I thought about the systemic overestimation in the context of contracts. For fixed logic pallets this solution is fine because we can assume that they always terminate as we make sure not to write unbounded logic or do any dumb stuff. So we can just use max weight and let it run.
However, for contracts we need to stop the execution on weight overrun since we cannot assume that they will ever terminate. I think try…catch for runtime can solve the problem if we can make it very low overhead. It will not affect the already written code of existing pallets. It will only require changes to the FRAME entry points.
Doing only metering without this mechanism will not be trivial either: Importing a block happens in a single wasm instance. But we need to meter weight per transaction in order to derive the precise fees from it. So we need a check pointing mechanism for this anyways. Having a sub-instance per extrinsic seems conceptually easier (and can be done with wasmtime). There are a lot of open questions and it all depends on whether this can be done without compromising performance.
Of course we don’t want FRAME to become slow and heavy. The idea is that we might be able to pull that off without paying a big price.