Multiple security group rules with OVS conjunctive match doesn't work

While creating two or more security group rules that points to the same port group the mechanism of updating OVS conjunctive match doesn't work. It deletes flows from previous rules while updating other.

Reproducer:

## neutron security-group-rule-create --protocol tcp --port-range-min 9090 --port-range-max 9092 --remote-group-id 4b8acc1c-0170-48ad-a89b-909d50645842 sg0

stack@secgroup-tests-new-ovs-pg:~$ cat ~/tmp/2 | grep 'conjunction(33'
 cookie=0x0, duration=146.368s, table=44, n_packets=0, n_bytes=0, idle_age=146, priority=2002,ct_state=+new-est+trk,tcp,metadata=0x1,tp_dst=9090 actions=conjunction(33,3/3)
 cookie=0x0, duration=146.368s, table=44, n_packets=0, n_bytes=0, idle_age=146, priority=2002,ct_state=+new-est+trk,tcp,metadata=0x1,tp_dst=9092 actions=conjunction(33,3/3)
 cookie=0x0, duration=146.368s, table=44, n_packets=0, n_bytes=0, idle_age=146, priority=2002,ct_state=+new-est+trk,tcp,metadata=0x1,tp_dst=9091 actions=conjunction(33,3/3)
 cookie=0x0, duration=82802.615s, table=44, n_packets=0, n_bytes=0, idle_age=65534, hard_age=146, priority=2002,ct_state=+new-est+trk,tcp,reg15=0x3,metadata=0x1 actions=conjunction(33,2/3)
 cookie=0x0, duration=82802.615s, table=44, n_packets=0, n_bytes=0, idle_age=65534, hard_age=146, priority=2002,ct_state=+new-est+trk,tcp,reg15=0x4,metadata=0x1 actions=conjunction(33,2/3)
 cookie=0x0, duration=146.368s, table=44, n_packets=0, n_bytes=0, idle_age=146, priority=2002,ct_state=+new-est+trk,tcp,metadata=0x1,nw_src=10.0.0.5 actions=conjunction(33,1/3)
 cookie=0x0, duration=146.368s, table=44, n_packets=0, n_bytes=0, idle_age=146, priority=2002,ct_state=+new-est+trk,tcp,metadata=0x1,nw_src=10.0.0.9 actions=conjunction(33,1/3)

after second rule added:
## neutron security-group-rule-create --protocol tcp --port-range-min 9094 --port-range-max 9095 --remote-group-id 4b8acc1c-0170-48ad-a89b-909d50645842 sg0
stack@secgroup-tests-new-ovs-pg:~$ cat ~/tmp/3 | grep 'conjunction(37'
 cookie=0x0, duration=2.848s, table=44, n_packets=0, n_bytes=0, idle_age=2, priority=2002,ct_state=+new-est+trk,tcp,metadata=0x1,tp_dst=9095 actions=conjunction(37,3/3)
 cookie=0x0, duration=2.848s, table=44, n_packets=0, n_bytes=0, idle_age=2, priority=2002,ct_state=+new-est+trk,tcp,metadata=0x1,tp_dst=9094 actions=conjunction(37,3/3)
 cookie=0x0, duration=82817.882s, table=44, n_packets=0, n_bytes=0, idle_age=65534, hard_age=2, priority=2002,ct_state=+new-est+trk,tcp,reg15=0x3,metadata=0x1 actions=conjunction(37,2/3)
 cookie=0x0, duration=82817.882s, table=44, n_packets=0, n_bytes=0, idle_age=65534, hard_age=2, priority=2002,ct_state=+new-est+trk,tcp,reg15=0x4,metadata=0x1 actions=conjunction(37,2/3)
 cookie=0x0, duration=161.635s, table=44, n_packets=0, n_bytes=0, idle_age=161, hard_age=2, priority=2002,ct_state=+new-est+trk,tcp,metadata=0x1,nw_src=10.0.0.5 actions=conjunction(37,1/3)
 cookie=0x0, duration=161.635s, table=44, n_packets=0, n_bytes=0, idle_age=161, hard_age=2, priority=2002,ct_state=+new-est+trk,tcp,metadata=0x1,nw_src=10.0.0.9 actions=conjunction(37,1/3)

# ^ missing flows for (33,1 and (33,2
stack@secgroup-tests-new-ovs-pg:~$ cat ~/tmp/3 | grep 'conjunction(33'
 cookie=0x0, duration=161.635s, table=44, n_packets=0, n_bytes=0, idle_age=161, priority=2002,ct_state=+new-est+trk,tcp,metadata=0x1,tp_dst=9090 actions=conjunction(33,3/3)
 cookie=0x0, duration=161.635s, table=44, n_packets=0, n_bytes=0, idle_age=161, priority=2002,ct_state=+new-est+trk,tcp,metadata=0x1,tp_dst=9092 actions=conjunction(33,3/3)
 cookie=0x0, duration=161.635s, table=44, n_packets=0, n_bytes=0, idle_age=161, priority=2002,ct_state=+new-est+trk,tcp,metadata=0x1,tp_dst=9091 actions=conjunction(33,3/3)