AppDelegateSwizzler (~> 8.1)
    - GoogleUtilities/MethodSwizzler (~> 8.1)
    - GoogleUtilities/Network (~> 8.1)
    - "GoogleUtilities/NSData+zlib (~> 8.1)"
    - nanopb (~> 3.30910.0)
  - GoogleUtilities/AppDelegateSwizzler (8.1.0):
    - GoogleUtilities/Environment
    - GoogleUtilities/Logger
    - GoogleUtilities/Network
    - GoogleUtilities/Privacy
  - GoogleUtilities/Environment (8.1.0):
    - GoogleUtilities/Privacy
  - GoogleUtilities/Logger (8.1.0):
    - GoogleUtilities/Environment
    - GoogleUtilities/Privacy
  - GoogleUtilities/MethodSwizzler (8.1.0):
    - GoogleUtilities/Logger
    - GoogleUtilities/Privacy
  - GoogleUtilities/Network (8.1.0):
    - GoogleUtilities/Logger
    - "GoogleUtilities/NSData+zlib"
    - GoogleUtilities/Privacy
    - GoogleUtilities/Reachability
  - "GoogleUtilities/NSData+zlib (8.1.0)":
    - GoogleUtilities/Privacy
  - GoogleUtilities/Privacy (8.1.0)
  - GoogleUtilities/Reachability (8.1.0):
    - GoogleUtilities/Logger
    - GoogleUtilities/Privacy
  - GoogleUtilities/UserDefaults (8.1.0):
    - GoogleUtilities/Logger
    - GoogleUtilities/Privacy
  - nanopb (3.30910.0):
    - nanopb/decode (= 3.30910.0)
    - nanopb/encode (= 3.30910.0)
  - nanopb/decode (3.30910.0)
  - nanopb/encode (3.30910.0)
  - PromisesObjC (2.4.0)

DEPENDENCIES:
  - Firebase/Core (= 11.14.0)

SPEC REPOS:
  trunk:
    - Firebase
    - FirebaseAnalytics
    - FirebaseCore
    - FirebaseCoreInternal
    - FirebaseInstallations
    - GoogleAdsOnDeviceConversion
    - GoogleAppMeasurement
    - GoogleUtilities
    - nanopb
    - PromisesObjC

SPEC CHECKSUMS:
  Firebase: 38f818b36ca01648fa78ec7402b4ee3076086c2b
  FirebaseAnalytics: d604dc875290f0213b9ead8a4692cf1e91e024d9
  FirebaseCore: 8fb12caed934c900218ce66a419107db74214ade
  FirebaseCoreInternal: 6a3b668197644aa858fc4127578637c6767ba123
  FirebaseInstallations: 863f2846bb124331b501d29c0f17f95caa2ef6bb
  GoogleAdsOnDeviceConversion: 5c3c8de58786e7d0a4bdecbd32c16f87d815cc9f
  GoogleAppMeasurement: 078fe9bfeed8e398253772ce81ef8690b0413b45
  GoogleUtilities: 00c88b9a86066ef77f0da2fab05f65d7768ed8e1
  nanopb: fad817b59e0457d11a5dfbde799381cd727c1275
  PromisesObjC: f5707f49cb48b9636751c5b2e7d227e43fba9f47

PODFILE CHECKSUM: 9fed3e0435a744c327cb325a27a530f4b33b030f

COCOAPODS: 1.15.2

[google-oss-bot]

I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.