Perhaps the simplest approach, at least conceptually, is interpretation of the user code. A kernel embedded interpreter can validate each instruction before executing it and easily guarantee that the privilege restrictions are obeyed. Time bounds can be enforced by simply counting the number of instructions executed (weights could be assigned to each instruction if execution times vary widely).
Interpretation has been successfully employed in a variety of situations [66, , ], but is generally considered to be slow or only applicable if the input language can be sufficiently restricted. For the handlers anticipated, we believe that interpretation is ideal. The handlers are small and perform simple tasks. It should be possible to gather the most often used constructs and sequences into a virtual machine which can be optimized to execute efficiently [76, ]. Then, using indirect threaded code or direct threaded code techniques, build an extremely fast interpreter [6, , , ]. These techniques have been used to implement the Forth language [79]. The B (a predecessor to C) compiler for the PDP-7 generated threaded code [81] as did the Fortran IV compiler for the PDP-11 [6]. The object oriented language Actor is based on token threading [23]. QuickBasic 4.0 is based on a threaded P-code interpreter [101]. The handler code is threaded during code insertion.
It is one of the goals of this work to design a virtual machine that is general purpose, yet highly optimized to the interpretation of code that is produced when compiling handlers.