Those skilled in the data processing art will understand that a computer system can be roughly divided into four components; viz.: hardware, the operating system software, applications software and users. The hardware provides the basic computing resources, and the applications software defines the utilization of these resources to solve the computing problems of the users. The operating system controls and coordinates the use of the hardware among the various applications programs for the users.
The hardware contains one or more central processing units which each include instruction decoding and development circuitry or the equivalent which may be implemented in firmware. There is also typically provided an error sensing facility that can include the capability for alerting the operating system to the presence of a detected error. One type of error which may be sensed is a boundary fault in which a memory address which has been developed falls outside the bounds of the addressable memory in a given system. A closely related error, which may be sensed by a boundary error sensing facility in a central processing unit incorporating virtual memory and a security feature, is a boundary fault which occurs if a process attempts to access a memory address outside of the area, or block of memory addresses, to which it has been limited. This access limitation is ultimately controlled by the operating system, but a process may "shrink" or use a subset of its total memory for data isolation purposes. If the process acquires a visibility to a section of memory, then attempts to access memory outside this section, a boundary fault, or boundary error, will occur. This feature provides a level of security within the system by making it impossible for one task, or process, to gain access to another process' (or the operating system's) memory without authorization. A straightforward response to sensing a boundary error is to issue an error message, perhaps after a retry to eliminate the possibility that a transient error in decoding and development took place.
An anomalous situation occurs when a false boundary error condition is sensed. This condition can arise when there is a subtle design error in the instruction decoding and development circuitry and/or firmware such that, under certain rarely occurring address development conditions, the false boundary error condition is sensed. Upon retry, it will again recur. If the specific hardware in which the design error is discovered is still in development, it can simply be corrected, typically with appropriate changes in firmware. However, if the condition is so elusive that it is only discovered after numerous systems have been installed for commerical and/or other field operation, the cost of correcting the hardware/firmware can be virtually prohibitive, particularly if the system type is nearing the end of its life cycle. According to the present invention, the correction of a false boundary error is effected by its efficient handling in the operating system.