[wasm] Move all heap-allocated WASM structures into wasm-objects.h.

src/wasm/wasm-module.cc

 // Copyright 2015 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <memory>
 
 #include "src/base/atomic-utils.h"
 #include "src/code-stubs.h"
 
 #include "src/macro-assembler.h"
 #include "src/objects.h"
 #include "src/property-descriptor.h"
 #include "src/simulator.h"
 #include "src/snapshot/snapshot.h"
 #include "src/v8.h"
 
 #include "src/wasm/ast-decoder.h"
 #include "src/wasm/module-decoder.h"
-#include "src/wasm/wasm-debug.h"
 #include "src/wasm/wasm-js.h"
 #include "src/wasm/wasm-module.h"
+#include "src/wasm/wasm-objects.h"
 #include "src/wasm/wasm-result.h"
 
 #include "src/compiler/wasm-compiler.h"
 
 using namespace v8::internal;
 using namespace v8::internal::wasm;
 namespace base = v8::base;
 
 #define TRACE(...)                                      \
   do {                                                  \
     if (FLAG_trace_wasm_instances) PrintF(__VA_ARGS__); \
   } while (false)
 
 #define TRACE_CHAIN(instance)        \
   do {                               \
     instance->PrintInstancesChain(); \
   } while (false)
 
-static const int kInvalidSigIndex = -1;
-
-// Collects all the data values to which a given WASM code object may be
-// specialized.
-struct Specialization {
-  // The native context, which is used in JS->WASM and WASM->JS wrappers
-  // and calls to the runtime.
-  Handle<Context> context;
-
-  // Specialization to the memory.
-  byte* memory_base;
-  uint32_t memory_size;
-
-  // Specialization to the globals.
-  byte* globals_base;
-
-  // Specialization to the function table.
-  uint32_t function_table_size;
-  Handle<FixedArray> function_table_sigs;
-  Handle<FixedArray> function_table_code;
-
-  Specialization()
-      : memory_base(nullptr),
-        memory_size(0),
-        globals_base(nullptr),
-        function_table_size(0) {}
-};
-
 namespace {
 
+static const int kInvalidSigIndex = -1;
 static const int kPlaceholderMarker = 1000000000;
 
-enum JSFunctionExportInternalField {
-  kInternalModuleInstance,
-  kInternalFunctionIndex
-};
-
-// Internal constants for the layout of the module object.
-enum WasmInstanceObjectFields {
-  kWasmCompiledModule = 0,
-  kWasmMemObject,
-  kWasmMemArrayBuffer,
-  kWasmGlobalsArrayBuffer,
-  kWasmDebugInfo,
-  kWasmInstanceInternalFieldCount
-};
-
 byte* raw_buffer_ptr(MaybeHandle<JSArrayBuffer> buffer, int offset) {
   return static_cast<byte*>(buffer.ToHandleChecked()->backing_store()) + offset;
 }
 
-uint32_t GetMinModuleMemSize(const WasmModule* module) {
-  return WasmModule::kPageSize * module->min_mem_pages;
-}
-
 MaybeHandle<String> ExtractStringFromModuleBytes(
     Isolate* isolate, Handle<WasmCompiledModule> compiled_module,
     uint32_t offset, uint32_t size) {
   // TODO(wasm): cache strings from modules if it's a performance win.
   Handle<SeqOneByteString> module_bytes = compiled_module->module_bytes();
   Address raw = module_bytes->GetCharsAddress() + offset;
   if (!unibrow::Utf8::Validate(reinterpret_cast<const byte*>(raw), size))
     return {};  // UTF8 decoding error for name.
   return isolate->factory()->NewStringFromUtf8SubString(
       module_bytes, static_cast<int>(offset), static_cast<int>(size));
@@ skipping 59 matching lines @@
     for (RelocIterator it(*code, mask); !it.done(); it.next()) {
       it.rinfo()->update_wasm_global_reference(old_start, globals_start);
     }
   }
 }
 
 Handle<Code> CreatePlaceholder(Factory* factory, uint32_t index,
                                Code::Kind kind) {
   // Create a placeholder code object and encode the corresponding index in
   // the {constant_pool_offset} field of the code object.
-  // TODO(titzer): placeholder code objects are somewhat dangerous.
-  static byte buffer[] = {0, 0, 0, 0, 0, 0, 0, 0};  // fake instructions.
+  // TODO(titzer): instead of placeholders, use a reloc_info mode.
+  static byte buffer[] = {0, 0, 0, 0};  // fake instructions.
   static CodeDesc desc = {
       buffer, arraysize(buffer), arraysize(buffer), 0, 0, nullptr, 0, nullptr};
   Handle<Code> code = factory->NewCode(desc, Code::KindField::encode(kind),
                                        Handle<Object>::null());
   code->set_constant_pool_offset(static_cast<int>(index) + kPlaceholderMarker);
   return code;
 }
 
 bool LinkFunction(Handle<Code> unlinked,
                   std::vector<Handle<Code>>& code_table) {
@@ skipping 103 matching lines @@
 }
 
 static void RecordStats(Isolate* isolate, Handle<FixedArray> functions) {
   DisallowHeapAllocation no_gc;
   for (int i = 0; i < functions->length(); ++i) {
     RecordStats(isolate, Code::cast(functions->get(i)));
   }
 }
 
 Address GetGlobalStartAddressFromCodeTemplate(Object* undefined,
-                                              JSObject* owner) {
+                                              JSObject* object) {
+  auto instance = WasmInstanceObject::cast(object);
   Address old_address = nullptr;
-  Object* stored_value = owner->GetInternalField(kWasmGlobalsArrayBuffer);
-  if (stored_value != undefined) {
-    old_address = static_cast<Address>(
-        JSArrayBuffer::cast(stored_value)->backing_store());
+  if (instance->has_globals_buffer()) {
+    old_address =
+        static_cast<Address>(instance->get_globals_buffer()->backing_store());
   }
   return old_address;
 }
 
 void InitializeParallelCompilation(
     Isolate* isolate, const std::vector<WasmFunction>& functions,
     std::vector<compiler::WasmCompilationUnit*>& compilation_units,
     ModuleEnv& module_env, ErrorThrower* thrower) {
   for (uint32_t i = FLAG_skip_compiling_wasm_funcs; i < functions.size(); ++i) {
     const WasmFunction* func = &functions[i];
@@ skipping 172 matching lines @@
         if (new_code != old_code) {
           it.rinfo()->set_target_address(new_code->instruction_start(),
                                          UPDATE_WRITE_BARRIER,
                                          SKIP_ICACHE_FLUSH);
         }
       }
     }
   }
 }
 
-static void ResetCompiledModule(Isolate* isolate, JSObject* owner,
+static void ResetCompiledModule(Isolate* isolate, WasmInstanceObject* owner,
                                 WasmCompiledModule* compiled_module) {
   TRACE("Resetting %d\n", compiled_module->instance_id());
   Object* undefined = *isolate->factory()->undefined_value();
   uint32_t old_mem_size = compiled_module->mem_size();
   uint32_t default_mem_size = compiled_module->default_mem_size();
   Object* mem_start = compiled_module->ptr_to_memory();
   Address old_mem_address = nullptr;
   Address globals_start =
       GetGlobalStartAddressFromCodeTemplate(undefined, owner);
 
@@ skipping 49 matching lines @@
         Assembler::FlushICache(isolate, code->instruction_start(),
                                code->instruction_size());
       }
     }
   }
   compiled_module->reset_memory();
 }
 
 static void InstanceFinalizer(const v8::WeakCallbackInfo<void>& data) {
   JSObject** p = reinterpret_cast<JSObject**>(data.GetParameter());
-  JSObject* owner = *p;
-  WasmCompiledModule* compiled_module = GetCompiledModule(owner);
+  WasmInstanceObject* owner = reinterpret_cast<WasmInstanceObject*>(*p);
+  WasmCompiledModule* compiled_module = owner->get_compiled_module();
   TRACE("Finalizing %d {\n", compiled_module->instance_id());
   Isolate* isolate = reinterpret_cast<Isolate*>(data.GetIsolate());
   DCHECK(compiled_module->has_weak_wasm_module());
   WeakCell* weak_wasm_module = compiled_module->ptr_to_weak_wasm_module();
 
   // weak_wasm_module may have been cleared, meaning the module object
   // was GC-ed. In that case, there won't be any new instances created,
   // and we don't need to maintain the links between instances.
   if (!weak_wasm_module->cleared()) {
     JSObject* wasm_module = JSObject::cast(weak_wasm_module->value());
@@ skipping 112 matching lines @@
       os.write(name.start(), name.length());
     } else {
       os << "+" << pair.function_->func_index;
     }
   } else {
     os << "?";
   }
   return os;
 }
 
-Handle<JSFunction> wasm::WrapExportCodeAsJSFunction(
-    Isolate* isolate, Handle<Code> export_code, Handle<String> name,
-    FunctionSig* sig, int func_index, Handle<JSObject> instance) {
-  Handle<SharedFunctionInfo> shared =
-      isolate->factory()->NewSharedFunctionInfo(name, export_code, false);
-  int arity = static_cast<int>(sig->parameter_count());
-  shared->set_length(arity);
-  shared->set_internal_formal_parameter_count(arity);
-  Handle<JSFunction> function = isolate->factory()->NewFunction(
-      isolate->wasm_function_map(), name, export_code);
-  function->set_shared(*shared);
-
-  function->SetInternalField(kInternalModuleInstance, *instance);
-  function->SetInternalField(kInternalFunctionIndex, Smi::FromInt(func_index));
-  return function;
-}
-
 Object* wasm::GetOwningWasmInstance(Code* code) {
   DCHECK(code->kind() == Code::WASM_FUNCTION);
   DisallowHeapAllocation no_gc;
   FixedArray* deopt_data = code->deoptimization_data();
   DCHECK_NOT_NULL(deopt_data);
   DCHECK(deopt_data->length() == 2);
   Object* weak_link = deopt_data->get(0);
   if (!weak_link->IsWeakCell()) return nullptr;
   WeakCell* cell = WeakCell::cast(weak_link);
   return cell->value();
 }
 
-WasmModule* GetCppModule(Handle<JSObject> instance) {
-  DCHECK(IsWasmInstance(*instance));
-  return reinterpret_cast<WasmModuleWrapper*>(
-             *GetCompiledModule(*instance)->module_wrapper())
-      ->get();
-}
-
-int wasm::GetNumImportedFunctions(Handle<JSObject> instance) {
-  return static_cast<int>(GetCppModule(instance)->num_imported_functions);
+int wasm::GetNumImportedFunctions(Handle<JSObject> object) {
+  return static_cast<int>(Handle<WasmInstanceObject>::cast(object)
+                              ->module()
+                              ->num_imported_functions);
 }
 
 WasmModule::WasmModule(Zone* owned, const byte* module_start)
     : owned_zone(owned),
       module_start(module_start),
       pending_tasks(new base::Semaphore(0)) {}
 
 MaybeHandle<WasmCompiledModule> WasmModule::CompileFunctions(
     Isolate* isolate, Handle<WasmModuleWrapper> module_wrapper,
     ErrorThrower* thrower) const {
   Factory* factory = isolate->factory();
 
   MaybeHandle<WasmCompiledModule> nothing;
 
   WasmInstance temp_instance(this);
   temp_instance.context = isolate->native_context();
-  temp_instance.mem_size = GetMinModuleMemSize(this);
+  temp_instance.mem_size = WasmModule::kPageSize * this->min_mem_pages;
   temp_instance.mem_start = nullptr;
   temp_instance.globals_start = nullptr;
 
   // Initialize the indirect tables with placeholders.
   int function_table_count = static_cast<int>(this->function_tables.size());
   Handle<FixedArray> function_tables =
       factory->NewFixedArray(function_table_count);
   for (int i = 0; i < function_table_count; ++i) {
     temp_instance.function_tables[i] = factory->NewFixedArray(0);
     function_tables->set(i, *temp_instance.function_tables[i]);
@@ skipping 103 matching lines @@
     ret->set_module_bytes(Handle<SeqOneByteString>::cast(module_bytes_string));
   }
 
   return ret;
 }
 
 static WasmFunction* GetWasmFunctionForImportWrapper(Isolate* isolate,
                                                      Handle<Object> target) {
   if (target->IsJSFunction()) {
     Handle<JSFunction> func = Handle<JSFunction>::cast(target);
-    Handle<Code> export_wrapper_code = handle(func->code());
-    if (export_wrapper_code->kind() == Code::JS_TO_WASM_FUNCTION) {
-      Handle<JSObject> other_instance(
-          JSObject::cast(func->GetInternalField(kInternalModuleInstance)),
-          isolate);
-      int func_index =
-          Smi::cast(func->GetInternalField(kInternalFunctionIndex))->value();
-      return &GetCppModule(other_instance)->functions[func_index];
+    if (func->code()->kind() == Code::JS_TO_WASM_FUNCTION) {
+      auto exported = Handle<WasmExportedFunction>::cast(func);
+      Handle<WasmInstanceObject> other_instance(exported->instance(), isolate);
+      int func_index = exported->function_index();
+      return &other_instance->module()->functions[func_index];
     }
   }
   return nullptr;
 }
 
 static Handle<Code> UnwrapImportWrapper(Handle<Object> target) {
   Handle<JSFunction> func = Handle<JSFunction>::cast(target);
   Handle<Code> export_wrapper_code = handle(func->code());
   int found = 0;
   int mask = RelocInfo::ModeMask(RelocInfo::CODE_TARGET);
@@ skipping 33 matching lines @@
                                             module_name, import_name);
   }
 }
 
 static void UpdateDispatchTablesInternal(Isolate* isolate,
                                          Handle<FixedArray> dispatch_tables,
                                          int index, WasmFunction* function,
                                          Handle<Code> code) {
   DCHECK_EQ(0, dispatch_tables->length() % 3);
   for (int i = 0; i < dispatch_tables->length(); i += 3) {
-    Handle<Object> instance(dispatch_tables->get(i), isolate);
-    WasmModule* module = GetCppModule(Handle<JSObject>::cast(instance));
     int table_index = Smi::cast(dispatch_tables->get(i + 1))->value();
     Handle<FixedArray> dispatch_table(
         FixedArray::cast(dispatch_tables->get(i + 2)), isolate);
     if (function) {
       // TODO(titzer): the signature might need to be copied to avoid
       // a dangling pointer in the signature map.
+      Handle<WasmInstanceObject> instance(
+          WasmInstanceObject::cast(dispatch_tables->get(i)), isolate);
       int sig_index = static_cast<int>(
-          module->function_tables[table_index].map.FindOrInsert(function->sig));
+          instance->module()->function_tables[table_index].map.FindOrInsert(
+              function->sig));
       dispatch_table->set(index, Smi::FromInt(sig_index));
       dispatch_table->set(index + (dispatch_table->length() / 2), *code);
     } else {
       Code* code = nullptr;
       dispatch_table->set(index, Smi::FromInt(-1));
       dispatch_table->set(index + (dispatch_table->length() / 2), code);
     }
   }
 }
 
@@ skipping 30 matching lines @@
     MaybeHandle<JSObject> nothing;
     HistogramTimerScope wasm_instantiate_module_time_scope(
         isolate_->counters()->wasm_instantiate_module_time());
     Factory* factory = isolate_->factory();
 
     //--------------------------------------------------------------------------
     // Reuse the compiled module (if no owner), otherwise clone.
     //--------------------------------------------------------------------------
     Handle<FixedArray> code_table;
     Handle<FixedArray> old_code_table;
-    MaybeHandle<JSObject> owner;
+    MaybeHandle<WasmInstanceObject> owner;
 
     TRACE("Starting new module instantiation\n");
     {
       // Root the owner, if any, before doing any allocations, which
       // may trigger GC.
       // Both owner and original template need to be in sync. Even
       // after we lose the original template handle, the code
       // objects we copied from it have data relative to the
       // instance - such as globals addresses.
       Handle<WasmCompiledModule> original;
       {
         DisallowHeapAllocation no_gc;
         original = handle(
             WasmCompiledModule::cast(module_object_->GetInternalField(0)));
         if (original->has_weak_owning_instance()) {
-          owner =
-              handle(JSObject::cast(original->weak_owning_instance()->value()));
+          owner = handle(WasmInstanceObject::cast(
+              original->weak_owning_instance()->value()));
         }
       }
       DCHECK(!original.is_null());
       // Always make a new copy of the code_table, since the old_code_table
       // may still have placeholders for imports.
       old_code_table = original->code_table();
       code_table = factory->CopyFixedArray(old_code_table);
 
       if (original->has_weak_owning_instance()) {
         // Clone, but don't insert yet the clone in the instances chain.
@@ skipping 33 matching lines @@
       }
       compiled_module_->set_code_table(code_table);
     }
     module_ = reinterpret_cast<WasmModuleWrapper*>(
                   *compiled_module_->module_wrapper())
                   ->get();
 
     //--------------------------------------------------------------------------
     // Allocate the instance object.
     //--------------------------------------------------------------------------
-    Handle<Map> map = factory->NewMap(
-        JS_OBJECT_TYPE,
-        JSObject::kHeaderSize + kWasmInstanceInternalFieldCount * kPointerSize);
-    Handle<JSObject> instance = factory->NewJSObjectFromMap(map, TENURED);
-    instance->SetInternalField(kWasmMemObject,
-                               isolate_->heap()->undefined_value());
+    Handle<WasmInstanceObject> instance =
+        WasmInstanceObject::New(isolate_, compiled_module_);
 
     //--------------------------------------------------------------------------
     // Set up the globals for the new instance.
     //--------------------------------------------------------------------------
     MaybeHandle<JSArrayBuffer> old_globals;
     uint32_t globals_size = module_->globals_size;
     if (globals_size > 0) {
       Handle<JSArrayBuffer> global_buffer =
           NewArrayBuffer(isolate_, globals_size);
       globals_ = global_buffer;
       if (globals_.is_null()) {
         thrower_->RangeError("Out of memory: wasm globals");
         return nothing;
       }
-      Address old_address = owner.is_null()
-                                ? nullptr
-                                : GetGlobalStartAddressFromCodeTemplate(
-                                      isolate_->heap()->undefined_value(),
-                                      JSObject::cast(*owner.ToHandleChecked()));
+      Address old_address =
+          owner.is_null() ? nullptr : GetGlobalStartAddressFromCodeTemplate(
+                                          isolate_->heap()->undefined_value(),
+                                          *owner.ToHandleChecked());
       RelocateGlobals(code_table, old_address,
                       static_cast<Address>(global_buffer->backing_store()));
-      instance->SetInternalField(kWasmGlobalsArrayBuffer, *global_buffer);
+      instance->set_globals_buffer(*global_buffer);
     }
 
     //--------------------------------------------------------------------------
     // Prepare for initialization of function tables.
     //--------------------------------------------------------------------------
     int function_table_count =
         static_cast<int>(module_->function_tables.size());
     table_instances_.reserve(module_->function_tables.size());
     for (int index = 0; index < function_table_count; ++index) {
-      table_instances_.push_back({Handle<JSObject>::null(),
+      table_instances_.push_back({Handle<WasmTableObject>::null(),
                                   Handle<FixedArray>::null(),
                                   Handle<FixedArray>::null()});
     }
 
     //--------------------------------------------------------------------------
     // Process the imports for the module.
     //--------------------------------------------------------------------------
     int num_imported_functions = ProcessImports(code_table, instance);
     if (num_imported_functions < 0) return nothing;
 
@@ skipping 12 matching lines @@
 
     if (!memory_.is_null()) {
       // Set externally passed ArrayBuffer non neuterable.
       memory_->set_is_neuterable(false);
     } else if (min_mem_pages > 0) {
       memory_ = AllocateMemory(min_mem_pages);
       if (memory_.is_null()) return nothing;  // failed to allocate memory
     }
 
     if (!memory_.is_null()) {
-      instance->SetInternalField(kWasmMemArrayBuffer, *memory_);
+      instance->set_memory_buffer(*memory_);
       Address mem_start = static_cast<Address>(memory_->backing_store());
       uint32_t mem_size =
           static_cast<uint32_t>(memory_->byte_length()->Number());
       LoadDataSegments(mem_start, mem_size);
 
       uint32_t old_mem_size = compiled_module_->mem_size();
       Address old_mem_start =
           compiled_module_->has_memory()
               ? static_cast<Address>(
                     compiled_module_->memory()->backing_store())
@@ skipping 46 matching lines @@
       Handle<WeakCell> link_to_clone = factory->NewWeakCell(compiled_module_);
       Handle<WeakCell> link_to_owning_instance = factory->NewWeakCell(instance);
       MaybeHandle<WeakCell> link_to_original;
       MaybeHandle<WasmCompiledModule> original;
       if (!owner.is_null()) {
         // prepare the data needed for publishing in a chain, but don't link
         // just yet, because
         // we want all the publishing to happen free from GC interruptions, and
         // so we do it in
         // one GC-free scope afterwards.
-        original = handle(GetCompiledModule(*owner.ToHandleChecked()));
+        original = handle(owner.ToHandleChecked()->get_compiled_module());
         link_to_original = factory->NewWeakCell(original.ToHandleChecked());
       }
       // Publish the new instance to the instances chain.
       {
         DisallowHeapAllocation no_gc;
         if (!link_to_original.is_null()) {
           compiled_module_->set_weak_next_instance(
               link_to_original.ToHandleChecked());
           original.ToHandleChecked()->set_weak_prev_instance(link_to_clone);
           compiled_module_->set_weak_wasm_module(
               original.ToHandleChecked()->weak_wasm_module());
         }
         module_object_->SetInternalField(0, *compiled_module_);
-        instance->SetInternalField(kWasmCompiledModule, *compiled_module_);
         compiled_module_->set_weak_owning_instance(link_to_owning_instance);
         GlobalHandles::MakeWeak(global_handle.location(),
                                 global_handle.location(), &InstanceFinalizer,
                                 v8::WeakCallbackType::kFinalizer);
       }
     }
 
     DCHECK(wasm::IsWasmInstance(*instance));
-    Handle<Object> memory_object(instance->GetInternalField(kWasmMemObject),
-                                 isolate_);
-    WasmJs::SetWasmMemoryInstance(isolate_, memory_object, instance);
+    if (instance->has_memory_object()) {
+      instance->get_memory_object()->AddInstance(*instance);
+    }
 
     //--------------------------------------------------------------------------
     // Run the start function if one was specified.
     //--------------------------------------------------------------------------
     if (module_->start_function_index >= 0) {
       HandleScope scope(isolate_);
       ModuleEnv module_env;
       module_env.module = module_;
       module_env.instance = nullptr;
       module_env.origin = module_->origin;
       int start_index = module_->start_function_index;
       Handle<Code> startup_code =
           code_table->GetValueChecked<Code>(isolate_, start_index);
       FunctionSig* sig = module_->functions[start_index].sig;
       Handle<Code> wrapper_code = compiler::CompileJSToWasmWrapper(
           isolate_, &module_env, startup_code, start_index);
-      Handle<JSFunction> startup_fct = WrapExportCodeAsJSFunction(
-          isolate_, wrapper_code, factory->InternalizeUtf8String("start"), sig,
-          start_index, instance);
+      Handle<WasmExportedFunction> startup_fct = WasmExportedFunction::New(
+          isolate_, instance, factory->InternalizeUtf8String("start"),
+          wrapper_code, static_cast<int>(sig->parameter_count()), start_index);
       RecordStats(isolate_, *startup_code);
       // Call the JS function.
       Handle<Object> undefined = factory->undefined_value();
       MaybeHandle<Object> retval =
           Execution::Call(isolate_, startup_fct, undefined, 0, nullptr);
 
       if (retval.is_null()) {
         DCHECK(isolate_->has_pending_exception());
         isolate_->OptionalRescheduleException(false);
         // It's unfortunate that the new instance is already linked in the
         // chain. However, we need to set up everything before executing the
         // start function, such that stack trace information can be generated
         // correctly already in the start function.
         return nothing;
       }
     }
 
     DCHECK(!isolate_->has_pending_exception());
     TRACE("Finishing instance %d\n", compiled_module_->instance_id());
     TRACE_CHAIN(WasmCompiledModule::cast(module_object_->GetInternalField(0)));
     return instance;
   }
 
  private:
   // Represents the initialized state of a table.
   struct TableInstance {
-    Handle<JSObject> table_object;           // WebAssembly.Table instance
+    Handle<WasmTableObject> table_object;    // WebAssembly.Table instance
     Handle<FixedArray> js_wrappers;          // JSFunctions exported
     Handle<FixedArray> dispatch_table;       // internal (code, sig) pairs
   };
 
   Isolate* isolate_;
   WasmModule* module_;
   ErrorThrower* thrower_;
   Handle<JSObject> module_object_;
   Handle<JSReceiver> ffi_;
   Handle<JSArrayBuffer> memory_;
@@ skipping 120 matching lines @@
         *GetRawGlobalPtr<double>(global) = static_cast<double>(num);
         break;
       default:
         UNREACHABLE();
     }
   }
 
   // Process the imports, including functions, tables, globals, and memory, in
   // order, loading them from the {ffi_} object. Returns the number of imported
   // functions.
-  int ProcessImports(Handle<FixedArray> code_table, Handle<JSObject> instance) {
+  int ProcessImports(Handle<FixedArray> code_table,
+                     Handle<WasmInstanceObject> instance) {
     int num_imported_functions = 0;
     int num_imported_tables = 0;
     for (int index = 0; index < static_cast<int>(module_->import_table.size());
          ++index) {
       WasmImport& import = module_->import_table[index];
       Handle<String> module_name =
           ExtractStringFromModuleBytes(isolate_, compiled_module_,
                                        import.module_name_offset,
                                        import.module_name_length)
               .ToHandleChecked();
@@ skipping 35 matching lines @@
         case kExternalTable: {
           Handle<Object> value = result.ToHandleChecked();
           if (!WasmJs::IsWasmTableObject(isolate_, value)) {
             ReportFFIError("table import requires a WebAssembly.Table", index,
                            module_name, function_name);
             return -1;
           }
           WasmIndirectFunctionTable& table =
               module_->function_tables[num_imported_tables];
           TableInstance& table_instance = table_instances_[num_imported_tables];
-          table_instance.table_object = Handle<JSObject>::cast(value);
-          table_instance.js_wrappers = WasmJs::GetWasmTableFunctions(
-              isolate_, table_instance.table_object);
+          table_instance.table_object = Handle<WasmTableObject>::cast(value);
+          table_instance.js_wrappers = Handle<FixedArray>(
+              table_instance.table_object->get_functions(), isolate_);
 
           // TODO(titzer): import table size must match exactly for now.
           int table_size = table_instance.js_wrappers->length();
           if (table_size != static_cast<int>(table.min_size)) {
             thrower_->TypeError(
                 "table import %d is wrong size (%d), expected %u", index,
                 table_size, table.min_size);
             return -1;
           }
 
@@ skipping 25 matching lines @@
           num_imported_tables++;
           break;
         }
         case kExternalMemory: {
           Handle<Object> object = result.ToHandleChecked();
           if (!WasmJs::IsWasmMemoryObject(isolate_, object)) {
             ReportFFIError("memory import must be a WebAssembly.Memory object",
                            index, module_name, function_name);
             return -1;
           }
-          instance->SetInternalField(kWasmMemObject, *object);
-          memory_ = WasmJs::GetWasmMemoryArrayBuffer(isolate_, object);
+          auto memory = Handle<WasmMemoryObject>::cast(object);
+          instance->set_memory_object(*memory);
+          memory_ = Handle<JSArrayBuffer>(memory->get_buffer(), isolate_);
           break;
         }
         case kExternalGlobal: {
           // Global imports are converted to numbers and written into the
           // {globals_} array buffer.
           Handle<Object> object = result.ToHandleChecked();
           MaybeHandle<Object> number = Object::ToNumber(object);
           if (number.is_null()) {
             ReportFFIError("global import could not be converted to number",
                            index, module_name, function_name);
@@ skipping 67 matching lines @@
 
     if (mem_buffer.is_null()) {
       thrower_->RangeError("Out of memory: wasm memory");
     }
     return mem_buffer;
   }
 
   // Process the exports, creating wrappers for functions, tables, memories,
   // and globals.
   void ProcessExports(Handle<FixedArray> code_table,
-                      Handle<JSObject> instance) {
+                      Handle<WasmInstanceObject> instance) {
     bool needs_wrappers = module_->num_exported_functions > 0;
     for (auto table_instance : table_instances_) {
       if (!table_instance.js_wrappers.is_null()) {
         needs_wrappers = true;
         break;
       }
     }
     for (auto table : module_->function_tables) {
       if (table.exported) {
         needs_wrappers = true;
@@ skipping 32 matching lines @@
         case kExternalFunction: {
           // Wrap and export the code as a JSFunction.
           WasmFunction& function = module_->functions[exp.index];
           int func_index =
               static_cast<int>(module_->functions.size() + export_index);
           Handle<JSFunction> js_function = js_wrappers_[exp.index];
           if (js_function.is_null()) {
             // Wrap the exported code as a JSFunction.
             Handle<Code> export_code =
                 code_table->GetValueChecked<Code>(isolate_, func_index);
-            js_function = WrapExportCodeAsJSFunction(
-                isolate_, export_code, name, function.sig, function.func_index,
-                instance);
+            js_function = WasmExportedFunction::New(
+                isolate_, instance, name, export_code,
+                static_cast<int>(function.sig->parameter_count()),
+                function.func_index);
             js_wrappers_[exp.index] = js_function;
           }
           desc.set_value(js_function);
           export_index++;
           break;
         }
         case kExternalTable: {
           // Export a table as a WebAssembly.Table object.
           TableInstance& table_instance = table_instances_[exp.index];
           WasmIndirectFunctionTable& table =
               module_->function_tables[exp.index];
           if (table_instance.table_object.is_null()) {
-            table_instance.table_object = WasmJs::CreateWasmTableObject(
-                isolate_, table.min_size, table.has_max, table.max_size,
-                &table_instance.js_wrappers);
+            uint32_t maximum =
+                table.has_max ? table.max_size : WasmModule::kV8MaxTableSize;
+            table_instance.table_object = WasmTableObject::New(
+                isolate_, table.min_size, maximum, &table_instance.js_wrappers);
           }
           desc.set_value(table_instance.table_object);
           break;
         }
         case kExternalMemory: {
           // Export the memory as a WebAssembly.Memory object.
-          Handle<Object> memory_object(
-              instance->GetInternalField(kWasmMemObject), isolate_);
-          if (memory_object->IsUndefined(isolate_)) {
+          Handle<WasmMemoryObject> memory_object;
+          if (!instance->has_memory_object()) {
             // If there was no imported WebAssembly.Memory object, create one.
-            Handle<JSArrayBuffer> buffer(
-                JSArrayBuffer::cast(
-                    instance->GetInternalField(kWasmMemArrayBuffer)),
-                isolate_);
-            memory_object = WasmJs::CreateWasmMemoryObject(
-                isolate_, buffer, (module_->max_mem_pages != 0),
-                module_->max_mem_pages);
-            instance->SetInternalField(kWasmMemObject, *memory_object);
+            Handle<JSArrayBuffer> buffer(instance->get_memory_buffer(),
+                                         isolate_);
+            memory_object = WasmMemoryObject::New(
+                isolate_, buffer,
+                (module_->max_mem_pages != 0) ? module_->max_mem_pages : -1);
+            instance->set_memory_object(*memory_object);
+          } else {
+            memory_object = Handle<WasmMemoryObject>(
+                instance->get_memory_object(), isolate_);
           }
 
           desc.set_value(memory_object);
           break;
         }
         case kExternalGlobal: {
           // Export the value of the global variable as a number.
           WasmGlobal& global = module_->globals[exp.index];
           double num = 0;
           switch (global.type) {
@@ skipping 21 matching lines @@
           isolate_, exports_object, name, &desc, Object::THROW_ON_ERROR);
       if (!status.IsJust()) {
         thrower_->TypeError("export of %.*s failed.", name->length(),
                             name->ToCString().get());
         return;
       }
     }
   }
 
   void InitializeTables(Handle<FixedArray> code_table,
-                        Handle<JSObject> instance) {
+                        Handle<WasmInstanceObject> instance) {
     Handle<FixedArray> old_function_tables =
         compiled_module_->function_tables();
     int function_table_count =
         static_cast<int>(module_->function_tables.size());
     Handle<FixedArray> new_function_tables =
         isolate_->factory()->NewFixedArray(function_table_count);
     for (int index = 0; index < function_table_count; ++index) {
       WasmIndirectFunctionTable& table = module_->function_tables[index];
       TableInstance& table_instance = table_instances_[index];
       int table_size = static_cast<int>(table.min_size);
 
       if (table_instance.dispatch_table.is_null()) {
         // Create a new dispatch table if necessary.
         table_instance.dispatch_table =
             isolate_->factory()->NewFixedArray(table_size * 2);
         for (int i = 0; i < table_size; ++i) {
           // Fill the table with invalid signature indexes so that
           // uninitialized entries will always fail the signature check.
           table_instance.dispatch_table->set(i, Smi::FromInt(kInvalidSigIndex));
         }
       }
 
       new_function_tables->set(static_cast<int>(index),
                                *table_instance.dispatch_table);
 
       Handle<FixedArray> all_dispatch_tables;
       if (!table_instance.table_object.is_null()) {
         // Get the existing dispatch table(s) with the WebAssembly.Table object.
-        all_dispatch_tables = WasmJs::AddWasmTableDispatchTable(
-            isolate_, table_instance.table_object, Handle<JSObject>::null(),
-            index, Handle<FixedArray>::null());
+        all_dispatch_tables = WasmTableObject::AddDispatchTable(
+            isolate_, table_instance.table_object,
+            Handle<WasmInstanceObject>::null(), index,
+            Handle<FixedArray>::null());
       }
 
       // TODO(titzer): this does redundant work if there are multiple tables,
       // since initializations are not sorted by table index.
       for (auto table_init : module_->table_inits) {
         uint32_t base = EvalUint32InitExpr(table_init.offset);
         if (base > static_cast<uint32_t>(table_size) ||
             (base + table_init.entries.size() >
              static_cast<uint32_t>(table_size))) {
           thrower_->CompileError("table initializer is out of bounds");
@@ skipping 24 matching lines @@
               temp_instance.mem_start = nullptr;
               temp_instance.globals_start = nullptr;
 
               ModuleEnv module_env;
               module_env.module = module_;
               module_env.instance = &temp_instance;
               module_env.origin = module_->origin;
 
               Handle<Code> wrapper_code = compiler::CompileJSToWasmWrapper(
                   isolate_, &module_env, wasm_code, func_index);
-              Handle<JSFunction> js_function = WrapExportCodeAsJSFunction(
-                  isolate_, wrapper_code, isolate_->factory()->empty_string(),
-                  function->sig, func_index, instance);
+              Handle<WasmExportedFunction> js_function =
+                  WasmExportedFunction::New(
+                      isolate_, instance, isolate_->factory()->empty_string(),
+                      wrapper_code,
+                      static_cast<int>(function->sig->parameter_count()),
+                      func_index);
               js_wrappers_[func_index] = js_function;
             }
             table_instance.js_wrappers->set(table_index,
                                             *js_wrappers_[func_index]);
 
             UpdateDispatchTablesInternal(isolate_, all_dispatch_tables,
                                          table_index, function, wasm_code);
           }
         }
       }
 
       // TODO(titzer): we add the new dispatch table at the end to avoid
       // redundant work and also because the new instance is not yet fully
       // initialized.
       if (!table_instance.table_object.is_null()) {
         // Add the new dispatch table to the WebAssembly.Table object.
-        all_dispatch_tables = WasmJs::AddWasmTableDispatchTable(
+        all_dispatch_tables = WasmTableObject::AddDispatchTable(
             isolate_, table_instance.table_object, instance, index,
             table_instance.dispatch_table);
       }
     }
     // Patch all code that has references to the old indirect tables.
     for (int i = 0; i < code_table->length(); ++i) {
       if (!code_table->get(i)->IsCode()) continue;
       Handle<Code> code(Code::cast(code_table->get(i)), isolate_);
       for (int j = 0; j < function_table_count; ++j) {
         ReplaceReferenceInCode(
             code, Handle<Object>(old_function_tables->get(j), isolate_),
             Handle<Object>(new_function_tables->get(j), isolate_));
       }
     }
     compiled_module_->set_function_tables(new_function_tables);
   }
 };
 
 // Instantiates a WASM module, creating a WebAssembly.Instance from a
 // WebAssembly.Module.
 MaybeHandle<JSObject> WasmModule::Instantiate(Isolate* isolate,
                                               ErrorThrower* thrower,
                                               Handle<JSObject> wasm_module,
                                               Handle<JSReceiver> ffi,
                                               Handle<JSArrayBuffer> memory) {
   WasmInstanceBuilder builder(isolate, thrower, wasm_module, ffi, memory);
   return builder.Build();
 }
 
-Handle<WasmCompiledModule> WasmCompiledModule::New(
-    Isolate* isolate, Handle<WasmModuleWrapper> module_wrapper) {
-  Handle<FixedArray> ret =
-      isolate->factory()->NewFixedArray(PropertyIndices::Count, TENURED);
-  // WasmCompiledModule::cast would fail since module bytes are not set yet.
-  Handle<WasmCompiledModule> compiled_module(
-      reinterpret_cast<WasmCompiledModule*>(*ret), isolate);
-  compiled_module->InitId();
-  compiled_module->set_module_wrapper(module_wrapper);
-  return compiled_module;
-}
-
-void WasmCompiledModule::InitId() {
-#if DEBUG
-  static uint32_t instance_id_counter = 0;
-  set(kID_instance_id, Smi::FromInt(instance_id_counter++));
-  TRACE("New compiled module id: %d\n", instance_id());
-#endif
-}
-
-bool WasmCompiledModule::IsWasmCompiledModule(Object* obj) {
-  if (!obj->IsFixedArray()) return false;
-  FixedArray* arr = FixedArray::cast(obj);
-  if (arr->length() != PropertyIndices::Count) return false;
-  Isolate* isolate = arr->GetIsolate();
-#define WCM_CHECK_SMALL_NUMBER(TYPE, NAME) \
-  if (!arr->get(kID_##NAME)->IsSmi()) return false;
-#define WCM_CHECK_OBJECT_OR_WEAK(TYPE, NAME)         \
-  if (!arr->get(kID_##NAME)->IsUndefined(isolate) && \
-      !arr->get(kID_##NAME)->Is##TYPE())             \
-    return false;
-#define WCM_CHECK_OBJECT(TYPE, NAME) WCM_CHECK_OBJECT_OR_WEAK(TYPE, NAME)
-#define WCM_CHECK_WEAK_LINK(TYPE, NAME) WCM_CHECK_OBJECT_OR_WEAK(WeakCell, NAME)
-#define WCM_CHECK(KIND, TYPE, NAME) WCM_CHECK_##KIND(TYPE, NAME)
-  WCM_PROPERTY_TABLE(WCM_CHECK)
-#undef WCM_CHECK
-
-  // All checks passed.
-  return true;
-}
-
-void WasmCompiledModule::PrintInstancesChain() {
-#if DEBUG
-  if (!FLAG_trace_wasm_instances) return;
-  for (WasmCompiledModule* current = this; current != nullptr;) {
-    PrintF("->%d", current->instance_id());
-    if (current->ptr_to_weak_next_instance() == nullptr) break;
-    CHECK(!current->ptr_to_weak_next_instance()->cleared());
-    current =
-        WasmCompiledModule::cast(current->ptr_to_weak_next_instance()->value());
-  }
-  PrintF("\n");
-#endif
-}
-
 Handle<Object> wasm::GetWasmFunctionNameOrNull(Isolate* isolate,
-                                               Handle<Object> instance,
+                                               Handle<Object> object,
                                                uint32_t func_index) {
-  if (!instance->IsUndefined(isolate)) {
-    DCHECK(IsWasmInstance(*instance));
-    WasmModule* module = GetCppModule(Handle<JSObject>::cast(instance));
+  if (!object->IsUndefined(isolate)) {
+    auto instance = Handle<WasmInstanceObject>::cast(object);
+    WasmModule* module = instance->module();
     WasmFunction& function = module->functions[func_index];
-    Handle<WasmCompiledModule> compiled_module(GetCompiledModule(*instance),
+    Handle<WasmCompiledModule> compiled_module(instance->get_compiled_module(),
                                                isolate);
     MaybeHandle<String> string = ExtractStringFromModuleBytes(
         isolate, compiled_module, function.name_offset, function.name_length);
     if (!string.is_null()) return string.ToHandleChecked();
   }
   return isolate->factory()->null_value();
 }
 
 Handle<String> wasm::GetWasmFunctionName(Isolate* isolate,
                                          Handle<Object> instance,
                                          uint32_t func_index) {
   Handle<Object> name_or_null =
       GetWasmFunctionNameOrNull(isolate, instance, func_index);
   if (!name_or_null->IsNull(isolate)) {
     return Handle<String>::cast(name_or_null);
   }
   return isolate->factory()->NewStringFromStaticChars("<WASM UNNAMED>");
 }
 
 bool wasm::IsWasmInstance(Object* object) {
-  if (!object->IsJSObject()) return false;
-
-  JSObject* obj = JSObject::cast(object);
-  Isolate* isolate = obj->GetIsolate();
-  if (obj->GetInternalFieldCount() != kWasmInstanceInternalFieldCount) {
-    return false;
-  }
-
-  Object* mem = obj->GetInternalField(kWasmMemArrayBuffer);
-  if (!(mem->IsUndefined(isolate) || mem->IsJSArrayBuffer()) ||
-      !WasmCompiledModule::IsWasmCompiledModule(
-          obj->GetInternalField(kWasmCompiledModule))) {
-    return false;
-  }
-
-  // All checks passed.
-  return true;
+  return WasmInstanceObject::IsWasmInstanceObject(object);
 }
 
-WasmCompiledModule* wasm::GetCompiledModule(Object* instance) {
-  DCHECK(IsWasmInstance(instance));
-  return WasmCompiledModule::cast(
-      JSObject::cast(instance)->GetInternalField(kWasmCompiledModule));
+WasmCompiledModule* wasm::GetCompiledModule(Object* object) {
+  return WasmInstanceObject::cast(object)->get_compiled_module();
 }
 
-bool wasm::WasmIsAsmJs(Object* instance, Isolate* isolate) {
-  return IsWasmInstance(instance) &&
-         GetCompiledModule(JSObject::cast(instance))->has_asm_js_script();
+bool wasm::WasmIsAsmJs(Object* object, Isolate* isolate) {
+  return IsWasmInstance(object) &&
+         WasmInstanceObject::cast(object)
+             ->get_compiled_module()
+             ->has_asm_js_script();
 }
 
-Handle<Script> wasm::GetAsmWasmScript(Handle<JSObject> instance) {
-  DCHECK(IsWasmInstance(*instance));
-  WasmCompiledModule* compiled_module = GetCompiledModule(*instance);
-  return compiled_module->asm_js_script();
+Handle<Script> wasm::GetAsmWasmScript(Handle<JSObject> object) {
+  return Handle<WasmInstanceObject>::cast(object)
+      ->get_compiled_module()
+      ->asm_js_script();
 }
 
 int wasm::GetAsmWasmSourcePosition(Handle<JSObject> instance, int func_index,
                                    int byte_offset) {
   return WasmDebugInfo::GetAsmJsSourcePosition(GetDebugInfo(instance),
                                                func_index, byte_offset);
 }
 
-Handle<SeqOneByteString> wasm::GetWasmBytes(Handle<JSObject> instance) {
-  DCHECK(IsWasmInstance(*instance));
-  WasmCompiledModule* compiled_module = GetCompiledModule(*instance);
-  return compiled_module->module_bytes();
+Handle<SeqOneByteString> wasm::GetWasmBytes(Handle<JSObject> object) {
+  return Handle<WasmInstanceObject>::cast(object)
+      ->get_compiled_module()
+      ->module_bytes();
 }
 
-Handle<WasmDebugInfo> wasm::GetDebugInfo(Handle<JSObject> instance) {
-  Handle<Object> info(instance->GetInternalField(kWasmDebugInfo),
-                      instance->GetIsolate());
-  if (!info->IsUndefined(instance->GetIsolate()))
-    return Handle<WasmDebugInfo>::cast(info);
+Handle<WasmDebugInfo> wasm::GetDebugInfo(Handle<JSObject> object) {
+  auto instance = Handle<WasmInstanceObject>::cast(object);
+  if (instance->has_debug_info()) {
+    Handle<WasmDebugInfo> info(instance->get_debug_info(),
+                               instance->GetIsolate());
+    return info;
+  }
   Handle<WasmDebugInfo> new_info = WasmDebugInfo::New(instance);
-  instance->SetInternalField(kWasmDebugInfo, *new_info);
+  instance->set_debug_info(*new_info);
   return new_info;
 }
 
-int wasm::GetNumberOfFunctions(Handle<JSObject> instance) {
-  return static_cast<int>(GetCppModule(instance)->functions.size());
-}
-
-Handle<JSObject> wasm::CreateWasmModuleObject(
-    Isolate* isolate, Handle<WasmCompiledModule> compiled_module,
-    ModuleOrigin origin) {
-  Handle<JSObject> wasm_module;
-  if (origin == ModuleOrigin::kWasmOrigin) {
-    Handle<JSFunction> module_cons(
-        isolate->native_context()->wasm_module_constructor());
-    wasm_module = isolate->factory()->NewJSObject(module_cons);
-  } else {
-    DCHECK(origin == ModuleOrigin::kAsmJsOrigin);
-    Handle<Map> map = isolate->factory()->NewMap(
-        JS_OBJECT_TYPE, JSObject::kHeaderSize + kPointerSize);
-    wasm_module = isolate->factory()->NewJSObjectFromMap(map, TENURED);
-  }
-  wasm_module->SetInternalField(0, *compiled_module);
-  if (origin == ModuleOrigin::kWasmOrigin) {
-    Handle<Symbol> module_sym(isolate->native_context()->wasm_module_sym());
-    Object::SetProperty(wasm_module, module_sym, wasm_module, STRICT).Check();
-  }
-  Handle<WeakCell> link_to_module =
-      isolate->factory()->NewWeakCell(wasm_module);
-  compiled_module->set_weak_wasm_module(link_to_module);
-  return wasm_module;
+int wasm::GetNumberOfFunctions(Handle<JSObject> object) {
+  return static_cast<int>(
+      Handle<WasmInstanceObject>::cast(object)->module()->functions.size());
 }
 
 // TODO(clemensh): origin can be inferred from asm_js_script; remove it.
-MaybeHandle<JSObject> wasm::CreateModuleObjectFromBytes(
+MaybeHandle<WasmModuleObject> wasm::CreateModuleObjectFromBytes(
     Isolate* isolate, const byte* start, const byte* end, ErrorThrower* thrower,
     ModuleOrigin origin, Handle<Script> asm_js_script,
     const byte* asm_js_offset_tables_start,
     const byte* asm_js_offset_tables_end) {
-  MaybeHandle<JSObject> nothing;
+  MaybeHandle<WasmModuleObject> nothing;
   ModuleResult result = DecodeWasmModule(isolate, start, end, false, origin);
   if (result.failed()) {
     if (result.val) delete result.val;
     thrower->CompileFailed("Wasm decoding failed", result);
     return nothing;
   }
   // The {module_wrapper} will take ownership of the {WasmModule} object,
   // and it will be destroyed when the GC reclaims the wrapper object.
   Handle<WasmModuleWrapper> module_wrapper =
       WasmModuleWrapper::New(isolate, const_cast<WasmModule*>(result.val));
@@ skipping 15 matching lines @@
     size_t offset_tables_len =
         asm_js_offset_tables_end - asm_js_offset_tables_start;
     DCHECK_GE(static_cast<size_t>(kMaxInt), offset_tables_len);
     Handle<ByteArray> offset_tables =
         isolate->factory()->NewByteArray(static_cast<int>(offset_tables_len));
     memcpy(offset_tables->GetDataStartAddress(), asm_js_offset_tables_start,
            offset_tables_len);
     compiled_module->set_asm_js_offset_tables(offset_tables);
   }
 
-  return CreateWasmModuleObject(isolate, compiled_module, origin);
+  return WasmModuleObject::New(isolate, compiled_module);
 }
 
 bool wasm::ValidateModuleBytes(Isolate* isolate, const byte* start,
                                const byte* end, ErrorThrower* thrower,
                                ModuleOrigin origin) {
   ModuleResult result = DecodeWasmModule(isolate, start, end, false, origin);
   if (result.val) {
     delete result.val;
   } else {
     DCHECK(!result.ok());
   }
   return result.ok();
 }
 
 MaybeHandle<JSArrayBuffer> wasm::GetInstanceMemory(Isolate* isolate,
-                                                   Handle<JSObject> instance) {
-  Object* mem = instance->GetInternalField(kWasmMemArrayBuffer);
-  DCHECK(IsWasmInstance(*instance));
-  if (mem->IsUndefined(isolate)) return MaybeHandle<JSArrayBuffer>();
-  return Handle<JSArrayBuffer>(JSArrayBuffer::cast(mem));
+                                                   Handle<JSObject> object) {
+  auto instance = Handle<WasmInstanceObject>::cast(object);
+  if (instance->has_memory_buffer()) {
+    return Handle<JSArrayBuffer>(instance->get_memory_buffer(), isolate);
+  }
+  return MaybeHandle<JSArrayBuffer>();
 }
 
-void SetInstanceMemory(Handle<JSObject> instance, JSArrayBuffer* buffer) {
+void SetInstanceMemory(Handle<JSObject> object, JSArrayBuffer* buffer) {
   DisallowHeapAllocation no_gc;
-  DCHECK(IsWasmInstance(*instance));
-  instance->SetInternalField(kWasmMemArrayBuffer, buffer);
-  WasmCompiledModule* compiled_module = GetCompiledModule(*instance);
-  compiled_module->set_ptr_to_memory(buffer);
+  auto instance = Handle<WasmInstanceObject>::cast(object);
+  instance->set_memory_buffer(buffer);
+  instance->get_compiled_module()->set_ptr_to_memory(buffer);
 }
 
 int32_t wasm::GetInstanceMemorySize(Isolate* isolate,
                                     Handle<JSObject> instance) {
   MaybeHandle<JSArrayBuffer> maybe_mem_buffer =
       GetInstanceMemory(isolate, instance);
   Handle<JSArrayBuffer> buffer;
   if (!maybe_mem_buffer.ToHandle(&buffer)) {
     return 0;
   } else {
     return buffer->byte_length()->Number() / WasmModule::kPageSize;
   }
 }
 
-uint32_t GetMaxInstanceMemorySize(Isolate* isolate, Handle<JSObject> instance) {
-  Handle<Object> memory_object(instance->GetInternalField(kWasmMemObject),
-                               isolate);
-  if (!memory_object->IsUndefined(isolate)) {
-    uint32_t mem_obj_max =
-        WasmJs::GetWasmMemoryMaximumSize(isolate, memory_object);
-    if (mem_obj_max != 0) return mem_obj_max;
+uint32_t GetMaxInstanceMemorySize(Isolate* isolate,
+                                  Handle<WasmInstanceObject> instance) {
+  if (instance->has_memory_object()) {
+    Handle<WasmMemoryObject> memory_object(instance->get_memory_object(),
+                                           isolate);
+
+    int maximum = memory_object->maximum_pages();
+    if (maximum > 0) return static_cast<uint32_t>(maximum);
   }
-  uint32_t compiled_max_pages = GetCompiledModule(*instance)->max_mem_pages();
+  uint32_t compiled_max_pages =
+      instance->get_compiled_module()->max_mem_pages();
   isolate->counters()->wasm_max_mem_pages_count()->AddSample(
       compiled_max_pages);
   if (compiled_max_pages != 0) return compiled_max_pages;
   return WasmModule::kV8MaxPages;
 }
 
-int32_t wasm::GrowInstanceMemory(Isolate* isolate, Handle<JSObject> instance,
+int32_t wasm::GrowInstanceMemory(Isolate* isolate, Handle<JSObject> object,
                                  uint32_t pages) {
-  if (!IsWasmInstance(*instance)) return -1;
+  if (!IsWasmInstance(*object)) return -1;
+  auto instance = Handle<WasmInstanceObject>::cast(object);
   if (pages == 0) return GetInstanceMemorySize(isolate, instance);
   uint32_t max_pages = GetMaxInstanceMemorySize(isolate, instance);
 
   Address old_mem_start = nullptr;
   uint32_t old_size = 0, new_size = 0;
 
   MaybeHandle<JSArrayBuffer> maybe_mem_buffer =
       GetInstanceMemory(isolate, instance);
   Handle<JSArrayBuffer> old_buffer;
   if (!maybe_mem_buffer.ToHandle(&old_buffer) ||
@@ skipping 17 matching lines @@
       WasmModule::kV8MaxPages * WasmModule::kPageSize < new_size) {
     return -1;
   }
   Handle<JSArrayBuffer> buffer = NewArrayBuffer(isolate, new_size);
   if (buffer.is_null()) return -1;
   Address new_mem_start = static_cast<Address>(buffer->backing_store());
   if (old_size != 0) {
     memcpy(new_mem_start, old_mem_start, old_size);
   }
   SetInstanceMemory(instance, *buffer);
-  Handle<FixedArray> code_table = GetCompiledModule(*instance)->code_table();
+  Handle<FixedArray> code_table = instance->get_compiled_module()->code_table();
   RelocateMemoryReferencesInCode(code_table, old_mem_start, new_mem_start,
                                  old_size, new_size);
-  Handle<Object> memory_object(instance->GetInternalField(kWasmMemObject),
-                               isolate);
-  if (!memory_object->IsUndefined(isolate)) {
-    WasmJs::SetWasmMemoryArrayBuffer(isolate, memory_object, buffer);
+  if (instance->has_memory_object()) {
+    instance->get_memory_object()->set_buffer(*buffer);
   }
 
   DCHECK(old_size % WasmModule::kPageSize == 0);
   return (old_size / WasmModule::kPageSize);
 }
 
 void testing::ValidateInstancesChain(Isolate* isolate,
                                      Handle<JSObject> wasm_module,
                                      int instance_count) {
   CHECK_GE(instance_count, 0);
@@ skipping 27 matching lines @@
   WasmCompiledModule* compiled_module =
       WasmCompiledModule::cast(wasm_module->GetInternalField(0));
   CHECK(compiled_module->has_weak_wasm_module());
   CHECK_EQ(compiled_module->ptr_to_weak_wasm_module()->value(), *wasm_module);
   CHECK(!compiled_module->has_weak_prev_instance());
   CHECK(!compiled_module->has_weak_next_instance());
   CHECK(!compiled_module->has_weak_owning_instance());
 }
 
 void testing::ValidateOrphanedInstance(Isolate* isolate,
-                                       Handle<JSObject> wasm_module) {
+                                       Handle<JSObject> object) {
   DisallowHeapAllocation no_gc;
-  CHECK(IsWasmInstance(*wasm_module));
-  WasmCompiledModule* compiled_module = GetCompiledModule(*wasm_module);
+  WasmInstanceObject* instance = WasmInstanceObject::cast(*object);
+  WasmCompiledModule* compiled_module = instance->get_compiled_module();
   CHECK(compiled_module->has_weak_wasm_module());
   CHECK(compiled_module->ptr_to_weak_wasm_module()->cleared());
 }
 
 void WasmCompiledModule::RecreateModuleWrapper(Isolate* isolate,
                                                Handle<FixedArray> array) {
   Handle<WasmCompiledModule> compiled_module(
       reinterpret_cast<WasmCompiledModule*>(*array), isolate);
 
   WasmModule* module = nullptr;
@@ skipping 13 matching lines @@
     CHECK_NOT_NULL(result.val);
     module = const_cast<WasmModule*>(result.val);
   }
 
   Handle<WasmModuleWrapper> module_wrapper =
       WasmModuleWrapper::New(isolate, module);
 
   compiled_module->set_module_wrapper(module_wrapper);
   DCHECK(WasmCompiledModule::IsWasmCompiledModule(*compiled_module));
 }