Audit finding B2 — actual bug, MEDIUM.

LifecycleWatcher schedules session end with java.util.Timer (new Timer(true) / scheduleEndSession, sentry-android-core/src/main/java/io/sentry/android/core/LifecycleWatcher.java:106-122), sharing B1's mechanics:

• Device sleeps within the 30s background window → session ends only at wake; Session.end() stamps wake time → inflated session durations in release health. Replay stop() and ContinuousProfiler.close(false) also run hours late.
• The foreground check lastUpdatedSession + sessionIntervalMillis <= now is a wall-clock interval → a clock step causes spurious or missed session rotation.

Source: JAVA-557 §B2.