Revert of [wasm] Strongly typed compiled module

src/wasm/wasm-module.cc

 // Copyright 2015 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <memory>
 
 #include "src/base/atomic-utils.h"
 #include "src/code-stubs.h"
 
 #include "src/macro-assembler.h"
@@ skipping 136 matching lines @@
   kWasmGlobalsArrayBuffer,
   // TODO(clemensh): Remove function name array, extract names from module
   // bytes.
   kWasmFunctionNamesArray,
   kWasmModuleBytesString,
   kWasmDebugInfo,
   kWasmNumImportedFunctions,
   kWasmModuleInternalFieldCount
 };
 
+// TODO(mtrofin): Unnecessary once we stop using JS Heap for wasm code.
+// For now, each field is expected to have the type commented by its side.
+// The elements typed as "maybe" are optional. The others are mandatory. Since
+// the compiled module is either obtained from the current v8 instance, or from
+// a snapshot produced by a compatible (==identical) v8 instance, we simply
+// fail at instantiation time, in the face of invalid data.
+enum WasmCompiledModule {
+  kCodeTable,    // FixedArray of Code
+  kImportData,   // maybe FixedArray of FixedArray respecting the
+                 // WasmImportData structure.
+  kExportData,   // maybe FixedArray of FixedArray of WasmExportData
+                 // structure
+  kStartupData,  // maybe FixedArray of WasmExportData structure
+  kTableOfIndirectFunctionTables,  // maybe FixedArray of FixedArray of
+                                   // WasmIndirectFunctionTableData
+  kModuleBytes,                    // maybe String
+  kFunctionNameTable,              // maybe ByteArray
+  kMinRequiredMemory,              // Smi. an uint32_t
+  // The following 2 are either together present or absent:
+  kDataSegmentsInfo,  // maybe FixedArray of FixedArray respecting the
+                      // WasmSegmentInfo structure
+  kDataSegments,      // maybe ByteArray.
+
+  kGlobalsSize,            // Smi. an uint32_t
+  kMemSize,                // Smi.an uint32_t
+  kMemStart,               // MaybeHandle<ArrayBuffer>
+  kExportMem,              // Smi. bool
+  kOrigin,                 // Smi. ModuleOrigin
+  kNextInstance,           // WeakCell. See compiled code cloning.
+  kPrevInstance,           // WeakCell. See compiled code cloning.
+  kOwningInstance,         // WeakCell, pointing to the owning instance.
+  kModuleObject,           // WeakCell, pointing to the module object.
+  kWasmCompiledModuleSize  // Sentinel value.
+};
+
 enum WasmImportData {
   kModuleName,         // String
   kFunctionName,       // maybe String
   kOutputCount,        // Smi. an uint32_t
   kSignature,          // ByteArray. A copy of the data in FunctionSig
   kWasmImportDataSize  // Sentinel value.
 };
 
 enum WasmExportData {
   kExportName,             // String
@@ skipping 12 matching lines @@
 enum WasmIndirectFunctionTableData {
   kSize,                              // Smi. an uint32_t
   kTable,                             // FixedArray of indirect function table
   kWasmIndirectFunctionTableDataSize  // Sentinel value.
 };
 
 uint32_t GetMinModuleMemSize(const WasmModule* module) {
   return WasmModule::kPageSize * module->min_mem_pages;
 }
 
-void LoadDataSegments(Handle<WasmCompiledModule> compiled_module,
-                      Address mem_addr, size_t mem_size) {
-  CHECK(compiled_module->has_data_segments() ==
-        compiled_module->has_data_segments_info());
+void LoadDataSegments(Handle<FixedArray> compiled_module, Address mem_addr,
+                      size_t mem_size) {
+  Isolate* isolate = compiled_module->GetIsolate();
+  MaybeHandle<ByteArray> maybe_data =
+      compiled_module->GetValue<ByteArray>(isolate, kDataSegments);
+  MaybeHandle<FixedArray> maybe_segments =
+      compiled_module->GetValue<FixedArray>(isolate, kDataSegmentsInfo);
 
+  // We either have both or neither.
+  CHECK(maybe_data.is_null() == maybe_segments.is_null());
   // If we have neither, we're done.
-  if (!compiled_module->has_data_segments()) return;
+  if (maybe_data.is_null()) return;
 
-  Handle<ByteArray> data = compiled_module->data_segments();
-  Handle<FixedArray> segments = compiled_module->data_segments_info();
+  Handle<ByteArray> data = maybe_data.ToHandleChecked();
+  Handle<FixedArray> segments = maybe_segments.ToHandleChecked();
 
   uint32_t last_extraction_pos = 0;
   for (int i = 0; i < segments->length(); ++i) {
     Handle<ByteArray> segment =
         Handle<ByteArray>(ByteArray::cast(segments->get(i)));
     uint32_t dest_addr = static_cast<uint32_t>(segment->get_int(kDestAddr));
     uint32_t source_size = static_cast<uint32_t>(segment->get_int(kSourceSize));
     CHECK_LT(dest_addr, mem_size);
     CHECK_LE(source_size, mem_size);
     CHECK_LE(dest_addr, mem_size - source_size);
     byte* addr = mem_addr + dest_addr;
     data->copy_out(last_extraction_pos, addr, source_size);
     last_extraction_pos += source_size;
   }
 }
 
 void SaveDataSegmentInfo(Factory* factory, const WasmModule* module,
-                         Handle<WasmCompiledModule> compiled_module) {
+                         Handle<FixedArray> compiled_module) {
   Handle<FixedArray> segments = factory->NewFixedArray(
       static_cast<int>(module->data_segments.size()), TENURED);
   uint32_t data_size = 0;
   for (const WasmDataSegment& segment : module->data_segments) {
     if (segment.source_size == 0) continue;
     data_size += segment.source_size;
   }
   Handle<ByteArray> data = factory->NewByteArray(data_size, TENURED);
 
   uint32_t last_insertion_pos = 0;
   for (uint32_t i = 0; i < module->data_segments.size(); ++i) {
     const WasmDataSegment& segment = module->data_segments[i];
     if (segment.source_size == 0) continue;
     Handle<ByteArray> js_segment =
         factory->NewByteArray(kWasmSegmentInfoSize * sizeof(uint32_t), TENURED);
     // TODO(titzer): add support for global offsets for dest_addr
     CHECK_EQ(WasmInitExpr::kI32Const, segment.dest_addr.kind);
     js_segment->set_int(kDestAddr, segment.dest_addr.val.i32_const);
     js_segment->set_int(kSourceSize, segment.source_size);
     segments->set(i, *js_segment);
     data->copy_in(last_insertion_pos,
                   module->module_start + segment.source_offset,
                   segment.source_size);
     last_insertion_pos += segment.source_size;
   }
-  compiled_module->set_data_segments_info(segments);
-  compiled_module->set_data_segments(data);
+  compiled_module->set(kDataSegmentsInfo, *segments);
+  compiled_module->set(kDataSegments, *data);
 }
 
 void PatchFunctionTable(Handle<Code> code,
                         Handle<FixedArray> old_indirect_table,
                         Handle<FixedArray> new_indirect_table) {
   for (RelocIterator it(*code, 1 << RelocInfo::EMBEDDED_OBJECT); !it.done();
        it.next()) {
     if (it.rinfo()->target_object() == *old_indirect_table) {
       it.rinfo()->set_target_object(*new_indirect_table);
     }
@@ skipping 587 matching lines @@
         if (new_code != old_code) {
           it.rinfo()->set_target_address(new_code->instruction_start(),
                                          UPDATE_WRITE_BARRIER,
                                          SKIP_ICACHE_FLUSH);
         }
       }
     }
   }
 }
 
+#define GET_COMPILED_MODULE_WEAK_RELATION_OR_NULL(Field)    \
+  WeakCell* Get##Field(const FixedArray* compiled_module) { \
+    Object* obj = compiled_module->get(k##Field);           \
+    DCHECK_NOT_NULL(obj);                                   \
+    if (obj->IsWeakCell()) {                                \
+      return WeakCell::cast(obj);                           \
+    } else {                                                \
+      return nullptr;                                       \
+    }                                                       \
+  }
+
+GET_COMPILED_MODULE_WEAK_RELATION_OR_NULL(NextInstance)
+GET_COMPILED_MODULE_WEAK_RELATION_OR_NULL(PrevInstance)
+GET_COMPILED_MODULE_WEAK_RELATION_OR_NULL(OwningInstance)
+GET_COMPILED_MODULE_WEAK_RELATION_OR_NULL(ModuleObject)
+
 static void ResetCompiledModule(Isolate* isolate, JSObject* owner,
-                                WasmCompiledModule* compiled_module) {
+                                FixedArray* compiled_module) {
   Object* undefined = *isolate->factory()->undefined_value();
-  uint32_t old_mem_size = compiled_module->mem_size();
-  Object* mem_start = compiled_module->ptr_to_mem_start();
+  Object* mem_size_obj = compiled_module->get(kMemSize);
+  DCHECK(mem_size_obj->IsMutableHeapNumber());
+  uint32_t old_mem_size =
+      static_cast<uint32_t>(HeapNumber::cast(mem_size_obj)->value());
+  Object* mem_start = compiled_module->get(kMemStart);
   Address old_mem_address = nullptr;
   Address globals_start =
       GetGlobalStartAddressFromCodeTemplate(undefined, owner);
 
   if (old_mem_size > 0) {
     CHECK_NE(mem_start, undefined);
     old_mem_address =
         static_cast<Address>(JSArrayBuffer::cast(mem_start)->backing_store());
   }
   int mode_mask = RelocInfo::ModeMask(RelocInfo::WASM_MEMORY_REFERENCE) |
                   RelocInfo::ModeMask(RelocInfo::WASM_MEMORY_SIZE_REFERENCE) |
                   RelocInfo::ModeMask(RelocInfo::WASM_GLOBAL_REFERENCE);
 
-  Object* fct_obj = compiled_module->ptr_to_code_table();
+  Object* fct_obj = compiled_module->get(kCodeTable);
   if (fct_obj != nullptr && fct_obj != undefined &&
       (old_mem_size > 0 || globals_start != nullptr)) {
     FixedArray* functions = FixedArray::cast(fct_obj);
     for (int i = 0; i < functions->length(); ++i) {
       Code* code = Code::cast(functions->get(i));
       bool changed = false;
       for (RelocIterator it(code, mode_mask); !it.done(); it.next()) {
         RelocInfo::Mode mode = it.rinfo()->rmode();
         if (RelocInfo::IsWasmMemoryReference(mode) ||
             RelocInfo::IsWasmMemorySizeReference(mode)) {
           it.rinfo()->update_wasm_memory_reference(old_mem_address, nullptr,
                                                    old_mem_size, old_mem_size);
           changed = true;
         } else {
           CHECK(RelocInfo::IsWasmGlobalReference(mode));
           it.rinfo()->update_wasm_global_reference(globals_start, nullptr);
           changed = true;
         }
       }
       if (changed) {
         Assembler::FlushICache(isolate, code->instruction_start(),
                                code->instruction_size());
       }
     }
   }
-  compiled_module->reset_weak_owning_instance();
-  compiled_module->reset_mem_start();
+  compiled_module->set(kOwningInstance, undefined);
+  compiled_module->set(kMemStart, undefined);
 }
 
 static void InstanceFinalizer(const v8::WeakCallbackInfo<void>& data) {
   JSObject** p = reinterpret_cast<JSObject**>(data.GetParameter());
   JSObject* owner = *p;
-  WasmCompiledModule* compiled_module =
-      WasmCompiledModule::cast(owner->GetInternalField(kWasmCompiledModule));
+  FixedArray* compiled_module =
+      FixedArray::cast(owner->GetInternalField(kWasmCompiledModule));
   Isolate* isolate = reinterpret_cast<Isolate*>(data.GetIsolate());
-  DCHECK(compiled_module->has_weak_module_object());
-  WeakCell* weak_module_obj = compiled_module->ptr_to_weak_module_object();
-
+  Object* undefined = *isolate->factory()->undefined_value();
+  WeakCell* weak_module_obj = GetModuleObject(compiled_module);
+  DCHECK_NOT_NULL(weak_module_obj);
   // weak_module_obj may have been cleared, meaning the module object
   // was GC-ed. In that case, there won't be any new instances created,
   // and we don't need to maintain the links between instances.
   if (!weak_module_obj->cleared()) {
     JSObject* module_obj = JSObject::cast(weak_module_obj->value());
-    WasmCompiledModule* current_template =
-        WasmCompiledModule::cast(module_obj->GetInternalField(0));
-    DCHECK(!current_template->has_weak_prev_instance());
-    WeakCell* next = compiled_module->ptr_to_weak_next_instance();
-    WeakCell* prev = compiled_module->ptr_to_weak_prev_instance();
+    FixedArray* current_template =
+        FixedArray::cast(module_obj->GetInternalField(0));
+    DCHECK_NULL(GetPrevInstance(current_template));
+    WeakCell* next = GetNextInstance(compiled_module);
+    WeakCell* prev = GetPrevInstance(compiled_module);
 
     if (current_template == compiled_module) {
       if (next == nullptr) {
         ResetCompiledModule(isolate, owner, compiled_module);
       } else {
         DCHECK(next->value()->IsFixedArray());
         module_obj->SetInternalField(0, next->value());
         DCHECK_NULL(prev);
-        WasmCompiledModule::cast(next->value())->reset_weak_prev_instance();
+        FixedArray::cast(next->value())->set(kPrevInstance, undefined);
       }
     } else {
       DCHECK(!(prev == nullptr && next == nullptr));
       // the only reason prev or next would be cleared is if the
       // respective objects got collected, but if that happened,
       // we would have relinked the list.
       if (prev != nullptr) {
         DCHECK(!prev->cleared());
-        if (next == nullptr) {
-          WasmCompiledModule::cast(prev->value())->reset_weak_next_instance();
-        } else {
-          WasmCompiledModule::cast(prev->value())
-              ->set_ptr_to_weak_next_instance(next);
-        }
+        FixedArray::cast(prev->value())
+            ->set(kNextInstance, next == nullptr ? undefined : next);
       }
       if (next != nullptr) {
         DCHECK(!next->cleared());
-        if (prev == nullptr) {
-          WasmCompiledModule::cast(next->value())->reset_weak_prev_instance();
-        } else {
-          WasmCompiledModule::cast(next->value())
-              ->set_ptr_to_weak_prev_instance(prev);
-        }
+        FixedArray::cast(next->value())
+            ->set(kPrevInstance, prev == nullptr ? undefined : prev);
       }
     }
   }
   GlobalHandles::Destroy(reinterpret_cast<Object**>(p));
 }
 
 }  // namespace
 
-MaybeHandle<WasmCompiledModule> WasmModule::CompileFunctions(
+MaybeHandle<FixedArray> WasmModule::CompileFunctions(
     Isolate* isolate, ErrorThrower* thrower) const {
   Factory* factory = isolate->factory();
 
-  MaybeHandle<WasmCompiledModule> nothing;
+  MaybeHandle<FixedArray> nothing;
 
   WasmModuleInstance temp_instance(this);
   temp_instance.context = isolate->native_context();
   temp_instance.mem_size = GetMinModuleMemSize(this);
   temp_instance.mem_start = nullptr;
   temp_instance.globals_start = nullptr;
 
   MaybeHandle<FixedArray> indirect_table =
       function_tables.size()
           ? factory->NewFixedArray(static_cast<int>(function_tables.size()),
@@ skipping 70 matching lines @@
       // TODO(mtrofin): do we need to flush the cache here?
       Assembler::FlushICache(isolate, code->instruction_start(),
                              code->instruction_size());
     }
   }
 
   // Create the compiled module object, and populate with compiled functions
   // and information needed at instantiation time. This object needs to be
   // serializable. Instantiation may occur off a deserialized version of this
   // object.
-  Handle<WasmCompiledModule> ret = WasmCompiledModule::New(isolate);
-  ret->set_code_table(code_table);
+  Handle<FixedArray> ret =
+      factory->NewFixedArray(kWasmCompiledModuleSize, TENURED);
+  ret->set(kCodeTable, *code_table);
   if (!indirect_table.is_null()) {
-    ret->set_indirect_function_tables(indirect_table.ToHandleChecked());
+    ret->set(kTableOfIndirectFunctionTables, *indirect_table.ToHandleChecked());
   }
   Handle<FixedArray> import_data = GetImportsData(factory, this);
-  ret->set_import_data(import_data);
+  ret->set(kImportData, *import_data);
 
   // Compile exported function wrappers.
   int export_size = static_cast<int>(num_exported_functions);
   if (export_size > 0) {
     Handle<FixedArray> exports = factory->NewFixedArray(export_size, TENURED);
     int index = -1;
 
     for (const WasmExport& exp : export_table) {
       if (exp.kind != kExternalFunction)
         continue;  // skip non-function exports.
@@ skipping 17 matching lines @@
       if (thrower->error()) return nothing;
       export_data->set(kExportName, *name);
       export_data->set(kExportArity,
                        Smi::FromInt(static_cast<int>(
                            functions[exp.index].sig->parameter_count())));
       export_data->set(kExportedFunctionIndex,
                        Smi::FromInt(static_cast<int>(exp.index)));
       exports->set(index, *export_data);
       code_table->set(static_cast<int>(functions.size() + index), *export_code);
     }
-    ret->set_exports(exports);
+    ret->set(kExportData, *exports);
   }
 
   // Record data for startup function.
   if (start_function_index >= 0) {
     HandleScope scope(isolate);
     Handle<FixedArray> startup_data =
         factory->NewFixedArray(kWasmExportDataSize, TENURED);
     startup_data->set(kExportArity, Smi::FromInt(0));
     startup_data->set(kExportedFunctionIndex,
                       Smi::FromInt(start_function_index));
-    ret->set_startup_function(startup_data);
+    ret->set(kStartupData, *startup_data);
   }
 
   // TODO(wasm): saving the module bytes for debugging is wasteful. We should
   // consider downloading this on-demand.
   {
     size_t module_bytes_len = module_end - module_start;
     DCHECK_LE(module_bytes_len, static_cast<size_t>(kMaxInt));
     Vector<const uint8_t> module_bytes_vec(module_start,
                                            static_cast<int>(module_bytes_len));
     Handle<String> module_bytes_string =
         factory->NewStringFromOneByte(module_bytes_vec, TENURED)
             .ToHandleChecked();
-    ret->set_module_bytes(module_bytes_string);
+    ret->set(kModuleBytes, *module_bytes_string);
   }
 
   Handle<ByteArray> function_name_table =
       BuildFunctionNamesTable(isolate, module_env.module);
-  ret->set_function_names(function_name_table);
-  ret->set_min_required_memory(min_mem_pages);
+  ret->set(kFunctionNameTable, *function_name_table);
+  ret->set(kMinRequiredMemory, Smi::FromInt(min_mem_pages));
   if (data_segments.size() > 0) SaveDataSegmentInfo(factory, this, ret);
-  ret->set_globals_size(globals_size);
-  ret->set_export_memory(mem_export);
-  ret->set_origin(origin);
-  ret->set_mem_size(temp_instance.mem_size);
+  ret->set(kGlobalsSize, Smi::FromInt(globals_size));
+  ret->set(kExportMem, Smi::FromInt(mem_export));
+  ret->set(kOrigin, Smi::FromInt(origin));
+  Handle<HeapNumber> size_as_object = factory->NewHeapNumber(
+      static_cast<double>(temp_instance.mem_size), MUTABLE, TENURED);
+  ret->set(kMemSize, *size_as_object);
   return ret;
 }
 
 void PatchJSWrapper(Isolate* isolate, Handle<Code> wrapper,
                     Handle<Code> new_target) {
   AllowDeferredHandleDereference embedding_raw_address;
   bool seen = false;
   for (RelocIterator it(*wrapper, 1 << RelocInfo::CODE_TARGET); !it.done();
        it.next()) {
     Code* target = Code::GetCodeFromTargetAddress(it.rinfo()->target_address());
@@ skipping 47 matching lines @@
                                               Handle<JSReceiver> ffi,
                                               Handle<JSArrayBuffer> memory) {
   MaybeHandle<JSObject> nothing;
   HistogramTimerScope wasm_instantiate_module_time_scope(
       isolate->counters()->wasm_instantiate_module_time());
   Factory* factory = isolate->factory();
 
   //--------------------------------------------------------------------------
   // Reuse the compiled module (if no owner), otherwise clone.
   //--------------------------------------------------------------------------
-  Handle<WasmCompiledModule> compiled_module;
+  Handle<FixedArray> compiled_module;
   Handle<FixedArray> code_table;
   Handle<FixedArray> old_code_table;
   Handle<JSObject> owner;
   // If we don't clone, this will be null(). Otherwise, this will
   // be a weak link to the original. If we lose the original to GC,
   // this will be a cleared. We'll link the instances chain last.
   MaybeHandle<WeakCell> link_to_original;
 
   {
-    Handle<WasmCompiledModule> original(
-        WasmCompiledModule::cast(module_object->GetInternalField(0)), isolate);
+    Handle<FixedArray> original(
+        FixedArray::cast(module_object->GetInternalField(0)), isolate);
     // Always make a new copy of the code_table, since the old_code_table
     // may still have placeholders for imports.
-    old_code_table = original->code_table();
+    old_code_table = original->GetValueChecked<FixedArray>(isolate, kCodeTable);
     code_table = factory->CopyFixedArray(old_code_table);
 
-    if (original->has_weak_owning_instance()) {
-      WeakCell* tmp = original->ptr_to_weak_owning_instance();
+    WeakCell* tmp = GetOwningInstance(*original);
+    if (tmp != nullptr) {
       DCHECK(!tmp->cleared());
       // There is already an owner, clone everything.
       owner = Handle<JSObject>(JSObject::cast(tmp->value()), isolate);
       // Insert the latest clone in front.
-      compiled_module =
-          handle(WasmCompiledModule::cast(*factory->CopyFixedArray(original)));
+      compiled_module = factory->CopyFixedArray(original);
       // Replace the strong reference to point to the new instance here.
       // This allows any of the other instances, including the original,
       // to be collected.
       module_object->SetInternalField(0, *compiled_module);
-      compiled_module->set_weak_module_object(original->weak_module_object());
+      Handle<WeakCell> weak_link_to_wasm_obj =
+          original->GetValueChecked<WeakCell>(isolate, kModuleObject);
+
+      compiled_module->set(kModuleObject, *weak_link_to_wasm_obj);
       link_to_original = factory->NewWeakCell(original);
       // Don't link to original here. We remember the original
       // as a weak link. If that link isn't clear by the time we finish
       // instantiating this instance, then we link it at that time.
-      compiled_module->reset_weak_next_instance();
+      compiled_module->set(kNextInstance, *factory->undefined_value());
 
       // Clone the code for WASM functions and exports.
       for (int i = 0; i < code_table->length(); ++i) {
         Handle<Code> orig_code = code_table->GetValueChecked<Code>(isolate, i);
         switch (orig_code->kind()) {
           case Code::WASM_TO_JS_FUNCTION:
             // Imports will be overwritten with newly compiled wrappers.
             break;
           case Code::JS_TO_WASM_FUNCTION:
           case Code::WASM_FUNCTION: {
             Handle<Code> code = factory->CopyCode(orig_code);
             code_table->set(i, *code);
             break;
           }
           default:
             UNREACHABLE();
         }
       }
-      compiled_module->set_mem_size(original->mem_size());
+      Handle<HeapNumber> size_as_object = factory->NewHeapNumber(
+          static_cast<double>(
+              compiled_module->GetValueChecked<HeapNumber>(isolate, kMemSize)
+                  ->value()),
+          MUTABLE, TENURED);
+      compiled_module->set(kMemSize, *size_as_object);
       RecordStats(isolate, code_table);
     } else {
       // There was no owner, so we can reuse the original.
       compiled_module = original;
     }
-    compiled_module->set_code_table(code_table);
+    compiled_module->set(kCodeTable, *code_table);
   }
 
   //--------------------------------------------------------------------------
   // Allocate the instance object.
   //--------------------------------------------------------------------------
   Handle<Map> map = factory->NewMap(
       JS_OBJECT_TYPE,
       JSObject::kHeaderSize + kWasmModuleInternalFieldCount * kPointerSize);
   Handle<JSObject> instance = factory->NewJSObjectFromMap(map, TENURED);
   instance->SetInternalField(kWasmModuleCodeTable, *code_table);
 
   //--------------------------------------------------------------------------
   // Set up the memory for the new instance.
   //--------------------------------------------------------------------------
   MaybeHandle<JSArrayBuffer> old_memory;
   // TODO(titzer): handle imported memory properly.
 
-  uint32_t min_mem_pages = compiled_module->min_required_memory();
+  uint32_t min_mem_pages = static_cast<uint32_t>(
+      Smi::cast(compiled_module->get(kMinRequiredMemory))->value());
   isolate->counters()->wasm_min_mem_pages_count()->AddSample(min_mem_pages);
   // TODO(wasm): re-enable counter for max_mem_pages when we use that field.
 
   if (memory.is_null() && min_mem_pages > 0) {
     memory = AllocateMemory(thrower, isolate, min_mem_pages);
     if (memory.is_null()) return nothing;  // failed to allocate memory
   }
 
   if (!memory.is_null()) {
     instance->SetInternalField(kWasmMemArrayBuffer, *memory);
     Address mem_start = static_cast<Address>(memory->backing_store());
     uint32_t mem_size = static_cast<uint32_t>(memory->byte_length()->Number());
     LoadDataSegments(compiled_module, mem_start, mem_size);
 
-    uint32_t old_mem_size = compiled_module->mem_size();
+    uint32_t old_mem_size = static_cast<uint32_t>(
+        compiled_module->GetValueChecked<HeapNumber>(isolate, kMemSize)
+            ->value());
+    MaybeHandle<JSArrayBuffer> old_mem =
+        compiled_module->GetValue<JSArrayBuffer>(isolate, kMemStart);
     Address old_mem_start =
-        compiled_module->has_mem_start()
-            ? static_cast<Address>(
-                  compiled_module->mem_start()->backing_store())
-            : nullptr;
+        old_mem.is_null()
+            ? nullptr
+            : static_cast<Address>(old_mem.ToHandleChecked()->backing_store());
     RelocateInstanceCode(instance, old_mem_start, mem_start, old_mem_size,
                          mem_size);
-    compiled_module->set_mem_size(mem_size);
-    compiled_module->set_mem_start(memory);
+    compiled_module->GetValueChecked<HeapNumber>(isolate, kMemSize)
+        ->set_value(static_cast<double>(mem_size));
+    compiled_module->set(kMemStart, *memory);
   }
 
   //--------------------------------------------------------------------------
   // Set up the globals for the new instance.
   //--------------------------------------------------------------------------
   MaybeHandle<JSArrayBuffer> old_globals;
   MaybeHandle<JSArrayBuffer> globals;
-  uint32_t globals_size = compiled_module->globals_size();
+  uint32_t globals_size = static_cast<uint32_t>(
+      Smi::cast(compiled_module->get(kGlobalsSize))->value());
   if (globals_size > 0) {
     Handle<JSArrayBuffer> global_buffer = NewArrayBuffer(isolate, globals_size);
     globals = global_buffer;
     if (globals.is_null()) {
       thrower->Error("Out of memory: wasm globals");
       return nothing;
     }
     Address old_address =
         owner.is_null() ? nullptr : GetGlobalStartAddressFromCodeTemplate(
                                         *isolate->factory()->undefined_value(),
                                         JSObject::cast(*owner));
     RelocateGlobals(instance, old_address,
                     static_cast<Address>(global_buffer->backing_store()));
     instance->SetInternalField(kWasmGlobalsArrayBuffer, *global_buffer);
   }
 
   //--------------------------------------------------------------------------
   // Compile the import wrappers for the new instance.
   //--------------------------------------------------------------------------
   // TODO(titzer): handle imported globals and function tables.
+  Handle<FixedArray> import_data;
   int num_imported_functions = 0;
-  if (compiled_module->has_import_data()) {
-    Handle<FixedArray> import_data = compiled_module->import_data();
+  if (compiled_module->GetValue<FixedArray>(isolate, kImportData)
+          .ToHandle(&import_data)) {
     num_imported_functions = import_data->length();
     for (int index = 0; index < num_imported_functions; index++) {
       Handle<Code> import_wrapper =
           CompileImportWrapper(isolate, ffi, index, import_data, thrower);
       if (thrower->error()) return nothing;
       code_table->set(index, *import_wrapper);
       RecordStats(isolate, *import_wrapper);
     }
   }
 
   //--------------------------------------------------------------------------
   // Set up the debug support for the new instance.
   //--------------------------------------------------------------------------
-  // TODO(wasm): avoid referencing this stuff from the instance, use it off
-  // the compiled module instead. See the following 3 assignments:
-  if (compiled_module->has_module_bytes()) {
+  MaybeHandle<String> module_bytes_string =
+      compiled_module->GetValue<String>(isolate, kModuleBytes);
+  if (!module_bytes_string.is_null()) {
     instance->SetInternalField(kWasmModuleBytesString,
-                               compiled_module->ptr_to_module_bytes());
+                               *module_bytes_string.ToHandleChecked());
   }
 
-  if (compiled_module->has_function_names()) {
-    instance->SetInternalField(kWasmFunctionNamesArray,
-                               compiled_module->ptr_to_function_names());
+  MaybeHandle<ByteArray> function_name_table =
+      compiled_module->GetValue<ByteArray>(isolate, kFunctionNameTable);
+  if (!function_name_table.is_null()) {
+    Handle<ByteArray> handle = function_name_table.ToHandleChecked();
+    instance->SetInternalField(kWasmFunctionNamesArray, *handle);
   }
 
   {
     Handle<Object> handle = factory->NewNumber(num_imported_functions);
     instance->SetInternalField(kWasmNumImportedFunctions, *handle);
   }
 
   //--------------------------------------------------------------------------
   // Set up the runtime support for the new instance.
   //--------------------------------------------------------------------------
@@ skipping 15 matching lines @@
   //--------------------------------------------------------------------------
   // Set up the indirect function tables for the new instance.
   //--------------------------------------------------------------------------
   {
     std::vector<Handle<Code>> functions(
         static_cast<size_t>(code_table->length()));
     for (int i = 0; i < code_table->length(); ++i) {
       functions[i] = code_table->GetValueChecked<Code>(isolate, i);
     }
 
-    if (compiled_module->has_indirect_function_tables()) {
-      Handle<FixedArray> indirect_tables_template =
-          compiled_module->indirect_function_tables();
+    MaybeHandle<FixedArray> maybe_indirect_tables =
+        compiled_module->GetValue<FixedArray>(isolate,
+                                              kTableOfIndirectFunctionTables);
+    Handle<FixedArray> indirect_tables_template;
+    if (maybe_indirect_tables.ToHandle(&indirect_tables_template)) {
       Handle<FixedArray> to_replace =
           owner.is_null() ? indirect_tables_template
                           : handle(FixedArray::cast(owner->GetInternalField(
                                 kWasmModuleFunctionTable)));
       Handle<FixedArray> indirect_tables = SetupIndirectFunctionTable(
           isolate, code_table, indirect_tables_template, to_replace);
       for (int i = 0; i < indirect_tables->length(); ++i) {
         Handle<FixedArray> metadata =
             indirect_tables->GetValueChecked<FixedArray>(isolate, i);
         uint32_t size = Smi::cast(metadata->get(kSize))->value();
         Handle<FixedArray> table =
             metadata->GetValueChecked<FixedArray>(isolate, kTable);
         wasm::PopulateFunctionTable(table, size, &functions);
       }
       instance->SetInternalField(kWasmModuleFunctionTable, *indirect_tables);
     }
   }
 
   //--------------------------------------------------------------------------
   // Set up the exports object for the new instance.
   //--------------------------------------------------------------------------
-  bool mem_export = compiled_module->export_memory();
-  ModuleOrigin origin = compiled_module->origin();
+  bool mem_export =
+      static_cast<bool>(Smi::cast(compiled_module->get(kExportMem))->value());
+  ModuleOrigin origin = static_cast<ModuleOrigin>(
+      Smi::cast(compiled_module->get(kOrigin))->value());
 
-  if (compiled_module->has_exports() || mem_export) {
+  MaybeHandle<FixedArray> maybe_exports =
+      compiled_module->GetValue<FixedArray>(isolate, kExportData);
+  if (!maybe_exports.is_null() || mem_export) {
     PropertyDescriptor desc;
     desc.set_writable(false);
 
     Handle<JSObject> exports_object = instance;
     if (origin == kWasmOrigin) {
       // Create the "exports" object.
       Handle<JSFunction> object_function = Handle<JSFunction>(
           isolate->native_context()->object_function(), isolate);
       exports_object = factory->NewJSObject(object_function, TENURED);
       Handle<String> exports_name = factory->InternalizeUtf8String("exports");
       JSObject::AddProperty(instance, exports_name, exports_object, READ_ONLY);
     }
+    Handle<FixedArray> exports;
     int first_export = -1;
     // TODO(wasm): another iteration over the code objects.
     for (int i = 0; i < code_table->length(); i++) {
       Handle<Code> code = code_table->GetValueChecked<Code>(isolate, i);
       if (code->kind() == Code::JS_TO_WASM_FUNCTION) {
         first_export = i;
         break;
       }
     }
-    if (compiled_module->has_exports()) {
-      Handle<FixedArray> exports = compiled_module->exports();
+    if (maybe_exports.ToHandle(&exports)) {
       int export_size = exports->length();
       for (int i = 0; i < export_size; ++i) {
         Handle<FixedArray> export_data =
             exports->GetValueChecked<FixedArray>(isolate, i);
         Handle<String> name =
             export_data->GetValueChecked<String>(isolate, kExportName);
         int arity = Smi::cast(export_data->get(kExportArity))->value();
         MaybeHandle<ByteArray> signature =
             export_data->GetValue<ByteArray>(isolate, kExportedSignature);
         Handle<Code> export_code =
@@ skipping 25 matching lines @@
   if (num_imported_functions > 0 || !owner.is_null()) {
     // If the code was cloned, or new imports were compiled, patch.
     PatchDirectCalls(old_code_table, code_table, num_imported_functions);
   }
 
   FlushICache(isolate, code_table);
 
   //--------------------------------------------------------------------------
   // Run the start function if one was specified.
   //--------------------------------------------------------------------------
-  if (compiled_module->has_startup_function()) {
-    Handle<FixedArray> startup_data = compiled_module->startup_function();
+  Handle<FixedArray> startup_data;
+  if (compiled_module->GetValue<FixedArray>(isolate, kStartupData)
+          .ToHandle(&startup_data)) {
     HandleScope scope(isolate);
     int32_t start_index =
         startup_data->GetValueChecked<Smi>(isolate, kExportedFunctionIndex)
             ->value();
     Handle<Code> startup_code =
         code_table->GetValueChecked<Code>(isolate, start_index);
     int arity = Smi::cast(startup_data->get(kExportArity))->value();
     MaybeHandle<ByteArray> startup_signature =
         startup_data->GetValue<ByteArray>(isolate, kExportedSignature);
     Handle<JSFunction> startup_fct = WrapExportCodeAsJSFunction(
         isolate, startup_code, factory->InternalizeUtf8String("start"), arity,
         startup_signature, instance);
     RecordStats(isolate, *startup_code);
     // Call the JS function.
     Handle<Object> undefined = isolate->factory()->undefined_value();
     MaybeHandle<Object> retval =
         Execution::Call(isolate, startup_fct, undefined, 0, nullptr);
 
     if (retval.is_null()) {
       thrower->Error("WASM.instantiateModule(): start function failed");
       return nothing;
     }
   }
 
   DCHECK(wasm::IsWasmObject(*instance));
 
-  if (compiled_module->has_weak_module_object()) {
+  if (!compiled_module->GetValue<WeakCell>(isolate, kModuleObject).is_null()) {
     instance->SetInternalField(kWasmCompiledModule, *compiled_module);
     Handle<WeakCell> link_to_owner = factory->NewWeakCell(instance);
 
     Handle<Object> global_handle = isolate->global_handles()->Create(*instance);
     Handle<WeakCell> link_to_clone = factory->NewWeakCell(compiled_module);
     {
       DisallowHeapAllocation no_gc;
-      compiled_module->set_weak_owning_instance(link_to_owner);
+      compiled_module->set(kOwningInstance, *link_to_owner);
       Handle<WeakCell> next;
       if (link_to_original.ToHandle(&next) && !next->cleared()) {
-        WasmCompiledModule* original = WasmCompiledModule::cast(next->value());
-        DCHECK(original->has_weak_owning_instance());
-        DCHECK(!original->weak_owning_instance()->cleared());
-        compiled_module->set_weak_next_instance(next);
-        original->set_weak_prev_instance(link_to_clone);
+        FixedArray* original = FixedArray::cast(next->value());
+        DCHECK_NOT_NULL(GetOwningInstance(original));
+        DCHECK(!GetOwningInstance(original)->cleared());
+        compiled_module->set(kNextInstance, *next);
+        original->set(kPrevInstance, *link_to_clone);
       }
       GlobalHandles::MakeWeak(global_handle.location(),
                               global_handle.location(), &InstanceFinalizer,
                               v8::WeakCallbackType::kFinalizer);
     }
   }
 
   return instance;
 }
 
@@ skipping 162 matching lines @@
     Handle<Map> map = isolate->factory()->NewMap(
         JS_OBJECT_TYPE, JSObject::kHeaderSize + kPointerSize);
     module_obj = isolate->factory()->NewJSObjectFromMap(map, TENURED);
   }
   module_obj->SetInternalField(0, *compiled_module);
   if (origin == ModuleOrigin::kWasmOrigin) {
     Handle<Symbol> module_sym(isolate->native_context()->wasm_module_sym());
     Object::SetProperty(module_obj, module_sym, module_obj, STRICT).Check();
   }
   Handle<WeakCell> link_to_module = isolate->factory()->NewWeakCell(module_obj);
-  WasmCompiledModule::cast(*compiled_module)
-      ->set_weak_module_object(link_to_module);
+  compiled_module->set(kModuleObject, *link_to_module);
   return module_obj;
 }
 
 MaybeHandle<JSObject> CreateModuleObjectFromBytes(Isolate* isolate,
                                                   const byte* start,
                                                   const byte* end,
                                                   ErrorThrower* thrower,
                                                   ModuleOrigin origin) {
   MaybeHandle<JSObject> nothing;
   Zone zone(isolate->allocator());
@@ skipping 32 matching lines @@
   if (mem->IsUndefined(isolate)) return MaybeHandle<JSArrayBuffer>();
   return Handle<JSArrayBuffer>(JSArrayBuffer::cast(mem));
 }
 
 void SetInstanceMemory(Handle<JSObject> instance, JSArrayBuffer* buffer) {
   DisallowHeapAllocation no_gc;
   DCHECK(IsWasmObject(*instance));
   instance->SetInternalField(kWasmMemArrayBuffer, buffer);
   Object* module = instance->GetInternalField(kWasmCompiledModule);
   if (module->IsFixedArray()) {
-    WasmCompiledModule::cast(module)->set_mem_size(
-        buffer->byte_length()->Number());
+    HeapNumber::cast(FixedArray::cast(module)->get(kMemSize))
+        ->set_value(buffer->byte_length()->Number());
   }
 }
 
 namespace testing {
 
 void ValidateInstancesChain(Isolate* isolate, Handle<JSObject> module_obj,
                             int instance_count) {
   CHECK_GE(instance_count, 0);
   DisallowHeapAllocation no_gc;
-  WasmCompiledModule* compiled_module =
-      WasmCompiledModule::cast(module_obj->GetInternalField(0));
-  CHECK_EQ(
-      JSObject::cast(compiled_module->ptr_to_weak_module_object()->value()),
-      *module_obj);
+  FixedArray* compiled_module =
+      FixedArray::cast(module_obj->GetInternalField(0));
+  CHECK_EQ(JSObject::cast(GetModuleObject(compiled_module)->value()),
+           *module_obj);
   Object* prev = nullptr;
-  int found_instances = compiled_module->has_weak_owning_instance() ? 1 : 0;
-  WasmCompiledModule* current_instance = compiled_module;
-  while (current_instance->has_weak_next_instance()) {
-    CHECK((prev == nullptr && !current_instance->has_weak_prev_instance()) ||
-          current_instance->ptr_to_weak_prev_instance()->value() == prev);
-    CHECK_EQ(current_instance->ptr_to_weak_module_object()->value(),
-             *module_obj);
-    CHECK(
-        IsWasmObject(current_instance->ptr_to_weak_owning_instance()->value()));
+  int found_instances = GetOwningInstance(compiled_module) == nullptr ? 0 : 1;
+  FixedArray* current_instance = compiled_module;
+  while (GetNextInstance(current_instance) != nullptr) {
+    CHECK((prev == nullptr && GetPrevInstance(current_instance) == nullptr) ||
+          GetPrevInstance(current_instance)->value() == prev);
+    CHECK_EQ(GetModuleObject(current_instance)->value(), *module_obj);
+    CHECK(IsWasmObject(GetOwningInstance(current_instance)->value()));
     prev = current_instance;
-    current_instance = WasmCompiledModule::cast(
-        current_instance->ptr_to_weak_next_instance()->value());
+    current_instance =
+        FixedArray::cast(GetNextInstance(current_instance)->value());
     ++found_instances;
     CHECK_LE(found_instances, instance_count);
   }
   CHECK_EQ(found_instances, instance_count);
 }
 
 void ValidateModuleState(Isolate* isolate, Handle<JSObject> module_obj) {
   DisallowHeapAllocation no_gc;
-  WasmCompiledModule* compiled_module =
-      WasmCompiledModule::cast(module_obj->GetInternalField(0));
-  CHECK(compiled_module->has_weak_module_object());
-  CHECK_EQ(compiled_module->ptr_to_weak_module_object()->value(), *module_obj);
-  CHECK(!compiled_module->has_weak_prev_instance());
-  CHECK(!compiled_module->has_weak_next_instance());
-  CHECK(!compiled_module->has_weak_owning_instance());
+  FixedArray* compiled_module =
+      FixedArray::cast(module_obj->GetInternalField(0));
+  CHECK_NOT_NULL(GetModuleObject(compiled_module));
+  CHECK_EQ(GetModuleObject(compiled_module)->value(), *module_obj);
+  CHECK_NULL(GetPrevInstance(compiled_module));
+  CHECK_NULL(GetNextInstance(compiled_module));
+  CHECK_NULL(GetOwningInstance(compiled_module));
 }
 
 void ValidateOrphanedInstance(Isolate* isolate, Handle<JSObject> instance) {
   DisallowHeapAllocation no_gc;
   CHECK(IsWasmObject(*instance));
-  WasmCompiledModule* compiled_module =
-      WasmCompiledModule::cast(instance->GetInternalField(kWasmCompiledModule));
-  CHECK(compiled_module->has_weak_module_object());
-  CHECK(compiled_module->ptr_to_weak_module_object()->cleared());
+  FixedArray* compiled_module =
+      FixedArray::cast(instance->GetInternalField(kWasmCompiledModule));
+  CHECK_NOT_NULL(GetModuleObject(compiled_module));
+  CHECK(GetModuleObject(compiled_module)->cleared());
 }
 
 }  // namespace testing
 }  // namespace wasm
 }  // namespace internal
 }  // namespace v8