[ovs-dev] OpenFlow rule deletion during port destroy

Jarno Rajahalme jrajahalme at nicira.com
Fri Apr 18 01:42:51 UTC 2014 

On Apr 17, 2014, at 11:26 AM, Zoltan Kiss <zoltan.kiss at citrix.com> wrote:

> On 16/04/14 18:00, Justin Pettit wrote:
>> On April 16, 2014 at 9:00:15 AM, Zoltan Kiss (zoltan.kiss at citrix.com) wrote:
>> 
>>> My actual problem is that an important rule gets deleted:
>>> 
>>> cookie=0x0, duration=1581.083s, table=0, n_packets=52804,
>>> n_bytes=88968151, idle_age=0, priority=0,in_port=ANY actions=NORMAL
>>> 
>>> ...
>>> 
>>> There is no sign the controller did anything about deleting those rules,
>>> but somehow it still happened. Does anyone knows
>>> Unfortunately it is hard to reproduce the problem, it is only
>>> intermittent in one of our testcases.
>> 
>> I'm not sure that it's related, but it sounds similar to bug NIC-512 that I filed with Citrix over a year ago.  Here's the relevant part:
> Many thanks Justin it was this problem indeed! Now I poked the right people to fix this quite forgotten problem!
> 
>> I did commit a change that should lessen the impact:
>> 
>>   http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=05dddba
> Yes, this would solve the problem, but this patch removed it on the assumption that ofputil_port_from_string() solved it anyway:
> 
> http://git.openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=33ab38d9
> 
> But it doesn't, in fact it does some pretty mad conversions:
> - ofputil_port_from_string pass a uint32_t* to str_to_uint
> - it is casted to an int*, which is fortunately 32 bit in most places, but it is a dangerous assumption
> - the string is converted to a 'long long' and then copied into that int*
> - so if the string was "-1", the value of port32 will be 0xFFFFFFFF
> 
> I think the best place to catch this problem would be to check in str_to_uint() if the returned '(int *) u' is a negative number, and return false in that case. What do you think?
> 

It seems that the check for the minus sign needs to be done in ofputil_port_from_string(). The check for negative return values from str_to_uint() would not work as the special port numbers for OpenFlow 1.1+ are in that “negative” range.

I just posted this patch, could you verify it solves your problem:

http://openvswitch.org/pipermail/dev/2014-April/039070.html

  Jarno

More information about the dev mailing list