How to fix FGS Security Exception crash in Foreground service (including Android Auto CarAppService)

by

Summary

The FGS Security Exception crash in Foreground services, including Android Auto CarAppService, occurs when a foreground service with a location type is launched in the background without the required always allow location permission. This crash is logged on Crashlytics for some users, although it may not be reproducible.

Root Cause

The root cause of this crash is due to the following reasons:

  • Foreground service with location type launched in the background
  • Lack of always allow location permission
  • Incompatibility with Android Auto CarAppService

Why This Happens in Real Systems

This crash happens in real systems because:

  • Users may not grant the always allow location permission
  • Foreground services may be launched in the background due to various system events
  • Android Auto CarAppService has different lifecycle and permission requirements

Real-World Impact

The real-world impact of this crash includes:

  • App crashes and instability
  • Poor user experience
  • Potential data loss or corruption
  • Negative reviews and ratings on the app store

Example or Code (if necessary and relevant)

// Check if the service is running in the foreground
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.S) {
    if (!isForegroundServiceAllowed()) {
        // Handle the case where foreground service is not allowed
    }
}

// Check if the app has the always allow location permission
if (ContextCompat.checkSelfPermission(this, Manifest.permission.ACCESS_FINE_LOCATION) != PackageManager.PERMISSION_GRANTED) {
    // Request the always allow location permission
}

How Senior Engineers Fix It

Senior engineers fix this issue by:

  • Implementing a foreground check to ensure the service is not launched in the background
  • Requesting the always allow location permission
  • Handling the case where foreground service is not allowed
  • Using Android Auto specific CarAppService with its own lifecycle and permission requirements

Why Juniors Miss It

Juniors may miss this issue because:

  • Lack of understanding of foreground service restrictions
  • Inadequate testing of edge cases and system events
  • Insufficient knowledge of Android Auto CarAppService requirements
  • Failure to request the always allow location permission