Bluetooth LE issue after security patch update (Level 2020-11-01)

Mobile
1

I am using the Samsung Galaxy S9+. But I think other models will have similar behaviour as well.

After the recent security patch update to level 2020-11-01, I have found that there are some issues with the Bluetooth and the Wi-Fi.
The smartphone can find and establish a connection to a BLE peripheral device. But it cannot receive characteristic value updates from the peripheral. (ie. Handle Value Notification/Indication cannot be received). But it can read characteristic values from the peripheral.
The issue can be solved by force stop the Bluetooth or clear the storage of the Bluetooth. Then it can connect to the peripheral device and receives the characteristic values update.

This works until a new Wi-Fi connection is initiated. Then it will stop working again.
And if the Wi-Fi is turned off, there is no problem as well.
Therefore based on this behavior, I think that not the Wi-Fi connection having some issues with the Bluetooth module, but the initialization process of the Wi-Fi connection has some interferences to it such that it cannot receive characteristic value updates.

And looking at the Bluetooth HCI log,
normally the Gatt Primary Service Declaration response of the S9+ is that:
Service Handle of Generic Attribute Profile is 0x0001…0x0003 and
Service Handle of Generic Access Profile is 0x0014…0xffff.

But when the problem happens, the Gatt Primary Service Declaration response of my smartphone becomes this:
Service Handle of Generic Attribute Profile is 0x0001…0x0003 and
Service Handle of Generic Access Profile is 0x0014…0x001a.
Then there is an unknown service in another response:
Service Handle of the Unknown Service is 0x0028…0xffff.
UUID: 594a34fc-31db-11ea-978f-2e728ce88125

Also normally the BLE peripheral device will stop requesting the smartphone after the first Gatt Primary Service Declaration because its role is a peripheral that should not send any request to the central.
When the bug happens, it keeps sending Gatt Characteristic Declaration and Find Information requests about the unknown service. And it will keep repeating these requests until the connection timeout happens because the BLE peripheral device needs the Handle Value Confirmation event to complete the whole connection establishment

FYI, the BLE device is using the RN4020 module.

2

Some updates on this issue.
Once I turn off the WiFi Hotspot 2.0, magically the issue is gone.
It seems that turning off Hotspot 2.0 has reset some configs.
Even now I turn it on again, it can still connect to the BLE device

I have not tried the Network Setting Reset. And since I cannot return to the problematic state, I can only assume the Network Setting Reset may work as well.

3

Hello AKit_991,
Welcome to the community!
Glad to know that the problem’s gone. Please reach us anytime if you find the problem again.
And, this time don’t forget to capture the log whenever you face the issue.

To get dumpstate log please follow the below steps:
a) Immediately after issue reproduction, dial *#9900# and if the Debug Level is Disabled/LOW, tap to select MID. This restarts the device.
b) Again dial *#9900# and press “RUN DUMPSTATE/LOGCAT/”
c) When it is finished press “COPY TO SDCARD(INCLUDE CP RAMDUMP)
d) In the main folder of the device file system, there will be a new folder called “log”. The log file should be there.

To get the issue further analyzed, you may report here