Description
we provide a few variations of pointer validation functions for embedders.
eg. wasm_runtime_validate_native_addr
however, it's a bit unclear if NULL is considered "valid" or not for these functions.
looking at the implementation of wasm_runtime_validate_native_addr,
it checks the given pointer like the following:
uint8 *addr = (uint8 *)native_ptr;
if (memory_inst->memory_data <= addr
iirc, "<" operatior on a null pointer is an undefined behavior in C.
i suppose for many of relevant architectures it works as if it was a "zero" address.
and i guess it's what this logic is intended. ie. NULL is NOT a valid pointer.
otoh, wasm_runtime_validate_app_addr seems to consider NULL is valid.
it's understandable because 0 is a valid linear memory address in wasm.
it's however confusing as we sometimes converts wasm NULL to native NULL. (and vice versa.)
anyway, i'd suggest to do:
- explicitly mention the semantics in the api documentation.
- avoid relying on an undefined behavior in the implementation.