ESP32-S3 BLE cannot be scanned by IOS provisioning app (IDFGH-7093)
Closed this issue · 19 comments
Environment
- Development Kit: ESP32-S3 Devkit C + ESP32-C3devKitC02
- IDF version v4.4 c29343e
Problem Description
ios provisioning app is not able to scan S3 but successfully scans C3.
Using ios 15.4 on Iphone SE + Galaxy S21
I picked C3 as comparisong because they both are BLE 5.0 chipsets.
Also, both examples are using the same BLE settings, with
Bluedroid - Dual mode selected, the rest is default.
Steps to reproduce
simply compile from
esp-idf\examples\provisioning\wifi_prov_mgr
for both C3 and S3, then flash devices.
C3 will popup in the BLE app for ios, S3 will not.
Both are visible in android BLE app.
i tried to increment the logs of BLE module to verbose but it didn't change anything.
Both modules are initialized on the same library and in the same way but still, one is seen and the other is not.
No useful log visible
Generated an app-related issue on the proper repo since it's unknown if issue is coming from chipset or app.
@KonssnoK Do you mean that the IOS app can't scan the adv packets of S3?
@Weijian-Espressif exactly.
Sadly i don't own a swift dev environment so i cannot test what is going on the provisioning app side of ios.
But trying to check the ScanResult of the android app i couldn't find any difference between C3 and S3.
Please test gatt_server example with your phone SE , check whether S3 BLE can be scaned and connect
- I managed to see it (that's new) once,
- but after i tried to connect with the provisioning app it gave a "pop" error.
- Then I reset the board,
- tried to scan with the Bluetooth of IOS -> no success
- Android still visible tho.
- Reflash with same file
- Still not visible on IOS.
If i try with android it just tells me "an app is needed to pair with this device"
More info:
- i restarted the iphone
- device visible in the IOS provisioning app
- device NOT visible in the IOS bluetooth section
- log when failing to connect to the ios provisioning
I (628) GATTS_DEMO: ADD_CHAR_EVT, status 0, attr_handle 46, service_handle 44
I (638) GATTS_DEMO: ADD_DESCR_EVT, status 0, attr_handle 47, service_handle 44
I (96208) GATTS_DEMO: ESP_GATTS_CONNECT_EVT, conn_id 0, remote 7e:dc:3d:5f:56:8e:
I (96208) GATTS_DEMO: CONNECT_EVT, conn_id 0, remote 7e:dc:3d:5f:56:8e:
I (96238) GATTS_DEMO: ESP_GATTS_MTU_EVT, MTU 185
I (96238) GATTS_DEMO: ESP_GATTS_MTU_EVT, MTU 185
I (96458) GATTS_DEMO: update connection params status = 0, min_int = 16, max_int = 32,conn_int = 30,latency = 0, timeout = 400
I (96868) GATTS_DEMO: GATT_READ_EVT, conn_id 0, trans_id 2, handle 43
I (116068) GATTS_DEMO: ESP_GATTS_DISCONNECT_EVT, disconnect reason 0x13
- Log when connecting with android
I (234568) GATTS_DEMO: ESP_GATTS_CONNECT_EVT, conn_id 0, remote 5b:1f:5d:f4:18:06:
I (234568) GATTS_DEMO: CONNECT_EVT, conn_id 0, remote 5b:1f:5d:f4:18:06:
I (235748) GATTS_DEMO: update connection params status = 0, min_int = 16, max_int = 32,conn_int = 6,latency = 0, timeout = 500
I (236798) GATTS_DEMO: GATT_READ_EVT, conn_id 0, trans_id 1, handle 47
I (237008) GATTS_DEMO: update connection params status = 0, min_int = 0, max_int = 0,conn_int = 32,latency = 0, timeout = 400
- Via the provisioning app now i'm able too see it if i reset the board
More info:
- I put back the provisioning FW on the S3.
- I removed the prefix from the provisioning app
- Android sees PROV_*
- IOS sees ESP_GATTS_DEMO
This is same issue as
#7647
- Trying to pair with IOS provisioning app
- Error on security
- Reset board
- Scan again -> Now the name seen in IOS is PROV_*
- Trying to pair
- The app asks twice for "Pairing" the device on IOS
- Never reach the Wifi Scanning step and then fails
I (848) QRCODE: {"ver":"v1","name":"PROV_E07440","pop":"abcd1234","transport":"ble"}
█▀▀▀▀▀█ ▀▀▀█▄█ ▀▀▄ █▄ █ █▀▀▀▀▀█
█ ███ █ ▀▄█ █▄ ▀▄█ ▄█▄ ▀ █ ███ █
█ ▀▀▀ █ ▄▀█▀▄▀ ▀█▄▀ ▀▀▄▀ █ ▀▀▀ █
▀▀▀▀▀▀▀ █▄▀ █▄█▄█ ▀ █ ▀ ▀ ▀▀▀▀▀▀▀
██▄██ ▀ ▄▀▄ ▀▄ ▄▀▀▀█ ▀ ▀ ▀▄▄ ▄▄▀
█▄ █▀█▀▀ ▀▀▀▀▄▄█ ▀█▀ █ ▄█▄█▀
▄██▀▀ ▀█▀██ ▄▄██▄ ▀▀▀ █ ▄▀█ ▀▄▄▀
█▄ ▄▄▀█▀▄▄ ▄ ▄█▄▀▀█▄▀█▄▀▄▄█ ▄
█ ▄▄█▀ █▄▀█▀▀ █▀▄▀▄▀ ▄█ ███▄ ██
▀ ███▀ ▄ ▄▀▄███▀▄▀█ ▀█ █▀▀ ▀▄▄▀
▄█▄▄▄▄▀▀▄█▀▀▄▄█▄▀▀█▄█▄█▀▀█ ▀▄ ▄▀
█ ▀ ▄ ▀ ▀█▄█▄ ▀█▄█▄▀▀█▀█ ▄█ ▀▄▄█
▀▀ ▀▀▄▀▀▀▀▄▄██▄█▀█ ▀██▀▀▀█▄▄▀
█▀▀▀▀▀█ ▀▄█▀▀▀██ ▄▀▄ █▄█ ▀ █ ▄ ▄
█ ███ █ █ █▄█▀▀█▀▄█▄▄ ▀██▀▀▀▀▄▄▀▀
█ ▀▀▀ █ ▄▄ ▀ ▄█▀█ █▀ ▀▀███▄▀█ █▄█
▀▀▀▀▀▀▀ ▀ ▀ ▀▀ ▀ ▀▀▀▀▀▀
I (1058) app: If QR code is not visible, copy paste the below URL in a browser.
https://espressif.github.io/esp-jumpstart/qrcode.html?data={"ver":"v1","name":"PROV_E07440","pop":"abcd1234","transport":"ble"}
I (67458) BT_BTM: BTM_InqDbRead: bd addr [45ed56c5e817]
I (67568) BT_GATT: GATT_GetConnIdIfConnected status=1
I (67568) BT_L2CAP: L2CA_SetDesireRole() new:x1, disallow_switch:0
I (67598) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (67598) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (67658) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (67718) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (67778) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (67878) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (67958) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (68028) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (68108) BT_GATT: GATTS_SendRsp: conn_id: 1 trans_id: 1 Status: 0x0000
I (68108) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (68178) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (68258) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (68328) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (68408) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (68478) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (68588) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (68668) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (68738) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (68818) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (68818) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 2 Status: 0x0000
I (68818) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (68888) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (68888) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 3 Status: 0x0000
I (68898) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (68968) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (68968) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 4 Status: 0x0000
I (68968) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (69038) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (69038) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 5 Status: 0x0000
I (69048) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (69118) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (69118) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 6 Status: 0x0000
I (69118) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
E (69188) BT_GATT: gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION
I (69188) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
W (69268) BT_SMP: Non bonding: No keys will be exchanged
I (69268) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0006 BDA: 45ed56c5e817
I (71138) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0006 BDA: 45ed56c5e817
I (71138) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0006 BDA: 45ed56c5e817
I (71178) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0006 BDA: 45ed56c5e817
I (71258) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0006 BDA: 45ed56c5e817
W (71368) BT_SMP: FOR LE SC LTK IS USED INSTEAD OF STK
I (71558) BT_L2CAP: L2CA_RemoveFixedChnl() CID: 0x0006 BDA: 45ed56c5e817
I (71558) BT_BTM: BTM_InqDbRead: bd addr [45ed56c5e817]
I (71628) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (71628) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 7 Status: 0x0000
I (71628) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (71708) BT_GATT: GATTS_SendRsp: conn_id: 2 trans_id: 8 Status: 0x0000
I (71708) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (71778) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (71778) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 9 Status: 0x0000
I (71778) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (72908) BT_GATT: GATT_GetConnIdIfConnected status=0
I (72908) BT_L2CAP: L2CA_SetDesireRole() new:x1, disallow_switch:0
I (72908) BT_APPL: BTA_DmSetBleAdvParamsAll: 256, 256
I (72908) BT_APPL: adv_type = 0, addr_type_own = 0, chnl_map = 7, adv_fil_pol = 0
I (73698) BT_GATT: GATT_GetConnIdIfConnected status=1
I (73698) BT_L2CAP: L2CA_SetDesireRole() new:x1, disallow_switch:0
I (73728) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (73728) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (73788) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (73848) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (73968) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (74038) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (74118) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (74188) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (74268) BT_GATT: GATTS_SendRsp: conn_id: 1 trans_id: 1 Status: 0x0000
I (74268) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (74338) BT_GATT: GATTS_SendRsp: conn_id: 2 trans_id: 2 Status: 0x0000
I (74338) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (74418) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (74528) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (74598) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (74678) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (74748) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (74828) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (74898) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (74978) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (75048) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (75058) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 3 Status: 0x0000
I (75058) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (75128) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (75128) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 4 Status: 0x0000
I (75128) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (75198) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (75208) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 5 Status: 0x0000
I (75208) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (75278) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (75278) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 6 Status: 0x0000
I (75278) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (75348) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (75358) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 7 Status: 0x0000
I (75358) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
E (75428) BT_GATT: gatts_write_attr_perm_check - GATT_INSUF_ENCRYPTION
I (75428) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
W (75508) BT_SMP: Non bonding: No keys will be exchanged
I (75508) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0006 BDA: 45ed56c5e817
I (77448) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0006 BDA: 45ed56c5e817
I (77458) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0006 BDA: 45ed56c5e817
I (77528) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0006 BDA: 45ed56c5e817
I (77608) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0006 BDA: 45ed56c5e817
W (77678) BT_SMP: FOR LE SC LTK IS USED INSTEAD OF STK
I (77828) BT_L2CAP: L2CA_RemoveFixedChnl() CID: 0x0006 BDA: 45ed56c5e817
I (77828) BT_BTM: BTM_InqDbRead: bd addr [45ed56c5e817]
I (77908) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (77908) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 8 Status: 0x0000
I (77908) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (77978) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (77978) BT_GATT: GATTS_SendRsp: conn_id: 3 trans_id: 9 Status: 0x0000
I (77978) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
I (80038) BT_GATT: GATTS_SendRsp: conn_id: 2 trans_id: 10 Status: 0x0000
I (80038) BT_L2CAP: L2CA_SendFixedChnlData() CID: 0x0004 BDA: 45ed56c5e817
@Weijian-Espressif do you have any idea on this?
i tried to dig a bit in the BLE stack, but it's not that easy.
i reached btu_hcif_send_cmd which is called at BLE setup to set the Scan response raw.
However these are the initial settings, I'm still trying to find the function that is called when the actual scan response is sent.
@KonssnoK You can download the NRF Connect app, Test connect and pairing. Check if provisioning App is OK
Or you can test the gatt_security_server example on your iPhone, and show me the log
Using the gatt_security_server app I'm always able to scan and connect to the device via IOS nRF Connect, even by changing the device name and reflashing.
If i move to gatt_server the device is not visible anymore for some minutes, then appears with the new name.
Also in this case i can change the device name, reflash, and see it with the correct name in the scan.
Finally i move to wifi_prov_mgr. In the iOS nRF Connect the device is still seen with the old name, in Android it's seen with the correct name.
So,
this is an issue of the BLE implementation of the protocomm provisioning system, which affects only iOS.
What can we do as next steps?
this is not a bug, iPhone has a cache, it shows the old name, you connect and then disconnect, iPhone will update the cache, it will show your new name, you can try it
this is not a bug, iPhone has a cache, it shows the old name, you connect and then disconnect, iPhone will update the cache, it will show your new name, you can try it
if this is true then why with gatt_security_server and gatt_server the name gets updated instantly (without connecting) and with wifi_prov_mgr is not?
All this started because my FrontEnd colleague didn't manage to see a device that he never seen before with its own Iphone, therefore he couldn't have any cache of the BLE device.
I will investigate more
You can do a test with your iPhone, send adv, see the adv name, connect and disconnect, change the adv name and restart the adv, and then check the adv name with your iphone
please refer https://developer.apple.com/forums/thread/19381
@Weijian-Espressif , as expected, the issue is related to the protocomm component.
By comparing code of simple_ble.c and example_ble_sec_gatts_demo.c i was able to find which is the discrepancy which is causing this issue.
In example_ble_sec_gatts_demo.c the code relies on esp_ble_gap_config_adv_data for configuring the scan response.
Instead, in protocomm_ble.c your colleagues used raw_adv_data for both advertising and scan response.
The raw data is then set in simple_ble.c using esp_ble_gap_config_scan_rsp_data_raw.
Apparently, something in the raw data is missing -> bug.
Please check out these changes:
KonssnoK@a9e06bc
In this code, instead of using a raw data, function esp_ble_gap_config_adv_data is used. In this way the name of the device gets updated immediately also with provisioning app.
I didn't create a fix but just a proof of fault, as can be seen from
static uint8_t test_manufacturer[3]={'E', 'S', 'P'};
static esp_ble_adv_data_t heart_rate_scan_rsp_config = {
.set_scan_rsp = true,
.include_name = true,
.manufacturer_len = sizeof(test_manufacturer),
.p_manufacturer_data = test_manufacturer,
};
ret = esp_ble_gap_config_adv_data(&heart_rate_scan_rsp_config);
Also, some of the changes were made just to make the code look more similar to example_ble_sec_gatts_demo.c (example, using ret = esp_ble_gap_config_local_privacy(true);)
Please forward to your colleagues for fixing.
Thanks!
Thanks for reporting, and sorry for slow turnaround, fix on master branch is available at f7f6a92, we are back porting the fix to release/4.4 and release/4.3. Thanks.