esp-at icon indicating copy to clipboard operation
esp-at copied to clipboard

Published 20 hours ago verified publisher icon espressif

Writing GATT characteristic with variable size will result in characteristic being truncated

Open jnstahl opened this issue 10 months ago • 0 comments

Answers checklist

  • [X] I have read the documentation ESP-AT Programming Guide and the issue is not addressed there.
  • [X] I have used the latest released firmware or have updated my ESP-AT branch (master or release) to the latest version and checked that the issue is present there.
  • [X] I have searched the issue tracker for a similar issue and not found a similar issue.

AT+GMR

AT+GMR AT version:4.1.0.0-dev(6eebeb4 - ESP32C6 - Mar 20 2024 12:32:44) SDK version:v5.1.2-dirty compile time(77e1c56):Mar 27 2024 07:39:19 Bin version:v4.1.0.0-dev(ESP32C6-4MB)

ESP-AT Firmware Source

Download from Github Actions

Hardware Information

ESP32-C6-MINI1

Power Supply used

External 3.3V

What is the expected behavior?

I am writing characteristics from an Android app. The characteristic size may be of variable length for successive writes. With ESP-AT 2.4.0 and ESP32C3 it was working all correctly. With ESP32C6 and firmware 4.0.0 I was expecting it to behave the same way

What is the actual behavior?

With the ESP432C6 and Firmware 4.0.0 (also 4.1.0.0-dev) the behavior is changed. Apparently the firmware will limit some internal buffer to match the initial chararacteristic length. So when writing the characteristc with 14 bytes, then subsequent writes will have the bytes after the 14th byte corrupted, even though the +WRITE message still indiciates the longer size.

Probability of recurrence

appears under all conditions

AT+SYSRAM?

AT+SYSRAM? +SYSRAM:259140,250072 OK

Steps to reproduce

  1. Initialize BLE server and start advertising
  2. connect nrfConnect
  3. from nrfConnect, write Characteristic 0xC04 a first time with one length (e.g. "ABCDEFGHIJKL")
  4. from nrfConnect, write Characteristic 0xC04 a second time with a larger length (e.g. "ABCDEFGHIJKLMNOPQRSTUVWXYZ")
  5. RESULT -> the second time the characteristic is limited to the length established in the first write

AT command port output

AT+GMR
AT version:4.1.0.0-dev(6eebeb4 - ESP32C6 - Mar 20 2024 12:32:44)
SDK version:v5.1.2-dirty
compile time(77e1c56):Mar 27 2024 07:39:19
Bin version:v4.1.0.0-dev(ESP32C6-4MB)
OK
AT+BLEINIT=2
OK
AT+BLEADVPARAM=50,50,0,0,7,0,,
OK
AT+BLEADVDATA="0201060A0954696d6544726f7073030302A0"
OK
AT+BLEADVSTART
OK
+BLECONN:0,"4d:ad:0d:10:66:5e"
+BLECONNPARAM:0,6,6,6,0,500
+BLECONNPARAM:0,39,39,39,0,500
+WRITE:0,1,5,,12,ABCDEFGHIJKL
+WRITE:0,1,5,,26,ABCDEFGHIJKL


first write was ABCDEFGHIJKL. After the first write the characteristic length is fixed
second write is ABCDEFGHIJKLMNOPQRSTUVWXYZ -> the output is now truncated to the size set in the first write

AT log port output

SP-ROM:esp32c6-20220919
Build:Sep 19 2022
rst:0x1 (POWERON),boot:0x2c (SPI_FAST_FLASH_BOOT)
SPIWP:0xee
mode:DIO, clock div:1
load:0x4086c410,len:0xd2c
load:0x4086e610,len:0x2df0
load:0x40875728,len:0x17d8
SHA-256 comparison failed:
Calculated: 85f0055e03bfbcec6e4e4d7bc6633d633c657adbbf1ddca7cda08884786bb456
Expected: 6ab41946cb756454c0775c40e8b847bbc6cee25427b3c1738bbdf1969062d567
Attempting to boot anyway...
entry 0x4086c410
[0;32mI (42) boot: ESP-IDF v5.1.2-dirty 2nd stage bootloader[0m
[0;32mI (42) boot: compile time Mar 27 2024 07:38:53[0m
[0;32mI (43) boot: chip revision: v0.0[0m
[0;32mI (45) boot.esp32c6: SPI Speed      : 80MHz[0m
[0;32mI (50) boot.esp32c6: SPI Mode       : DIO[0m
[0;32mI (55) boot.esp32c6: SPI Flash Size : 4MB[0m
[0;32mI (60) boot: Enabling RNG early entropy source...[0m
[0;32mI (65) boot: Partition Table:[0m
[0;32mI (69) boot: ## Label            Usage          Type ST Offset   Length[0m
[0;32mI (76) boot:  0 otadata          OTA data         01 00 0000d000 00002000[0m
[0;32mI (83) boot:  1 phy_init         RF data          01 01 0000f000 00001000[0m
[0;32mI (91) boot:  2 nvs              WiFi data        01 02 00010000 0000e000[0m
[0;32mI (98) boot:  3 at_customize     unknown          40 00 0001e000 00042000[0m
[0;32mI (106) boot:  4 ota_0            OTA app          00 10 00060000 001d0000[0m
[0;32mI (113) boot:  5 ota_1            OTA app          00 11 00230000 001d0000[0m
[0;32mI (121) boot: End of partition table[0m
[0;32mI (125) esp_image: segment 0: paddr=00060020 vaddr=42150020 size=30498h (197784) map[0m
[0;32mI (175) esp_image: segment 1: paddr=000904c0 vaddr=40800000 size=0fb58h ( 64344) load[0m
[0;32mI (190) esp_image: segment 2: paddr=000a0020 vaddr=42000020 size=146450h (1336400) map[0m
[0;32mI (466) esp_image: segment 3: paddr=001e6478 vaddr=4080fb58 size=09ed4h ( 40660) load[0m
[0;32mI (476) esp_image: segment 4: paddr=001f0354 vaddr=40819a30 size=03bc4h ( 15300) load[0m
[0;32mI (481) esp_image: segment 5: paddr=001f3f20 vaddr=50000000 size=00068h (   104) load[0m
[0;32mI (488) boot: Loaded app from partition at offset 0x60000[0m
[0;32mI (488) boot: Disabling RNG early entropy source...[0m
no external 32k oscillator, disable it now.

at param mode: 1

AT cmd port:uart1 tx:7 rx:6 cts:5 rts:4 baudrate:115200

module_name: ESP32C6-4MB

max tx power=78, ret=0

v4.1.0.0-dev

controller lib commit: [77d09ce]
ble attribute[2] 16

ble attribute[3] 2800

ble attribute[7] A002

ble attribute[2] 16

ble attribute[3] 2803

ble attribute[7] 02

ble attribute[2] 16

ble attribute[3] C300

ble attribute[2] 16

ble attribute[3] 2901

ble attribute[4] 11

ble attribute[2] 16

ble attribute[3] 2803

ble attribute[7] 02

ble attribute[2] 16

ble attribute[3] C301

ble attribute[2] 16

ble attribute[3] 2901

ble attribute[4] 11

ble attribute[2] 16

ble attribute[3] 2803

ble attribute[7] 08

ble attribute[2] 16

ble attribute[3] C302

ble attribute[2] 16

ble attribute[3] 2901

ble attribute[4] 01

ble attribute[2] 16

ble attribute[3] 2803

ble attribute[7] 04

ble attribute[2] 16

ble attribute[3] C303

ble attribute[2] 16

ble attribute[3] 2901

ble attribute[4] 10

ble attribute[2] 16

ble attribute[3] 2803

ble attribute[7] 08

ble attribute[2] 16

ble attribute[3] C304

ble attribute[2] 16

ble attribute[3] 2803

ble attribute[7] 10

ble attribute[2] 16

ble attribute[3] C305

ble attribute[2] 16

ble attribute[3] 2902

ble attribute[2] 16

ble attribute[3] 2803

ble attribute[7] 20

ble attribute[2] 16

ble attribute[3] C306

ble attribute[2] 16

ble attribute[3] 2902

ble attribute[2] 16

ble attribute[3] 2803

ble attribute[7] 02

ble attribute[2] 16

ble attribute[3] C307

ble attribute[2] 16

ble attribute[3] 2901

ble attribute[4] 11

ble attribute[2] 16

ble attribute[3] 2800

ble attribute[7] A003

ble attribute[2] 16

ble attribute[3] 2803

ble attribute[7] 02

ble attribute[2] 16

ble attribute[3] C400

ble attribute[2] 16

ble attribute[3] 2901

ble attribute[4] 11

ble attribute[2] 16

ble attribute[3] 2803

ble attribute[7] 02

ble attribute[2] 16

ble attribute[3] C401

ble attribute[2] 16

ble attribute[3] 2901

ble attribute[4] 11

registered service 0x1800 with handle=1
registering characteristic 0x2a00 with def_handle=2 val_handle=3
registering characteristic 0x2a01 with def_handle=4 val_handle=5
registered service 0x1801 with handle=6
registering characteristic 0x2a05 with def_handle=7 val_handle=8
registered service 0xa002 with handle=10
registering characteristic 0xc300 with def_handle=11 val_handle=12
registering descriptor 0x2901 with handle=13
registering characteristic 0xc301 with def_handle=14 val_handle=15
registering descriptor 0x2901 with handle=16
registering characteristic 0xc302 with def_handle=17 val_handle=18
registering descriptor 0x2901 with handle=19
registering characteristic 0xc303 with def_handle=20 val_handle=21
registering descriptor 0x2901 with handle=22
registering characteristic 0xc304 with def_handle=23 val_handle=24
registering characteristic 0xc305 with def_handle=25 val_handle=26
registering characteristic 0xc306 with def_handle=28 val_handle=29
registering characteristic 0xc307 with def_handle=31 val_handle=32
registering descriptor 0x2901 with handle=33
registered service 0xa003 with handle=34
registering characteristic 0xc400 with def_handle=35 val_handle=36
registering descriptor 0x2901 with handle=37
registering characteristic 0xc401 with def_handle=38 val_handle=39
registering descriptor 0x2901 with handle=40
reset reason=0
connection established; status=0 handle=1 our_ota_addr_type=0 our_ota_addr=4084b47f:00:15:40828000:00:4217d198
 our_id_addr_type=0 our_id_addr=4084b471:00:15:40828000:00:4217d198
 peer_ota_addr_type=1 peer_ota_addr=4084b486:00:15:40828000:00:4217d198
 peer_id_addr_type=1 peer_id_addr=4084b478:00:15:40828000:00:4217d198
 conn_itvl=39 conn_latency=0 supervision_timeout=500 encrypted=0 authenticated=0 bonded=0
advertise complete; reason=0connection updated; status=0 handle=1 our_ota_addr_type=0 our_ota_addr=4084b42f:00:15:40828000:00:4217d198
 our_id_addr_type=0 our_id_addr=4084b421:00:15:40828000:00:4217d198
 peer_ota_addr_type=1 peer_ota_addr=4084b436:00:15:40828000:00:4217d198
 peer_id_addr_type=1 peer_id_addr=4084b428:00:15:40828000:00:4217d198
 conn_itvl=6 conn_latency=0 supervision_timeout=500 encrypted=0 authenticated=0 bonded=0

connection updated; status=0 handle=1 our_ota_addr_type=0 our_ota_addr=4084b42f:00:15:40828000:00:4217d198
 our_id_addr_type=0 our_id_addr=4084b421:00:15:40828000:00:4217d198
 peer_ota_addr_type=1 peer_ota_addr=4084b436:00:15:40828000:00:4217d198
 peer_id_addr_type=1 peer_id_addr=4084b428:00:15:40828000:00:4217d198
 conn_itvl=39 conn_latency=0 supervision_timeout=500 encrypted=0 authenticated=0 bonded=0

More Information.

The workaround is to pad the characteristc for each write to a fixed (maximum length) value. However this is using significantly more bandwidht

jnstahl avatar Mar 29 '24 20:03 jnstahl