api: introduce SealHandleScope

src/api.cc

Index: src/api.cc
diff --git a/src/api.cc b/src/api.cc
index 0d0bf3f75a6a8d2e01e1d57ac006ff2b7b5cb1c1..a9342a9af4d4f2b686fdf6305c1264dc3a4f6328 100644
--- a/src/api.cc
+++ b/src/api.cc
@@ -686,6 +686,38 @@ i::Object** EscapableHandleScope::Escape(i::Object** escape_value) {
 }
 
 
+SealHandleScope::SealHandleScope(Isolate* isolate) {
+  i::Isolate* internal_isolate = reinterpret_cast<i::Isolate*>(isolate);
+  // We do not want to check the correct usage of the Locker class all over the
+  // place, so we do it only here: Without a HandleScope, an embedder can do
+  // almost nothing, so it is enough to check in this central place.
+  // We make an exception if the serializer is enabled, which means that the
+  // Isolate is exclusively used to create a snapshot.
+  Utils::ApiCheck(
+      !v8::Locker::IsActive() ||
+          internal_isolate->thread_manager()->IsLockedByCurrentThread() ||
+          internal_isolate->serializer_enabled(),
+      "SealHandleScope::SealHandleScope",
+      "Entering the V8 API without proper locking in place");

[Yang, 2015/03/13 07:18:20]

Do we actually need this check here? If you want to create a handle, what you
need is a HandleScope, which would check for locking. By having a
SealHandleScope, we would explicitly require a new HandleScope if someone wants
to create a handle.

+
+  isolate_ = internal_isolate;
+  i::HandleScopeData* current = internal_isolate->handle_scope_data();
+  prev_limit_ = current->limit;
+  current->limit = current->next;
+  prev_level_ = current->level;
+  current->level = 0;
+}
+
+
+SealHandleScope::~SealHandleScope() {
+  i::HandleScopeData* current = isolate_->handle_scope_data();
+  DCHECK_EQ(0, current->level);
+  current->level = prev_level_;
+  DCHECK_EQ(current->next, current->limit);
+  current->limit = prev_limit_;
+}
+
+
 void Context::Enter() {
   i::Handle<i::Context> env = Utils::OpenHandle(this);
   i::Isolate* isolate = env->GetIsolate();