You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Follow-up to the tracking-architecture review (P0) and PR #222.
PR #222 switched user-initiated sessions to START_REDELIVER_INTENT (so Android re-delivers the original intent after a system kill) and added ApplicationExitInfo exit classification. That covers the common system-kill-and-redeliver path, but two gaps remain that need on-device validation before merging (restart-loop / battery safety can't be checked from a compile):
Remaining work
Durable active-session descriptor. Persist the active session (user-initiated / ambient / tier) to a durable store (e.g. TrackingTogglesDataStore or a small dedicated DataStore) on start, clear it on graceful stop. Use it in TrackerService.onStartCommand's null-intent path so a user session can resume even when START_REDELIVER_INTENT did not redeliver (e.g. after a full process death where the in-memory sessionInfo / controller.sessionInfoFlow are gone).
Restart watchdog. In onTaskRemoved() / onDestroy(), for user-initiated sessions, broadcast to a TrackerRestartReceiver that calls startForegroundService() (a BroadcastReceiver.onReceive is an allowed FGS-start context). Pattern: GPSLogger RestarterReceiver.
Crash-informed recovery wiring. Use the ApplicationExitInfo reason added in PR feat(tracker): resilient user-session restart + previous-exit classification #222: on REASON_LOW_MEMORY/SIGNALED/CRASH/ANR → enqueue an expedited WAL-drain OneTimeWorkRequest so orphaned pending_signal rows are flushed even if TrackerService does not restart; on REASON_USER_REQUESTED → suppress auto-restart.
ApplicationStartInfo.wasForceStopped() (API 35+) guard in BootReceiver/startup to skip auto-restart and lock re-arming after a user force-stop.
Validation required (adb)
am force-stop → must NOT auto-restart (respect user).
kill $(pidof …) / am kill → user session restarts via watchdog; WAL drained, no restart loop.
reboot → locks restored; tracking re-armed via PendingIntent.
Context
Follow-up to the tracking-architecture review (P0) and PR #222.
PR #222 switched user-initiated sessions to
START_REDELIVER_INTENT(so Android re-delivers the original intent after a system kill) and addedApplicationExitInfoexit classification. That covers the common system-kill-and-redeliver path, but two gaps remain that need on-device validation before merging (restart-loop / battery safety can't be checked from a compile):Remaining work
TrackingTogglesDataStoreor a small dedicated DataStore) on start, clear it on graceful stop. Use it inTrackerService.onStartCommand's null-intent path so a user session can resume even whenSTART_REDELIVER_INTENTdid not redeliver (e.g. after a full process death where the in-memorysessionInfo/controller.sessionInfoFloware gone).onTaskRemoved()/onDestroy(), for user-initiated sessions, broadcast to aTrackerRestartReceiverthat callsstartForegroundService()(aBroadcastReceiver.onReceiveis an allowed FGS-start context). Pattern: GPSLoggerRestarterReceiver.ApplicationExitInforeason added in PR feat(tracker): resilient user-session restart + previous-exit classification #222: onREASON_LOW_MEMORY/SIGNALED/CRASH/ANR→ enqueue an expedited WAL-drainOneTimeWorkRequestso orphanedpending_signalrows are flushed even ifTrackerServicedoes not restart; onREASON_USER_REQUESTED→ suppress auto-restart.ApplicationStartInfo.wasForceStopped()(API 35+) guard inBootReceiver/startup to skip auto-restart and lock re-arming after a user force-stop.Validation required (adb)
am force-stop→ must NOT auto-restart (respect user).kill $(pidof …)/am kill→ user session restarts via watchdog; WAL drained, no restart loop.reboot→ locks restored; tracking re-armed via PendingIntent.dumpsys deviceidle force-idle→ FGS survives.References
Reference: report sections P0; GPSLogger
RestarterReceiver, OsmAndNavigationService.onTaskRemoved.