Within the initialization of a WasmInstanceWrapper a WeakCell is
allocated for the wrapped instance. This allocation of the WeakCell can
cause a garbage collection. The bug happened because a pointer to the
WasmInstanceWrapper was stored in the unhandlified this pointer, which
was invalidated by the garbage collection.

R=clemensh@chromium.org
CC=gdeepti@chromium.org
BUG=chromium:691538

Change-Id: I7001ab7ad3ee30f4c87a13c42e2fd16c0c86027a
Reviewed-on: https://chromium-review.googlesource.com/441766Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43177}