Language :

VMware ESX 4.0, Patch ESX400-201006201-UG: Updates the VMware ESX 4.0 Core and CIM components (1017721)

 Click here to view full document
Product Documentation
Product VersionsESX 4.0
Also see KB 1012514.
Patch Classification Critical
Host Reboot RequiredYes
Virtual Machine Migration or Shutdown RequiredYes
PRs Fixed422364 479067 429039 516038 504551 455718 451788 497446 496809 481716 482172 478813 425374 474105 457752 474449 505842 421829 475635 455846 448767 475670 494290 475445 490363 485891 500778 512277 552188 509892 511174 489354 490318 482616 495397 505222 468183 522529 533532 530815 462110 393056 500082 502904 514702 517176 532808 541677 513434 473032 521848 510875 512421 488535 492964
Affected HardwareSGI InfiniteStorage 4000, SGI InfiniteStorage 4100, SGI InfiniteStorage 4600, VMXNET3 NIC
Affected Softwareesxtop and resxtop, Snapshot Manager, wsman, Small-Footprint CIM Broker daemon, LSI storelib library, vmkiscsi-tool utility, VMW_SATP_ALUA plug-ins, SVGA driver, VMware Tools, Microsoft SQL Server, Network Driver Interface Specification
VIBs Includedvmware-esx-apps
Related CVE numbersN/A

Summaries and Symptoms

Issues fixed in this patch (and their relevant symptoms, if applicable) include:

  • This bulletin updates the Core and CIM components of VMware ESX 4.0 to improve host stability, and may provide minor enhancements to functionality.
  • The suppression of Internet Group Management Protocol (IGMPv1 or IGMPv2) membership reports can result in the virtual machines dropping off the multicast group. This dropping of virtual machines occurs when the NIC teaming policy is set to Load Balancing Policy Source Port: Id or Source MAC Address.
  • vSphere 4.0 U2 includes an enhancement of the performance monitoring utilities, esxtop and resxtop. The esxtop/resxtop utilities now provide visibility into the performance of NFS datastores in that they display the following statistics for NFS datastores: Reads/s, writes/s, MBreads/s, MBwrtn/s, cmds/s, GAVG/s(guest latency).
  • When using the Delete All option in Snapshot Manager, the snapshot farthest from the base disk is committed to its parent, causing that parent snapshot to grow. When the commit is complete, that snapshot is removed and the process starts over on the newly updated snapshot to its parent. This continues until every snapshot has been committed.

    This method can be relatively slow since data farthest from the base disk might be copied several times. More importantly, this method can aggressively use disk space if the snapshots are large, which is especially problematic if a limited amount of space is available on the datastore. The space issue is troublesome in that you might choose to delete snapshots explicitly to free up storage.

    This issue is resolved in this release in that the order of snapshot consolidation has been modified to start with the snapshot closest to the base disk instead of farthest. The end result is that copying data repeatedly is avoided.
  • The vDS state and the proxy switch are saved in separate files and are processed independently. When vDS is created, the same maxPorts setting is used for both. However, when you change the maxPorts setting, only the proxy switch configuration is updated. Because vDS continues to use the old maxPorts value, it reports an error when adding the new port because the total number of the proxy ports is greater than the old maxPorts value.
  • To conform with the DMTF Profile Registration DSP1033 standard, Base Server is changed from Antecedent role to Dependent role in OMC_ReferencedBaseServerProfile class.
  • In previous releases, wsman indication subscription is not persistent after a system reboot. In this release, wsman indication subscription remains persistent after the system reboot.
  • In previous ESX 4.0 releases, Small-Footprint CIM Broker daemon (sfcbd) trace is not enabled.
    This issue is resolved in this release. The sfcbd trace is enabled by default in ESX 4.0 Update 2 and later releases.
  • In this release, to describe the power supply Health Status in the Health Status tab of the vSphere Client, the failure detected phrase is replaced with the failure status phrase.
  • In this release, LSI storelib library is updated and the two following issues are resolved:
    • VMware_HHRCAlertIndication classes are not getting generated after rebooting ESX hosts.
    • IR card storelib indication displays incorrect timestamp settings.
  • If a USB device is plugged out and plugged back in into the same USB port of an ESX system, a virtual machine might fail to detect the re-plugged in USB device.
  • The vmkiscsi-tool utility reads and displays all the attributes of the target except for the log-in status data. However, troubleshooting without log-in status data can be complex and cumbersome.
  • The esxtop and resxtop utilities do not display various logical cpu power state statistics This issue is resolved in this release. A new Power screen is accessible with the esxtop utility (supported on ESX) and resxtop utility (supported on ESX and ESXi) that displays logical cpu statistics. To switch to the Power screen, press y at the esxtop or resxtop screens.
  • Fixes an issue where VMW_SATP_ALUA plug-ins cannot control IBM RAID SAS Switch Module (RSSM) devices with Target Port Group Support (TPGS) capability, VMW_SATP_DEFAULT_AA plug-ins are able to take this control. Now Storage Array Type Plug-in (SATP) rules exist that allow VMW_SATP_ALUA plug-ins to own RSSM devices with TPGS capability and VMW_SATP_DEFAULT_AA plug-ins to own RSSM devices without TPGS capabiity.
  • When the speed and duplex settings for a NIC are manually set and the ESX/ESXi host is rebooted, the values set for the speed and duplex settings might not be retained. After reboot, the network adapter might auto-negotiate its speed and duplex settings.
  • Starting with this release, a network setup script is available in the vmware-esx-script rpm that is installed at /usr/sbin/console-setup. This script can be used to configure the ESX network interactively without the need of executing the esxcfg-* commands. With this script you can view the current Vswif configuration information, the current network adapters, the current vSwitch and vDS information, delete a Vswif, and configure the service console network interface.
  • This patch provides support for the following storage arrays from SGI: SGI InfiniteStorage 4000, SGI InfiniteStorage 4100, and SGI InfiniteStorage 4600. These SGI controllers are managed by LSI Storage Array Type Plugin of the VMware Native Multipath Plugin (NMP).
  • Autostart and autostop functionalities break when lockdown mode is enabled in ESXi. However, code changes in ESXi 4.0 U2 prevent this issue from occurring when a vpxuser account exists on the ESXi host. The vpxuser account exists when the host is managed by Virtual Center.
  • An SVGA driver issue might cause the console of RHEL 5.3 virtual machines to display a black screen after the virtual machine is resumed from hibernation mode.
  • Starting with this release, when you install VMware Tools using the custom option, you can deselect ThinPrint to install Vmware Tools without installing the virtual components of ThinPrint.
  • The VIX C API CopyFileFromHostToGuest() and CopyFileFromGuestToHost() functions do not preserve any permission bits when copying a file between the host and guest operating systems. The permissions on the destination file are set to the owner's default values, which typically allow only read and write by the owner. For example, if the execute bit is set for the file owner on the Linux host, and you use CopyFileFromHostToGuest() to copy the file to a Linux guest operating system, the copy in the guest operating system has the execute bit cleared.
    This release fixes the issue of not preserving file access permissions when files are copied from Windows or Linux hosts to guest operating systems or from guest operating systems to Windows or Linux hosts.
  • On Windows guest operating systems, VMware Tools does not install Guest SDK DLLs (vmGuestLib.dll and vmGuestLibJava.dll) in the system directories (system32 or SysWOW64). This issue is resolved in this release.
  • Partitions formatted as ext4 might not appear in the Shrink tab of the VMware Tools Properties dialog box. On Linux systems, you display the VMware Tools Properties dialog box with the following command: /usr/bin/vmware-toolbox &. The ext4 file system is the default file system for certain Linux operating systems, such as Ubuntu 9.10.
  • The ring size of the VMXNET3 network interface card is not configurable in Windows guest operating systems. This issue is resolved in this release. Configuration parameters, such as Rx Ring #1 Size, Rx Ring #2 Size, Tx Ring Size, Small Rx Buffers, and Large Rx Buffers are now configurable from Device Manager (a Control Panel dialog box) in Windows guest operating systems.
  • This patch fixes an issue with the vmxnet3 driver where Windows virtual machines might stop responding after they are resumed from the standby mode.
  • Some third-party software programs, such as Microsoft SQL Server, don't share atl71.dll. Therefore, the software doesn't increase the .dll reference count during installation. As part a major VMware Tools upgrade, while uninstalling ATL71, the shared library atl71.dll is removed if its sharing reference count reaches 0. As a result, Microsoft SQL Server functionality might break.
  • If Linux, Solaris, or FreeBSD virtual machines use character encodings that are not supported, such as EUC_JP Japanese, installation of VMware Tools on the virtual machines might fail.
    This release resolves the issue. Starting with this release, VMware Tools can be installed and run using native character encodings on Linux, Solaris, and FreeBSD virtual machines.
  • Network Driver Interface Specification (NDIS) is part of the networking architecture used in Microsoft Windows operating systems. The NDIS transport driver might hold, indefinitely, the buffers received by vmxnet3 drivers, thereby running out of buffers to receive.
  • Includes updated PMBs for Ubuntu 10.04.
  • If a device that is controlled by the roundrobin PSP is configured to use the --iops option, the value set for the --iops option is not retained if the ESX Server is rebooted.
  • Missing return statements in the user world copy utility cause double copying of data to the user world buffer. When return statements are missing after the data is copied to the user world buffer once, a second copy writes data to a VMkernel buffer that does not exist. This might lead to memory corruption or server unresponsiveness.
  • The following assertion, which indicates that a block free operation failed, is logged for this issue: WARNING: J3: 1644: Error freeing journal block (returned 0) <FB 215235>for 4ac5183a-d1b537f3-2627-00237dce6676: Lock was not free
  • Consider a vSwitch that has more than one uplink and has the promiscuous mode enabled. Some of the packets that come in from the uplinks that are not currently used by the promiscuous port, are not discarded. This behavior might mislead some applications, such as the CARP protocol instance.
    This issue is resolved in this release. Starting with this release the Net.ReversePathFwdCheckPromisc configuration option is provided to explicitly discard all the packets coming in from the currently unused uplinks, for the promiscuous port.
    Note: If the value of the Net.ReversePathFwdCheckPromisc configuration option is changed when the ESX instance is running, you need to enable or re-enable the promiscuous mode for the change in the configuration to take effect.
  • When read lengths are not 4-byte aligned, the RPC reply from the ESX host has padding bytes to 4-byte align the message. This incorrectly fills the SG array with padding bytes, and might cause ESX to stop responding when the SG array does not have space for the padding bytes.
  • VMotion fails after a third-party security tool performs a port scan of the ESX/ESXi hosts (KB 1010672)
  • Disks connected using PVSCSI controllers are accessed through both the BIOS and the PVSCSI driver. When you boot a virtual machine from a PVSCSI disk, the BIOS is utilized initially. Under certain conditions, the virtual machine boot process might encounter stale data, resulting in guest operating system misbehavior or an unresponsive guest operating system.
  • HaltingIdleMsecPenalty Parameter: Guidance for Modifying vSphere's Fairness/Throughput Balance (KB 1020233)
  • Invalid pin number in the BIOS descriptions of interrupt routing entries causes undefined ESX/ESXi behavior.
  • The CPU frequency reported by 64-bit Windows 2003 and 64-bit Windows XP guest operating systems when run in a virtual machine might be inaccurate. In the virtual machine, QueryPerformanceCounter might run at a rate that is higher than the frequency reported by QueryPerformanceFrequency.
  • The mouse wheel might not scroll up in FreeBSD virtual machines.
  • A Physical Address Extension (PAE) enabled multiprocessor Windows 2000 virtual machine might stop responding on reboot, or fail randomly.
  • At shutdown, or possibly at other times if certain conditions apply, a vmx process might hang, causing the respective virtual machine to hang.
  • Rebooting the ESX host when Storage vMotion is in progress (approximately 50% complete) might result in vSphere Client displaying two virtual machines with the same name and configuration. However, only one of the virtual machines boots properly.

    Though an aspect of this issue is resolved in this release, be aware that you might still see two virtual machines. Now, ESX prevents you from powering on the wrong virtual machine and issues an error message indicating that you should power on the other virtual machine.
  • When a guest operating system lacks an APIC and the virtual machine configuration file does not disable APIC, the virtual machine might stop responding when it resumes from the S1 sleep state.
  • This issue has been observed after a vMotion migration when a virtual machine has been up for a relatively long time, such as for one hundred days.
  • When a virtual machine with a Linux guest operating system has been running for 30 days or more, rebooting the guest might cause the virtual machine to power off. In such a case, an error message similar to the following is logged in the vmware.log file:

    Jun 10 09:57:40.347: vcpu-0| MONITOR PANIC: vcpu-0:VMM fault: regs=0x2f94, exc=0, eip=0x84c91
  • vDS virtual machine port changes persist the port configuration every five minutes. Since virtual machine port changes are not persisted immediately, virtual machines can lose network connectivity after a failover event if they have been configured to link to a vDS less than five minutes before the failover.
  • A virtual machine fails to respond or power on when its network interface card (NIC) is attached to a port group with a name that exceeds 50 characters. This issue is resolved in this release. Port group names now cannot be changed to a name that exceeds 50 characters. Previously assigned port group names that exceed 50 characters are not accessible by virtual machines.
  • A journal might be aborted in the middle of a truncate or journal restart operation, which might cause a service console panic.
  • If a virtual machine accesses a CD drive that does not have a media, the vmware.log file is overloaded with redundant entries similar to the following:
    VIDE: ATAPI DMA 0x43 Failed: key 0x2, asc 0x3a, ascq 0x0
  • The console of FreeBSD 7.2 virtual machine is scrambled and unusable if VMware Tools is not installed.

Deployment Considerations

None beyond the required patch bundles and reboot information listed in the table above.

Patch Download and Installation

See the VMware vCenter Update Manager Administration Guide for instructions on using Update Manager to download and install patches to automatically update ESX 4.0 hosts.

To update ESX 4.0 hosts when not using Update Manager, download the patch zip file from and install the bulletin using esxupdate from the command line of the host. For more information, see the ESX 4 Patch Management Guide.

2/1/2010 8:00 AM
Data Conversion
Data Conversion