Techniques for metadata processing

What is claimed is: 1. A method of processing instructions comprising: receiving a current instruction for metadata processing performed in a metadata processing domain that is isolated from a code execution domain including the current instruction; and determining, by the metadata processing domain in connection with metadata for the current instruction, whether to allow execution of the current instruction in accordance with a set of one or more policies, wherein the current instruction accesses a first location of a stack frame of a first routine, wherein the current instruction and locations of the stack frame have associated metadata tags, and the set of one or more policies includes a stack protection policy that provides stack protection and prevents improper access to stack storage locations including storage locations of the stack frame of the first routine, wherein the stack protection policy includes one or more rules on metadata that define allowed operations with respect to stack storage locations and associated metadata, and wherein said one or more rules are generated by executing code in the metadata processing domain. 2. The method of claim 1 , wherein the stack protection policy includes a first rule used in the metadata processing of the current instruction that accesses the first location of the stack frame of the first routine, the first rule allowing execution of the current instruction if the first location has metadata indicating it is a stack location of the first routine and the current instruction is included in the first routine. 3. The method of claim 1 , wherein the current instruction is used by a particular invocation instance of the first routine having the stack frame and wherein the stack protection policy includes a first rule used in the metadata processing of the current instruction, the first rule allowing execution of the current instruction only when the current instruction is included in the first routine and only when the current instruction is also used by the particular invocation instance of the first routine having the stack frame. 4. The method of claim 3 , wherein the first rule includes examining metadata, that is associated with a program counter and denotes any of authority and capability, to determine whether to allow execution of the current instruction by the particular invocation instance of the first routine. 5. The method of claim 1 , wherein the stack protection policy provides any of object level protection wherein different objects in a single stack frame have different color metadata tags, and hierarchical object protection for a hierarchical object including multiple subobjects where each of the multiple subobjects of a single stack frame have a different metadata tag. 6. The method of claim 1 , further comprising: creating a new stack frame for a new routine invocation; and tagging or coloring memory locations of the new stack frame in accordance with strict object initialization or lazy object coloring, wherein strict object initialization includes performing initialization processing that executes one or more instructions triggering metadata processing of one or more rules that initially tags each memory location of the new stack frame prior to storing information to the new stack frame, and wherein lazy object coloring tags a particular memory location of the new stack frame in connection with metadata processing of a rule triggered responsive to an instruction storing data to the particular memory location. 7. The method of claim 1 , wherein the one or more policies include a set of rules for enforcement of a dynamic control flow integrity policy ensuring that a return to a particular return location is valid only when made subsequent to a particular invocation. 8. The method of claim 7 , wherein a first location includes a call instruction transferring control to a called routine including a return instruction, and a second location includes a second instruction, said second location denoting a return target location to which control is transferred as a result of executing the return instruction of the called routine, and the method further comprising: tagging the first location including the call instruction with a first code tag; tagging the second location denoting the return target location with a second code tag; performing metadata processing of a first rule of the set for the call instruction tagged with the first code tag, wherein the metadata processing of the first rule for the call instruction tagged with the first code tag includes tagging a return address register with a valid return address capability tag denoting that the return address register includes a valid return address for the second location and denoting a capability to return to the second location; performing metadata processing of a second rule of the set for the return instruction of the called routine that allows execution of the return instruction to transfer control to a return address stored in the return address register if the return address register is tagged with the valid return address capability tag, wherein the second rule propagates the valid return address capability tag of the return address register to a program counter tag used for a next instruction following runtime execution of the return instruction; and performing metadata processing of a third rule of the set for the second instruction that follows runtime execution of the return instruction, wherein the metadata processing of the third rule is triggered by the second code tag of the second instruction and the third rule allows execution of the second instruction if the program counter tag is the valid return address capability tag allowing return to the second location with the second code tag, wherein the third rule clears the program counter tag used for a next instruction following runtime execution of the second instruction. 9. The method of claim 1 , wherein said one or more rules are stored in a rule cache of the metadata processing domain and wherein said determining further includes: determining whether a rule on metadata exists in a rule cache in accordance with the current instruction, metadata associated with the current instruction, and metadata associated with the first location of the stack frame of the first routine. 10. A non-transitory computer readable medium comprising code stored thereon that, when executed, performs a method of processing instructions comprising: receiving a current instruction for metadata processing performed in a metadata processing domain that is isolated from a code execution domain including the current instruction; and determining, by the metadata processing domain in connection with metadata for the current instruction, whether to allow execution of the current instruction in accordance with a set of one or more policies, wherein the current instruction accesses a first location of a stack frame of a first routine, wherein the current instruction and locations of the stack frame have associated metadata tags, and the set of one or more policies includes a stack protection policy that provides stack protection and prevents improper access to stack storage locations including storage locations of the stack frame of the first routine, wherein the stack protection policy includes one or more rules on metadata that define allowed operations with respect to stack storage locations and associated metadata, and wherein said one or more rules are generated by executing code in the metadata processing domain. 11. The non-transitory computer readable medium of claim 10 , wherein the stack protection policy includes a first rule used in the metadata