Plan to introduce

In order to solve the problem after the Native module is online, mPaaS provides the hot repair function to realize the hot repair in the scenario that the client APK is not released. Currently, Android hot fixes mainly include Andfix and DexPatch. Considering the version compatibility of AndFix, DexPatch is recommended.

The repair principle of DexPatch is simple, that is, after startup, the ADDRESS of the JAR package to be delivered is pulled by RPC, and the JAR package file is downloaded through an independent process, and saved after downloading. During the secondary startup, the classLoader of hook system modifies the DexPathList and adds a dex file with a modified class to the front of its array, so that it blocks the loading of the class with the same name in the dex file behind the array.

As shown in the following figure, the classloader will load ding. class in patch. dex in preference to ding. class in class. dex.

Based on this principle, DexPatch has the following characteristics:

In terms of the supported scope: it is class-based replacement, so only the Patch of Java module is supported, not the patch of non-Java module, such as so module.
Compatibility: because it is the ClassLoader acting the system, less black technology is used, so the overall compatibility of the scheme is good;
In terms of effectiveness: The patch can take effect only after being downloaded and restarted.
Success rate: Since the download is an independent process, the impact of the flash backoff of the main process on patch download is reduced and the success rate of download is improved.

Instructions for

The following are the main steps of using DexPatch module in mPaaS and troubleshooting ideas, which are convenient for daily development of developers.

1. Trigger the patch pull

During the startup phase, mphotpatch.init () is called to trigger THE RPC request for Patch information. If the Patch publishing rule is matched, the RPC will return the jar download address of Patch, and the client will trigger the download. Save the download file to the client private directory /data/user/0/ package name /dexpatch/patch/.

2. Code operation demonstration

This section uses componentized access as an example to describe the Patch release process.

(1) Before the code changes

Need to save the changes to the former building products, convenient and subsequent Patch formation, address in: build/intermediates/bundle/XXXX – raw. The jar

(2) After the code changes

Recompile, save building products, product address: build/intermediates/bundle/XXXX – raw. The jar

(3) Generate the whitelist configuration

The configuration file is in. TXT format. The configuration file should contain the following information in sequence:

Class that requires Patch. Starts with L, followed by the obfuscated real class name. If there are multiple classes, you can write only one class per line. Example: lxxx.xxx. clazzX Set the Patch type to dexpatch. Example: PatchType: dexpatch

Set whether the Bundle is static. The default value is false, or explicitly set to true for statically linked bundles. Example:HostDex: true(* Currently mPaaS client modules are generally in static links, generally write true)

(4) View the signature

The packaging secret key of the project is needed to generate patch, which needs to be prepared in advance. The corresponding configuration can be found under the packaging step

(5) Generate patch

① Through the IDE tool of mPaaS, click hot Repair to enter the repair page.

② Fill in the addresses of the jar packages prepared before and after the repair and whitelist configuration files as prompted, select dexPatch, and go to the next step

3. Next, select the packaged configuration file and click to finish generating the Patch file

(6) Generation of patch products

The patch products generated are as follows:

To view the product, you can use the dex2jar tool to reverse solve the diff. Dex file, and use the JD-gui file to check whether the reverse solution meets the expectations

After the reverse solution, you can see the modified module:

(7) Upload and publish

① Select the jar package in the previous step and upload it

(2) After the patch is uploaded, it can be published through a whitelist to verify the stability of the patch

(8) Verify the download

After the whitelist is published, start the client and search for the keyword DynamicRelease. You can see that there are logs in the Tool process that trigger the download.

What needs to be explained here is that the download of patch triggered here is in the tool process. The main reason is that patch cannot be downloaded successfully due to the repeated flash backoff caused by the startup of the main process, so it is downloaded separately in the Tool process to improve the successful download ratio of patch as much as possible.

Then go to download directory view, whether to download successfully saved, download directory in: / data/user / 0 / package/dexpatch/patch / 20201023110012 @20201023110012.jar

(9) Start the kill process

After confirming the successful download and saving, kill the App and restart it to check whether it takes effect. After restarting, you can search for keywords

DexPatchManager, check the log of patch taking effect, and the log will print whether the current patch exists and whether the patch is loaded.

At the same time, we can also verify the actual service scenario to check whether it takes effect.

Q&A

1. Patch does not take effect after aar mode integration

When aar mode is integrated, it is necessary to inherit the QuinoxlessApplication of the framework and specify Application as the implementation class of the framework to realize dexPatch loading. QuinoxlessApplication mainly encapsulates the initialization and loading of dexPatch module.

2. It does not take effect after hardening

You need to use the apK before hardening to generate patches, but cannot use the package after hardening to generate patches. Then you need to verify compatibility across different hardening vendors.

3. Apache HTTP related crash occurred in RPC related calls after hot repair.

Use the Android official website to import the Apache HTTP client. Do not import jar packages or gradle implementation/compile to the Apache HTTP client. Otherwise, the classloader will be confused when loading classes.

Suggestions:

<uses-library android:name="org.apache.http.legacy" android:required="false"/>
Copy the code

E.N.D.

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Technology of dry goods | depth deconstruction Android applications when facing emergency release the saviour of scheme: mPaaS hot fix – DexPatch

Plan to introduce