src: forbid handle allocations from Platform tasks

Platform tasks should have their own handle scopes, rather than leak into outer ones.
nodejs · addaleax · Feb 24, 2019 · Feb 24, 2019 · Feb 24, 2019 · Feb 24, 2019
commit 6b766afc1c3806f84b314d80d49782f0b48077c8
diff --git a/src/inspector/main_thread_interface.cc b/src/inspector/main_thread_interface.cc
@@ -287,6 +287,14 @@ void MainThreadInterface::DispatchMessages() {
       MessageQueue::value_type task;
       std::swap(dispatching_message_queue_.front(), task);
       dispatching_message_queue_.pop_front();
+
+      // TODO(addaleax): The V8 inspector code currently sometimes allocates
+      // handles that leak to the outside scope, rendering a HandleScope here
+      // necessary. This handle scope can be removed/turned into a
+      // SealHandleScope once/if
+      // https://chromium-review.googlesource.com/c/v8/v8/+/1484304 makes it
+      // into our copy of V8, maybe guarded with #ifdef DEBUG if we want.
+      v8::HandleScope handle_scope(isolate_);
       task->Call(this);
     }
   } while (had_messages);

diff --git a/src/node_platform.cc b/src/node_platform.cc
@@ -8,11 +8,11 @@
 
 namespace node {
 
-using v8::HandleScope;
 using v8::Isolate;
 using v8::Local;
 using v8::Object;
 using v8::Platform;
+using v8::SealHandleScope;
 using v8::Task;
 using node::tracing::TracingController;
 
@@ -332,7 +332,9 @@ int NodePlatform::NumberOfWorkerThreads() {
 
 void PerIsolatePlatformData::RunForegroundTask(std::unique_ptr<Task> task) {
   Isolate* isolate = Isolate::GetCurrent();
-  HandleScope scope(isolate);
+#ifdef DEBUG
+  SealHandleScope scope(isolate);
+#endif
   Environment* env = Environment::GetCurrent(isolate);
   if (env != nullptr) {
     InternalCallbackScope cb_scope(env, Local<Object>(), { 0, 0 },