{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":182148991,"defaultBranch":"main","name":"ovn","ownerLogin":"ovn-org","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2019-04-18T19:54:33.000Z","ownerAvatar":"https://github.com/avatars/u/33884263?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1715362436.0","currentOid":""},"activityList":{"items":[{"before":"866b81f6721d503d60245fafecaa714b32b8d95c","after":"e6f4bb9a2d4ab27b13d8077c659696e60fe67482","ref":"refs/heads/main","pushedAt":"2024-07-05T18:47:29.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"numansiddique","name":null,"path":"/numansiddique","primaryAvatarUrl":"https://github.com/avatars/u/6571859?s=80&v=4"},"commit":{"message":"controller: Further encapsulate the CT zone handling.\n\nMove more code into the new ct-zone module and encapsulate\nfunctionality that is strictly related to CT zone handling.\n\nSigned-off-by: Ales Musil <amusil@redhat.com>\nAcked-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>\nSigned-off-by: Numan Siddique <numans@ovn.org>","shortMessageHtmlLink":"controller: Further encapsulate the CT zone handling."}},{"before":"5398c042575eca79b3d590f17fad16a3c5850288","after":"866b81f6721d503d60245fafecaa714b32b8d95c","ref":"refs/heads/main","pushedAt":"2024-07-04T21:43:41.000Z","pushType":"push","commitsCount":4,"pusher":{"login":"numansiddique","name":null,"path":"/numansiddique","primaryAvatarUrl":"https://github.com/avatars/u/6571859?s=80&v=4"},"commit":{"message":"treewide: Prevent potential NULL ptr deref.\n\nPrevent potential NULL ptr deref that might have happened in corner\ncase.\n\nSigned-off-by: Ales Musil <amusil@redhat.com>\nSigned-off-by: Numan Siddique <numans@ovn.org>","shortMessageHtmlLink":"treewide: Prevent potential NULL ptr deref."}},{"before":"e3bc71839ac2d6ddf6e07accccba5fc5b2385ac2","after":"5398c042575eca79b3d590f17fad16a3c5850288","ref":"refs/heads/main","pushedAt":"2024-07-04T15:44:24.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"numansiddique","name":null,"path":"/numansiddique","primaryAvatarUrl":"https://github.com/avatars/u/6571859?s=80&v=4"},"commit":{"message":"ovn-ctl: Fix incorrect use of `==` operator.\n\nThe ovn-ctl script uses a POSIX shell in its shebang line,\nhowever commit 12412b13c9e2 added two occurrences of the `==`\noperator which is bash specific.\n\nSymptoms of the issue are failure to start up and the follwing\nmessages logged:\n\n    ovn-ctl: 287: test: X: unexpected operator\n    ovn-ctl: 307: test: X: unexpected operator\n\nFixes: 12412b13c9e2 (\"ovn-ctl: Support for --config-file ovsdb-server option.\")\nReported-at: https://launchpad.net/bugs/2071767\nSigned-off-by: Frode Nordahl <fnordahl@ubuntu.com>\nSigned-off-by: Numan Siddique <numans@ovn.org>","shortMessageHtmlLink":"ovn-ctl: Fix incorrect use of <code>==</code> operator."}},{"before":"f1b925bcfa24142e49a7269f5d43d904d4dbf4f9","after":"e3bc71839ac2d6ddf6e07accccba5fc5b2385ac2","ref":"refs/heads/main","pushedAt":"2024-06-28T10:19:39.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"tests: Skip memory error triggered on ARM in DPDK tests.\n\nAdd skip for memory error produced by DPDK on ARM with 2MB hugepages\nwhich isn't harmful [0].\n\n[0] http://mails.dpdk.org/archives/dev/2024-June/296764.html\n\nSuggested-by: David Marchand <david.marchand@redhat.com>\nSigned-off-by: Ales Musil <amusil@redhat.com>\nReviewed-by: David Marchand <david.marchand@redhat.com>\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>","shortMessageHtmlLink":"tests: Skip memory error triggered on ARM in DPDK tests."}},{"before":"1a16aae432e88b5140a72f47f188a00c88af266d","after":"f1b925bcfa24142e49a7269f5d43d904d4dbf4f9","ref":"refs/heads/main","pushedAt":"2024-06-28T09:13:41.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"AUTHORS: Add Naveen Yerramneni.\n\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>","shortMessageHtmlLink":"AUTHORS: Add Naveen Yerramneni."}},{"before":"02d143f8424d8b5cb440a37323ba681ffa0d4dda","after":"1a16aae432e88b5140a72f47f188a00c88af266d","ref":"refs/heads/main","pushedAt":"2024-06-28T09:10:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"AUTHORS: Add Vasyl Saienko.\n\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>","shortMessageHtmlLink":"AUTHORS: Add Vasyl Saienko."}},{"before":"2dad0f45c623a9ef39387bf9c8b7289141430b05","after":"02d143f8424d8b5cb440a37323ba681ffa0d4dda","ref":"refs/heads/main","pushedAt":"2024-06-28T09:02:18.000Z","pushType":"push","commitsCount":5,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"controller: Add random delay during fdb learning.\n\nThis change reduces the probability of conflicts when\nmultiple nodes tries to add the same FDB entry to SB at the\nsame time. When conflict occurs, OVN controller does full\nrecompute which is heavy weight on the scale setup.\n\nSigned-off-by: Naveen Yerramneni <naveen.yerramneni@nutanix.com>\nSuggested-by: Dumitru Ceara <dceara@redhat.com>\nAcked-by: Ales Musil <amusil@redhat.com>\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>","shortMessageHtmlLink":"controller: Add random delay during fdb learning."}},{"before":"83c2238cbf41f6600fe024ce1df58c9800299bd6","after":"dca6e187d6e63c6f37111aeddb05517886481751","ref":"refs/heads/branch-23.09","pushedAt":"2024-06-25T10:44:11.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"ci: Move common build steps into script.\n\nMove common preparation steps into script that can be invoked by both\ncontainer builds. This will ensure that any update will be reflected\nin both containers, and it reduces the duplication between both\ncontainers. At the same time use the --user argument which avoids\nthe error below and allows pip to upgrade itself:\n\nERROR: Cannot uninstall pip 24.0, RECORD file not found.\nHint: The package was installed by debian.\n\nSigned-off-by: Ales Musil <amusil@redhat.com>\nAcked-by: Eelco Chaudron <echaudro@redhat.com>\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>\n(cherry picked from commit cc1d63de213369f3ac096415ad09913455809a81)","shortMessageHtmlLink":"ci: Move common build steps into script."}},{"before":"50c329f561eb4c6b912dd9a1c200872465a2e3dc","after":"2e11c9a65130baa944a868ea920ec68ff54412b0","ref":"refs/heads/branch-24.03","pushedAt":"2024-06-25T10:43:56.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"ci: Move common build steps into script.\n\nMove common preparation steps into script that can be invoked by both\ncontainer builds. This will ensure that any update will be reflected\nin both containers, and it reduces the duplication between both\ncontainers. At the same time use the --user argument which avoids\nthe error below and allows pip to upgrade itself:\n\nERROR: Cannot uninstall pip 24.0, RECORD file not found.\nHint: The package was installed by debian.\n\nSigned-off-by: Ales Musil <amusil@redhat.com>\nAcked-by: Eelco Chaudron <echaudro@redhat.com>\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>\n(cherry picked from commit cc1d63de213369f3ac096415ad09913455809a81)","shortMessageHtmlLink":"ci: Move common build steps into script."}},{"before":"03fb88ce976c421e8d9e8f2b8bff9e447e7c4518","after":"2dad0f45c623a9ef39387bf9c8b7289141430b05","ref":"refs/heads/main","pushedAt":"2024-06-25T10:43:10.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"ci: Move DPDK build into container.\n\nThe DPDK was built as extra step in the CI, however it is useful to\nhave it inside the container prepared. This also helps with\nreproduction of failures with DPDK by having the exact version inside\nthe container already.\n\nAlso bump the Ubuntu version for container builds to 24.04 to get\nPodman 4. This is required to avoid the tar permissions error:\n\ntar: dpdk-23.11/.ci: Cannot change mode to rwxrwxr-x: Operation not permitted\n\nSigned-off-by: Ales Musil <amusil@redhat.com>\nAcked-by: Eelco Chaudron <echaudro@redhat.com>\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>","shortMessageHtmlLink":"ci: Move DPDK build into container."}},{"before":"5f0809be565713d3634a6c663e122c0bfb5dff92","after":"83c2238cbf41f6600fe024ce1df58c9800299bd6","ref":"refs/heads/branch-23.09","pushedAt":"2024-06-18T20:10:03.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"putnopvut","name":"Mark Michelson","path":"/putnopvut","primaryAvatarUrl":"https://github.com/avatars/u/1328590?s=80&v=4"},"commit":{"message":"northd: ic: Remove unused function and fix unit test.\n\nThere are differences between branches 23.09 and 24.03 (e.g., IC tests\nhave been consolidated in ovn-ic.at) which made the original backport\nnon-trivial and some changes were missed.\n\nThis commit fixes that.\n\nFixes: 5f0809be5657 (\"Revert \"northd: Don't skip transit switch LSP when creating mcast groups.\"\")\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>\nSigned-off-by: Mark Michelson <mmichels@redhat.com>","shortMessageHtmlLink":"northd: ic: Remove unused function and fix unit test."}},{"before":"0539de39078ee018fe5a6962d6f2950cec0860fb","after":"5f0809be565713d3634a6c663e122c0bfb5dff92","ref":"refs/heads/branch-23.09","pushedAt":"2024-06-18T18:12:23.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"putnopvut","name":"Mark Michelson","path":"/putnopvut","primaryAvatarUrl":"https://github.com/avatars/u/1328590?s=80&v=4"},"commit":{"message":"Revert \"northd: Don't skip transit switch LSP when creating mcast groups.\"\n\nThis reverts commit 85ca2b75369c9a73f4750d5914666a54ebb3f2e0.\n\nThe commit above breaks inter-AZ IP multicast for the case when one of\nthe multicast receivers is co-located in the same zone as the sender.\nIn those cases traffic is not correctly forwarded to other receivers\nthat joined the group in other AZs.\n\nThis is often the case in ovn-kubernetes deployments (with IC enabled).\nThe current \"interconnection - IGMP/MLD multicast\" unit test failed to\ncover such topologies.\n\nCC: Mohammad Heib <mheib@redhat.com>\nFixes: 85ca2b75369c (\"northd: Don't skip transit switch LSP when creating mcast groups.\")\nReported-at: https://issues.redhat.com/browse/FDP-656\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>\nAcked-by: Mohammad Heib <mheib@redhat.com>\nAcked-by: Numan Siddique <numans@ovn.org>\nSigned-off-by: Mark Michelson <mmichels@redhat.com>","shortMessageHtmlLink":"Revert \"northd: Don't skip transit switch LSP when creating mcast gro…"}},{"before":"02cda45a02dcc4e88a2608aee5c6a1f4e50f2cba","after":"50c329f561eb4c6b912dd9a1c200872465a2e3dc","ref":"refs/heads/branch-24.03","pushedAt":"2024-06-18T18:12:13.000Z","pushType":"push","commitsCount":4,"pusher":{"login":"putnopvut","name":"Mark Michelson","path":"/putnopvut","primaryAvatarUrl":"https://github.com/avatars/u/1328590?s=80&v=4"},"commit":{"message":"tests: ic: Add IP multicast test that simulates the ovn-k8s use case.\n\nThe already existing \"interconnection - IGMP/MLD multicast\" test\nsimulated a slightly different topology (still valid though).\n\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>\nAcked-by: Numan Siddique <numans@ovn.org>\nSigned-off-by: Mark Michelson <mmichels@redhat.com>","shortMessageHtmlLink":"tests: ic: Add IP multicast test that simulates the ovn-k8s use case."}},{"before":"d34509941ea6c9b5e5847a9f96ea5f235f56cccd","after":"03fb88ce976c421e8d9e8f2b8bff9e447e7c4518","ref":"refs/heads/main","pushedAt":"2024-06-18T18:12:01.000Z","pushType":"push","commitsCount":4,"pusher":{"login":"putnopvut","name":"Mark Michelson","path":"/putnopvut","primaryAvatarUrl":"https://github.com/avatars/u/1328590?s=80&v=4"},"commit":{"message":"tests: ic: Add IP multicast test that simulates the ovn-k8s use case.\n\nThe already existing \"interconnection - IGMP/MLD multicast\" test\nsimulated a slightly different topology (still valid though).\n\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>\nAcked-by: Numan Siddique <numans@ovn.org>\nSigned-off-by: Mark Michelson <mmichels@redhat.com>","shortMessageHtmlLink":"tests: ic: Add IP multicast test that simulates the ovn-k8s use case."}},{"before":"d20498c4ef621934f0fb3a416c032313f29c6688","after":"0539de39078ee018fe5a6962d6f2950cec0860fb","ref":"refs/heads/branch-23.09","pushedAt":"2024-06-17T18:36:47.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"putnopvut","name":"Mark Michelson","path":"/putnopvut","primaryAvatarUrl":"https://github.com/avatars/u/1328590?s=80&v=4"},"commit":{"message":"controller: Send RARP/GARP for VIF post link state is up.\n\nCurrently, GARP/RARP broadcast is sent for VIFs (part of logical\nswitch with localnet port) after iface-id is set.\nThis fix is to avoid packet loss during migration if iface-id\nis set even before the VM migration is completed.\n\nSigned-off-by: Shibir Basak <shibir.basak@nutanix.com>\nAcked-by: Naveen Yerramneni <naveen.yerramneni@nutanix.com>\nSigned-off-by: Shibir Basak <shibir.basak@nutanix.com>\nAcked-by: Naveen Yerramneni <naveen.yerramneni@nutanix.com>\nAcked-by: Mark Michelson <mmichels@redhat.com>\nAcked-by: Mark Michelson <mmichels@redhat.com>\nSigned-off-by: Mark Michelson <mmichels@redhat.com>","shortMessageHtmlLink":"controller: Send RARP/GARP for VIF post link state is up."}},{"before":"bcbd09724f441b6df7412da8c3d53b9d7ba72572","after":"02cda45a02dcc4e88a2608aee5c6a1f4e50f2cba","ref":"refs/heads/branch-24.03","pushedAt":"2024-06-17T18:36:36.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"putnopvut","name":"Mark Michelson","path":"/putnopvut","primaryAvatarUrl":"https://github.com/avatars/u/1328590?s=80&v=4"},"commit":{"message":"controller: Send RARP/GARP for VIF post link state is up.\n\nCurrently, GARP/RARP broadcast is sent for VIFs (part of logical\nswitch with localnet port) after iface-id is set.\nThis fix is to avoid packet loss during migration if iface-id\nis set even before the VM migration is completed.\n\nSigned-off-by: Shibir Basak <shibir.basak@nutanix.com>\nAcked-by: Naveen Yerramneni <naveen.yerramneni@nutanix.com>\nSigned-off-by: Shibir Basak <shibir.basak@nutanix.com>\nAcked-by: Naveen Yerramneni <naveen.yerramneni@nutanix.com>\nAcked-by: Mark Michelson <mmichels@redhat.com>\nAcked-by: Mark Michelson <mmichels@redhat.com>\nSigned-off-by: Mark Michelson <mmichels@redhat.com>","shortMessageHtmlLink":"controller: Send RARP/GARP for VIF post link state is up."}},{"before":"2b6f59217bfceab5bf22ffe7275a367cca4c2ce9","after":"d34509941ea6c9b5e5847a9f96ea5f235f56cccd","ref":"refs/heads/main","pushedAt":"2024-06-17T18:35:16.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"putnopvut","name":"Mark Michelson","path":"/putnopvut","primaryAvatarUrl":"https://github.com/avatars/u/1328590?s=80&v=4"},"commit":{"message":"controller: Send RARP/GARP for VIF post link state is up.\n\nCurrently, GARP/RARP broadcast is sent for VIFs (part of logical\nswitch with localnet port) after iface-id is set.\nThis fix is to avoid packet loss during migration if iface-id\nis set even before the VM migration is completed.\n\nSigned-off-by: Shibir Basak <shibir.basak@nutanix.com>\nAcked-by: Naveen Yerramneni <naveen.yerramneni@nutanix.com>\nSigned-off-by: Shibir Basak <shibir.basak@nutanix.com>\nAcked-by: Naveen Yerramneni <naveen.yerramneni@nutanix.com>\nAcked-by: Mark Michelson <mmichels@redhat.com>\nAcked-by: Mark Michelson <mmichels@redhat.com>\nSigned-off-by: Mark Michelson <mmichels@redhat.com>","shortMessageHtmlLink":"controller: Send RARP/GARP for VIF post link state is up."}},{"before":"a0a5dd8ce56fe74e9fa00992bca3cec42c5097fa","after":"2b6f59217bfceab5bf22ffe7275a367cca4c2ce9","ref":"refs/heads/main","pushedAt":"2024-06-17T18:22:17.000Z","pushType":"push","commitsCount":4,"pusher":{"login":"putnopvut","name":"Mark Michelson","path":"/putnopvut","primaryAvatarUrl":"https://github.com/avatars/u/1328590?s=80&v=4"},"commit":{"message":"NEWS: Add an item about conditional NAT.\n\nSigned-off-by: Mark Michelson <mmichels@redhat.com>","shortMessageHtmlLink":"NEWS: Add an item about conditional NAT."}},{"before":"a8a4b87e1873e67c4e78ce7857e352059bc2aa5e","after":"bcbd09724f441b6df7412da8c3d53b9d7ba72572","ref":"refs/heads/branch-24.03","pushedAt":"2024-06-14T01:58:48.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"numansiddique","name":null,"path":"/numansiddique","primaryAvatarUrl":"https://github.com/avatars/u/6571859?s=80&v=4"},"commit":{"message":"controller: Store src_mac, src_ip in svc_monitor struct.\n\nThese structure members are read in pinctrl_handler() in a separare thread.\nThis is unsafe: when IDL is re-connected or some IDL objects are freed\nafter svc_monitors list with svc_monitor structures, which point to\nsbrec_service_monitor is initialized, sb_svc_mon structure property can\npoint to wrong address, which then leads to segmentation fault in\nsvc_monitor_send_tcp_health_check__() and\nsvc_monitor_send_udp_health_check() on accessing svc_mon->sb_svc_mon.\n\nImagine situation:\n\nMain ovn-controller thread:\n1. Connects to SB and fills IDL with DB contents.\n2. run pinctrl_run() with pinctrl mutex and sync_svc_monitors() as a part\n   of it.\n3. Release mutex.\n\n...\n4. Loss of OVNSB connection for any reason (network outage/inactivity probe\n   timeout/etc), start new main-loop iteration, re-initialize IDL in\n   ovsdb_idl_run() (which probably will destroy previous IDL objects).\n...\n\npinctrl thread:\n5. Awake from poll_block().\n... run new iteration in its main loop ...\n6. Acquire mutex lock.\n7. Run svc_monitors_run(), run svc_monitor_send_tcp_health_check__() or\n   svc_monitor_send_udp_health_check(), which try to access IDL objects\n   with outdated pointers.\n\n8. Segmentation fault:\n\nStack trace of thread 212406:\n   __GI_strlen (libc.so.6)\n   inet_pton (libc.so.6)\n   ip_parse (ovn-controller)\n   svc_monitor_send_tcp_health_check__.part.37 (ovn-controller)\n   svc_monitor_send_health_check (ovn-controller)\n   pinctrl_handler (ovn-controller)\n   ovsthread_wrapper (ovn-controller)\n   start_thread (libpthread.so.0)\n   __clone (libc.so.6)\n\nThis patch removes unsafe access to IDL objects from pinctrl thread.\nNew svc_monitor structure members are used to store needed data.\n\nReported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2024-April/413198.html\nCC: Numan Siddique <numans@ovn.org>\nAcked-by: Ales Musil <amusil@redhat.com>\nFixes: 8be01f4a5329 (\"Send service monitor health checks\")\nSigned-off-by: Vladislav Odintsov <odivlad@gmail.com>\nSigned-off-by: Numan Siddique <numans@ovn.org>\n(cherry picked from commit a0a5dd8ce56fe74e9fa00992bca3cec42c5097fa)","shortMessageHtmlLink":"controller: Store src_mac, src_ip in svc_monitor struct."}},{"before":"24e0e2dc3bcac752480c958afd0d23420be3b5d4","after":"d20498c4ef621934f0fb3a416c032313f29c6688","ref":"refs/heads/branch-23.09","pushedAt":"2024-06-14T01:58:35.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"numansiddique","name":null,"path":"/numansiddique","primaryAvatarUrl":"https://github.com/avatars/u/6571859?s=80&v=4"},"commit":{"message":"controller: Store src_mac, src_ip in svc_monitor struct.\n\nThese structure members are read in pinctrl_handler() in a separare thread.\nThis is unsafe: when IDL is re-connected or some IDL objects are freed\nafter svc_monitors list with svc_monitor structures, which point to\nsbrec_service_monitor is initialized, sb_svc_mon structure property can\npoint to wrong address, which then leads to segmentation fault in\nsvc_monitor_send_tcp_health_check__() and\nsvc_monitor_send_udp_health_check() on accessing svc_mon->sb_svc_mon.\n\nImagine situation:\n\nMain ovn-controller thread:\n1. Connects to SB and fills IDL with DB contents.\n2. run pinctrl_run() with pinctrl mutex and sync_svc_monitors() as a part\n   of it.\n3. Release mutex.\n\n...\n4. Loss of OVNSB connection for any reason (network outage/inactivity probe\n   timeout/etc), start new main-loop iteration, re-initialize IDL in\n   ovsdb_idl_run() (which probably will destroy previous IDL objects).\n...\n\npinctrl thread:\n5. Awake from poll_block().\n... run new iteration in its main loop ...\n6. Acquire mutex lock.\n7. Run svc_monitors_run(), run svc_monitor_send_tcp_health_check__() or\n   svc_monitor_send_udp_health_check(), which try to access IDL objects\n   with outdated pointers.\n\n8. Segmentation fault:\n\nStack trace of thread 212406:\n   __GI_strlen (libc.so.6)\n   inet_pton (libc.so.6)\n   ip_parse (ovn-controller)\n   svc_monitor_send_tcp_health_check__.part.37 (ovn-controller)\n   svc_monitor_send_health_check (ovn-controller)\n   pinctrl_handler (ovn-controller)\n   ovsthread_wrapper (ovn-controller)\n   start_thread (libpthread.so.0)\n   __clone (libc.so.6)\n\nThis patch removes unsafe access to IDL objects from pinctrl thread.\nNew svc_monitor structure members are used to store needed data.\n\nReported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2024-April/413198.html\nCC: Numan Siddique <numans@ovn.org>\nAcked-by: Ales Musil <amusil@redhat.com>\nFixes: 8be01f4a5329 (\"Send service monitor health checks\")\nSigned-off-by: Vladislav Odintsov <odivlad@gmail.com>\nSigned-off-by: Numan Siddique <numans@ovn.org>\n(cherry picked from commit a0a5dd8ce56fe74e9fa00992bca3cec42c5097fa)","shortMessageHtmlLink":"controller: Store src_mac, src_ip in svc_monitor struct."}},{"before":"1c4cdc654f4a2ee9bbb41efc341a72eab2be16fb","after":"9e9bd2ba53786853c1aeb3fc86233838e99f99ab","ref":"refs/heads/branch-23.06","pushedAt":"2024-06-14T01:58:23.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"numansiddique","name":null,"path":"/numansiddique","primaryAvatarUrl":"https://github.com/avatars/u/6571859?s=80&v=4"},"commit":{"message":"controller: Store src_mac, src_ip in svc_monitor struct.\n\nThese structure members are read in pinctrl_handler() in a separare thread.\nThis is unsafe: when IDL is re-connected or some IDL objects are freed\nafter svc_monitors list with svc_monitor structures, which point to\nsbrec_service_monitor is initialized, sb_svc_mon structure property can\npoint to wrong address, which then leads to segmentation fault in\nsvc_monitor_send_tcp_health_check__() and\nsvc_monitor_send_udp_health_check() on accessing svc_mon->sb_svc_mon.\n\nImagine situation:\n\nMain ovn-controller thread:\n1. Connects to SB and fills IDL with DB contents.\n2. run pinctrl_run() with pinctrl mutex and sync_svc_monitors() as a part\n   of it.\n3. Release mutex.\n\n...\n4. Loss of OVNSB connection for any reason (network outage/inactivity probe\n   timeout/etc), start new main-loop iteration, re-initialize IDL in\n   ovsdb_idl_run() (which probably will destroy previous IDL objects).\n...\n\npinctrl thread:\n5. Awake from poll_block().\n... run new iteration in its main loop ...\n6. Acquire mutex lock.\n7. Run svc_monitors_run(), run svc_monitor_send_tcp_health_check__() or\n   svc_monitor_send_udp_health_check(), which try to access IDL objects\n   with outdated pointers.\n\n8. Segmentation fault:\n\nStack trace of thread 212406:\n   __GI_strlen (libc.so.6)\n   inet_pton (libc.so.6)\n   ip_parse (ovn-controller)\n   svc_monitor_send_tcp_health_check__.part.37 (ovn-controller)\n   svc_monitor_send_health_check (ovn-controller)\n   pinctrl_handler (ovn-controller)\n   ovsthread_wrapper (ovn-controller)\n   start_thread (libpthread.so.0)\n   __clone (libc.so.6)\n\nThis patch removes unsafe access to IDL objects from pinctrl thread.\nNew svc_monitor structure members are used to store needed data.\n\nReported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2024-April/413198.html\nCC: Numan Siddique <numans@ovn.org>\nAcked-by: Ales Musil <amusil@redhat.com>\nFixes: 8be01f4a5329 (\"Send service monitor health checks\")\nSigned-off-by: Vladislav Odintsov <odivlad@gmail.com>\nSigned-off-by: Numan Siddique <numans@ovn.org>\n(cherry picked from commit a0a5dd8ce56fe74e9fa00992bca3cec42c5097fa)","shortMessageHtmlLink":"controller: Store src_mac, src_ip in svc_monitor struct."}},{"before":"7b4395969465ffc3bd4b38e6a9796ad38984877d","after":"a0a5dd8ce56fe74e9fa00992bca3cec42c5097fa","ref":"refs/heads/main","pushedAt":"2024-06-12T14:21:09.000Z","pushType":"push","commitsCount":13,"pusher":{"login":"numansiddique","name":null,"path":"/numansiddique","primaryAvatarUrl":"https://github.com/avatars/u/6571859?s=80&v=4"},"commit":{"message":"controller: Store src_mac, src_ip in svc_monitor struct.\n\nThese structure members are read in pinctrl_handler() in a separare thread.\nThis is unsafe: when IDL is re-connected or some IDL objects are freed\nafter svc_monitors list with svc_monitor structures, which point to\nsbrec_service_monitor is initialized, sb_svc_mon structure property can\npoint to wrong address, which then leads to segmentation fault in\nsvc_monitor_send_tcp_health_check__() and\nsvc_monitor_send_udp_health_check() on accessing svc_mon->sb_svc_mon.\n\nImagine situation:\n\nMain ovn-controller thread:\n1. Connects to SB and fills IDL with DB contents.\n2. run pinctrl_run() with pinctrl mutex and sync_svc_monitors() as a part\n   of it.\n3. Release mutex.\n\n...\n4. Loss of OVNSB connection for any reason (network outage/inactivity probe\n   timeout/etc), start new main-loop iteration, re-initialize IDL in\n   ovsdb_idl_run() (which probably will destroy previous IDL objects).\n...\n\npinctrl thread:\n5. Awake from poll_block().\n... run new iteration in its main loop ...\n6. Acquire mutex lock.\n7. Run svc_monitors_run(), run svc_monitor_send_tcp_health_check__() or\n   svc_monitor_send_udp_health_check(), which try to access IDL objects\n   with outdated pointers.\n\n8. Segmentation fault:\n\nStack trace of thread 212406:\n   __GI_strlen (libc.so.6)\n   inet_pton (libc.so.6)\n   ip_parse (ovn-controller)\n   svc_monitor_send_tcp_health_check__.part.37 (ovn-controller)\n   svc_monitor_send_health_check (ovn-controller)\n   pinctrl_handler (ovn-controller)\n   ovsthread_wrapper (ovn-controller)\n   start_thread (libpthread.so.0)\n   __clone (libc.so.6)\n\nThis patch removes unsafe access to IDL objects from pinctrl thread.\nNew svc_monitor structure members are used to store needed data.\n\nReported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2024-April/413198.html\nCC: Numan Siddique <numans@ovn.org>\nAcked-by: Ales Musil <amusil@redhat.com>\nFixes: 8be01f4a5329 (\"Send service monitor health checks\")\nSigned-off-by: Vladislav Odintsov <odivlad@gmail.com>\nSigned-off-by: Numan Siddique <numans@ovn.org>","shortMessageHtmlLink":"controller: Store src_mac, src_ip in svc_monitor struct."}},{"before":"7973b41525d50d1cb86e426136c629622a21a974","after":"1c4cdc654f4a2ee9bbb41efc341a72eab2be16fb","ref":"refs/heads/branch-23.06","pushedAt":"2024-06-11T06:40:52.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"controller: Fix issue with ct_commit encode.\n\nAction length is getting set incorrectly during ct_commit encode\ndue to which ct action is getting skipped  during phsycial flows\ncreation. This issue is noticed only if ct_commit is prefixed\nwith other actions.\n\nlogical flow: reg8[17] = 1; ct_commit { ct_mark.blocked = 1; };\nwithout fix: encodes as set_field:0x2000000000000/0x2000000000000->xreg4\nwith fix: encodes as set_field:0x2000000000000/0x2000000000000->xreg4,ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1/0x1->ct_mark))\n\nSigned-off-by: Naveen Yerramneni <naveen.yerramneni@nutanix.com>\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>\n(cherry picked from commit 7b4395969465ffc3bd4b38e6a9796ad38984877d)","shortMessageHtmlLink":"controller: Fix issue with ct_commit encode."}},{"before":"cf6cd0f579495906ac189b4b054eb5d5276eda20","after":"24e0e2dc3bcac752480c958afd0d23420be3b5d4","ref":"refs/heads/branch-23.09","pushedAt":"2024-06-11T06:40:40.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"controller: Fix issue with ct_commit encode.\n\nAction length is getting set incorrectly during ct_commit encode\ndue to which ct action is getting skipped  during phsycial flows\ncreation. This issue is noticed only if ct_commit is prefixed\nwith other actions.\n\nlogical flow: reg8[17] = 1; ct_commit { ct_mark.blocked = 1; };\nwithout fix: encodes as set_field:0x2000000000000/0x2000000000000->xreg4\nwith fix: encodes as set_field:0x2000000000000/0x2000000000000->xreg4,ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1/0x1->ct_mark))\n\nSigned-off-by: Naveen Yerramneni <naveen.yerramneni@nutanix.com>\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>\n(cherry picked from commit 7b4395969465ffc3bd4b38e6a9796ad38984877d)","shortMessageHtmlLink":"controller: Fix issue with ct_commit encode."}},{"before":"57e8d78f5beeefcd99297ae87c6505fc20f7b45a","after":"a8a4b87e1873e67c4e78ce7857e352059bc2aa5e","ref":"refs/heads/branch-24.03","pushedAt":"2024-06-11T06:40:21.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"controller: Fix issue with ct_commit encode.\n\nAction length is getting set incorrectly during ct_commit encode\ndue to which ct action is getting skipped  during phsycial flows\ncreation. This issue is noticed only if ct_commit is prefixed\nwith other actions.\n\nlogical flow: reg8[17] = 1; ct_commit { ct_mark.blocked = 1; };\nwithout fix: encodes as set_field:0x2000000000000/0x2000000000000->xreg4\nwith fix: encodes as set_field:0x2000000000000/0x2000000000000->xreg4,ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1/0x1->ct_mark))\n\nSigned-off-by: Naveen Yerramneni <naveen.yerramneni@nutanix.com>\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>\n(cherry picked from commit 7b4395969465ffc3bd4b38e6a9796ad38984877d)","shortMessageHtmlLink":"controller: Fix issue with ct_commit encode."}},{"before":"cc4187b4b49e25bc60c94aff493ac22ffe0a418c","after":"7b4395969465ffc3bd4b38e6a9796ad38984877d","ref":"refs/heads/main","pushedAt":"2024-06-11T06:39:47.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"controller: Fix issue with ct_commit encode.\n\nAction length is getting set incorrectly during ct_commit encode\ndue to which ct action is getting skipped  during phsycial flows\ncreation. This issue is noticed only if ct_commit is prefixed\nwith other actions.\n\nlogical flow: reg8[17] = 1; ct_commit { ct_mark.blocked = 1; };\nwithout fix: encodes as set_field:0x2000000000000/0x2000000000000->xreg4\nwith fix: encodes as set_field:0x2000000000000/0x2000000000000->xreg4,ct(commit,zone=NXM_NX_REG13[0..15],exec(set_field:0x1/0x1->ct_mark))\n\nSigned-off-by: Naveen Yerramneni <naveen.yerramneni@nutanix.com>\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>","shortMessageHtmlLink":"controller: Fix issue with ct_commit encode."}},{"before":"ab926ffe1b62a1a2baa67f8af8461ff63df5cc1f","after":"7973b41525d50d1cb86e426136c629622a21a974","ref":"refs/heads/branch-23.06","pushedAt":"2024-06-10T07:49:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"northd: Skip arp-proxy flows if the lsp is a router port.\n\nSkip proxy-arp logical flows for traffic that is entering the logical\nswitch pipeline from a lsp of type router. This patch will avoid\nrecirculating back the traffic entering  by the logical router\npipeline if proxy-arp hasn been configured by the CMS.\n\nReported-at: https://issues.redhat.com/browse/FDP-96\nSigned-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>\nTested-by: Enrique Llorente <ellorent@redhat.com>\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>\n(cherry picked from commit cc4187b4b49e25bc60c94aff493ac22ffe0a418c)","shortMessageHtmlLink":"northd: Skip arp-proxy flows if the lsp is a router port."}},{"before":"76d7a30f6652c9da81c81178ca5eddbf24d81323","after":"cf6cd0f579495906ac189b4b054eb5d5276eda20","ref":"refs/heads/branch-23.09","pushedAt":"2024-06-07T15:23:30.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"northd: Skip arp-proxy flows if the lsp is a router port.\n\nSkip proxy-arp logical flows for traffic that is entering the logical\nswitch pipeline from a lsp of type router. This patch will avoid\nrecirculating back the traffic entering  by the logical router\npipeline if proxy-arp hasn been configured by the CMS.\n\nReported-at: https://issues.redhat.com/browse/FDP-96\nSigned-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>\nTested-by: Enrique Llorente <ellorent@redhat.com>\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>\n(cherry picked from commit cc4187b4b49e25bc60c94aff493ac22ffe0a418c)","shortMessageHtmlLink":"northd: Skip arp-proxy flows if the lsp is a router port."}},{"before":"b1c55c42f8961d88b7a0f9a8b7e6d46a0fcf81c3","after":"57e8d78f5beeefcd99297ae87c6505fc20f7b45a","ref":"refs/heads/branch-24.03","pushedAt":"2024-06-07T15:23:03.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"northd: Skip arp-proxy flows if the lsp is a router port.\n\nSkip proxy-arp logical flows for traffic that is entering the logical\nswitch pipeline from a lsp of type router. This patch will avoid\nrecirculating back the traffic entering  by the logical router\npipeline if proxy-arp hasn been configured by the CMS.\n\nReported-at: https://issues.redhat.com/browse/FDP-96\nSigned-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>\nTested-by: Enrique Llorente <ellorent@redhat.com>\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>\n(cherry picked from commit cc4187b4b49e25bc60c94aff493ac22ffe0a418c)","shortMessageHtmlLink":"northd: Skip arp-proxy flows if the lsp is a router port."}},{"before":"6510ee45f619aeae5765c8ffca373ab693d34bd4","after":"cc4187b4b49e25bc60c94aff493ac22ffe0a418c","ref":"refs/heads/main","pushedAt":"2024-06-07T15:22:27.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dceara","name":"Dumitru Ceara","path":"/dceara","primaryAvatarUrl":"https://github.com/avatars/u/13764712?s=80&v=4"},"commit":{"message":"northd: Skip arp-proxy flows if the lsp is a router port.\n\nSkip proxy-arp logical flows for traffic that is entering the logical\nswitch pipeline from a lsp of type router. This patch will avoid\nrecirculating back the traffic entering  by the logical router\npipeline if proxy-arp hasn been configured by the CMS.\n\nReported-at: https://issues.redhat.com/browse/FDP-96\nSigned-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>\nTested-by: Enrique Llorente <ellorent@redhat.com>\nSigned-off-by: Dumitru Ceara <dceara@redhat.com>","shortMessageHtmlLink":"northd: Skip arp-proxy flows if the lsp is a router port."}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEeAsLBwA","startCursor":null,"endCursor":null}},"title":"Activity · ovn-org/ovn"}