Revert "[wasm] Merge the WasmContext into WasmInstanceObject"

This reverts commit 57bf0bfe. Reason for revert: <INSERT REASONING HERE> Original change's description: > [wasm] Merge the WasmContext into WasmInstanceObject > > This change makes lifetime management of WasmCode much simpler. > By using the WasmInstanceObject as the context for WASM code execution, > including the pointer to the memory base and indirect function tables, > this keeps the instance alive when WASM code is on the stack, since > the instance object is passed as a parameter and spilled onto the stack. > This is in preparation of sharing the code between instances and > isolates. > > Bug: v8:7424 > > Change-Id: Ic2e4b7bcc2feb20001d0553a615a8a9dff36317e > Reviewed-on: https://chromium-review.googlesource.com/958520 > Commit-Queue: Ben Titzer <titzer@chromium.org> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#52361} TBR=mstarzinger@chromium.org,titzer@chromium.org,ahaas@chromium.org,clemensh@chromium.org Change-Id: I653e27b46dbc43ad773eda4292d521a508f42d79 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7424 Reviewed-on: https://chromium-review.googlesource.com/995418Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#52364}

Revert "[wasm] Merge the WasmContext into WasmInstanceObject"
This reverts commit 57bf0bfe. Reason for revert: <INSERT REASONING HERE> Original change's description: > [wasm] Merge the WasmContext into WasmInstanceObject > > This change makes lifetime management of WasmCode much simpler. > By using the WasmInstanceObject as the context for WASM code execution, > including the pointer to the memory base and indirect function tables, > this keeps the instance alive when WASM code is on the stack, since > the instance object is passed as a parameter and spilled onto the stack. > This is in preparation of sharing the code between instances and > isolates. > > Bug: v8:7424 > > Change-Id: Ic2e4b7bcc2feb20001d0553a615a8a9dff36317e > Reviewed-on: https://chromium-review.googlesource.com/958520 > Commit-Queue: Ben Titzer <titzer@chromium.org> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#52361} TBR=mstarzinger@chromium.org,titzer@chromium.org,ahaas@chromium.org,clemensh@chromium.org Change-Id: I653e27b46dbc43ad773eda4292d521a508f42d79 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7424 Reviewed-on: https://chromium-review.googlesource.com/995418Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#52364}
8adb94fc · Ben Titzer · Commit Bot · b6021b98 · 8adb94fc · 8adb94fc
Commit 8adb94fc authored Apr 04, 2018 by Ben Titzer Committed by Commit Bot Apr 04, 2018
54 changed files
--- a/src/assembler.cc
+++ b/src/assembler.cc
@@ -213,6 +213,12 @@ bool RelocInfo::OffHeapTargetIsCodedSpecially() {
 #endif
 }
+void RelocInfo::set_wasm_context_reference(Address address,
+                                           ICacheFlushMode icache_flush_mode) {
+  DCHECK(IsWasmContextReference(rmode_));
+  set_embedded_address(address, icache_flush_mode);
+}
 void RelocInfo::set_global_handle(Address address,
                                  ICacheFlushMode icache_flush_mode) {
  DCHECK_EQ(rmode_, WASM_GLOBAL_HANDLE);
@@ -236,6 +242,11 @@ Address RelocInfo::global_handle() const {
  return embedded_address();
 }
+Address RelocInfo::wasm_context_reference() const {
+  DCHECK(IsWasmContextReference(rmode_));
+  return embedded_address();
+}
 void RelocInfo::set_target_address(Address target,
                                   WriteBarrierMode write_barrier_mode,
                                   ICacheFlushMode icache_flush_mode) {
@@ -535,6 +546,8 @@ const char* RelocInfo::RelocModeName(RelocInfo::Mode rmode) {
      return "constant pool";
    case VENEER_POOL:
      return "veneer pool";
+    case WASM_CONTEXT_REFERENCE:
+      return "wasm context reference";
    case WASM_GLOBAL_HANDLE:
      return "global handle";
    case WASM_CALL:
@@ -637,6 +650,7 @@ void RelocInfo::Verify(Isolate* isolate) {
    case DEOPT_ID:
    case CONST_POOL:
    case VENEER_POOL:
+    case WASM_CONTEXT_REFERENCE:
    case WASM_GLOBAL_HANDLE:
    case WASM_CALL:
    case JS_TO_WASM_CALL:

--- a/src/assembler.h
+++ b/src/assembler.h
@@ -366,6 +366,10 @@ class RelocInfo {
    // Please note the order is important (see IsCodeTarget, IsGCRelocMode).
    CODE_TARGET,
    EMBEDDED_OBJECT,
+    // Wasm entries are to relocate pointers into the wasm memory embedded in
+    // wasm code. Everything after WASM_CONTEXT_REFERENCE (inclusive) is not
+    // GC'ed.
+    WASM_CONTEXT_REFERENCE,
    WASM_GLOBAL_HANDLE,
    WASM_CALL,
    JS_TO_WASM_CALL,
@@ -462,12 +466,15 @@ class RelocInfo {
    return mode == OFF_HEAP_TARGET;
  }
  static inline bool IsNone(Mode mode) { return mode == NONE; }
+  static inline bool IsWasmContextReference(Mode mode) {
+    return mode == WASM_CONTEXT_REFERENCE;
+  }
  static inline bool IsWasmReference(Mode mode) {
    return IsWasmPtrReference(mode);
  }
  static inline bool IsWasmPtrReference(Mode mode) {
-    return mode == WASM_GLOBAL_HANDLE || mode == WASM_CALL ||
+    return mode == WASM_CONTEXT_REFERENCE || mode == WASM_GLOBAL_HANDLE ||
-           mode == JS_TO_WASM_CALL;
+           mode == WASM_CALL || mode == JS_TO_WASM_CALL;
  }
  static constexpr int ModeMask(Mode mode) { return 1 << mode; }
@@ -502,10 +509,14 @@ class RelocInfo {
  // constant pool, otherwise the pointer is embedded in the instruction stream.
  bool IsInConstantPool();
+  Address wasm_context_reference() const;
  Address global_handle() const;
  Address js_to_wasm_address() const;
  Address wasm_call_address() const;
+  void set_wasm_context_reference(
+      Address address,
+      ICacheFlushMode icache_flush_mode = FLUSH_ICACHE_IF_NEEDED);
  void set_target_address(
      Address target,
      WriteBarrierMode write_barrier_mode = UPDATE_WRITE_BARRIER,

--- a/src/compiler/int64-lowering.cc
+++ b/src/compiler/int64-lowering.cc
@@ -281,15 +281,15 @@ void Int64Lowering::LowerNode(Node* node) {
          static_cast<int>(signature()->parameter_count())) {
        int old_index = ParameterIndexOf(node->op());
        // TODO(wasm): Make this part not wasm specific.
-        // Prevent special lowering of the instance parameter.
+        // Prevent special lowering of the WasmContext parameter.
-        if (old_index == kWasmInstanceParameterIndex) {
+        if (old_index == kWasmContextParameterIndex) {
          DefaultLowering(node);
          break;
        }
        // Adjust old_index to be compliant with the signature.
        --old_index;
        int new_index = GetParameterIndexAfterLowering(signature(), old_index);
-        // Adjust new_index to consider the instance parameter.
+        // Adjust new_index to consider the WasmContext parameter.
        ++new_index;
        NodeProperties::ChangeOp(node, common()->Parameter(new_index));

--- a/src/compiler/wasm-compiler.cc
+++ b/src/compiler/wasm-compiler.cc
--- a/src/compiler/wasm-compiler.h
+++ b/src/compiler/wasm-compiler.h
--- a/src/compiler/wasm-linkage.cc
+++ b/src/compiler/wasm-linkage.cc
@@ -32,8 +32,6 @@ MachineType MachineTypeFor(ValueType type) {
      return MachineType::Float32();
    case wasm::kWasmS128:
      return MachineType::Simd128();
-    case wasm::kWasmAnyRef:
-      return MachineType::TaggedPointer();
    default:
      UNREACHABLE();
  }
@@ -227,15 +225,15 @@ static constexpr Allocator parameter_registers(kGPParamRegisters,
 // General code uses the above configuration data.
 CallDescriptor* GetWasmCallDescriptor(Zone* zone, wasm::FunctionSig* fsig,
                                      bool use_retpoline) {
-  // The '+ 1' here is to accomodate the instance object as first parameter.
+  // The '+ 1' here is to accomodate the wasm_context as first parameter.
  LocationSignature::Builder locations(zone, fsig->return_count(),
                                       fsig->parameter_count() + 1);
  // Add register and/or stack parameter(s).
  Allocator params = parameter_registers;
-  // The instance object.
+  // The wasm_context.
-  locations.AddParam(params.Next(MachineRepresentation::kTaggedPointer));
+  locations.AddParam(params.Next(MachineType::PointerRepresentation()));
  const int parameter_count = static_cast<int>(fsig->parameter_count());
  for (int i = 0; i < parameter_count; i++) {

--- a/src/elements.h
+++ b/src/elements.h
@@ -137,8 +137,8 @@ class ElementsAccessor {
  virtual uint32_t Push(Handle<JSArray> receiver, Arguments* args,
                        uint32_t push_size) = 0;
-  virtual uint32_t Unshift(Handle<JSArray> receiver, Arguments* args,
+  virtual uint32_t Unshift(Handle<JSArray> receiver,
-                           uint32_t unshift_size) = 0;
+                           Arguments* args, uint32_t unshift_size) = 0;
  virtual Handle<JSObject> Slice(Handle<JSObject> receiver, uint32_t start,
                                 uint32_t end) = 0;

--- a/src/objects-printer.cc
+++ b/src/objects-printer.cc
@@ -1140,6 +1140,8 @@ void JSFunction::JSFunctionPrint(std::ostream& os) {  // NOLINT
    WasmExportedFunction* function = WasmExportedFunction::cast(this);
    os << "\n - WASM instance "
       << reinterpret_cast<void*>(function->instance());
+    os << "\n   context "
+       << reinterpret_cast<void*>(function->instance()->wasm_context()->get());
    os << "\n - WASM function index " << function->function_index();
  }
  shared()->PrintSourceCode(os);

--- a/src/objects.cc
+++ b/src/objects.cc
@@ -14228,6 +14228,7 @@ bool Code::IsProcessIndependent() {
      mode_mask ==
      (RelocInfo::ModeMask(RelocInfo::CODE_TARGET) |
       RelocInfo::ModeMask(RelocInfo::EMBEDDED_OBJECT) |
+       RelocInfo::ModeMask(RelocInfo::WASM_CONTEXT_REFERENCE) |
       RelocInfo::ModeMask(RelocInfo::WASM_GLOBAL_HANDLE) |
       RelocInfo::ModeMask(RelocInfo::WASM_CALL) |
       RelocInfo::ModeMask(RelocInfo::JS_TO_WASM_CALL) |

--- a/src/runtime/runtime-wasm.cc
+++ b/src/runtime/runtime-wasm.cc
@@ -37,7 +37,6 @@ WasmInstanceObject* GetWasmInstanceOnStackTop(Isolate* isolate) {
  return owning_instance;
 }
-// TODO(titzer): rename to GetNativeContextFromWasmInstanceOnStackTop()
 Context* GetWasmContextOnStackTop(Isolate* isolate) {
  return GetWasmInstanceOnStackTop(isolate)
      ->compiled_module()

--- a/src/wasm/baseline/arm/liftoff-assembler-arm.h
+++ b/src/wasm/baseline/arm/liftoff-assembler-arm.h
@@ -28,17 +28,17 @@ void LiftoffAssembler::LoadConstant(LiftoffRegister reg, WasmValue value,
  BAILOUT("LoadConstant");
 }
-void LiftoffAssembler::LoadFromInstance(Register dst, uint32_t offset,
+void LiftoffAssembler::LoadFromContext(Register dst, uint32_t offset,
                                       int size) {
-  BAILOUT("LoadFromInstance");
+  BAILOUT("LoadFromContext");
 }
-void LiftoffAssembler::SpillInstance(Register instance) {
+void LiftoffAssembler::SpillContext(Register context) {
-  BAILOUT("SpillInstance");
+  BAILOUT("SpillContext");
 }
-void LiftoffAssembler::FillInstanceInto(Register dst) {
+void LiftoffAssembler::FillContextInto(Register dst) {
-  BAILOUT("FillInstanceInto");
+  BAILOUT("FillContextInto");
 }
 void LiftoffAssembler::Load(LiftoffRegister dst, Register src_addr,

--- a/src/wasm/baseline/arm64/liftoff-assembler-arm64.h
+++ b/src/wasm/baseline/arm64/liftoff-assembler-arm64.h
@@ -28,17 +28,17 @@ void LiftoffAssembler::LoadConstant(LiftoffRegister reg, WasmValue value,
  BAILOUT("LoadConstant");
 }
-void LiftoffAssembler::LoadFromInstance(Register dst, uint32_t offset,
+void LiftoffAssembler::LoadFromContext(Register dst, uint32_t offset,
                                       int size) {
-  BAILOUT("LoadFromInstance");
+  BAILOUT("LoadFromContext");
 }
-void LiftoffAssembler::SpillInstance(Register instance) {
+void LiftoffAssembler::SpillContext(Register context) {
-  BAILOUT("SpillInstance");
+  BAILOUT("SpillContext");
 }
-void LiftoffAssembler::FillInstanceInto(Register dst) {
+void LiftoffAssembler::FillContextInto(Register dst) {
-  BAILOUT("FillInstanceInto");
+  BAILOUT("FillContextInto");
 }
 void LiftoffAssembler::Load(LiftoffRegister dst, Register src_addr,

--- a/src/wasm/baseline/ia32/liftoff-assembler-ia32.h
+++ b/src/wasm/baseline/ia32/liftoff-assembler-ia32.h
@@ -16,8 +16,8 @@ namespace wasm {
 namespace liftoff {
-// ebp-8 holds the stack marker, ebp-16 is the instance parameter, first stack
+// ebp-8 holds the stack marker, ebp-16 is the wasm context, first stack slot
-// slot is located at ebp-24.
+// is located at ebp-24.
 constexpr int32_t kConstantStackSpace = 16;
 constexpr int32_t kFirstStackSlotOffset =
    kConstantStackSpace + LiftoffAssembler::kStackSlotSize;
@@ -33,7 +33,7 @@ inline Operand GetHalfStackSlot(uint32_t half_index) {
 }
 // TODO(clemensh): Make this a constexpr variable once Operand is constexpr.
-inline Operand GetInstanceOperand() { return Operand(ebp, -16); }
+inline Operand GetContextOperand() { return Operand(ebp, -16); }
 static constexpr LiftoffRegList kByteRegs =
    LiftoffRegList::FromBits<Register::ListOf<eax, ecx, edx, ebx>()>();
@@ -133,20 +133,20 @@ void LiftoffAssembler::LoadConstant(LiftoffRegister reg, WasmValue value,
  }
 }
-void LiftoffAssembler::LoadFromInstance(Register dst, uint32_t offset,
+void LiftoffAssembler::LoadFromContext(Register dst, uint32_t offset,
                                       int size) {
  DCHECK_LE(offset, kMaxInt);
-  mov(dst, liftoff::GetInstanceOperand());
+  mov(dst, liftoff::GetContextOperand());
  DCHECK_EQ(4, size);
  mov(dst, Operand(dst, offset));
 }
-void LiftoffAssembler::SpillInstance(Register instance) {
+void LiftoffAssembler::SpillContext(Register context) {
-  mov(liftoff::GetInstanceOperand(), instance);
+  mov(liftoff::GetContextOperand(), context);
 }
-void LiftoffAssembler::FillInstanceInto(Register dst) {
+void LiftoffAssembler::FillContextInto(Register dst) {
-  mov(dst, liftoff::GetInstanceOperand());
+  mov(dst, liftoff::GetContextOperand());
 }
 void LiftoffAssembler::Load(LiftoffRegister dst, Register src_addr,
@@ -1182,7 +1182,7 @@ void LiftoffAssembler::CallNativeWasmCode(Address addr) {
 }
 void LiftoffAssembler::CallRuntime(Zone* zone, Runtime::FunctionId fid) {
-  // Set instance to zero.
+  // Set context to zero.
  xor_(esi, esi);
  CallRuntimeDelayed(zone, fid);
 }

--- a/src/wasm/baseline/liftoff-assembler.cc
+++ b/src/wasm/baseline/liftoff-assembler.cc
@@ -437,7 +437,7 @@ void LiftoffAssembler::SpillAllRegisters() {
 void LiftoffAssembler::PrepareCall(wasm::FunctionSig* sig,
                                   compiler::CallDescriptor* call_descriptor,
                                   Register* target,
-                                   LiftoffRegister* target_instance) {
+                                   LiftoffRegister* explicit_context) {
  uint32_t num_params = static_cast<uint32_t>(sig->parameter_count());
  // Input 0 is the call target.
  constexpr size_t kInputShift = 1;
@@ -455,14 +455,14 @@ void LiftoffAssembler::PrepareCall(wasm::FunctionSig* sig,
  StackTransferRecipe stack_transfers(this);
  LiftoffRegList param_regs;
-  // Move the target instance (if supplied) into the correct instance register.
+  // Move the explicit context (if any) into the correct context register.
-  compiler::LinkageLocation instance_loc =
+  compiler::LinkageLocation context_loc =
      call_descriptor->GetInputLocation(kInputShift);
-  DCHECK(instance_loc.IsRegister() && !instance_loc.IsAnyRegister());
+  DCHECK(context_loc.IsRegister() && !context_loc.IsAnyRegister());
-  LiftoffRegister instance_reg(Register::from_code(instance_loc.AsRegister()));
+  LiftoffRegister context_reg(Register::from_code(context_loc.AsRegister()));
-  param_regs.set(instance_reg);
+  param_regs.set(context_reg);
-  if (target_instance && *target_instance != instance_reg) {
+  if (explicit_context && *explicit_context != context_reg) {
-    stack_transfers.MoveRegister(instance_reg, *target_instance, kWasmIntPtr);
+    stack_transfers.MoveRegister(context_reg, *explicit_context, kWasmIntPtr);
  }
  // Now move all parameter values into the right slot for the call.
@@ -504,7 +504,7 @@ void LiftoffAssembler::PrepareCall(wasm::FunctionSig* sig,
      }
    }
  }
-  // {call_desc_input_idx} should point after the instance parameter now.
+  // {call_desc_input_idx} should point after the context parameter now.
  DCHECK_EQ(call_desc_input_idx, kInputShift + 1);
  // If the target register overlaps with a parameter register, then move the
@@ -523,7 +523,7 @@ void LiftoffAssembler::PrepareCall(wasm::FunctionSig* sig,
    }
  }
-  // Execute the stack transfers before filling the instance register.
+  // Execute the stack transfers before filling the context register.
  stack_transfers.Execute();
  // Pop parameters from the value stack.
@@ -533,9 +533,9 @@ void LiftoffAssembler::PrepareCall(wasm::FunctionSig* sig,
  // Reset register use counters.
  cache_state_.reset_used_registers();
-  // Reload the instance from the stack.
+  // Reload the context from the stack.
-  if (!target_instance) {
+  if (!explicit_context) {
-    FillInstanceInto(instance_reg.gp());
+    FillContextInto(context_reg.gp());
  }
 }

--- a/src/wasm/baseline/liftoff-assembler.h
+++ b/src/wasm/baseline/liftoff-assembler.h
@@ -322,7 +322,7 @@ class LiftoffAssembler : public TurboAssembler {
  // register, or {no_reg} if target was spilled to the stack.
  void PrepareCall(wasm::FunctionSig*, compiler::CallDescriptor*,
                   Register* target = nullptr,
-                   LiftoffRegister* target_instance = nullptr);
+                   LiftoffRegister* explicit_context = nullptr);
  // Process return values of the call.
  void FinishCall(wasm::FunctionSig*, compiler::CallDescriptor*);
@@ -352,9 +352,9 @@ class LiftoffAssembler : public TurboAssembler {
  inline void LoadConstant(LiftoffRegister, WasmValue,
                           RelocInfo::Mode rmode = RelocInfo::NONE);
-  inline void LoadFromInstance(Register dst, uint32_t offset, int size);
+  inline void LoadFromContext(Register dst, uint32_t offset, int size);
-  inline void SpillInstance(Register instance);
+  inline void SpillContext(Register context);
-  inline void FillInstanceInto(Register dst);
+  inline void FillContextInto(Register dst);
  inline void Load(LiftoffRegister dst, Register src_addr, Register offset_reg,
                   uint32_t offset_imm, LoadType type, LiftoffRegList pinned,
                   uint32_t* protected_load_pc = nullptr);

--- a/src/wasm/baseline/liftoff-compiler.cc
+++ b/src/wasm/baseline/liftoff-compiler.cc
--- a/src/wasm/baseline/mips/liftoff-assembler-mips.h
+++ b/src/wasm/baseline/mips/liftoff-assembler-mips.h
@@ -15,8 +15,8 @@ namespace wasm {
 namespace liftoff {
-// fp-8 holds the stack marker, fp-16 is the instance parameter, first stack
+// fp-8 holds the stack marker, fp-16 is the wasm context, first stack slot
-// slot is located at fp-24.
+// is located at fp-24.
 constexpr int32_t kConstantStackSpace = 16;
 constexpr int32_t kFirstStackSlotOffset =
    kConstantStackSpace + LiftoffAssembler::kStackSlotSize;
@@ -31,7 +31,7 @@ inline MemOperand GetHalfStackSlot(uint32_t half_index) {
  return MemOperand(fp, -kFirstStackSlotOffset - offset);
 }
-inline MemOperand GetInstanceOperand() { return MemOperand(fp, -16); }
+inline MemOperand GetContextOperand() { return MemOperand(fp, -16); }
 // Use this register to store the address of the last argument pushed on the
 // stack for a call to C. This register must be callee saved according to the c
@@ -129,20 +129,20 @@ void LiftoffAssembler::LoadConstant(LiftoffRegister reg, WasmValue value,
  }
 }
-void LiftoffAssembler::LoadFromInstance(Register dst, uint32_t offset,
+void LiftoffAssembler::LoadFromContext(Register dst, uint32_t offset,
                                       int size) {
  DCHECK_LE(offset, kMaxInt);
-  lw(dst, liftoff::GetInstanceOperand());
+  lw(dst, liftoff::GetContextOperand());
  DCHECK_EQ(4, size);
  lw(dst, MemOperand(dst, offset));
 }
-void LiftoffAssembler::SpillInstance(Register instance) {
+void LiftoffAssembler::SpillContext(Register context) {
-  sw(instance, liftoff::GetInstanceOperand());
+  sw(context, liftoff::GetContextOperand());
 }
-void LiftoffAssembler::FillInstanceInto(Register dst) {
+void LiftoffAssembler::FillContextInto(Register dst) {
-  lw(dst, liftoff::GetInstanceOperand());
+  lw(dst, liftoff::GetContextOperand());
 }
 void LiftoffAssembler::Load(LiftoffRegister dst, Register src_addr,
@@ -880,7 +880,7 @@ void LiftoffAssembler::CallNativeWasmCode(Address addr) {
 }
 void LiftoffAssembler::CallRuntime(Zone* zone, Runtime::FunctionId fid) {
-  // Set instance to zero.
+  // Set context to zero.
  TurboAssembler::Move(cp, zero_reg);
  CallRuntimeDelayed(zone, fid);
 }

--- a/src/wasm/baseline/mips64/liftoff-assembler-mips64.h
+++ b/src/wasm/baseline/mips64/liftoff-assembler-mips64.h
@@ -15,8 +15,8 @@ namespace wasm {
 namespace liftoff {
-// fp-8 holds the stack marker, fp-16 is the instance parameter, first stack
+// fp-8 holds the stack marker, fp-16 is the wasm context, first stack slot
-// slot is located at fp-24.
+// is located at fp-24.
 constexpr int32_t kConstantStackSpace = 16;
 constexpr int32_t kFirstStackSlotOffset =
    kConstantStackSpace + LiftoffAssembler::kStackSlotSize;
@@ -26,7 +26,7 @@ inline MemOperand GetStackSlot(uint32_t index) {
  return MemOperand(fp, -kFirstStackSlotOffset - offset);
 }
-inline MemOperand GetInstanceOperand() { return MemOperand(fp, -16); }
+inline MemOperand GetContextOperand() { return MemOperand(fp, -16); }
 // Use this register to store the address of the last argument pushed on the
 // stack for a call to C. This register must be callee saved according to the c
@@ -120,10 +120,10 @@ void LiftoffAssembler::LoadConstant(LiftoffRegister reg, WasmValue value,
  }
 }
-void LiftoffAssembler::LoadFromInstance(Register dst, uint32_t offset,
+void LiftoffAssembler::LoadFromContext(Register dst, uint32_t offset,
                                       int size) {
  DCHECK_LE(offset, kMaxInt);
-  ld(dst, liftoff::GetInstanceOperand());
+  ld(dst, liftoff::GetContextOperand());
  DCHECK(size == 4 || size == 8);
  if (size == 4) {
    lw(dst, MemOperand(dst, offset));
@@ -132,12 +132,12 @@ void LiftoffAssembler::LoadFromInstance(Register dst, uint32_t offset,
  }
 }
-void LiftoffAssembler::SpillInstance(Register instance) {
+void LiftoffAssembler::SpillContext(Register context) {
-  sd(instance, liftoff::GetInstanceOperand());
+  sd(context, liftoff::GetContextOperand());
 }
-void LiftoffAssembler::FillInstanceInto(Register dst) {
+void LiftoffAssembler::FillContextInto(Register dst) {
-  ld(dst, liftoff::GetInstanceOperand());
+  ld(dst, liftoff::GetContextOperand());
 }
 void LiftoffAssembler::Load(LiftoffRegister dst, Register src_addr,
@@ -707,7 +707,7 @@ void LiftoffAssembler::CallNativeWasmCode(Address addr) {
 }
 void LiftoffAssembler::CallRuntime(Zone* zone, Runtime::FunctionId fid) {
-  // Set instance to zero.
+  // Set context to zero.
  TurboAssembler::Move(cp, zero_reg);
  CallRuntimeDelayed(zone, fid);
 }

--- a/src/wasm/baseline/ppc/liftoff-assembler-ppc.h
+++ b/src/wasm/baseline/ppc/liftoff-assembler-ppc.h
@@ -28,17 +28,17 @@ void LiftoffAssembler::LoadConstant(LiftoffRegister reg, WasmValue value,
  BAILOUT("LoadConstant");
 }
-void LiftoffAssembler::LoadFromInstance(Register dst, uint32_t offset,
+void LiftoffAssembler::LoadFromContext(Register dst, uint32_t offset,
                                       int size) {
-  BAILOUT("LoadFromInstance");
+  BAILOUT("LoadFromContext");
 }
-void LiftoffAssembler::SpillInstance(Register instance) {
+void LiftoffAssembler::SpillContext(Register context) {
-  BAILOUT("SpillInstance");
+  BAILOUT("SpillContext");
 }
-void LiftoffAssembler::FillInstanceInto(Register dst) {
+void LiftoffAssembler::FillContextInto(Register dst) {
-  BAILOUT("FillInstanceInto");
+  BAILOUT("FillContextInto");
 }
 void LiftoffAssembler::Load(LiftoffRegister dst, Register src_addr,

--- a/src/wasm/baseline/s390/liftoff-assembler-s390.h
+++ b/src/wasm/baseline/s390/liftoff-assembler-s390.h
@@ -28,17 +28,17 @@ void LiftoffAssembler::LoadConstant(LiftoffRegister reg, WasmValue value,
  BAILOUT("LoadConstant");
 }
-void LiftoffAssembler::LoadFromInstance(Register dst, uint32_t offset,
+void LiftoffAssembler::LoadFromContext(Register dst, uint32_t offset,
                                       int size) {
-  BAILOUT("LoadFromInstance");
+  BAILOUT("LoadFromContext");
 }
-void LiftoffAssembler::SpillInstance(Register instance) {
+void LiftoffAssembler::SpillContext(Register context) {
-  BAILOUT("SpillInstance");
+  BAILOUT("SpillContext");
 }
-void LiftoffAssembler::FillInstanceInto(Register dst) {
+void LiftoffAssembler::FillContextInto(Register dst) {
-  BAILOUT("FillInstanceInto");
+  BAILOUT("FillContextInto");
 }
 void LiftoffAssembler::Load(LiftoffRegister dst, Register src_addr,

--- a/src/wasm/baseline/x64/liftoff-assembler-x64.h
+++ b/src/wasm/baseline/x64/liftoff-assembler-x64.h
@@ -16,8 +16,8 @@ namespace wasm {
 namespace liftoff {
-// rbp-8 holds the stack marker, rbp-16 is the instance parameter, first stack
+// rbp-8 holds the stack marker, rbp-16 is the wasm context, first stack slot
-// slot is located at rbp-24.
+// is located at rbp-24.
 constexpr int32_t kConstantStackSpace = 16;
 constexpr int32_t kFirstStackSlotOffset =
    kConstantStackSpace + LiftoffAssembler::kStackSlotSize;
@@ -28,7 +28,7 @@ inline Operand GetStackSlot(uint32_t index) {
 }
 // TODO(clemensh): Make this a constexpr variable once Operand is constexpr.
-inline Operand GetInstanceOperand() { return Operand(rbp, -16); }
+inline Operand GetContextOperand() { return Operand(rbp, -16); }
 // Use this register to store the address of the last argument pushed on the
 // stack for a call to C. This register must be callee saved according to the c
@@ -131,10 +131,10 @@ void LiftoffAssembler::LoadConstant(LiftoffRegister reg, WasmValue value,
  }
 }
-void LiftoffAssembler::LoadFromInstance(Register dst, uint32_t offset,
+void LiftoffAssembler::LoadFromContext(Register dst, uint32_t offset,
                                       int size) {
  DCHECK_LE(offset, kMaxInt);
-  movp(dst, liftoff::GetInstanceOperand());
+  movp(dst, liftoff::GetContextOperand());
  DCHECK(size == 4 || size == 8);
  if (size == 4) {
    movl(dst, Operand(dst, offset));
@@ -143,12 +143,12 @@ void LiftoffAssembler::LoadFromInstance(Register dst, uint32_t offset,
  }
 }
-void LiftoffAssembler::SpillInstance(Register instance) {
+void LiftoffAssembler::SpillContext(Register context) {
-  movp(liftoff::GetInstanceOperand(), instance);
+  movp(liftoff::GetContextOperand(), context);
 }
-void LiftoffAssembler::FillInstanceInto(Register dst) {
+void LiftoffAssembler::FillContextInto(Register dst) {
-  movp(dst, liftoff::GetInstanceOperand());
+  movp(dst, liftoff::GetContextOperand());
 }
 void LiftoffAssembler::Load(LiftoffRegister dst, Register src_addr,
@@ -972,7 +972,7 @@ void LiftoffAssembler::CallNativeWasmCode(Address addr) {
 }
 void LiftoffAssembler::CallRuntime(Zone* zone, Runtime::FunctionId fid) {
-  // Set instance to zero.
+  // Set context to zero.
  xorp(rsi, rsi);
  CallRuntimeDelayed(zone, fid);
 }

--- a/src/wasm/function-body-decoder-impl.h
+++ b/src/wasm/function-body-decoder-impl.h
@@ -774,7 +774,7 @@ class WasmDecoder : public Decoder {
        case kExprGrowMemory:
        case kExprCallFunction:
        case kExprCallIndirect:
-          // Add instance cache nodes to the assigned set.
+          // Add context cache nodes to the assigned set.
          // TODO(titzer): make this more clear.
          assigned->Add(locals_count - 1);
          length = OpcodeLength(decoder, pc);

--- a/src/wasm/function-body-decoder.cc
+++ b/src/wasm/function-body-decoder.cc
@@ -37,7 +37,7 @@ struct SsaEnv {
  State state;
  TFNode* control;
  TFNode* effect;
-  compiler::WasmInstanceCacheNodes instance_cache;
+  compiler::WasmContextCacheNodes context_cache;
  TFNode** locals;
  bool go() { return state >= kReached; }
@@ -46,7 +46,7 @@ struct SsaEnv {
    locals = nullptr;
    control = nullptr;
    effect = nullptr;
-    instance_cache = {};
+    context_cache = {};
  }
  void SetNotMerged() {
    if (state == kMerged) state = kReached;
@@ -100,14 +100,14 @@ class WasmGraphBuildingInterface {
                 : nullptr;
    // The first '+ 1' is needed by TF Start node, the second '+ 1' is for the
-    // instance parameter.
+    // wasm_context parameter.
    TFNode* start = builder_->Start(
        static_cast<int>(decoder->sig_->parameter_count() + 1 + 1));
-    // Initialize the instance parameter (index 0).
+    // Initialize the wasm_context (the paramater at index 0).
-    builder_->set_instance_node(
+    builder_->set_wasm_context(
-        builder_->Param(compiler::kWasmInstanceParameterIndex));
+        builder_->Param(compiler::kWasmContextParameterIndex));
    // Initialize local variables. Parameters are shifted by 1 because of the
-    // the instance parameter.
+    // the wasm_context.
    uint32_t index = 0;
    for (; index < decoder->sig_->parameter_count(); ++index) {
      ssa_env->locals[index] = builder_->Param(index + 1);
@@ -129,10 +129,11 @@ class WasmGraphBuildingInterface {
    SetEnv(ssa_env);
  }
-  // Reload the instance cache entries into the Ssa Environment.
+  // Reload the wasm context variables from the WasmContext structure attached
+  // to the memory object into the Ssa Environment.
  void LoadContextIntoSsa(SsaEnv* ssa_env) {
    if (!ssa_env || !ssa_env->go()) return;
-    builder_->InitInstanceCache(&ssa_env->instance_cache);
+    builder_->InitContextCache(&ssa_env->context_cache);
  }
  void StartFunctionBody(Decoder* decoder, Control* block) {
@@ -365,7 +366,7 @@ class WasmGraphBuildingInterface {
  void GrowMemory(Decoder* decoder, const Value& value, Value* result) {
    result->node = BUILD(GrowMemory, value.node);
-    // Always reload the instance cache after growing memory.
+    // Always reload the context cache after growing memory.
    LoadContextIntoSsa(ssa_env_);
  }
@@ -548,10 +549,10 @@ class WasmGraphBuildingInterface {
    }
 #endif
    ssa_env_ = env;
-    // TODO(wasm): combine the control and effect pointers with instance cache.
+    // TODO(wasm): combine the control and effect pointers with context cache.
    builder_->set_control_ptr(&env->control);
    builder_->set_effect_ptr(&env->effect);
-    builder_->set_instance_cache(&env->instance_cache);
+    builder_->set_context_cache(&env->context_cache);
  }
  TFNode* CheckForException(Decoder* decoder, TFNode* node) {
@@ -637,7 +638,7 @@ class WasmGraphBuildingInterface {
        to->locals = from->locals;
        to->control = from->control;
        to->effect = from->effect;
-        to->instance_cache = from->instance_cache;
+        to->context_cache = from->context_cache;
        break;
      }
      case SsaEnv::kReached: {  // Create a new merge.
@@ -661,9 +662,9 @@ class WasmGraphBuildingInterface {
                builder_->Phi(decoder->GetLocalType(i), 2, vals, merge);
          }
        }
-        // Start a new merge from the instance cache.
+        // Start a new merge from the context cache.
-        builder_->NewInstanceCacheMerge(&to->instance_cache,
+        builder_->NewContextCacheMerge(&to->context_cache, &from->context_cache,
-                                        &from->instance_cache, merge);
+                                       merge);
        break;
      }
      case SsaEnv::kMerged: {
@@ -678,9 +679,9 @@ class WasmGraphBuildingInterface {
          to->locals[i] = builder_->CreateOrMergeIntoPhi(
              decoder->GetLocalType(i), merge, to->locals[i], from->locals[i]);
        }
-        // Merge the instance caches.
+        // Merge the context caches.
-        builder_->MergeInstanceCacheInto(&to->instance_cache,
+        builder_->MergeContextCacheInto(&to->context_cache,
-                                         &from->instance_cache, merge);
+                                        &from->context_cache, merge);
        break;
      }
      default:
@@ -696,22 +697,21 @@ class WasmGraphBuildingInterface {
    env->control = builder_->Loop(env->control);
    env->effect = builder_->EffectPhi(1, &env->effect, env->control);
    builder_->Terminate(env->effect, env->control);
-    // The '+ 1' here is to be able to set the instance cache as assigned.
+    // The '+ 1' here is to be able to set the context cache as assigned.
    BitVector* assigned = WasmDecoder<validate>::AnalyzeLoopAssignment(
        decoder, decoder->pc(), decoder->total_locals() + 1, decoder->zone());
    if (decoder->failed()) return env;
    if (assigned != nullptr) {
      // Only introduce phis for variables assigned in this loop.
-      int instance_cache_index = decoder->total_locals();
+      int context_cache_index = decoder->total_locals();
      for (int i = decoder->NumLocals() - 1; i >= 0; i--) {
        if (!assigned->Contains(i)) continue;
        env->locals[i] = builder_->Phi(decoder->GetLocalType(i), 1,
                                       &env->locals[i], env->control);
      }
-      // Introduce phis for instance cache pointers if necessary.
+      // Introduce phis for context cache pointers if necessary.
-      if (assigned->Contains(instance_cache_index)) {
+      if (assigned->Contains(context_cache_index)) {
-        builder_->PrepareInstanceCacheForLoop(&env->instance_cache,
+        builder_->PrepareContextCacheForLoop(&env->context_cache, env->control);
-                                              env->control);
      }
      SsaEnv* loop_body_env = Split(decoder, env);
@@ -726,8 +726,8 @@ class WasmGraphBuildingInterface {
                                     &env->locals[i], env->control);
    }
-    // Conservatively introduce phis for instance cache.
+    // Conservatively introduce phis for context cache.
-    builder_->PrepareInstanceCacheForLoop(&env->instance_cache, env->control);
+    builder_->PrepareContextCacheForLoop(&env->context_cache, env->control);
    SsaEnv* loop_body_env = Split(decoder, env);
    builder_->StackCheck(decoder->position(), &loop_body_env->effect,
@@ -750,11 +750,11 @@ class WasmGraphBuildingInterface {
          size > 0 ? reinterpret_cast<TFNode**>(decoder->zone()->New(size))
                   : nullptr;
      memcpy(result->locals, from->locals, size);
-      result->instance_cache = from->instance_cache;
+      result->context_cache = from->context_cache;
    } else {
      result->state = SsaEnv::kUnreachable;
      result->locals = nullptr;
-      result->instance_cache = {};
+      result->context_cache = {};
    }
    return result;
@@ -770,7 +770,7 @@ class WasmGraphBuildingInterface {
    result->locals = from->locals;
    result->control = from->control;
    result->effect = from->effect;
-    result->instance_cache = from->instance_cache;
+    result->context_cache = from->context_cache;
    from->Kill(SsaEnv::kUnreachable);
    return result;
  }
@@ -782,7 +782,7 @@ class WasmGraphBuildingInterface {
    result->control = nullptr;
    result->effect = nullptr;
    result->locals = nullptr;
-    result->instance_cache = {};
+    result->context_cache = {};
    return result;
  }

--- a/src/wasm/module-compiler.cc
+++ b/src/wasm/module-compiler.cc
--- a/src/wasm/module-compiler.h
+++ b/src/wasm/module-compiler.h
@@ -70,7 +70,7 @@ Address CompileLazy(Isolate* isolate);
 // logic to actually orchestrate parallel execution of wasm compilation jobs.
 // TODO(clemensh): Implement concurrent lazy compilation.
 class LazyCompilationOrchestrator {
-  const WasmCode* CompileFunction(Isolate*, Handle<WasmCompiledModule>,
+  const WasmCode* CompileFunction(Isolate*, Handle<WasmInstanceObject>,
                                  int func_index);
 public:
@@ -79,8 +79,9 @@ class LazyCompilationOrchestrator {
                                            Handle<Code> caller,
                                            uint32_t exported_func_index);
  const wasm::WasmCode* CompileDirectCall(Isolate*, Handle<WasmInstanceObject>,
+                                          Maybe<uint32_t>,
                                          const WasmCode* caller,
-                                          int caller_ret_offset);
+                                          int call_offset);
  const wasm::WasmCode* CompileIndirectCall(Isolate*,
                                            Handle<WasmInstanceObject>,
                                            uint32_t func_index);

--- a/src/wasm/wasm-code-manager.cc
+++ b/src/wasm/wasm-code-manager.cc
@@ -449,15 +449,9 @@ void NativeModule::ResizeCodeTableForTest(size_t last_index) {
 }
 WasmCode* NativeModule::GetCode(uint32_t index) const {
-  DCHECK_LT(index, FunctionCount());
  return code_table_[index];
 }
-void NativeModule::SetCode(uint32_t index, WasmCode* wasm_code) {
-  DCHECK_LT(index, FunctionCount());
-  code_table_[index] = wasm_code;
-}
 uint32_t NativeModule::FunctionCount() const {
  DCHECK_LE(code_table_.size(), std::numeric_limits<uint32_t>::max());
  return static_cast<uint32_t>(code_table_.size());
@@ -600,10 +594,6 @@ WasmCode* NativeModule::AddAnonymousCode(Handle<Code> code,
  // made while iterating over the RelocInfo above.
  Assembler::FlushICache(ret->instructions().start(),
                         ret->instructions().size());
-  if (FLAG_print_wasm_code) {
-    // TODO(mstarzinger): don't need the isolate here.
-    ret->Print(code->GetIsolate());
-  }
  return ret;
 }

--- a/src/wasm/wasm-code-manager.h
+++ b/src/wasm/wasm-code-manager.h
@@ -258,7 +258,6 @@ class V8_EXPORT_PRIVATE NativeModule final {
  // FunctionCount is WasmModule::functions.size().
  uint32_t FunctionCount() const;
  WasmCode* GetCode(uint32_t index) const;
-  void SetCode(uint32_t index, WasmCode* wasm_code);
  // We special-case lazy cloning because we currently rely on making copies
  // of the lazy builtin, to be able to identify, in the runtime, which function

--- a/src/wasm/wasm-code-specialization.cc
+++ b/src/wasm/wasm-code-specialization.cc
@@ -63,12 +63,10 @@ CodeSpecialization::CodeSpecialization(Isolate* isolate, Zone* zone) {}
 CodeSpecialization::~CodeSpecialization() {}
-void CodeSpecialization::UpdateInstanceReferences(
+void CodeSpecialization::RelocateWasmContextReferences(Address new_context) {
-    Handle<WeakCell> old_weak_instance, Handle<WeakCell> new_weak_instance) {
+  DCHECK_NOT_NULL(new_context);
-  DCHECK(!old_weak_instance.is_null());
+  DCHECK_NULL(new_wasm_context_address_);
-  DCHECK(!new_weak_instance.is_null());
+  new_wasm_context_address_ = new_context;
-  old_weak_instance_ = old_weak_instance;
-  new_weak_instance_ = new_weak_instance;
 }
 void CodeSpecialization::RelocateDirectCalls(NativeModule* native_module) {
@@ -102,11 +100,12 @@ bool CodeSpecialization::ApplyToWholeModule(NativeModule* native_module,
    changed |= ApplyToWasmCode(wasm_function, icache_flush_mode);
  }
-  bool patch_wasm_weak_instances =
-      !old_weak_instance_.is_identical_to(new_weak_instance_);
  // Patch all exported functions (JS_TO_WASM_FUNCTION).
  int reloc_mode = 0;
+  // We need to patch WASM_CONTEXT_REFERENCE to put the correct address.
+  if (new_wasm_context_address_) {
+    reloc_mode |= RelocInfo::ModeMask(RelocInfo::WASM_CONTEXT_REFERENCE);
+  }
  // Patch CODE_TARGET if we shall relocate direct calls. If we patch direct
  // calls, the instance registered for that (relocate_direct_calls_module_)
  // should match the instance we currently patch (instance).
@@ -114,10 +113,6 @@ bool CodeSpecialization::ApplyToWholeModule(NativeModule* native_module,
    DCHECK_EQ(native_module, relocate_direct_calls_module_);
    reloc_mode |= RelocInfo::ModeMask(RelocInfo::JS_TO_WASM_CALL);
  }
-  // Instance references are simply embedded objects.
-  if (patch_wasm_weak_instances) {
-    reloc_mode |= RelocInfo::ModeMask(RelocInfo::EMBEDDED_OBJECT);
-  }
  if (!reloc_mode) return changed;
  int wrapper_index = 0;
  for (auto exp : module->export_table) {
@@ -128,25 +123,20 @@ bool CodeSpecialization::ApplyToWholeModule(NativeModule* native_module,
    for (RelocIterator it(export_wrapper, reloc_mode); !it.done(); it.next()) {
      RelocInfo::Mode mode = it.rinfo()->rmode();
      switch (mode) {
+        case RelocInfo::WASM_CONTEXT_REFERENCE:
+          it.rinfo()->set_wasm_context_reference(new_wasm_context_address_,
+                                                 icache_flush_mode);
+          break;
        case RelocInfo::JS_TO_WASM_CALL: {
-          changed = true;
          const WasmCode* new_code = native_module->GetCode(exp.index);
          it.rinfo()->set_js_to_wasm_address(new_code->instructions().start(),
                                             icache_flush_mode);
        } break;
-        case RelocInfo::EMBEDDED_OBJECT: {
-          changed = true;
-          const HeapObject* old = it.rinfo()->target_object();
-          if (*old_weak_instance_ == old) {
-            it.rinfo()->set_target_object(
-                *new_weak_instance_, WriteBarrierMode::UPDATE_WRITE_BARRIER,
-                icache_flush_mode);
-          }
-        } break;
        default:
          UNREACHABLE();
      }
    }
+    changed = true;
  }
  DCHECK_EQ(module->functions.size(), func_index);
  DCHECK_EQ(compiled_module->export_wrappers()->length(), wrapper_index);

--- a/src/wasm/wasm-code-specialization.h
+++ b/src/wasm/wasm-code-specialization.h
@@ -28,10 +28,8 @@ class CodeSpecialization {
  CodeSpecialization(Isolate*, Zone*);
  ~CodeSpecialization();
-  // Update instance references in code. Instance references should only
+  // Update WasmContext references.
-  // appear in export wrappers.
+  void RelocateWasmContextReferences(Address new_context);
-  void UpdateInstanceReferences(Handle<WeakCell> old_weak_instance,
-                                Handle<WeakCell> new_weak_instance);
  // Update all direct call sites based on the code table in the given instance.
  void RelocateDirectCalls(NativeModule* module);
  // Apply all relocations and patching to all code in the instance (wasm code
@@ -43,8 +41,8 @@ class CodeSpecialization {
                       ICacheFlushMode = FLUSH_ICACHE_IF_NEEDED);
 private:
-  Handle<WeakCell> old_weak_instance_;
+  Address new_wasm_context_address_ = 0;
-  Handle<WeakCell> new_weak_instance_;
  NativeModule* relocate_direct_calls_module_ = nullptr;
 };

--- a/src/wasm/wasm-debug.cc
+++ b/src/wasm/wasm-debug.cc
@@ -140,13 +140,12 @@ class InterpreterHandle {
  }
 public:
-  // TODO(wasm): properly handlify this constructor.
  InterpreterHandle(Isolate* isolate, WasmDebugInfo* debug_info)
      : isolate_(isolate),
        module_(
            debug_info->wasm_instance()->compiled_module()->shared()->module()),
        interpreter_(isolate, module_, GetBytes(debug_info),
-                     handle(debug_info->wasm_instance())) {}
+                     debug_info->wasm_instance()->wasm_context()->get()) {}
  ~InterpreterHandle() { DCHECK_EQ(0, activations_.size()); }
@@ -198,6 +197,8 @@ class InterpreterHandle {
    uint32_t activation_id = StartActivation(frame_pointer);
+    WasmInterpreter::HeapObjectsScope heap_objects_scope(&interpreter_,
+                                                         instance_object);
    WasmInterpreter::Thread* thread = interpreter_.GetThread(0);
    thread->InitFrame(&module()->functions[func_index], wasm_args.start());
    bool finished = false;
@@ -680,7 +681,7 @@ void WasmDebugInfo::RedirectToInterpreter(Handle<WasmDebugInfo> debug_info,
    if (!interpreted_functions->get(func_index)->IsUndefined(isolate)) continue;
    Handle<Code> new_code = compiler::CompileWasmInterpreterEntry(
-        isolate, func_index, module->functions[func_index].sig);
+        isolate, func_index, module->functions[func_index].sig, instance);
    const wasm::WasmCode* wasm_new_code =
        native_module->AddInterpreterWrapper(new_code, func_index);
    const wasm::WasmCode* old_code =

--- a/src/wasm/wasm-interpreter.cc
+++ b/src/wasm/wasm-interpreter.cc
--- a/src/wasm/wasm-interpreter.h
+++ b/src/wasm/wasm-interpreter.h
@@ -16,6 +16,7 @@ class AccountingAllocator;
 namespace internal {
 class WasmInstanceObject;
+struct WasmContext;
 namespace wasm {
@@ -87,6 +88,19 @@ class InterpretedFrame {
 // An interpreter capable of executing WebAssembly.
 class V8_EXPORT_PRIVATE WasmInterpreter {
 public:
+  // Open a HeapObjectsScope before running any code in the interpreter which
+  // needs access to the instance object or needs to call to JS functions.
+  class V8_EXPORT_PRIVATE HeapObjectsScope {
+   public:
+    HeapObjectsScope(WasmInterpreter* interpreter,
+                     Handle<WasmInstanceObject> instance);
+    ~HeapObjectsScope();
+   private:
+    char data[3 * sizeof(void*)];  // must match sizeof(HeapObjectsScopeImpl).
+    DISALLOW_COPY_AND_ASSIGN(HeapObjectsScope);
+  };
  // State machine for a Thread:
  //                         +---------Run()/Step()--------+
  //                         V                             |
@@ -167,8 +181,7 @@ class V8_EXPORT_PRIVATE WasmInterpreter {
  };
  WasmInterpreter(Isolate* isolate, const WasmModule* module,
-                  const ModuleWireBytes& wire_bytes,
+                  const ModuleWireBytes& wire_bytes, WasmContext* wasm_context);
-                  Handle<WasmInstanceObject> instance);
  ~WasmInterpreter();
  //==========================================================================

--- a/src/wasm/wasm-objects-inl.h
+++ b/src/wasm/wasm-objects-inl.h
@@ -65,21 +65,19 @@ SMI_ACCESSORS(WasmGlobalObject, offset, kOffsetOffset)
 SMI_ACCESSORS(WasmGlobalObject, is_mutable, kIsMutableOffset)
 // WasmInstanceObject
+ACCESSORS(WasmInstanceObject, wasm_context, Managed<WasmContext>,
+          kWasmContextOffset)
 PRIMITIVE_ACCESSORS(WasmInstanceObject, memory_start, byte*, kMemoryStartOffset)
 PRIMITIVE_ACCESSORS(WasmInstanceObject, memory_size, uintptr_t,
                    kMemorySizeOffset)
 PRIMITIVE_ACCESSORS(WasmInstanceObject, memory_mask, uintptr_t,
                    kMemoryMaskOffset)
-PRIMITIVE_ACCESSORS(WasmInstanceObject, imported_function_targets, Address*,
-                    kImportedFunctionTargetsOffset)
 PRIMITIVE_ACCESSORS(WasmInstanceObject, globals_start, byte*,
                    kGlobalsStartOffset)
+PRIMITIVE_ACCESSORS(WasmInstanceObject, indirect_function_table,
+                    IndirectFunctionTableEntry*, kIndirectFunctionTableOffset)
 PRIMITIVE_ACCESSORS(WasmInstanceObject, indirect_function_table_size, uintptr_t,
                    kIndirectFunctionTableSizeOffset)
-PRIMITIVE_ACCESSORS(WasmInstanceObject, indirect_function_table_sig_ids,
-                    uint32_t*, kIndirectFunctionTableSigIdsOffset)
-PRIMITIVE_ACCESSORS(WasmInstanceObject, indirect_function_table_targets,
-                    Address*, kIndirectFunctionTableTargetsOffset)
 ACCESSORS(WasmInstanceObject, compiled_module, WasmCompiledModule,
          kCompiledModuleOffset)
@@ -92,18 +90,12 @@ OPTIONAL_ACCESSORS(WasmInstanceObject, debug_info, WasmDebugInfo,
                   kDebugInfoOffset)
 OPTIONAL_ACCESSORS(WasmInstanceObject, table_object, WasmTableObject,
                   kTableObjectOffset)
-ACCESSORS(WasmInstanceObject, imported_function_instances, FixedArray,
+OPTIONAL_ACCESSORS(WasmInstanceObject, function_tables, FixedArray,
-          kImportedFunctionInstancesOffset)
+                   kFunctionTablesOffset)
-ACCESSORS(WasmInstanceObject, imported_function_callables, FixedArray,
+ACCESSORS(WasmInstanceObject, directly_called_instances, FixedArray,
-          kImportedFunctionCallablesOffset)
+          kDirectlyCalledInstancesOffset)
-OPTIONAL_ACCESSORS(WasmInstanceObject, indirect_function_table_instances,
+ACCESSORS(WasmInstanceObject, js_imports_table, FixedArray,
-                   FixedArray, kIndirectFunctionTableInstancesOffset)
+          kJsImportsTableOffset)
-ACCESSORS(WasmInstanceObject, managed_native_allocations, Foreign,
-          kManagedNativeAllocationsOffset)
-inline bool WasmInstanceObject::has_indirect_function_table() {
-  return indirect_function_table_sig_ids() != nullptr;
-}
 // WasmSharedModuleData
 ACCESSORS(WasmSharedModuleData, module_wrapper, Object, kModuleWrapperOffset)
@@ -176,6 +168,7 @@ WCM_OBJECT(WasmCompiledModule, prev_instance, kPrevInstanceOffset)
 WCM_WEAK_LINK(WasmInstanceObject, owning_instance, kOwningInstanceOffset)
 WCM_WEAK_LINK(WasmModuleObject, wasm_module, kWasmModuleOffset)
 WCM_OBJECT(Foreign, native_module, kNativeModuleOffset)
+WCM_OBJECT(FixedArray, lazy_compile_data, kLazyCompileDataOffset)
 WCM_SMALL_CONST_NUMBER(bool, use_trap_handler, kUseTrapHandlerOffset)
 ACCESSORS(WasmCompiledModule, raw_next_instance, Object, kNextInstanceOffset);
 ACCESSORS(WasmCompiledModule, raw_prev_instance, Object, kPrevInstanceOffset);
@@ -192,10 +185,6 @@ uint32_t WasmTableObject::current_length() { return functions()->length(); }
 bool WasmMemoryObject::has_maximum_pages() { return maximum_pages() >= 0; }
-inline bool WasmCompiledModule::has_instance() const {
-  return !weak_owning_instance()->cleared();
-}
 #include "src/objects/object-macros-undef.h"
 }  // namespace internal

--- a/src/wasm/wasm-objects.cc
+++ b/src/wasm/wasm-objects.cc
--- a/src/wasm/wasm-objects.h
+++ b/src/wasm/wasm-objects.h
--- a/src/wasm/wasm-opcodes.h
+++ b/src/wasm/wasm-opcodes.h
@@ -23,8 +23,8 @@ constexpr ValueType kWasmI32 = MachineRepresentation::kWord32;
 constexpr ValueType kWasmI64 = MachineRepresentation::kWord64;
 constexpr ValueType kWasmF32 = MachineRepresentation::kFloat32;
 constexpr ValueType kWasmF64 = MachineRepresentation::kFloat64;
-constexpr ValueType kWasmS128 = MachineRepresentation::kSimd128;
 constexpr ValueType kWasmAnyRef = MachineRepresentation::kTaggedPointer;
+constexpr ValueType kWasmS128 = MachineRepresentation::kSimd128;
 constexpr ValueType kWasmVar = MachineRepresentation::kTagged;
 using FunctionSig = Signature<ValueType>;

--- a/src/wasm/wasm-serialization.cc
+++ b/src/wasm/wasm-serialization.cc
@@ -682,6 +682,7 @@ MaybeHandle<WasmCompiledModule> DeserializeNativeModule(
  Handle<WasmCompiledModule> compiled_module =
      WasmCompiledModule::New(isolate, shared->module(), export_wrappers,
+                              std::vector<wasm::GlobalHandleAddress>(),
                              trap_handler::IsTrapHandlerEnabled());
  compiled_module->set_shared(*shared);
  script->set_wasm_compiled_module(*compiled_module);

--- a/test/cctest/BUILD.gn
+++ b/test/cctest/BUILD.gn
@@ -100,6 +100,7 @@ v8_source_set("cctest_sources") {
    "compiler/test-run-tail-calls.cc",
    "compiler/test-run-unwinding-info.cc",
    "compiler/test-run-variables.cc",
+    "compiler/test-run-wasm-machops.cc",
    "compiler/value-helper.cc",
    "compiler/value-helper.h",
    "expression-type-collector-macros.h",
@@ -239,6 +240,7 @@ v8_source_set("cctest_sources") {
    "wasm/test-run-wasm-interpreter.cc",
    "wasm/test-run-wasm-js.cc",
    "wasm/test-run-wasm-module.cc",
+    "wasm/test-run-wasm-relocation.cc",
    "wasm/test-run-wasm-sign-extension.cc",
    "wasm/test-run-wasm-simd.cc",
    "wasm/test-run-wasm.cc",
@@ -275,6 +277,7 @@ v8_source_set("cctest_sources") {
      "test-code-stubs.h",
      "test-disasm-arm.cc",
      "test-macro-assembler-arm.cc",
+      "test-run-wasm-relocation-arm.cc",
      "test-sync-primitives-arm.cc",
    ]
  } else if (v8_current_cpu == "arm64") {
@@ -287,6 +290,7 @@ v8_source_set("cctest_sources") {
      "test-fuzz-arm64.cc",
      "test-javascript-arm64.cc",
      "test-js-arm64-variables.cc",
+      "test-run-wasm-relocation-arm64.cc",
      "test-sync-primitives-arm64.cc",
      "test-utils-arm64.cc",
      "test-utils-arm64.h",
@@ -299,6 +303,7 @@ v8_source_set("cctest_sources") {
      "test-code-stubs.h",
      "test-disasm-ia32.cc",
      "test-log-stack-tracer.cc",
+      "test-run-wasm-relocation-ia32.cc",
    ]
  } else if (v8_current_cpu == "mips") {
    sources += [  ### gcmole(arch:mips) ###
@@ -345,6 +350,7 @@ v8_source_set("cctest_sources") {
      "test-disasm-x64.cc",
      "test-log-stack-tracer.cc",
      "test-macro-assembler-x64.cc",
+      "test-run-wasm-relocation-x64.cc",
      "wasm/test-run-wasm-atomics64.cc",
    ]
  } else if (v8_current_cpu == "ppc" || v8_current_cpu == "ppc64") {

--- a/test/cctest/compiler/test-run-wasm-machops.cc
+++ b/test/cctest/compiler/test-run-wasm-machops.cc
--- a/test/cctest/test-isolate-independent-builtins.cc
+++ b/test/cctest/test-isolate-independent-builtins.cc
@@ -61,6 +61,7 @@ UNINITIALIZED_TEST(VerifyBuiltinsIsolateIndependence) {
        mode_mask ==
        (RelocInfo::ModeMask(RelocInfo::CODE_TARGET) |
         RelocInfo::ModeMask(RelocInfo::EMBEDDED_OBJECT) |
+         RelocInfo::ModeMask(RelocInfo::WASM_CONTEXT_REFERENCE) |
         RelocInfo::ModeMask(RelocInfo::WASM_GLOBAL_HANDLE) |
         RelocInfo::ModeMask(RelocInfo::WASM_CALL) |
         RelocInfo::ModeMask(RelocInfo::JS_TO_WASM_CALL) |

--- a/test/cctest/test-run-wasm-relocation-arm.cc
+++ b/test/cctest/test-run-wasm-relocation-arm.cc
+// Copyright 2015 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+#include <iostream>  // NOLINT(readability/streams)
+#include "src/v8.h"
+#include "test/cctest/cctest.h"
+#include "src/arm/assembler-arm-inl.h"
+#include "src/arm/simulator-arm.h"
+#include "src/disassembler.h"
+#include "src/factory.h"
+#include "src/ostreams.h"
+#include "test/cctest/compiler/c-signature.h"
+#include "test/cctest/compiler/call-tester.h"
+namespace v8 {
+namespace internal {
+namespace wasm {
+#define __ assm.
+static int32_t DummyStaticFunction(Object* result) { return 1; }
+TEST(WasmRelocationArmContextReference) {
+  Isolate* isolate = CcTest::i_isolate();
+  HandleScope scope(isolate);
+  v8::internal::byte buffer[4096];
+  DummyStaticFunction(nullptr);
+  int32_t imm = 1234567;
+  Assembler assm(isolate, buffer, sizeof buffer);
+  __ mov(r0, Operand(imm, RelocInfo::WASM_CONTEXT_REFERENCE));
+  __ mov(pc, Operand(lr));
+  CodeDesc desc;
+  assm.GetCode(isolate, &desc);
+  Handle<Code> code =
+      isolate->factory()->NewCode(desc, Code::STUB, Handle<Code>());
+  compiler::CSignatureOf<int32_t> csig;
+  compiler::CodeRunner<int32_t> runnable(isolate, code, &csig);
+  int32_t ret_value = runnable.Call();
+  CHECK_EQ(ret_value, imm);
+#ifdef DEBUG
+  OFStream os(stdout);
+  code->Print(os);
+  ::printf("f() = %d\n\n", ret_value);
+#endif
+  int offset = 1234;
+  // Relocating references by offset
+  int mode_mask = (1 << RelocInfo::WASM_CONTEXT_REFERENCE);
+  for (RelocIterator it(*code, mode_mask); !it.done(); it.next()) {
+    // TODO(6792): No longer needed once WebAssembly code is off heap.
+    CodeSpaceMemoryModificationScope modification_scope(isolate->heap());
+    DCHECK(RelocInfo::IsWasmContextReference(it.rinfo()->rmode()));
+    it.rinfo()->set_wasm_context_reference(
+        it.rinfo()->wasm_context_reference() + offset, SKIP_ICACHE_FLUSH);
+  }
+  // Call into relocated code object
+  ret_value = runnable.Call();
+  CHECK_EQ((imm + offset), ret_value);
+#ifdef DEBUG
+  code->Print(os);
+  ::printf("f() = %d\n\n", ret_value);
+#endif
+}
+#undef __
+}  // namespace wasm
+}  // namespace internal
+}  // namespace v8
--- a/test/cctest/test-run-wasm-relocation-arm64.cc
+++ b/test/cctest/test-run-wasm-relocation-arm64.cc
--- a/test/cctest/test-run-wasm-relocation-ia32.cc
+++ b/test/cctest/test-run-wasm-relocation-ia32.cc
--- a/test/cctest/test-run-wasm-relocation-x64.cc
+++ b/test/cctest/test-run-wasm-relocation-x64.cc
--- a/test/cctest/wasm/test-c-wasm-entry.cc
+++ b/test/cctest/wasm/test-c-wasm-entry.cc
@@ -62,13 +62,15 @@ class CWasmEntryArgTester {
    Handle<Object> buffer_obj(reinterpret_cast<Object*>(arg_buffer.data()),
                              isolate_);
    CHECK(!buffer_obj->IsHeapObject());
+    WasmContext* wasm_context = wasm_code_->native_module()
+                                    ->compiled_module()
+                                    ->owning_instance()
+                                    ->wasm_context()
+                                    ->get();
    Handle<Object> call_args[]{
        Handle<Object>::cast(isolate_->factory()->NewForeign(
            wasm_code_->instructions().start(), TENURED)),
-        handle(
+        handle(reinterpret_cast<Object*>(wasm_context), isolate_), buffer_obj};
-            wasm_code_->native_module()->compiled_module()->owning_instance(),
-            isolate_),
-        buffer_obj};
    static_assert(
        arraysize(call_args) == compiler::CWasmEntryParameters::kNumParameters,
        "adapt this test");

--- a/test/cctest/wasm/test-run-wasm-js.cc
+++ b/test/cctest/wasm/test-run-wasm-js.cc
--- a/test/cctest/wasm/test-run-wasm-relocation.cc
+++ b/test/cctest/wasm/test-run-wasm-relocation.cc
--- a/test/cctest/wasm/test-wasm-stack.cc
+++ b/test/cctest/wasm/test-wasm-stack.cc
@@ -102,16 +102,15 @@ void CheckComputeLocation(v8::internal::Isolate* i_isolate, Handle<Object> exc,
 // Call from JS to wasm to JS and throw an Error from JS.
 WASM_EXEC_TEST(CollectDetailedWasmStack_ExplicitThrowFromJs) {
+  WasmRunner<void> r(execution_mode);
  TestSignatures sigs;
-  HandleScope scope(CcTest::InitIsolateOnce());
-  const char* source =
+  Handle<FixedArray> js_imports_table =
-      "(function js() {\n function a() {\n throw new Error(); };\n a(); })";
+      r.main_isolate()->factory()->NewFixedArray(2 * 3 + 1, TENURED);
-  Handle<JSFunction> js_function =
+  uint32_t js_throwing_index = r.builder().AddJsFunction(
-      Handle<JSFunction>::cast(v8::Utils::OpenHandle(
+      sigs.v_v(),
-          *v8::Local<v8::Function>::Cast(CompileRun(source))));
+      "(function js() {\n function a() {\n throw new Error(); };\n a(); })",
-  ManuallyImportedJSFunction import = {sigs.v_v(), js_function};
+      js_imports_table);
-  uint32_t js_throwing_index = 0;
-  WasmRunner<void> r(execution_mode, &import);
  // Add a nop such that we don't always get position 1.
  BUILD(r, WASM_NOP, WASM_CALL_FUNCTION0(js_throwing_index));
@@ -157,7 +156,7 @@ WASM_EXEC_TEST(CollectDetailedWasmStack_WasmError) {
    int unreachable_pos = 1 << (8 * pos_shift);
    TestSignatures sigs;
    // Create a WasmRunner with stack checks and traps enabled.
-    WasmRunner<int> r(execution_mode, 0, "main",
+    WasmRunner<int> r(execution_mode, "main",
                      compiler::kRuntimeExceptionSupport);
    std::vector<byte> code(unreachable_pos + 1, kExprNop);

--- a/test/cctest/wasm/test-wasm-trap-position.cc
+++ b/test/cctest/wasm/test-wasm-trap-position.cc
@@ -69,7 +69,7 @@ void CheckExceptionInfos(v8::internal::Isolate* i_isolate, Handle<Object> exc,
 // Trigger a trap for executing unreachable.
 WASM_EXEC_TEST(Unreachable) {
  // Create a WasmRunner with stack checks and traps enabled.
-  WasmRunner<void> r(execution_mode, 0, "main",
+  WasmRunner<void> r(execution_mode, "main",
                     compiler::kRuntimeExceptionSupport);
  TestSignatures sigs;
@@ -104,7 +104,7 @@ WASM_EXEC_TEST(Unreachable) {
 // Trigger a trap for loading from out-of-bounds.
 WASM_EXEC_TEST(IllegalLoad) {
-  WasmRunner<void> r(execution_mode, 0, "main",
+  WasmRunner<void> r(execution_mode, "main",
                     compiler::kRuntimeExceptionSupport);
  TestSignatures sigs;

--- a/test/cctest/wasm/wasm-run-utils.cc
+++ b/test/cctest/wasm/wasm-run-utils.cc
--- a/test/cctest/wasm/wasm-run-utils.h
+++ b/test/cctest/wasm/wasm-run-utils.h
--- a/test/common/wasm/wasm-module-runner.cc
+++ b/test/common/wasm/wasm-module-runner.cc
--- a/test/mjsunit/wasm/compiled-module-management.js
+++ b/test/mjsunit/wasm/compiled-module-management.js
--- a/test/mjsunit/wasm/table-grow.js
+++ b/test/mjsunit/wasm/table-grow.js