Cancel Discount Dumps Core When Series Of Out Of The Box Opcodes Are Called (Doc ID 1367250.1)

Last updated on NOVEMBER 09, 2015

Applies to:

Oracle Communications Billing and Revenue Management - Version 7.4.0.0.0 to 7.4.0.1.0 [Release 7.4.0]
Information in this document applies to any platform.
***Checked for relevance on 07-Nov-2013***

Symptoms

Cancel discount is causing coredump if we call the following series of opcodes. It is failing in opcode PCM_OP_SUBSCRIPTION_CANCEL_DISCOUNT.

To reproduce this issue, the followings are the steps executed in testnap which is causing coredump.

r acc 1
open lock 1
r get_bal 3
xop PCM_OP_BAL_GET_BALANCES 0 3
r cancel 2
xop PCM_OP_SUBSCRIPTION_CANCEL_DISCOUNT 0 2 abort

Where,
acc flist:
0 PIN_FLD_POID POID [0] 0.0.0.4 /account 109499322604

get_bal flist:
0 PIN_FLD_POID POID [0] 0.0.0.4 /account 109499322604 1
0 PIN_FLD_SERVICE_OBJ POID [0] 0.0.0.4 /service/subscription 109499351678 0
0 PIN_FLD_BALANCES ARRAY [*] NULL array ptr

cancel discount flist:
0 PIN_FLD_POID POID [0] 0.0.0.4 /account 109499322604 1
0 PIN_FLD_SERVICE_OBJ POID [0] 0.0.0.4 /service/subscription 109499351678 0
0 PIN_FLD_START_T TSTAMP [0] (1312776825) Tue Feb 22 22:23:22 2011
0 PIN_FLD_END_T TSTAMP [0] (1312776825) Tue Feb 22 22:23:22 2011
0 PIN_FLD_PROGRAM_NAME STR [0] "vf_tofkab_product_manager"
0 PIN_FLD_DISCOUNTS ARRAY [0] allocated 20, used 3
1 PIN_FLD_DISCOUNT_OBJ POID [0] 0.0.0.4 /discount 36320714813 0
1 PIN_FLD_OFFERING_OBJ POID [0] 0.0.0.4 /purchased_discount 109499351422 0
1 PIN_FLD_QUANTITY DECIMAL [0] 1

In the custom opcode first gets a lock on account_t and then calls PCM_OP_BAL_GET_BALANCES and then finally calls the main opcode to cancel discount ( PCM_OP_SUBSCRIPTION_CANCEL_DISCOUNT) .
This is causing core dump, here is the stack trace of the core:.

pstack cancel_discount_core
core 'cancel_discount_core' of 747:     /pin/d02/pinIap06a/opt/portal/7.4/bin/master_cm
 fe256f48 t_delete (b11eb8, 68, 0, 446, fe3303a8, b11ed8) + 74
 fe256b44 realfree (b11e48, 69, d98dc, ff3c9a74, 0, b11e40) + 8c
 fe256690 _malloc_unlocked (b11e08, b0, b11e00, b11e08, fffffffb, 0) + 260
 fe256414 malloc   (3d, 1, d9fd8, ff3b855c, fe3303a8, fe33a518) + 4c
 ff2b085c setExceptionLogFile (4ce80, 0, 8a3c, ff337adc, 8800, 0) + 54
 ff03a5d0 sigsegv_handler (b, 0, ff075ae8, ff071dbc, 159c, 1400) + 20
 fe2c8b4c __sighndlr (b, 0, ffbf7448, ff03a5b0, 0, 1) + c
 fe2bd1f8 call_user_handler (b, 0, 0, 0, fe7c2c00, ffbf7448) + 3b8
 fe2bd3cc sigacthandler (b, 0, ffbf7448, ff34b430, fe7c2c00, 0) + 4c
 --- called from signal handler with signal 11 (SIGSEGV) ---
 fe256f48 t_delete (b11eb8, b0, 0, ff1d1044, fe3303a8, b11ed8) + 74
 fe256b44 realfree (b11e00, b1, d98dc, ff1bb66c, 0, fbb8252c) + 8c
 fe2573cc cleanfree (0, 1, d902c, ff1bb600, fe3303a8, fe3392a4) + 5c
 fe256524 _malloc_unlocked (140, b0, b11e00, b11e08, fe333910, ff269400) + f4
 fe256414 malloc   (140, 1, d9fd8, fb78da5c, fe3303a8, fe33a518) + 4c
 ff1d2804 __1cKPcmMemPoolUmallocFromSystemHeap6M_pv_ (411e8, 6400, ff337adc, 1, 3890, ff2cf639) + 5c
 ff1d2334 __1cKPcmMemPoolOmallocFromPool6M_pv_ (411e8, 1, fe7c2c00, 0, fe2c7054, ff34b330) + 34
 ff1d152c __1cLPcmMemGroupOMallocFromPool6FnPpcmmem_pool_ids__pv_ (1, ff3f5b28, ff1d2300, ff34b430, ff34b334, 4) + 104
 ff1d1044 pcmmem_malloc_flisthdr (fbb11634, 0, ff364184, ff337adc, 7a50, 7800) + 40
 ff1bb66c pin_flist_create_with_size (14, ffbf7f84, ffbf7f84, 0, ff337adc, fbb8252c) + 4c
 ff1bb600 pin_flist_create (ffbf7f84, b0e228, ffbf8524, ff30b578, ab5c08, ce71c) + 4c
 ff269400 __1cIPinFlistGcreate6F_nIPinOwner4CpnJpin_flist_n0A____ (ffbf809c, fb95626d, ffbf8524, 0, ff337adc, ffbf7f84) + 44
 fb78da5c __1cbCfm_subs_cancel_find_discount6FrnLPinObserver4CpvnKPinContext___rnHPinBase4CpnJpin_flist_nIPinFlist___6rnIPinOwner4C4n0D___ipnKpin_errbuf__v_ (ffbf98a0, ffbf8514, ffbf8558, ffbf8568, ab5c08, ffbf85a8) + 1080
 fb789268 op_subscription_cancel_discount (ffbf9554, 4, 0, ffbf9514, ffbf9544, ffbf98a0) + e08
 ff036760 cm_custom_ex (ff078ce0, 0, ea8, 0, 0, ffbf9700) + 990
 ff035dc0 cm_custom (ff078ce0, 4e6f0, ea8, 0, fbc5c, ff071dbc) + 128
 ff034134 cm_child (0, ff078ce0, 0, 3, ea8, 0) + 1238
 ff042820 mainThread (b, fbc00200, ff071dbc, 7678b8, 4e6f0, 7678b8) + 655c
 00010f30 main     (1, ffbfa5e4, ffbfa5ec, 21000, fe19b980, 0) + 8
 00010b08 _start   (0, 0, 0, 0, 0, 0) + 108 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms