The addressable memory space doesn't include code, globals, stack, etc, but only that memory which could be considered the heap.
Pointers into memory are 32bit base + 32bit offset, non-wrapping, so 33-bit distances from a base pointer. Each memory access needs a check to that (relatively non-changing) pointer. Memory spaces can request expansion in multiples of 64KB, and can have configured maximum sizes. This leaves it all compatible with using the MMU to trap accesses beyond allowed memory. The example from the paper linked elsewhere is that on a 64 bit machine, you can allocate 8GB of virtual address space, which covers the entire possible addressable range of wasm instructions, and use permissions to trap out of boundness. The very notion of allocating that 8GB already encapsulates memory sandboxing, as long as the addressability limits of instructions can't be usurped (and it's formally been shown to be sound).
Pointers into memory are 32bit base + 32bit offset, non-wrapping, so 33-bit distances from a base pointer. Each memory access needs a check to that (relatively non-changing) pointer. Memory spaces can request expansion in multiples of 64KB, and can have configured maximum sizes. This leaves it all compatible with using the MMU to trap accesses beyond allowed memory. The example from the paper linked elsewhere is that on a 64 bit machine, you can allocate 8GB of virtual address space, which covers the entire possible addressable range of wasm instructions, and use permissions to trap out of boundness. The very notion of allocating that 8GB already encapsulates memory sandboxing, as long as the addressability limits of instructions can't be usurped (and it's formally been shown to be sound).