09/23/87 as Known errors in the current release of as. # Associated TR's Description 559 phx20928 If a daemon attempts to send a large amount of data such as a multi-segment file to the message coordinator message segment, the daemon process and subsequently the initializer process get terminated via an any_other handler invoked due to a out_of_bounds condition when the message segment gets filled up. 557 phx17133 Absentee qres values need to be recomputed whenever abs_maxu changes. When "abs maxu auto" has been specified, abs_maxu can change whenever attempting to schedule a new job. load_ctl_'s set_abs_maxu procedure should be changes to recompute abs qres values for each queue. 553 phx14788 A negative dollar amount is computed when a user runs up a large number of vcpu time. 552 phx18230 If new_user is called to change an attribute which does not effect the mail_table_, mail_table_priv_ is still called to look for mail table entry. This can cause problems if the administrator does not have proper access to mail_table_priv_ as may be the case where a site has designated administrators for different areas of the system. There are some user attributes which do not effect the mail_table_. 551 phx14789 Output of system_monthly_report shows an inconsistancy in the number of crashes that is reported. 550 phx18792 "write_user_usage_report" calculates the "-to" date incorrectly in some cases. 544 On a successful dialin to an anonymous dial server the AS message doesn't have the asterisk on the dial server name. It reads "ignored.Sectest_4.TestProj" instead of "*ignored.Sectest_4.TestProj". 543 The lg_ctl_ msg "raised initial ring for TestProj.TestProj..." for anonymous users does not include the * in front of TestProj. Also for lowering rings. 542 When the tries field of the installation parameters is set to 3, the lg_ctl_ message "too many bad passwords..." is appearing in the log after every other bad password instead of after every third one. 541 The user message facility will allow a user to retrieve a message destined for a lower ring if the user knows the message ID. In fact, the only access checks being done are AIM checks. The user_message_$read_message entrypoint did not correctly perform access checks when the user specified a message via its message id. Also, various security attributes about the message were not correctly returned to the user. Finally, the ability to delete-on-read did not correctly function for messages specified by message id. 540 Due to the remnants of the PL/I compiler's padded reference bug, dial_ctl_ was unable to reliably use the required_access_class information for STY channels. 539 When a user attempts to priv_attach a channel, the answering service compares channel access class information in the CDT with the user's process authorization. However, it takes no steps to guarantee that the information in the CDT is up-to-date, and indeed, in many situations this information will not be correct. The erroneous assumptions can cause channels to be attached when AIM restrictions should prevent it, as well as situations where channels will be denied attachment when AIM should permit the attachment. The priv_attach request does not perform a get_required_access_class control order before attaching the channel. 538 With the rings in the PDT at 4,6,6 and the rings in the SAT at 4,5, an attempt to log in at the default ring is denied with an audit message saying that the ring was lowered from 6 to 5. It should have been granted at the lowered ring. 537 When a slave-service channel hangs up, its current_access_class_valid flag is not reset. This prevents processes from attaching it at any access class other than the access class it was first attached at. 536 The Answering Service allows a login when the user's access on the channel ACS is incomplete (e.g. R_ACCESS or W_ACCESS). It should check for RW effective access to the ACS. 535 The Answering Service com_channel_info request does not audit when it denies a request. 534 The Answering Service process_termination_monitor request does not audit when it denies a request. 533 The Answering Service note_pnt_change request returns a zero status code even when it denies the request (though the deny is correctly logged). 532 The Answering Service daemon_command request returns a zero error code even when it denies the request (though the DENY is correctly logged). 531 The terminate_dial_out request, unlike the others (including the release_channel request) does not check for the dialok atttribute. It also does not send a "contrl" message. All dial_ctl_ requests are supposed to send acknowlegement "contrl" IPC messages. The dial_out request checks to see if the channel is in use before checking the service type of the channel, producing an incorrect error message for login service channels. 530 The access check made for communications channels is supposed to require RW access to the ACS segment in >sc1>rcp. It currently allows access to the channel if the user has any non-null access to the ACS segment. The fix is to require RW access. 529 The variable which holds the textual added info in the communications channel audit messages is too short to include the entire error message. The fix is to increase this character string variable from 100 characters to 256. 528 The module which performs access auditing in the answering service, as_access_audit_, fails to correctly set the grant flag in the binary audit header logged in the answering service log. Although the GRANTED/DENIED messages are correct in the messages, the binary flag is inconsistent with this message -- automated tools therefore fail to pick up the DENIED-type messages. The functional tests fail as a result. 527 In MR11, when a communications channel hangs up, a LOGOUT message is audited if the channel underwent a Identification and Authentication (I&A), that is, if a userid/password was supplied during preaccess (login, dial, slave) time. Due to the use of a common entry in dial_ctl_ and the way autocall (dial_out) channels are terminated, the system attempts to audit a LOGOUT message for all autocall channels, as well as slave/dial channels. The resulting message looks something like: LOGOUT . int a.h000 (hangup) since there is no userid/projectid associated with the autocall channel. The fix is to have dial_ctl_$dial_term distinguish between autocall and slave/dial channels. 526 The PNT software does not follow the normal access model due to details of its internals and the fact that it depends on MSF software. Certain error codes are not as might be expected, and some operations behave in non-obvious ways. No actual security holes are believed to exist, however. 525 No message of the form "Your authorization is ..." is displayed when you reconnect to a process which is not at system_low. Move "Your process authorization is..." message from act_ctl_ to dialup_. 524 Messages placed in the AS user message message segment by the Initializer process have null process ids. 523 Due to the incorrect setting of a variable in the AS user message database header, certain entries in this database can become inaccessible when other entries are deleted. 522 Due to the new kernelized message segment software changes, some security critical process idenfication information is not stored correctly in the "user message" database, implemented as a message segment. Because of this, those who retrieve the messages from the database get garbage in the secure sender information. This facility is only used by the get_com_channel_info_ subroutine in MR11 and therefore has no serious side effects. The fix however involves filling in more information in the call to mseg_ which specifies the access properties of the calling process. 521 When a user new_proc's to a different AIM level the "DESTROY" audit message claims that the old process authorization was the destination level. 520 phx19955 The initializer command "abs bump absX" leaves the request in the queue as "running". It should update the request to be "bumped". (See AS 31.) 516 phx18591 If the "-destroy" and "-hold" control arguments are used on the login command line, the process is destroyed but the line is not held. If, however, the "destroy -hold" request is used at the disconnected process prompt, the line is held correctly. 515 phx19596 The module syserr_log_man_ needs a record_quota_overflow handler around the code which acutally copies the syserr_log. Currently, if it gets a record_quota_overflow condition, it causes an asdump. It should print a message on the bootload console instead. 514 phx19595 The module sc_process_command_line_ needs an io_error condition handler so that if the communications channel on which a command has been entered hangs up, the request line can be aborted. Currently, an asdump results. 513 phx19594 The is_legal_proj active function should allow it's being invoked as a command. If it is invoked as a command, an absurd error message about wrong number of arguments is displayed. At the very least it should diagnose it's invocation as a command and print an error message. 512 phx19586 The substty command is broken in MR11. It no longer allows one to redirect MC messages from the bootload console to another MC terminal. This is due to a coding error which causes an attempt to reference through an invalid cdte pointer. 511 phx19584 The module mc_tty_ fails to set the version number in the terminal_info structure prior to issuing the terminal_info control order. This will cause this call to always fail resulting in this code's loopoing. 509 phx19585 The subroutine get_com_channel_info_ returns an unimformative error message when an attempt is made to get info on a channel not attached to the calling process. It would appear that the AS does no auditing of attempts to get info on channels not attached to the calling process as a second issue. 508 phx19583 Slave channels which have been accepted and then dropped hang up permanently, rather than receiving a new login banner. Note that this refers to using the "accept" and "drop" operator commands. 507 phx19570 The operator command "bump UserA" results in the error message: bump: error: is not a valid Person.Project This is because of a coding error in the internal procedure get_pers_proj of admin_. The bump command, as well as all its brothers and sisters, need to be completely rewritten. admin_ is a mess. 506 phx19557 The program pnt_fs_util_$create, called by create_pnt, enables the keep_meters flag in the MSTB header. It shouldn't, since not all processes which have R access to the PNT also have RW access. 504 phx19468 reset_proj may leave PDT entries locked, lacks a cleanup handler, has a myriad of other problems and should be rewritten. 503 phx19474 If you attempt to connect to a process with a higher authorization when a lower one was specified on the login command line, get refused, and then attempt to specify the higher authorization on the login command line, the login is rejected due to a sticky single class access class not being reset to the login channel access class range. 502 phx19459 When new_user prompts for the Notes field in a change request, a null response wipes out the old values of the Notes field rather than leaving it alone. This is inconsistent with the normal meaning of a null response. 501 phx19377 If a load_mpx fails because the channel id in the prph card is incorrect, subsequent load_mpx and stop_mpx requests result in seg_fault_errors. 500 phx19434 When logging in with disconnected processes and using the "list" preaccess requests, all disconnected processes are displayed, even those which AIM prevents the user from connecting to. Further, if you specify "-ring" on the login command line, and you have disconnected processes, the "list" command will display all processes and allow you to connect to one of them even if the default ring for that process is different from the one you specified on the login line. The list command gives no indication of the default ring for the process. 497 phx19301 The "-all" control argument to the "install" command is very confusing. Things would be greatly simplified if it were removed entirely. 495 phx19388 When changing time zones, as in from EST to EDT, the b_and_w program indicates that during the gap, the system was down. 493 phx19385 If the intercom command is sent via a send_admin_command, a null pointer fault results since there is no mc_ate in this case. 492 phx19389 When ad administrator changes a passwords, the date/time password changed field is not updated in the PNT. This may cause the first attempted login to fail with a "password expired" message if the relevant password expiration installation parameter is enabled. 491 phx19391 If you type "l my_name -cdp" when attempting to log in, dialup_ responds with "login: syntax is" without providing any further information. 490 phx19383 The entry dialup_$reintroduce may provide a code path whereby an attempt is made to use utep before it is initialized. This will cause a fault and an answering service dump. 487 phx19300 write_user_usage_report does not display the grand summary report for device charges. 486 phx19298 Specifying an illegal subsystem name on the login command line will provoke a situation where the process cannot be fully created, but at the same time cannot be destroyed. This uses up an APTE slot for the duration of the bootload. 485 phx19303 phx19308 The initializer "disconnect" command does not work consistently. Some times it does not work at all. Sometimes there are error messages, other times none. This command should work either by userid or by channel id just as the other commands work. 484 phx19241 The install command should be able to diagnose the specification of unauthorized flags and values when PDTs are installed. Specifically, if the PDT-to-be-installed specifies the "vinitproc" attribute, and this attribute is not authorized for the project, the install atttempt should at least send a warning message to the installer. There may be other bad values/attributes which whould be detected as well. 483 phx19302 The audit messages associated with communications channels and dialids include "DENIED" even when the reason for the failure has nothing to do with security. There should be a differentiation between errors not having to do with access checking and access control errors. 479 phx19261 There are several cases where dialup_ logs "ignored alarm___" messages in the AS log. These are caused by bugs in this program. These should be fixed. Additionally, if these cannot all be fixed, at least these log messages should not cause a console alarm. 478 phx19252 write_billing_summary handles a blank requisition field incompatibly with the other billing commands. 477 phx19249 The admin.ec "x repair" entry will fault and cause an AS dump if an invalid directory is specified. 474 phx19234 Master directories which reside subordinate to directories without terminal quota are not charged for. 472 phx19222 The program reset_use_totals assigns rate structure numbers based on the first project encountered in the control file for that bin. If the project has been deleted, or is not in the sat, then the default rate structure number is used without any warning. It should use the rate structure of the first valid (non-deleted) project in the control file for the bin and should indicate if and when it uses the default value. 471 phx19221 While the program usage_total records misc charges in the use_totals database, it does not include these charges in the dollar charge figure. 469 phx19213 The send_daemon_command command, with the "quit" keyword will print the error message "process lacks permission to alter device status" if the process to which the quit is directed has not enabled quits. This is a non-informative error message. In fact, the message coordinator interface to the quit command returns the same error code; this should be changed as well. 467 phx19198 absentee_user_manager_ can leave the answer table locked if it gets a non-zero error code from the call to cpg_$cpg_abs. 466 phx18908 The MSF directory of the PNT should have ring brackets of 1,5 rather than 1,1. 465 phx18546 The ed_mgt "v" request should not allow more than one project to have "max_prim" set to -1. up_mgt_ should never install such an MGT. 464 phx17292 The list_output_request command seems to behave inconsistently when the "-position" control argument is used and one lacks "r" access to the queues. Sometimes it reports incorrect access, sometimes it doesn't. In any case, it reports that there are no requests in the queue, even if this is not true. See TR. 463 phx18988 If a user issues the "new_proc" request for a disconnected process, and that process is already in the process of logging out (due to inactivity or fatal error) the user receives the logout message rather than just being given a new process (i.e. like the result of a "create"). 462 phx18962 For a "login Userid -cpw" login, if the user inadvertently types his proposed new password to the "Password:" prompt and types it again for the "Password again:" prompt, the answering service gives the error indicating that the two passwords were the same instead of one indicating "pasword incorrect." 461 phx18958 Specifying "create -ns" in the login connect loop does not prevent the start_up.ec from being executed in the new process. 459 phx18907 phx18997 The extended entry support for PNTs should include get_user_access_modes support. 458 phx18874 The value of project.n_users gets out of sync when process creation fails causing spurious error messages for subsequent logins. 456 phx18845 The cv_cmf command is not particulary friendly if a typo is made in specification of minor devices. See TR for details. 453 phx18768 The cancel_abs_request command sometimes reports the wrong user-name when indicating what request is cancelled. This only occurs, of course, if the "-user" control argument is used. 452 phx18719 The print_pnt command (new_user) should check access to pnt_admin_gate_ before attempting to call it rather than bombing out with a linkage_error. 449 phx18492 The cv_cmf command should not allow the specification of 300 baud bisync channels since the hardware doesn't. Also, the cdt table installation software should reject this as well. 447 phx18249 The cv_cmf command allows the specification of illegal channel numbers (like a.h232) in the CMF to be converted. 445 phx17703 The move_(abs daemon output imft retrieval)_request commands should not, without explicit action, change the project of the request. 440 phx16963 The "-position" control argument to the list_abs_requests (and friends) affects which entries will be displayed. See the TR for further details. 439 phx16887 When the answering service grabs a terminal back from the user after a fatal process error, it should do something about getting the terminal's modes into a better state. When the terminal becomes connected to the new process, it can be in a strage state and the user may not know what to do to get it into a useable state again. 436 phx16308 The login command line "login Personid -cpw -cdp" provokes a syntax error. There is nothing wrong with this command line. (Yes, there is. -cdp requires a project. The error message sucks, though.) 435 phx16126 The list_(abs output retrieval daemon imft)_requests commands should be more intellignet when supplied with multiple "-user" control arguments. 431 phx15571 It should be possible to delete an FNP from the CDT by reinstalling a CDT with the FNP deleted. Currently, it just leaves the FNP in the CDT with 0 configured subchannels. 428 phx15276 Control arguments, such as "-long" and "-brief" should positionally overide previous control arguments rather than being declared incompatible in the list_output_requests, list_abs_requests, list_daemon_requests, etc. commands. 412 phx18528 ms_table_mgr_ needs an entrypoint which will return a list of all entries which match a given string case-insensitively. This will allow a solution for this TR to be implemented. 409 phx19058 The list_as_request program needs a "-admin" control argument to display all user's requests, and its default action should be changed to display only the calling user's requests. 407 phx19057 The as_request.ms messages segment should have "r" access set for SysAdmin and SysMaint each time it is recreated (i.e. each time the answering service is initialized). 406 phx19102 Answerbacks should not be allowed to contain control characters. ttt_info_, which already does some editing of the answerback (terminal id), should be changed to disallow various control characters. Otherwise, the terminal ids ruin output displays of the "as_who" command, and the initializer "who" command. 405 phx19032 The cv_pmf command should provide a warning when an attempt is made to give the save_on_disconnect or disconnect_ok attributes to anonymous users since these flags are not honored for anonymous users. 403 phx19014 When a process disconnects (with save_on_disconnect enabled) two LOGOUT audit messages will be logged. One is logged at disconnect time, and the other at inactivity bump time. This is confusing. Further, the CPU-time/Charges figures do not appear consistent. 401 phx18882 phx20928 Attempting to perform a large amount of output on a message coordinator terminal can cause the terminal to hang up and the bootload console to be flooded with errors indicating the OOSB on mc.message. In MR11.0 systems, it can crash the system. 399 phx18693 If requested to operate on a volume that lacks the PD flag, vacate_pdir_volume should query the operate to continue, not simply refuse the request. 398 phx18694 The vacate_pdir_volume command, with the long option, is very verbose and noisy (beeps the console). 397 phx18546 The answering service install function screws up when installing an MGT in which a max_prim value changes from -1 to some other value. 396 phx18323 When notifying a non system_low user that an "inactivity bump" has been cancelled, the answering service causes an error message "dialup_: Insufficient access to return any information..." to be logged. While I haven't been able to reproduce this problem due to inactivity bump times being inordinately long on CISL-SERVICE, I suspect that this problem exists due to a similar problem already confirmed in error list entry 395. I have confirmed that the notifications are being sent in the error list entry 395 case, so I suspect that they are being sent in this case as well. This problem seems only to happen when the project directory, and therefore the home directory containing the user's mailbox is non system_low. 395 phx18322 When an non system_low process submits an absentee job, attempts by the absentee facility to notify the submitting process of events (because of the "-notify" enter_absentee_request option, or because of some error) result in the message "absentee_user_manager_: Insufficient access to return any information. Unable to notify Person.Project of absentee event". The notification, however, is delivered to the submitting process. Only the error message logged is invalid. This problem only occurs if the project directory itself is non system_low, and hence the home directory is non system_low. 394 phx18406 Since record_quota_overflows are explicitly enabled in as_init_, the any_other handler in this module should be capable of handling a record_quota_overflow condition and printing an appropriate message which describes the directory which took the rqo. It currently doesn't special case the rqo condition and therefore just prints the condition name in the error message displayed on the console. Not very helpful in diagnosing the problem. 393 phx18245 On some terminals, the printer_off sequence only applies to the current line rather than until a printer_on sequence is sent. Because of this, the password masking scheme used in dialup_ does not work on these terminals since it sends a printer_off control order, prints a NL, and then prompts for the password. 390 phx18201 The print_log command, when used with the "-nhe" control argument, prints a trailer (blank line). Since headers are inhibited, the trailer should probably be as well. 386 phx17860 The amount of time that a line is "dialed" to a process (rather than a user being logged in over that line to the process) is not added to the dialed up time in the cdt. 385 phx17085 The Initializer warn function causes the user's terminal to double echo afterwards, when the user was running video or emacs. A better interface between blast and terminals and modes is needed. 381 phx17157 Certain faults occuring within absentee_user_manager_, prior to the setting of ute.uprojp, cause the Initializer to enter an infinite fault loop in its cleanup procedure. 379 phx11773 When the as hangs up a line, it should clear the pending terminal buffers after printing "hangup". This helps avoid strange things such as replaying pending input lines (such as passwords). 378 phx17361 sweep does not correctly account/un-account master directory quota when walking down a sub-hierarchy. 375 phx15593 A damaged pdt in >sc1>pdt will stop AS initialization in its tracks. 374 phx17081 >sc1>stat_seg should contain a lock to avoid conflicts between copy_as_meters and as_meter_. 372 phx15774 The sweep command could help performance a lot by force deactivating directories it no longer needs. 369 phx16754 If a user is in the process of reconnecting during a shift change, the work class recomputation may conclude that the mgt is clobered due to examining a partially initialized ute. 365 phx15956 If no start_up.ec can be found when starting a process, either the process_overseer_ should so state or make the initial command line null, instead of making the initial command line "exec_com" which then gets an error. 361 phx15212 It is not possible to have daemons who do not have access to system_privilege_ logged in at higher than system_low. This is because the higher authorization process cannot write into >sc1>mc.message. 360 phx14301 Absentee jobs that are set into a different load control group than their user is in interactively (via the MGT parameters that treat absentee jobs specially) are counted against the load control limits of their ORIGINAL group, instead of the group that they are shifted into. 358 phx16925 Answering service logging hardly ever logs the involved channel in messages involving users. Int the days of mostly hardwired terminals, this was OK. Nowadays, just logging terminal type and answerback is useless. Channel names have to be added to the lg_ctl_messages. 356 phx16914 The message coordinator has no smarts with respect to over-filling Q's. If an output Q's fills due to a termina that is dead, but cannot (due to lack of a DTR wire) hang up, the AS will hang on it. If a Q gets too deep the output should go someplace else. 354 phx16706 load_ctl_status has an ioa_ typo. See the TR for details. 353 phx16906 The post-crash PDT cleaner-upper seems to leave some reconnection-oriented fields silly. See the TR for an example. This analysis is incomplete. 352 phx16517 abs suspend/release destroys the CPU monitor corresponding to the max vcpu specified for the job. 350 phx15243 as_meter_ uses a bogus declaration of config_deck and consiquintiquentially only sees 64 cards. 348 phx15302 LINE_TELNET dim type should be invalidated. 345 phx14257 a fatal-process-error after a new_proc connect request causes logout. 335 phx14031 move_(daemon absentee output)_request may cause a request to change projects without notifying the user. 331 phx13891 syserr_log_man_ should produce more informative asdumps. 330 phx13676 a command_query_ will blast out of admin mode. 329 phx13617 ed_installation_parms does not show fractions of cents when displaying rates. 321 phx13620 usage_and_revenue does not support quoted groups properly. 319 phx13586 parse_login_line_ does not check the -po argument length correctly. 318 phx13605 daily_log_process and daily_syserr_process can only handle 100 selectors, and do not check that the limit is not exceeded. 316 phx13563 Users may create processes after the shutdown grace period begins. 312 phx13523 RQO on >sc1>rcp while installing rtdt is disastrous. 311 phx12531 asdumps (timer_manager_err) occur. Believed caused by intense absentee logout activity. 310 phx13491 ed_installation_parms doesn't do very well with a specified path. In addition, the -directory control argument is said to not function. 306 phx11695 sc_signal_handler_ should detect recursive invocations. 304 phx13395 The login_responder (pit) and initproc (pdt) fields should be longer. 300 phx12654 dial_manager_ should use some IPC mechanism which is isolated from channels otherwise in use by the process. This requires dial_ctl_ to maintain another IPC name per process. 299 phx13105 b_and_w report does not properly when the -week control argument is specified and the report is crossing a month. 298 phx13106 print_projfile does not determine if there are misc charges correctly. 297 phx13103 The ttp request (and -ttp login argument) do not cause all the attributes of the channel to be affected. For example, delays are not set. 296 phx13079 user_info_ and system_info_ should use assign_. 292 phx12717 display_mstb does not calculate the number of free entries properly. 283 phx12311 The nopreempt attribute is not honoured. 281 phx12236 mr_ does not preserve the visual appearance of messages containing tabs. 280 phx11463 If an attached console is in admin mode and the terminal is disconnected, cleanup should occur such that any program running which is doing I/O is revoked, admin mode exited, etc. 278 phx12190 list_abs_requests does not show the entire resource string, only the first 256 characters. This is caused by the declaration of the variable 'buffer'. 274 phx03725 message coordinator will happily 'use' a terminal which is on an FNP not available (IOM deconfigured) to the system. 272 phx11424 Overflow of a message coordinator device queue will cause the MC to loop on an out-of-bounds conditions filling >sc1 with asdumps. 271 phx05395 Message coordinator code 3 errors. disappearing destinations. other travesties. 269 phx12001 dump_mrt does not report flags correctly. 268 phx05921 operator commands for channels can cause data-base corruption if used on multiplexer channels. 266 phx11996 trm_ handler for absentee says that the reason for termination will be sent by Multics mail. It is really sent as a message. 262 phx11931 return_tty_to_mc_ does not mask ipc signals during operations on user_i/o. 260 phx11857 I/O daemons need to be able to determine the rate_structure of a user without having access to the SAT. Documentation needs to be improved on the access required to rate_structure_? segments, etc. 258 phx11957 enter_abs_request does not check a -rsc string. (It's not clear that there is a facility for this at MR9 time.). The absentee manager does not detect the fact that an attempt to run a job with an invalid -rsc string has occured, and continues to attempt to run the job periodically. (each time, an error occurs processing the -rsc string.) 257 none Inactive calculation for disconnect processes should use the time of disconnection instead of activity times. This would cut a disconnected process properly, even if it is sometimes active for copying ITT messages. 255 phx11303 When calculating MTBF, the system routines should use the formula MTBF<-TIME/CRASHES rather than MTBF<-TIME/(CRASHES+1). 253 phx04883 The crank should not delete the backup copies of the RCPRM registries until it finishes making the new ones successfully. 252 phx11654 disk_usage_stat assumes that a directory will have no more than 2000 names in it. It faults if one has any more. 250 phx11320 process creation failure may cause looping, attempting to create a process. 246 phx11193 accounts_overseer_ does not handle signalling the program_interrupt condition properly. It should do a 'start' if the pi handler returns. 244 phx10248 the bills should show the actual dates of the billing period, rather than some values which more-or-less indicate the first and last use of the project within a billing period. (It might be useful to DEFINITELY calculate those values, too.) 243 phx05916 There should be a good interface for controlling message coordinator terminal output 240 phx06594 sweep accumulates space used figures for zero quota accounts if a directory has one but not both segment and directory quota. 232 phx00617 as_meter_ computes some meters incorrectly. 226 phx10082 dialup_ fumbles trm_ response, other wakeups 212 phx09391 Absentee jobs terminated because max. CPU time is exceeded do not have their 'finish' handlers executed. Same for command environment re-entry. 202 phx05894 AS should do a number of resetreads: before answerback, after bad login word, etc. 197 phx07557 daemon login does not honour -ns. (Actually, it does not report that access prohibits use of -ns.) 181 phx08314 The 'load control group full' message prints even if -force is given. 177 phx06103 new_proc does not reset all terminal modes. 146 phx06661 Shifts >4 cause ed_mgt to fail. 144 phx06524 Initialization should be retryable after failure. 142 phx07052 Some modules are missing syserr message documentation (operator error message documentation). 140 phx06545 Some messages from daemon_user_manager_ are improperly split when they are too long for one log entry. 130 phx05583 Foreground absentee count can be inaccurate while absentee_user_manager_ is running. 128 phx01993 warn uses tty_write_force which can crash system if over-used. 115 phx02738 x repair should check its arguments more carefully. 108 phx02237 delete_proj never cleans up deleted projects. 101 phx04353 phx04502 phx04353 phx05755 phx06168 phx07280 The messages sent to users when another instance logs in are not handled properly. Some way to notify the current user reliably without disturbing what he is doing needs to be designed. 91 phx04853 There are race conditions in the process preservation mechanism. 82 phx03997 FG absentee jobs waiting on resources will sometimes not be checked often enough. 63 phx05545 Changes in quota structure between the diskreport and the bill accept can cause storage to be charged twice. 61 phx05452 The answer table lock is sometimes left set, requiring a force_reset to do installs. 50 phx05278 Disconnected processes sometimes get fatal errors on attempts to release through the sus_signal_handler_ frame. Hardcore error 154. 46 phx04853 Process preservation data bases can get into an inconsistent state. 45 phx04792 Error messages can be lost because a resetwrite is done after printing the error message and before returning to the user. 43 phx04608 Proxy absentee jobs are inaccessible to the user on whose behalf they were submitted. Messages for proxy jobs should be sent to proxy user and the submittor. 42 phx04706 Disconnected processes still accept messages. 37 35 phx04175 There is no way to list channels dialed to your process. See AS 089. 31 phx04017 phx05411 phx06240 Bumped absentee jobs are often marked as running in the queues. This may reflect on -restart, as well. 28 phx03894 HELP pre-access request is not documented. 27 26 phx03553 Messages from the AS can be lost if the user does a reset_write. 25 phx03486 edit_proj cannot remove an alias from a project. 22 phx03291 phx08499 mar to a queue with a lower CPU time limit can cause a job to be deferred indefinitely. Action should be if user is using default cpu limit, use default of queue (consistent with ear using same and not saying anything about implicit time limit). If not using default cpu limit, should query if new queue has lower limit. Should warn if new queue will never run, as does ear. 21 phx03154 Blast messages are sent to all instances of a user even if a channel is specified. 20 phx03073 There are race conditions allowing a login to get through a stop. dialup_ should stop login/process-creations in progress. 17 16 phx02805 ed_mgt permits a real time work class given 0%. This causes the AS not to initialize. 14 none RLV full causes system crash. 13 phx02570 phx07347 RQO in >sc1 causes system crash 12 phx02566 asu_ contains many undocumented error messages. 10 phx02473 ed_mgt cannot report many load control group parameters. 9 phx02431 phx12328 b_and_w fails if last_month.use_totals is a null segment and is much too gullible in general. 8 none none 5 phx02336 There is a discrepancy in the treatment of processes not assigned to a load control group between load_ctl_ and reassign_work_classes_. 4 phx02135 Error messages printed after failure of AS initialization are very cryptic. 3 phx01536 If a project is delegated to a system administrator or daemon, that user is given incorrect access to some system segments. ----------------------------------------------------------- Historical Background This edition of the Multics software materials and documentation is provided and donated to Massachusetts Institute of Technology by Group BULL including BULL HN Information Systems Inc. as a contribution to computer science knowledge. This donation is made also to give evidence of the common contributions of Massachusetts Institute of Technology, Bell Laboratories, General Electric, Honeywell Information Systems Inc., Honeywell BULL Inc., Groupe BULL and BULL HN Information Systems Inc. to the development of this operating system. Multics development was initiated by Massachusetts Institute of Technology Project MAC (1963-1970), renamed the MIT Laboratory for Computer Science and Artificial Intelligence in the mid 1970s, under the leadership of Professor Fernando Jose Corbato. Users consider that Multics provided the best software architecture for managing computer hardware properly and for executing programs. Many subsequent operating systems incorporated Multics principles. Multics was distributed in 1975 to 2000 by Group Bull in Europe , and in the U.S. by Bull HN Information Systems Inc., as successor in interest by change in name only to Honeywell Bull Inc. and Honeywell Information Systems Inc. . ----------------------------------------------------------- Permission to use, copy, modify, and distribute these programs and their documentation for any purpose and without fee is hereby granted,provided that the below copyright notice and historical background appear in all copies and that both the copyright notice and historical background and this permission notice appear in supporting documentation, and that the names of MIT, HIS, BULL or BULL HN not be used in advertising or publicity pertaining to distribution of the programs without specific prior written permission. Copyright 1972 by Massachusetts Institute of Technology and Honeywell Information Systems Inc. Copyright 2006 by BULL HN Information Systems Inc. Copyright 2006 by Bull SAS All Rights Reserved