From ff88cf4e9b7fc19def1a784788b1862211330953 Mon Sep 17 00:00:00 2001
From: Timothy Gu <timothygu99@gmail.com>
Date: Sat, 15 Jul 2017 00:05:54 +0800
Subject: [PATCH 01/12] src: refactor contextify

---
 node.gyp               |   1 +
 src/node_contextify.cc | 730 ++++++++++++++++++++---------------------
 src/node_contextify.h  | 111 +++++++
 3 files changed, 468 insertions(+), 374 deletions(-)
 create mode 100644 src/node_contextify.h

diff --git a/node.gyp b/node.gyp
index b0e4676a96e477..7ecf48e3bf1888 100644
--- a/node.gyp
+++ b/node.gyp
@@ -175,6 +175,7 @@
         'src/node_config.cc',
         'src/node_constants.cc',
         'src/node_contextify.cc',
+        'src/node_contextify.h',
         'src/node_debug_options.cc',
         'src/node_file.cc',
         'src/node_http_parser.cc',
diff --git a/src/node_contextify.cc b/src/node_contextify.cc
index 792b1c4f8009f9..0b8f9c27f6c2fa 100644
--- a/src/node_contextify.cc
+++ b/src/node_contextify.cc
@@ -19,6 +19,7 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+#include "node_contextify.h"
 #include "node.h"
 #include "node_internals.h"
 #include "node_watchdog.h"
@@ -67,451 +68,432 @@ using v8::UnboundScript;
 using v8::Value;
 using v8::WeakCallbackInfo;
 
-namespace {
+namespace contextify {
 
-class ContextifyContext {
- protected:
-  // V8 reserves the first field in context objects for the debugger. We use the
-  // second field to hold a reference to the sandbox object.
-  enum { kSandboxObjectIndex = 1 };
+ContextifyContext::ContextifyContext(Environment* env, Local<Object> sandbox_obj) : env_(env) {
+  Local<Context> v8_context = CreateV8Context(env, sandbox_obj);
+  context_.Reset(env->isolate(), v8_context);
 
-  Environment* const env_;
-  Persistent<Context> context_;
-
- public:
-  ContextifyContext(Environment* env, Local<Object> sandbox_obj) : env_(env) {
-    Local<Context> v8_context = CreateV8Context(env, sandbox_obj);
-    context_.Reset(env->isolate(), v8_context);
+  // Allocation failure or maximum call stack size reached
+  if (context_.IsEmpty())
+    return;
+  context_.SetWeak(this, WeakCallback, v8::WeakCallbackType::kParameter);
+  context_.MarkIndependent();
+}
 
-    // Allocation failure or maximum call stack size reached
-    if (context_.IsEmpty())
-      return;
-    context_.SetWeak(this, WeakCallback, v8::WeakCallbackType::kParameter);
-    context_.MarkIndependent();
-  }
 
+ContextifyContext::~ContextifyContext() {
+  context_.Reset();
+}
 
-  ~ContextifyContext() {
-    context_.Reset();
-  }
 
+// XXX(isaacs): This function only exists because of a shortcoming of
+// the V8 SetNamedPropertyHandler function.
+//
+// It does not provide a way to intercept Object.defineProperty(..)
+// calls.  As a result, these properties are not copied onto the
+// contextified sandbox when a new global property is added via either
+// a function declaration or a Object.defineProperty(global, ...) call.
+//
+// Note that any function declarations or Object.defineProperty()
+// globals that are created asynchronously (in a setTimeout, callback,
+// etc.) will happen AFTER the call to copy properties, and thus not be
+// caught.
+//
+// The way to properly fix this is to add some sort of a
+// Object::SetNamedDefinePropertyHandler() function that takes a callback,
+// which receives the property name and property descriptor as arguments.
+//
+// Luckily, such situations are rare, and asynchronously-added globals
+// weren't supported by Node's VM module until 0.12 anyway.  But, this
+// should be fixed properly in V8, and this copy function should be
+// removed once there is a better way.
+void ContextifyContext::CopyProperties() {
+  HandleScope scope(env()->isolate());
+
+  Local<Context> context = PersistentToLocal(env()->isolate(), context_);
+  Local<Object> global =
+      context->Global()->GetPrototype()->ToObject(env()->isolate());
+  Local<Object> sandbox_obj = sandbox();
+
+  Local<Function> clone_property_method;
+
+  Local<Array> names = global->GetOwnPropertyNames();
+  int length = names->Length();
+  for (int i = 0; i < length; i++) {
+    Local<String> key = names->Get(i)->ToString(env()->isolate());
+    Maybe<bool> has = sandbox_obj->HasOwnProperty(context, key);
+
+    // Check for pending exceptions
+    if (has.IsNothing())
+      return;
 
-  inline Environment* env() const {
-    return env_;
+    if (!has.FromJust()) {
+      Local<Object> desc_vm_context =
+          global->GetOwnPropertyDescriptor(context, key)
+          .ToLocalChecked().As<Object>();
+
+      bool is_accessor =
+          desc_vm_context->Has(context, env()->get_string()).FromJust() ||
+          desc_vm_context->Has(context, env()->set_string()).FromJust();
+
+      auto define_property_on_sandbox = [&] (PropertyDescriptor* desc) {
+          desc->set_configurable(desc_vm_context
+              ->Get(context, env()->configurable_string()).ToLocalChecked()
+              ->BooleanValue(context).FromJust());
+          desc->set_enumerable(desc_vm_context
+              ->Get(context, env()->enumerable_string()).ToLocalChecked()
+              ->BooleanValue(context).FromJust());
+          CHECK(sandbox_obj->DefineProperty(context, key, *desc).FromJust());
+      };
+
+      if (is_accessor) {
+        Local<Function> get =
+            desc_vm_context->Get(context, env()->get_string())
+            .ToLocalChecked().As<Function>();
+        Local<Function> set =
+            desc_vm_context->Get(context, env()->set_string())
+            .ToLocalChecked().As<Function>();
+
+        PropertyDescriptor desc(get, set);
+        define_property_on_sandbox(&desc);
+      } else {
+        Local<Value> value =
+            desc_vm_context->Get(context, env()->value_string())
+            .ToLocalChecked();
+
+        bool writable =
+            desc_vm_context->Get(context, env()->writable_string())
+            .ToLocalChecked()->BooleanValue(context).FromJust();
+
+        PropertyDescriptor desc(value, writable);
+        define_property_on_sandbox(&desc);
+      }
+    }
   }
+}
 
 
-  inline Local<Context> context() const {
-    return PersistentToLocal(env()->isolate(), context_);
-  }
+// This is an object that just keeps an internal pointer to this
+// ContextifyContext.  It's passed to the NamedPropertyHandler.  If we
+// pass the main JavaScript context object we're embedded in, then the
+// NamedPropertyHandler will store a reference to it forever and keep it
+// from getting gc'd.
+Local<Value> ContextifyContext::CreateDataWrapper(Environment* env) {
+  EscapableHandleScope scope(env->isolate());
+  Local<Object> wrapper =
+      env->script_data_constructor_function()
+          ->NewInstance(env->context()).FromMaybe(Local<Object>());
+  if (wrapper.IsEmpty())
+    return scope.Escape(Local<Value>::New(env->isolate(), Local<Value>()));
+
+  Wrap(wrapper, this);
+  return scope.Escape(wrapper);
+}
 
 
-  inline Local<Object> global_proxy() const {
-    return context()->Global();
-  }
+Local<Context> ContextifyContext::CreateV8Context(Environment* env, Local<Object> sandbox_obj) {
+  EscapableHandleScope scope(env->isolate());
+  Local<FunctionTemplate> function_template =
+      FunctionTemplate::New(env->isolate());
+  function_template->SetHiddenPrototype(true);
 
+  function_template->SetClassName(sandbox_obj->GetConstructorName());
 
-  inline Local<Object> sandbox() const {
-    return Local<Object>::Cast(context()->GetEmbedderData(kSandboxObjectIndex));
-  }
-
-  // XXX(isaacs): This function only exists because of a shortcoming of
-  // the V8 SetNamedPropertyHandler function.
-  //
-  // It does not provide a way to intercept Object.defineProperty(..)
-  // calls.  As a result, these properties are not copied onto the
-  // contextified sandbox when a new global property is added via either
-  // a function declaration or a Object.defineProperty(global, ...) call.
-  //
-  // Note that any function declarations or Object.defineProperty()
-  // globals that are created asynchronously (in a setTimeout, callback,
-  // etc.) will happen AFTER the call to copy properties, and thus not be
-  // caught.
-  //
-  // The way to properly fix this is to add some sort of a
-  // Object::SetNamedDefinePropertyHandler() function that takes a callback,
-  // which receives the property name and property descriptor as arguments.
-  //
-  // Luckily, such situations are rare, and asynchronously-added globals
-  // weren't supported by Node's VM module until 0.12 anyway.  But, this
-  // should be fixed properly in V8, and this copy function should be
-  // removed once there is a better way.
-  void CopyProperties() {
-    HandleScope scope(env()->isolate());
-
-    Local<Context> context = PersistentToLocal(env()->isolate(), context_);
-    Local<Object> global =
-        context->Global()->GetPrototype()->ToObject(env()->isolate());
-    Local<Object> sandbox_obj = sandbox();
-
-    Local<Function> clone_property_method;
-
-    Local<Array> names = global->GetOwnPropertyNames();
-    int length = names->Length();
-    for (int i = 0; i < length; i++) {
-      Local<String> key = names->Get(i)->ToString(env()->isolate());
-      Maybe<bool> has = sandbox_obj->HasOwnProperty(context, key);
-
-      // Check for pending exceptions
-      if (has.IsNothing())
-        return;
+  Local<ObjectTemplate> object_template =
+      function_template->InstanceTemplate();
 
-      if (!has.FromJust()) {
-        Local<Object> desc_vm_context =
-            global->GetOwnPropertyDescriptor(context, key)
-            .ToLocalChecked().As<Object>();
-
-        bool is_accessor =
-            desc_vm_context->Has(context, env()->get_string()).FromJust() ||
-            desc_vm_context->Has(context, env()->set_string()).FromJust();
-
-        auto define_property_on_sandbox = [&] (PropertyDescriptor* desc) {
-            desc->set_configurable(desc_vm_context
-                ->Get(context, env()->configurable_string()).ToLocalChecked()
-                ->BooleanValue(context).FromJust());
-            desc->set_enumerable(desc_vm_context
-                ->Get(context, env()->enumerable_string()).ToLocalChecked()
-                ->BooleanValue(context).FromJust());
-            CHECK(sandbox_obj->DefineProperty(context, key, *desc).FromJust());
-        };
-
-        if (is_accessor) {
-          Local<Function> get =
-              desc_vm_context->Get(context, env()->get_string())
-              .ToLocalChecked().As<Function>();
-          Local<Function> set =
-              desc_vm_context->Get(context, env()->set_string())
-              .ToLocalChecked().As<Function>();
-
-          PropertyDescriptor desc(get, set);
-          define_property_on_sandbox(&desc);
-        } else {
-          Local<Value> value =
-              desc_vm_context->Get(context, env()->value_string())
-              .ToLocalChecked();
-
-          bool writable =
-              desc_vm_context->Get(context, env()->writable_string())
-              .ToLocalChecked()->BooleanValue(context).FromJust();
-
-          PropertyDescriptor desc(value, writable);
-          define_property_on_sandbox(&desc);
-        }
-    }
-  }
-}
+  NamedPropertyHandlerConfiguration config(GlobalPropertyGetterCallback,
+                                           GlobalPropertySetterCallback,
+                                           GlobalPropertyQueryCallback,
+                                           GlobalPropertyDeleterCallback,
+                                           GlobalPropertyEnumeratorCallback,
+                                           CreateDataWrapper(env));
+  object_template->SetHandler(config);
 
+  Local<Context> ctx = Context::New(env->isolate(), nullptr, object_template);
 
-  // This is an object that just keeps an internal pointer to this
-  // ContextifyContext.  It's passed to the NamedPropertyHandler.  If we
-  // pass the main JavaScript context object we're embedded in, then the
-  // NamedPropertyHandler will store a reference to it forever and keep it
-  // from getting gc'd.
-  Local<Value> CreateDataWrapper(Environment* env) {
-    EscapableHandleScope scope(env->isolate());
-    Local<Object> wrapper =
-        env->script_data_constructor_function()
-            ->NewInstance(env->context()).FromMaybe(Local<Object>());
-    if (wrapper.IsEmpty())
-      return scope.Escape(Local<Value>::New(env->isolate(), Local<Value>()));
-
-    Wrap(wrapper, this);
-    return scope.Escape(wrapper);
+  if (ctx.IsEmpty()) {
+    env->ThrowError("Could not instantiate context");
+    return Local<Context>();
   }
 
+  ctx->SetSecurityToken(env->context()->GetSecurityToken());
 
-  Local<Context> CreateV8Context(Environment* env, Local<Object> sandbox_obj) {
-    EscapableHandleScope scope(env->isolate());
-    Local<FunctionTemplate> function_template =
-        FunctionTemplate::New(env->isolate());
-    function_template->SetHiddenPrototype(true);
-
-    function_template->SetClassName(sandbox_obj->GetConstructorName());
+  // We need to tie the lifetime of the sandbox object with the lifetime of
+  // newly created context. We do this by making them hold references to each
+  // other. The context can directly hold a reference to the sandbox as an
+  // embedder data field. However, we cannot hold a reference to a v8::Context
+  // directly in an Object, we instead hold onto the new context's global
+  // object instead (which then has a reference to the context).
+  ctx->SetEmbedderData(kSandboxObjectIndex, sandbox_obj);
+  sandbox_obj->SetPrivate(env->context(),
+                          env->contextify_global_private_symbol(),
+                          ctx->Global());
 
-    Local<ObjectTemplate> object_template =
-        function_template->InstanceTemplate();
+  env->AssignToContext(ctx);
 
-    NamedPropertyHandlerConfiguration config(GlobalPropertyGetterCallback,
-                                             GlobalPropertySetterCallback,
-                                             GlobalPropertyQueryCallback,
-                                             GlobalPropertyDeleterCallback,
-                                             GlobalPropertyEnumeratorCallback,
-                                             CreateDataWrapper(env));
-    object_template->SetHandler(config);
+  return scope.Escape(ctx);
+}
 
-    Local<Context> ctx = Context::New(env->isolate(), nullptr, object_template);
 
-    if (ctx.IsEmpty()) {
-      env->ThrowError("Could not instantiate context");
-      return Local<Context>();
-    }
+// static
+void ContextifyContext::Init(Environment* env, Local<Object> target) {
+  Local<FunctionTemplate> function_template =
+      FunctionTemplate::New(env->isolate());
+  function_template->InstanceTemplate()->SetInternalFieldCount(1);
+  env->set_script_data_constructor_function(function_template->GetFunction());
 
-    ctx->SetSecurityToken(env->context()->GetSecurityToken());
+  env->SetMethod(target, "runInDebugContext", RunInDebugContext);
+  env->SetMethod(target, "makeContext", MakeContext);
+  env->SetMethod(target, "isContext", IsContext);
+}
 
-    // We need to tie the lifetime of the sandbox object with the lifetime of
-    // newly created context. We do this by making them hold references to each
-    // other. The context can directly hold a reference to the sandbox as an
-    // embedder data field. However, we cannot hold a reference to a v8::Context
-    // directly in an Object, we instead hold onto the new context's global
-    // object instead (which then has a reference to the context).
-    ctx->SetEmbedderData(kSandboxObjectIndex, sandbox_obj);
-    sandbox_obj->SetPrivate(env->context(),
-                            env->contextify_global_private_symbol(),
-                            ctx->Global());
 
-    env->AssignToContext(ctx);
+// static
+void ContextifyContext::RunInDebugContext(const FunctionCallbackInfo<Value>& args) {
+  Local<String> script_source(args[0]->ToString(args.GetIsolate()));
+  if (script_source.IsEmpty())
+    return;  // Exception pending.
+  Local<Context> debug_context = Debug::GetDebugContext(args.GetIsolate());
+  Environment* env = Environment::GetCurrent(args);
+  if (debug_context.IsEmpty()) {
+    // Force-load the debug context.
+    auto dummy_event_listener = [] (const Debug::EventDetails&) {};
+    Debug::SetDebugEventListener(args.GetIsolate(), dummy_event_listener);
+    debug_context = Debug::GetDebugContext(args.GetIsolate());
+    CHECK(!debug_context.IsEmpty());
+    // Ensure that the debug context has an Environment assigned in case
+    // a fatal error is raised.  The fatal exception handler in node.cc
+    // is not equipped to deal with contexts that don't have one and
+    // can't easily be taught that due to a deficiency in the V8 API:
+    // there is no way for the embedder to tell if the data index is
+    // in use.
+    const int index = Environment::kContextEmbedderDataIndex;
+    debug_context->SetAlignedPointerInEmbedderData(index, env);
+  }
+
+  Context::Scope context_scope(debug_context);
+  MaybeLocal<Script> script = Script::Compile(debug_context, script_source);
+  if (script.IsEmpty())
+    return;  // Exception pending.
+  args.GetReturnValue().Set(script.ToLocalChecked()->Run());
+}
 
-    return scope.Escape(ctx);
-  }
 
+// static
+void ContextifyContext::MakeContext(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
 
-  static void Init(Environment* env, Local<Object> target) {
-    Local<FunctionTemplate> function_template =
-        FunctionTemplate::New(env->isolate());
-    function_template->InstanceTemplate()->SetInternalFieldCount(1);
-    env->set_script_data_constructor_function(function_template->GetFunction());
-
-    env->SetMethod(target, "runInDebugContext", RunInDebugContext);
-    env->SetMethod(target, "makeContext", MakeContext);
-    env->SetMethod(target, "isContext", IsContext);
+  if (!args[0]->IsObject()) {
+    return env->ThrowTypeError("sandbox argument must be an object.");
   }
+  Local<Object> sandbox = args[0].As<Object>();
 
+  // Don't allow contextifying a sandbox multiple times.
+  CHECK(
+      !sandbox->HasPrivate(
+          env->context(),
+          env->contextify_context_private_symbol()).FromJust());
 
-  static void RunInDebugContext(const FunctionCallbackInfo<Value>& args) {
-    Local<String> script_source(args[0]->ToString(args.GetIsolate()));
-    if (script_source.IsEmpty())
-      return;  // Exception pending.
-    Local<Context> debug_context = Debug::GetDebugContext(args.GetIsolate());
-    Environment* env = Environment::GetCurrent(args);
-    if (debug_context.IsEmpty()) {
-      // Force-load the debug context.
-      auto dummy_event_listener = [] (const Debug::EventDetails&) {};
-      Debug::SetDebugEventListener(args.GetIsolate(), dummy_event_listener);
-      debug_context = Debug::GetDebugContext(args.GetIsolate());
-      CHECK(!debug_context.IsEmpty());
-      // Ensure that the debug context has an Environment assigned in case
-      // a fatal error is raised.  The fatal exception handler in node.cc
-      // is not equipped to deal with contexts that don't have one and
-      // can't easily be taught that due to a deficiency in the V8 API:
-      // there is no way for the embedder to tell if the data index is
-      // in use.
-      const int index = Environment::kContextEmbedderDataIndex;
-      debug_context->SetAlignedPointerInEmbedderData(index, env);
-    }
+  TryCatch try_catch(env->isolate());
+  ContextifyContext* context = new ContextifyContext(env, sandbox);
 
-    Context::Scope context_scope(debug_context);
-    MaybeLocal<Script> script = Script::Compile(debug_context, script_source);
-    if (script.IsEmpty())
-      return;  // Exception pending.
-    args.GetReturnValue().Set(script.ToLocalChecked()->Run());
+  if (try_catch.HasCaught()) {
+    try_catch.ReThrow();
+    return;
   }
 
+  if (context->context().IsEmpty())
+    return;
 
-  static void MakeContext(const FunctionCallbackInfo<Value>& args) {
-    Environment* env = Environment::GetCurrent(args);
-
-    if (!args[0]->IsObject()) {
-      return env->ThrowTypeError("sandbox argument must be an object.");
-    }
-    Local<Object> sandbox = args[0].As<Object>();
+  sandbox->SetPrivate(
+      env->context(),
+      env->contextify_context_private_symbol(),
+      External::New(env->isolate(), context));
+}
 
-    // Don't allow contextifying a sandbox multiple times.
-    CHECK(
-        !sandbox->HasPrivate(
-            env->context(),
-            env->contextify_context_private_symbol()).FromJust());
 
-    TryCatch try_catch(env->isolate());
-    ContextifyContext* context = new ContextifyContext(env, sandbox);
-
-    if (try_catch.HasCaught()) {
-      try_catch.ReThrow();
-      return;
-    }
+// static
+void ContextifyContext::IsContext(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
 
-    if (context->context().IsEmpty())
-      return;
-
-    sandbox->SetPrivate(
-        env->context(),
-        env->contextify_context_private_symbol(),
-        External::New(env->isolate(), context));
+  if (!args[0]->IsObject()) {
+    env->ThrowTypeError("sandbox must be an object");
+    return;
   }
+  Local<Object> sandbox = args[0].As<Object>();
 
-
-  static void IsContext(const FunctionCallbackInfo<Value>& args) {
-    Environment* env = Environment::GetCurrent(args);
-
-    if (!args[0]->IsObject()) {
-      env->ThrowTypeError("sandbox must be an object");
-      return;
-    }
-    Local<Object> sandbox = args[0].As<Object>();
-
-    Maybe<bool> result =
-        sandbox->HasPrivate(env->context(),
-                            env->contextify_context_private_symbol());
-    args.GetReturnValue().Set(result.FromJust());
-  }
+  Maybe<bool> result =
+      sandbox->HasPrivate(env->context(),
+                          env->contextify_context_private_symbol());
+  args.GetReturnValue().Set(result.FromJust());
+}
 
 
-  static void WeakCallback(const WeakCallbackInfo<ContextifyContext>& data) {
-    ContextifyContext* context = data.GetParameter();
-    delete context;
-  }
+// static
+void ContextifyContext::WeakCallback(const WeakCallbackInfo<ContextifyContext>& data) {
+  ContextifyContext* context = data.GetParameter();
+  delete context;
+}
 
 
-  static ContextifyContext* ContextFromContextifiedSandbox(
-      Environment* env,
-      const Local<Object>& sandbox) {
-    MaybeLocal<Value> maybe_value =
-        sandbox->GetPrivate(env->context(),
-                            env->contextify_context_private_symbol());
-    Local<Value> context_external_v;
-    if (maybe_value.ToLocal(&context_external_v) &&
-        context_external_v->IsExternal()) {
-      Local<External> context_external = context_external_v.As<External>();
-      return static_cast<ContextifyContext*>(context_external->Value());
-    }
-    return nullptr;
-  }
+// static
+ContextifyContext* ContextifyContext::ContextFromContextifiedSandbox(
+    Environment* env,
+    const Local<Object>& sandbox) {
+  MaybeLocal<Value> maybe_value =
+      sandbox->GetPrivate(env->context(),
+                          env->contextify_context_private_symbol());
+  Local<Value> context_external_v;
+  if (maybe_value.ToLocal(&context_external_v) &&
+      context_external_v->IsExternal()) {
+    Local<External> context_external = context_external_v.As<External>();
+    return static_cast<ContextifyContext*>(context_external->Value());
+  }
+  return nullptr;
+}
 
 
-  static void GlobalPropertyGetterCallback(
-      Local<Name> property,
-      const PropertyCallbackInfo<Value>& args) {
-    ContextifyContext* ctx;
-    ASSIGN_OR_RETURN_UNWRAP(&ctx, args.Data().As<Object>());
+// static
+void ContextifyContext::GlobalPropertyGetterCallback(
+    Local<Name> property,
+    const PropertyCallbackInfo<Value>& args) {
+  ContextifyContext* ctx;
+  ASSIGN_OR_RETURN_UNWRAP(&ctx, args.Data().As<Object>());
 
-    // Still initializing
-    if (ctx->context_.IsEmpty())
-      return;
+  // Still initializing
+  if (ctx->context_.IsEmpty())
+    return;
 
-    Local<Context> context = ctx->context();
-    Local<Object> sandbox = ctx->sandbox();
-    MaybeLocal<Value> maybe_rv =
-        sandbox->GetRealNamedProperty(context, property);
-    if (maybe_rv.IsEmpty()) {
-      maybe_rv =
-          ctx->global_proxy()->GetRealNamedProperty(context, property);
-    }
+  Local<Context> context = ctx->context();
+  Local<Object> sandbox = ctx->sandbox();
+  MaybeLocal<Value> maybe_rv =
+      sandbox->GetRealNamedProperty(context, property);
+  if (maybe_rv.IsEmpty()) {
+    maybe_rv =
+        ctx->global_proxy()->GetRealNamedProperty(context, property);
+  }
 
-    Local<Value> rv;
-    if (maybe_rv.ToLocal(&rv)) {
-      if (rv == sandbox)
-        rv = ctx->global_proxy();
+  Local<Value> rv;
+  if (maybe_rv.ToLocal(&rv)) {
+    if (rv == sandbox)
+      rv = ctx->global_proxy();
 
-      args.GetReturnValue().Set(rv);
-    }
+    args.GetReturnValue().Set(rv);
   }
+}
 
 
-  static void GlobalPropertySetterCallback(
-      Local<Name> property,
-      Local<Value> value,
-      const PropertyCallbackInfo<Value>& args) {
-    ContextifyContext* ctx;
-    ASSIGN_OR_RETURN_UNWRAP(&ctx, args.Data().As<Object>());
+// static
+void ContextifyContext::GlobalPropertySetterCallback(
+    Local<Name> property,
+    Local<Value> value,
+    const PropertyCallbackInfo<Value>& args) {
+  ContextifyContext* ctx;
+  ASSIGN_OR_RETURN_UNWRAP(&ctx, args.Data().As<Object>());
+
+  // Still initializing
+  if (ctx->context_.IsEmpty())
+    return;
+
+  auto attributes = PropertyAttribute::None;
+  bool is_declared =
+      ctx->global_proxy()->GetRealNamedPropertyAttributes(ctx->context(),
+                                                          property)
+      .To(&attributes);
+  bool read_only =
+      static_cast<int>(attributes) &
+      static_cast<int>(PropertyAttribute::ReadOnly);
+
+  if (is_declared && read_only)
+    return;
+
+  // true for x = 5
+  // false for this.x = 5
+  // false for Object.defineProperty(this, 'foo', ...)
+  // false for vmResult.x = 5 where vmResult = vm.runInContext();
+  bool is_contextual_store = ctx->global_proxy() != args.This();
+
+  // Indicator to not return before setting (undeclared) function declarations
+  // on the sandbox in strict mode, i.e. args.ShouldThrowOnError() = true.
+  // True for 'function f() {}', 'this.f = function() {}',
+  // 'var f = function()'.
+  // In effect only for 'function f() {}' because
+  // var f = function(), is_declared = true
+  // this.f = function() {}, is_contextual_store = false.
+  bool is_function = value->IsFunction();
+
+  if (!is_declared && args.ShouldThrowOnError() && is_contextual_store &&
+  !is_function)
+    return;
+
+  ctx->sandbox()->Set(property, value);
+}
 
-    // Still initializing
-    if (ctx->context_.IsEmpty())
-      return;
 
-    auto attributes = PropertyAttribute::None;
-    bool is_declared =
-        ctx->global_proxy()->GetRealNamedPropertyAttributes(ctx->context(),
-                                                            property)
-        .To(&attributes);
-    bool read_only =
-        static_cast<int>(attributes) &
-        static_cast<int>(PropertyAttribute::ReadOnly);
+// static
+void ContextifyContext::GlobalPropertyQueryCallback(
+    Local<Name> property,
+    const PropertyCallbackInfo<Integer>& args) {
+  ContextifyContext* ctx;
+  ASSIGN_OR_RETURN_UNWRAP(&ctx, args.Data().As<Object>());
 
-    if (is_declared && read_only)
-      return;
+  // Still initializing
+  if (ctx->context_.IsEmpty())
+    return;
 
-    // true for x = 5
-    // false for this.x = 5
-    // false for Object.defineProperty(this, 'foo', ...)
-    // false for vmResult.x = 5 where vmResult = vm.runInContext();
-    bool is_contextual_store = ctx->global_proxy() != args.This();
-
-    // Indicator to not return before setting (undeclared) function declarations
-    // on the sandbox in strict mode, i.e. args.ShouldThrowOnError() = true.
-    // True for 'function f() {}', 'this.f = function() {}',
-    // 'var f = function()'.
-    // In effect only for 'function f() {}' because
-    // var f = function(), is_declared = true
-    // this.f = function() {}, is_contextual_store = false.
-    bool is_function = value->IsFunction();
-
-    if (!is_declared && args.ShouldThrowOnError() && is_contextual_store &&
-    !is_function)
-      return;
+  Local<Context> context = ctx->context();
+  Maybe<PropertyAttribute> maybe_prop_attr =
+      ctx->sandbox()->GetRealNamedPropertyAttributes(context, property);
 
-    ctx->sandbox()->Set(property, value);
+  if (maybe_prop_attr.IsNothing()) {
+    maybe_prop_attr =
+        ctx->global_proxy()->GetRealNamedPropertyAttributes(context,
+                                                            property);
   }
 
-
-  static void GlobalPropertyQueryCallback(
-      Local<Name> property,
-      const PropertyCallbackInfo<Integer>& args) {
-    ContextifyContext* ctx;
-    ASSIGN_OR_RETURN_UNWRAP(&ctx, args.Data().As<Object>());
-
-    // Still initializing
-    if (ctx->context_.IsEmpty())
-      return;
-
-    Local<Context> context = ctx->context();
-    Maybe<PropertyAttribute> maybe_prop_attr =
-        ctx->sandbox()->GetRealNamedPropertyAttributes(context, property);
-
-    if (maybe_prop_attr.IsNothing()) {
-      maybe_prop_attr =
-          ctx->global_proxy()->GetRealNamedPropertyAttributes(context,
-                                                              property);
-    }
-
-    if (maybe_prop_attr.IsJust()) {
-      PropertyAttribute prop_attr = maybe_prop_attr.FromJust();
-      args.GetReturnValue().Set(prop_attr);
-    }
+  if (maybe_prop_attr.IsJust()) {
+    PropertyAttribute prop_attr = maybe_prop_attr.FromJust();
+    args.GetReturnValue().Set(prop_attr);
   }
+}
 
 
-  static void GlobalPropertyDeleterCallback(
-      Local<Name> property,
-      const PropertyCallbackInfo<Boolean>& args) {
-    ContextifyContext* ctx;
-    ASSIGN_OR_RETURN_UNWRAP(&ctx, args.Data().As<Object>());
+// static
+void ContextifyContext::GlobalPropertyDeleterCallback(
+    Local<Name> property,
+    const PropertyCallbackInfo<Boolean>& args) {
+  ContextifyContext* ctx;
+  ASSIGN_OR_RETURN_UNWRAP(&ctx, args.Data().As<Object>());
 
-    // Still initializing
-    if (ctx->context_.IsEmpty())
-      return;
+  // Still initializing
+  if (ctx->context_.IsEmpty())
+    return;
 
-    Maybe<bool> success = ctx->sandbox()->Delete(ctx->context(), property);
+  Maybe<bool> success = ctx->sandbox()->Delete(ctx->context(), property);
 
-    if (success.FromMaybe(false))
-      return;
+  if (success.FromMaybe(false))
+    return;
 
-    // Delete failed on the sandbox, intercept and do not delete on
-    // the global object.
-    args.GetReturnValue().Set(false);
-  }
+  // Delete failed on the sandbox, intercept and do not delete on
+  // the global object.
+  args.GetReturnValue().Set(false);
+}
 
 
-  static void GlobalPropertyEnumeratorCallback(
-      const PropertyCallbackInfo<Array>& args) {
-    ContextifyContext* ctx;
-    ASSIGN_OR_RETURN_UNWRAP(&ctx, args.Data().As<Object>());
+// static
+void ContextifyContext::GlobalPropertyEnumeratorCallback(
+    const PropertyCallbackInfo<Array>& args) {
+  ContextifyContext* ctx;
+  ASSIGN_OR_RETURN_UNWRAP(&ctx, args.Data().As<Object>());
 
-    // Still initializing
-    if (ctx->context_.IsEmpty())
-      return;
+  // Still initializing
+  if (ctx->context_.IsEmpty())
+    return;
 
-    args.GetReturnValue().Set(ctx->sandbox()->GetPropertyNames());
-  }
-};
+  args.GetReturnValue().Set(ctx->sandbox()->GetPropertyNames());
+}
 
 class ContextifyScript : public BaseObject {
  private:
@@ -1024,7 +1006,7 @@ void InitContextify(Local<Object> target,
   ContextifyScript::Init(env, target);
 }
 
-}  // anonymous namespace
+}  // namespace contextify
 }  // namespace node
 
-NODE_MODULE_CONTEXT_AWARE_BUILTIN(contextify, node::InitContextify)
+NODE_MODULE_CONTEXT_AWARE_BUILTIN(contextify, node::contextify::InitContextify)
diff --git a/src/node_contextify.h b/src/node_contextify.h
new file mode 100644
index 00000000000000..5beca29ce64082
--- /dev/null
+++ b/src/node_contextify.h
@@ -0,0 +1,111 @@
+// Copyright Joyent, Inc. and other Node contributors.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a
+// copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to permit
+// persons to whom the Software is furnished to do so, subject to the
+// following conditions:
+//
+// The above copyright notice and this permission notice shall be included
+// in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+// USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+#ifndef SRC_NODE_CONTEXTIFY_H_
+#define SRC_NODE_CONTEXTIFY_H_
+
+#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
+
+#include "v8.h"
+#include "base-object.h"
+#include "env.h"
+
+namespace node {
+
+namespace contextify {
+
+class ContextifyContext {
+ protected:
+  // V8 reserves the first field in context objects for the debugger. We use the
+  // second field to hold a reference to the sandbox object.
+  enum { kSandboxObjectIndex = 1 };
+
+  Environment* const env_;
+  v8::Persistent<v8::Context> context_;
+
+ public:
+  ContextifyContext(Environment* env, v8::Local<v8::Object> sandbox_obj);
+
+
+  ~ContextifyContext();
+
+
+  inline Environment* env() const {
+    return env_;
+  }
+
+
+  inline v8::Local<v8::Context> context() const {
+    return PersistentToLocal(env()->isolate(), context_);
+  }
+
+
+  inline v8::Local<v8::Object> global_proxy() const {
+    return context()->Global();
+  }
+
+
+  inline v8::Local<v8::Object> sandbox() const {
+    return v8::Local<v8::Object>::Cast(
+        context()->GetEmbedderData(kSandboxObjectIndex));
+  }
+
+  void CopyProperties();
+
+  static ContextifyContext* ContextFromContextifiedSandbox(
+      Environment* env,
+      const v8::Local<v8::Object>& sandbox);
+
+  static void Init(Environment* env, v8::Local<v8::Object> target);
+
+ private:
+  v8::Local<v8::Value> CreateDataWrapper(Environment* env);
+  v8::Local<v8::Context> CreateV8Context(Environment* env, v8::Local<v8::Object> sandbox_obj);
+
+  static void RunInDebugContext(const v8::FunctionCallbackInfo<v8::Value>& args);
+  static void MakeContext(const v8::FunctionCallbackInfo<v8::Value>& args);
+  static void IsContext(const v8::FunctionCallbackInfo<v8::Value>& args);
+
+  static void WeakCallback(const v8::WeakCallbackInfo<ContextifyContext>& data);
+  static void GlobalPropertyGetterCallback(
+      v8::Local<v8::Name> property,
+      const v8::PropertyCallbackInfo<v8::Value>& args);
+  static void GlobalPropertySetterCallback(
+      v8::Local<v8::Name> property,
+      v8::Local<v8::Value> value,
+      const v8::PropertyCallbackInfo<v8::Value>& args);
+  static void GlobalPropertyQueryCallback(
+      v8::Local<v8::Name> property,
+      const v8::PropertyCallbackInfo<v8::Integer>& args);
+  static void GlobalPropertyDeleterCallback(
+      v8::Local<v8::Name> property,
+      const v8::PropertyCallbackInfo<v8::Boolean>& args);
+  static void GlobalPropertyEnumeratorCallback(
+      const v8::PropertyCallbackInfo<v8::Array>& args);
+};
+
+}  // namespace contextify
+
+}  // namespace node
+
+#endif  // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
+
+#endif  // SRC_NODE_CONTEXTIFY_H_

From 9f12ee8818f96256c5ef226021cee902f94ffb04 Mon Sep 17 00:00:00 2001
From: Timothy Gu <timothygu99@gmail.com>
Date: Sat, 15 Jul 2017 01:29:12 +0800
Subject: [PATCH 02/12] [WIP] src, inspector: support opted-in VM contexts

Based on work by Bradley Farias <bradley.meck@gmail.com> and Eugene
Ostroukhov <eostroukhov@chromium.org>.

TODO: V8's console is injected unconditionally, which may be not desirable.

Fixes: https://github.com/nodejs/node/issues/7593
Refs: https://github.com/nodejs/node/pull/9272
---
 lib/inspector.js       |  45 +++++++++++++++-
 lib/internal/errors.js |   2 +
 node.gyp               |   2 +
 src/inspector_agent.cc | 120 +++++++++++++++++++++++++++++++++++++----
 src/inspector_agent.h  |  35 ++++++++++++
 5 files changed, 192 insertions(+), 12 deletions(-)

diff --git a/lib/inspector.js b/lib/inspector.js
index 6a80c36d528a1d..093bc46a326315 100644
--- a/lib/inspector.js
+++ b/lib/inspector.js
@@ -2,7 +2,14 @@
 
 const EventEmitter = require('events');
 const util = require('util');
-const { connect, open, url } = process.binding('inspector');
+const { isContext } = process.binding('contextify');
+const {
+  connect,
+  open,
+  url,
+  attachContext: _attachContext,
+  detachContext: _detachContext
+} = process.binding('inspector');
 
 if (!connect)
   throw new Error('Inspector is not available');
@@ -86,9 +93,43 @@ class Session extends EventEmitter {
   }
 }
 
+function checkSandbox(sandbox) {
+  if (typeof sandbox !== 'object') {
+    throw new errors.TypeError('ERR_INVALID_ARG_TYPE', 'sandbox',
+                               'object', sandbox);
+  }
+  if (!isContext(sandbox)) {
+    throw new errors.TypeError('ERR_SANDBOX_NOT_CONTEXTIFIED');
+  }
+}
+
+let ctxIdx = 1;
+function attachContext(sandbox, {
+  name = `vm Module Context ${ctxIdx}`,
+  origin
+} = {}) {
+  checkSandbox(sandbox);
+  if (typeof name !== 'string') {
+    throw new errors.TypeError('ERR_INVALID_ARG_TYPE', 'options.name',
+                               'string', name);
+  }
+  if (origin !== undefined && typeof origin !== 'string') {
+    throw new errors.TypeError('ERR_INVALID_ARG_TYPE', 'options.origin',
+                               'string', origin);
+  }
+  _attachContext(sandbox, name, origin);
+}
+
+function detachContext(sandbox) {
+  checkSandbox(sandbox);
+  _detachContext(sandbox);
+}
+
 module.exports = {
   open: (port, host, wait) => open(port, host, !!wait),
   close: process._debugEnd,
   url: url,
-  Session
+  Session,
+  attachContext,
+  detachContext
 };
diff --git a/lib/internal/errors.js b/lib/internal/errors.js
index 435db9e2bfd5e6..167c170c6e099c 100644
--- a/lib/internal/errors.js
+++ b/lib/internal/errors.js
@@ -165,6 +165,8 @@ E('ERR_NAPI_CONS_FUNCTION', 'Constructor must be a function');
 E('ERR_NAPI_CONS_PROTOTYPE_OBJECT', 'Constructor.prototype must be an object');
 E('ERR_NO_CRYPTO', 'Node.js is not compiled with OpenSSL crypto support');
 E('ERR_PARSE_HISTORY_DATA', 'Could not parse history data in %s');
+E('ERR_SANDBOX_NOT_CONTEXTIFIED',
+  'Provided sandbox must have been converted to a context')
 E('ERR_SOCKET_ALREADY_BOUND', 'Socket is already bound');
 E('ERR_SOCKET_BAD_TYPE',
   'Bad socket type specified. Valid types are: udp4, udp6');
diff --git a/node.gyp b/node.gyp
index 7ecf48e3bf1888..d001e7246b4912 100644
--- a/node.gyp
+++ b/node.gyp
@@ -625,8 +625,10 @@
         '<(OBJ_PATH)<(OBJ_SEPARATOR)env.<(OBJ_SUFFIX)',
         '<(OBJ_PATH)<(OBJ_SEPARATOR)node.<(OBJ_SUFFIX)',
         '<(OBJ_PATH)<(OBJ_SEPARATOR)node_buffer.<(OBJ_SUFFIX)',
+        '<(OBJ_PATH)<(OBJ_SEPARATOR)node_contextify.<(OBJ_SUFFIX)',
         '<(OBJ_PATH)<(OBJ_SEPARATOR)node_i18n.<(OBJ_SUFFIX)',
         '<(OBJ_PATH)<(OBJ_SEPARATOR)node_url.<(OBJ_SUFFIX)',
+        '<(OBJ_PATH)<(OBJ_SEPARATOR)node_watchdog.<(OBJ_SUFFIX)',
         '<(OBJ_PATH)<(OBJ_SEPARATOR)util.<(OBJ_SUFFIX)',
         '<(OBJ_PATH)<(OBJ_SEPARATOR)string_bytes.<(OBJ_SUFFIX)',
         '<(OBJ_PATH)<(OBJ_SEPARATOR)string_search.<(OBJ_SUFFIX)',
diff --git a/src/inspector_agent.cc b/src/inspector_agent.cc
index a06ff032ff7d51..79653f0dd005a8 100644
--- a/src/inspector_agent.cc
+++ b/src/inspector_agent.cc
@@ -4,6 +4,7 @@
 #include "env.h"
 #include "env-inl.h"
 #include "node.h"
+#include "node_contextify.h"
 #include "v8-inspector.h"
 #include "v8-platform.h"
 #include "util.h"
@@ -11,6 +12,7 @@
 
 #include "libplatform/libplatform.h"
 
+#include <algorithm>
 #include <string.h>
 #include <vector>
 
@@ -21,6 +23,9 @@
 namespace node {
 namespace inspector {
 namespace {
+
+using node::contextify::ContextifyContext;
+
 using v8::Context;
 using v8::External;
 using v8::Function;
@@ -43,6 +48,10 @@ using v8_inspector::V8Inspector;
 static uv_sem_t start_io_thread_semaphore;
 static uv_async_t start_io_thread_async;
 
+// Used in NodeInspectorClient::currentTimeMS() below.
+const int NANOS_PER_MSEC = 1000000;
+const int CONTEXT_GROUP_ID = 1;
+
 class StartIoTask : public v8::Task {
  public:
   explicit StartIoTask(Agent* agent) : agent(agent) {}
@@ -376,9 +385,61 @@ void CallAndPauseOnStart(
   }
 }
 
-// Used in NodeInspectorClient::currentTimeMS() below.
-const int NANOS_PER_MSEC = 1000000;
-const int CONTEXT_GROUP_ID = 1;
+void AttachContext(const v8::FunctionCallbackInfo<v8::Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+  if (!args[0]->IsObject()) {
+    env->ThrowTypeError("sandbox must be an object");
+    return;
+  }
+  Local<Object> sandbox = args[0].As<Object>();
+  ContextifyContext* contextify_context =
+      ContextifyContext::ContextFromContextifiedSandbox(env, sandbox);
+  if (contextify_context == nullptr) {
+    return env->ThrowTypeError(
+        "sandbox argument must have been converted to a context.");
+  }
+
+  if (contextify_context->context().IsEmpty())
+    return;
+
+  const char* name =
+      args[1]->IsString() ?
+          Utf8Value(env->isolate(), args[1]).out() :
+          "vm Module Context";
+  const char* origin =
+      args[2]->IsString() ?
+          Utf8Value(env->isolate(), args[2]).out() :
+          nullptr;
+
+  // TODO(TimothyGu): Don't allow customizing group ID for now; not sure what
+  // it's used for.
+  int group_id = CONTEXT_GROUP_ID;
+
+  auto info = new node::inspector::ContextInfo(
+      contextify_context->context(), group_id, name, origin,
+      "{\"isDefault\":false}");
+  env->inspector_agent()->ContextCreated(info);
+}
+
+void DetachContext(const v8::FunctionCallbackInfo<v8::Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+  if (!args[0]->IsObject()) {
+    env->ThrowTypeError("sandbox must be an object");
+    return;
+  }
+  Local<Object> sandbox = args[0].As<Object>();
+  ContextifyContext* contextify_context =
+      ContextifyContext::ContextFromContextifiedSandbox(env, sandbox);
+  if (contextify_context == nullptr) {
+    return env->ThrowTypeError(
+        "sandbox argument must have been converted to a context.");
+  }
+
+  if (contextify_context->context().IsEmpty())
+    return;
+
+  env->inspector_agent()->ContextDestroyed(contextify_context->context());
+}
 
 class ChannelImpl final : public v8_inspector::V8Inspector::Channel {
  public:
@@ -459,11 +520,24 @@ class NodeInspectorClient : public v8_inspector::V8InspectorClient {
     return uv_hrtime() * 1.0 / NANOS_PER_MSEC;
   }
 
-  void contextCreated(Local<Context> context, const std::string& name) {
-    std::unique_ptr<StringBuffer> name_buffer = Utf8ToStringView(name);
-    v8_inspector::V8ContextInfo info(context, CONTEXT_GROUP_ID,
-                                     name_buffer->string());
-    client_->contextCreated(info);
+  void contextCreated(const node::inspector::ContextInfo* info) {
+    std::unique_ptr<StringBuffer> name_buffer = Utf8ToStringView(info->name());
+    v8_inspector::V8ContextInfo v8_info(info->context(env_->isolate()),
+                                        info->group_id(),
+                                        name_buffer->string());
+
+    std::unique_ptr<StringBuffer> origin_buffer;
+    std::unique_ptr<StringBuffer> aux_data_buffer;
+    if (info->origin() != nullptr) {
+      origin_buffer = Utf8ToStringView(info->origin());
+      v8_info.origin = origin_buffer->string();
+    }
+    if (info->aux_data() != nullptr) {
+      aux_data_buffer = Utf8ToStringView(info->aux_data());
+      v8_info.auxData = aux_data_buffer->string();
+    }
+
+    client_->contextCreated(v8_info);
   }
 
   void contextDestroyed(Local<Context> context) {
@@ -546,6 +620,25 @@ Agent::Agent(Environment* env) : parent_env_(env),
 Agent::~Agent() {
 }
 
+void Agent::ContextCreated(const node::inspector::ContextInfo* info) {
+  contexts_.push_back(info);
+  client_->contextCreated(info);
+}
+
+void Agent::ContextDestroyed(Local<Context> context) {
+  auto it = std::find_if(
+      contexts_.begin(), contexts_.end(),
+      [&] (const node::inspector::ContextInfo*& info) {
+        return info->context(parent_env_->isolate()) == context;
+      });
+  if (it == contexts_.end()) {
+    return;
+  }
+  delete *it;
+  contexts_.erase(it);
+  client_->contextDestroyed(context);
+}
+
 bool Agent::Start(v8::Platform* platform, const char* path,
                   const DebugOptions& options) {
   path_ = path == nullptr ? "" : path;
@@ -553,7 +646,10 @@ bool Agent::Start(v8::Platform* platform, const char* path,
   client_ =
       std::unique_ptr<NodeInspectorClient>(
           new NodeInspectorClient(parent_env_, platform));
-  client_->contextCreated(parent_env_->context(), "Node.js Main Context");
+  ContextCreated(
+      new node::inspector::ContextInfo(
+          parent_env_->context(), CONTEXT_GROUP_ID, "Node.js Main Context",
+          nullptr, "{\"isDefault\":true}"));
   platform_ = platform;
   CHECK_EQ(0, uv_async_init(uv_default_loop(),
                             &start_io_thread_async,
@@ -627,7 +723,9 @@ bool Agent::IsConnected() {
 
 void Agent::WaitForDisconnect() {
   CHECK_NE(client_, nullptr);
-  client_->contextDestroyed(parent_env_->context());
+  for (const node::inspector::ContextInfo*& info : contexts_) {
+    ContextDestroyed(info->context(parent_env_->isolate()));
+  }
   if (io_ != nullptr) {
     io_->WaitForDisconnect();
   }
@@ -713,6 +811,8 @@ void Agent::InitInspector(Local<Object> target, Local<Value> unused,
   Environment* env = Environment::GetCurrent(context);
   Agent* agent = env->inspector_agent();
   env->SetMethod(target, "consoleCall", InspectorConsoleCall);
+  env->SetMethod(target, "attachContext", AttachContext);
+  env->SetMethod(target, "detachContext", DetachContext);
   if (agent->debug_options_.wait_for_connect())
     env->SetMethod(target, "callAndPauseOnStart", CallAndPauseOnStart);
   env->SetMethod(target, "connect", ConnectJSBindingsSession);
diff --git a/src/inspector_agent.h b/src/inspector_agent.h
index 80967212cd7aef..083ac0dfcf6421 100644
--- a/src/inspector_agent.h
+++ b/src/inspector_agent.h
@@ -2,6 +2,7 @@
 #define SRC_INSPECTOR_AGENT_H_
 
 #include <memory>
+#include <vector>
 
 #include <stddef.h>
 
@@ -9,6 +10,7 @@
 #error("This header can only be used when inspector is enabled")
 #endif
 
+#include "v8.h"
 #include "node_debug_options.h"
 
 // Forward declaration to break recursive dependency chain with src/env.h.
@@ -46,6 +48,35 @@ class InspectorSessionDelegate {
 class InspectorIo;
 class NodeInspectorClient;
 
+class ContextInfo {
+ public:
+  explicit ContextInfo(v8::Local<v8::Context> context, const int group_id,
+                       const char* name, const char* origin = nullptr,
+                       const char* aux_data = nullptr)
+                       : group_id_(group_id),
+                         name_(name),
+                         origin_(origin),
+                         aux_data_(aux_data) {
+    context_.Reset(context->GetIsolate(), context);
+  }
+
+  inline v8::Local<v8::Context> context(v8::Isolate* isolate) const {
+    return context_.Get(isolate);
+  }
+
+  int group_id() const { return group_id_; }
+  const char* name() const { return name_; }
+  const char* origin() const { return origin_; }
+  const char* aux_data() const { return aux_data_; }
+
+ private:
+  v8::Persistent<v8::Context> context_;
+  const int group_id_;
+  const char* name_;
+  const char* origin_;
+  const char* aux_data_;
+};
+
 class Agent {
  public:
   explicit Agent(node::Environment* env);
@@ -57,6 +88,9 @@ class Agent {
   // Stop and destroy io_
   void Stop();
 
+  void ContextCreated(const node::inspector::ContextInfo* info);
+  void ContextDestroyed(v8::Local<v8::Context> context);
+
   bool IsStarted() { return !!client_; }
 
   // IO thread started, and client connected
@@ -102,6 +136,7 @@ class Agent {
   std::unique_ptr<NodeInspectorClient> client_;
   std::unique_ptr<InspectorIo> io_;
   v8::Platform* platform_;
+  std::vector<const node::inspector::ContextInfo*> contexts_;
   bool enabled_;
   std::string path_;
   DebugOptions debug_options_;

From a08b03eebe7bcbefbee1655229730db7ad0c7483 Mon Sep 17 00:00:00 2001
From: Timothy Gu <timothygu99@gmail.com>
Date: Sat, 15 Jul 2017 11:18:05 +0800
Subject: [PATCH 03/12] ignore already tracked contexts

---
 src/inspector_agent.cc | 17 ++++++++++++++---
 src/inspector_agent.h  |  2 +-
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/src/inspector_agent.cc b/src/inspector_agent.cc
index 79653f0dd005a8..57d1d6f1a6ab8c 100644
--- a/src/inspector_agent.cc
+++ b/src/inspector_agent.cc
@@ -418,6 +418,7 @@ void AttachContext(const v8::FunctionCallbackInfo<v8::Value>& args) {
   auto info = new node::inspector::ContextInfo(
       contextify_context->context(), group_id, name, origin,
       "{\"isDefault\":false}");
+  // Ignore error.
   env->inspector_agent()->ContextCreated(info);
 }
 
@@ -620,9 +621,19 @@ Agent::Agent(Environment* env) : parent_env_(env),
 Agent::~Agent() {
 }
 
-void Agent::ContextCreated(const node::inspector::ContextInfo* info) {
+bool Agent::ContextCreated(const node::inspector::ContextInfo* info) {
+  auto isolate = parent_env_->isolate();
+  auto it = std::find_if(
+      contexts_.begin(), contexts_.end(),
+      [&] (const node::inspector::ContextInfo*& cur) {
+        return cur->context(isolate) == info->context(isolate);
+      });
+  if (it != contexts_.end()) {
+    return false;
+  }
   contexts_.push_back(info);
   client_->contextCreated(info);
+  return true;
 }
 
 void Agent::ContextDestroyed(Local<Context> context) {
@@ -646,10 +657,10 @@ bool Agent::Start(v8::Platform* platform, const char* path,
   client_ =
       std::unique_ptr<NodeInspectorClient>(
           new NodeInspectorClient(parent_env_, platform));
-  ContextCreated(
+  CHECK(ContextCreated(
       new node::inspector::ContextInfo(
           parent_env_->context(), CONTEXT_GROUP_ID, "Node.js Main Context",
-          nullptr, "{\"isDefault\":true}"));
+          nullptr, "{\"isDefault\":true}")));
   platform_ = platform;
   CHECK_EQ(0, uv_async_init(uv_default_loop(),
                             &start_io_thread_async,
diff --git a/src/inspector_agent.h b/src/inspector_agent.h
index 083ac0dfcf6421..5a429cca09f772 100644
--- a/src/inspector_agent.h
+++ b/src/inspector_agent.h
@@ -88,7 +88,7 @@ class Agent {
   // Stop and destroy io_
   void Stop();
 
-  void ContextCreated(const node::inspector::ContextInfo* info);
+  bool ContextCreated(const node::inspector::ContextInfo* info);
   void ContextDestroyed(v8::Local<v8::Context> context);
 
   bool IsStarted() { return !!client_; }

From 2d9272cc07464d3fa9872dc74602b912dd56f0d5 Mon Sep 17 00:00:00 2001
From: Timothy Gu <timothygu99@gmail.com>
Date: Mon, 17 Jul 2017 10:50:48 +0800
Subject: [PATCH 04/12] src: add a macro for debugging inspector WS

---
 src/inspector_socket_server.cc | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/inspector_socket_server.cc b/src/inspector_socket_server.cc
index cdc907ee9b263b..c3663bfe626e74 100644
--- a/src/inspector_socket_server.cc
+++ b/src/inspector_socket_server.cc
@@ -9,6 +9,8 @@
 #include <set>
 #include <sstream>
 
+#define DEBUG_TRANSACTION 0
+
 namespace node {
 namespace inspector {
 
@@ -566,8 +568,11 @@ void SocketSession::ReadCallback(uv_stream_t* stream, ssize_t read,
   InspectorSocket* socket = inspector_from_stream(stream);
   SocketSession* session = SocketSession::From(socket);
   if (read > 0) {
-    session->server_->MessageReceived(session->id_,
-                                      std::string(buf->base, read));
+    std::string str(buf->base, read);
+#if DEBUG_TRANSACTION
+    printf(">>> %s\n", str.c_str());
+#endif // DEBUG_TRANSACTION
+    session->server_->MessageReceived(session->id_, str);
   } else {
     session->Close();
   }
@@ -576,6 +581,9 @@ void SocketSession::ReadCallback(uv_stream_t* stream, ssize_t read,
 }
 
 void SocketSession::Send(const std::string& message) {
+#if DEBUG_TRANSACTION
+  printf("<<< %s\n", message.c_str());
+#endif // DEBUG_TRANSACTION
   inspector_write(&socket_, message.data(), message.length());
 }
 

From f1ca8187e16832f865eb72e82efbd8aa5cd79156 Mon Sep 17 00:00:00 2001
From: Timothy Gu <timothygu99@gmail.com>
Date: Mon, 17 Jul 2017 13:45:19 +0800
Subject: [PATCH 05/12] test: add some tools to common

---
 test/common/README.md | 44 +++++++++++++++++++++++++++++++++++++++++++
 test/common/index.js  | 33 ++++++++++++++++++++++++++++++++
 2 files changed, 77 insertions(+)

diff --git a/test/common/README.md b/test/common/README.md
index 1a633fb719089f..ab0cac669a6d9a 100644
--- a/test/common/README.md
+++ b/test/common/README.md
@@ -26,6 +26,32 @@ A stream to push an array into a REPL
 
 Blocks for `time` amount of time.
 
+### cancellableOnce(eventName)
+* `eventName` [&lt;String>]
+* return [&lt;Promise>]
+
+A version of
+[EventEmitter.prototype.once](https://nodejs.org/api/events.html#events_emitter_on_eventname_listener)
+that returns a promise. The returned promise also has a `cancel` property
+function that can be used to remove the added listener.
+
+```js
+const common = require('../common');
+const emitter = getEventEmitter();
+const once = common.cancellableOnce.bind(emitter);
+
+const promise = once('event');
+let fired = false;
+promise.then(() => {
+  fired = true;
+});
+setTimeout(() => {
+  if (!fired) {
+    promise.cancel();
+  }
+}, 1000);
+```
+
 ### canCreateSymLink
 API to indicate whether the current running process can create
 symlinks. On Windows, this returns false if the process running
@@ -86,6 +112,14 @@ Tests whether `name` and `expected` are part of a raised warning.
 
 Checks if `pathname` exists
 
+### fires(promise[, timeoutMs])
+* promise [&lt;Promise>]
+* timeoutMs [&lt;Number>] Defaults to 100.
+* return [&lt;Promise>]
+
+Ensure `promise` resolves within `timeoutMs` milliseconds. If `promise` is
+rejected within `timeoutMs`, the returned promise is rejected to that error.
+
 ### fixturesDir
 * return [&lt;String>]
 
@@ -245,6 +279,15 @@ If `fn` is not provided, an empty function will be used.
 Returns a function that triggers an `AssertionError` if it is invoked. `msg` is
 used as the error message for the `AssertionError`.
 
+### neverFires(promise[, timeoutMs])
+* promise [&lt;Promise>]
+* timeoutMs [&lt;Number>] Defaults to 100.
+* return [&lt;Promise>]
+
+Ensure `promise` does not resolve within `timeoutMs` milliseconds. If `promise`
+is rejected within `timeoutMs`, the returned promise is rejected with that
+error.
+
 ### nodeProcessAborted(exitCode, signal)
 * `exitCode` [&lt;Number>]
 * `signal` [&lt;String>]
@@ -341,6 +384,7 @@ implementation with tests from
 [&lt;Function>]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function
 [&lt;Number>]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type
 [&lt;Object>]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object
+[&lt;Promise>]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise
 [&lt;RegExp>]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/RegExp
 [&lt;String>]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type
 [internationalization]: https://github.com/nodejs/node/wiki/Intl
diff --git a/test/common/index.js b/test/common/index.js
index 36c6579d4fed9b..3298b3d64f494f 100644
--- a/test/common/index.js
+++ b/test/common/index.js
@@ -803,3 +803,36 @@ exports.hijackStdout = hijackStdWritable.bind(null, 'stdout');
 exports.hijackStderr = hijackStdWritable.bind(null, 'stderr');
 exports.restoreStdout = restoreWritable.bind(null, 'stdout');
 exports.restoreStderr = restoreWritable.bind(null, 'stderr');
+
+exports.cancellableOnce = function(type) {
+  let cancel;
+  const promise = new Promise((resolve, reject) => {
+    this.once(type, resolve);
+    cancel = () => {
+      this.removeListener(type, resolve);
+      reject('Cancelled');
+    };
+  });
+  promise.cancel = cancel;
+  return promise;
+};
+
+const timeout = util.promisify(setTimeout);
+const successSentinel = Symbol('success');
+exports.fires = function fires(promise, timeoutMs = 100) {
+  const err = new Error('timeout');
+  return Promise.race([
+    promise,
+    timeout(timeoutMs).then(() => { throw err; })
+  ]);
+};
+exports.neverFires = async function neverFires(promise, timeoutMs = 100) {
+  const result = await Promise.race([
+    promise,
+    timeout(timeoutMs, successSentinel)
+  ]);
+  assert.strictEqual(result, successSentinel);
+  if (typeof promise.cancel === 'function') {
+    promise.cancel();
+  }
+};

From a8ebfb57b4fd8cb1d0d8ace17d825f97ca1156ae Mon Sep 17 00:00:00 2001
From: Timothy Gu <timothygu99@gmail.com>
Date: Sun, 16 Jul 2017 08:23:27 +0800
Subject: [PATCH 06/12] bug fixes

---
 lib/inspector.js       | 3 ++-
 lib/internal/errors.js | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/inspector.js b/lib/inspector.js
index 093bc46a326315..643a4175df6341 100644
--- a/lib/inspector.js
+++ b/lib/inspector.js
@@ -1,5 +1,6 @@
 'use strict';
 
+const errors = require('internal/errors');
 const EventEmitter = require('events');
 const util = require('util');
 const { isContext } = process.binding('contextify');
@@ -105,7 +106,7 @@ function checkSandbox(sandbox) {
 
 let ctxIdx = 1;
 function attachContext(sandbox, {
-  name = `vm Module Context ${ctxIdx}`,
+  name = `vm Module Context ${ctxIdx++}`,
   origin
 } = {}) {
   checkSandbox(sandbox);
diff --git a/lib/internal/errors.js b/lib/internal/errors.js
index 167c170c6e099c..bf51213c7e1dd0 100644
--- a/lib/internal/errors.js
+++ b/lib/internal/errors.js
@@ -166,7 +166,7 @@ E('ERR_NAPI_CONS_PROTOTYPE_OBJECT', 'Constructor.prototype must be an object');
 E('ERR_NO_CRYPTO', 'Node.js is not compiled with OpenSSL crypto support');
 E('ERR_PARSE_HISTORY_DATA', 'Could not parse history data in %s');
 E('ERR_SANDBOX_NOT_CONTEXTIFIED',
-  'Provided sandbox must have been converted to a context')
+  'Provided sandbox must have been converted to a context');
 E('ERR_SOCKET_ALREADY_BOUND', 'Socket is already bound');
 E('ERR_SOCKET_BAD_TYPE',
   'Bad socket type specified. Valid types are: udp4, udp6');

From fe7c4a5a34a5b664521d36feaf1c6c597ba1e74b Mon Sep 17 00:00:00 2001
From: Timothy Gu <timothygu99@gmail.com>
Date: Sun, 16 Jul 2017 08:23:15 +0800
Subject: [PATCH 07/12] tests

---
 test/inspector/test-inspector-contexts-js.js | 121 ++++++++++++++
 test/inspector/test-inspector-contexts.js    | 159 +++++++++++++++++++
 2 files changed, 280 insertions(+)
 create mode 100644 test/inspector/test-inspector-contexts-js.js
 create mode 100644 test/inspector/test-inspector-contexts.js

diff --git a/test/inspector/test-inspector-contexts-js.js b/test/inspector/test-inspector-contexts-js.js
new file mode 100644
index 00000000000000..35bd65fed03a0c
--- /dev/null
+++ b/test/inspector/test-inspector-contexts-js.js
@@ -0,0 +1,121 @@
+'use strict';
+const common = require('../common');
+const { fires, neverFires } = common;
+common.skipIfInspectorDisabled();
+const assert = require('assert');
+const { Session, attachContext, detachContext } = require('inspector');
+const { promisify } = require('util');
+const { createContext } = require('vm');
+
+common.crashOnUnhandledRejection();
+
+const session = new Session();
+const once = common.cancellableOnce.bind(session);
+const post = promisify(session.post).bind(session);
+
+async function main() {
+  session.connect();
+
+  // Basic tests.
+  {
+    const VM_CONTEXT_NAME = 'New VM Context';
+    const VM_CONTEXT_ORIGIN = 'https://nodejs.org/api/vm.html';
+
+    const sandbox = {
+      propInSandbox: 42
+    };
+    createContext(sandbox);
+
+    // Enable context tracking; receive info about default context.
+    {
+      const eventPromise = fires(once('Runtime.executionContextCreated'));
+      post('Runtime.enable');
+      const topContext = (await eventPromise).params.context;
+      assert.strictEqual(topContext.name, 'Node.js Main Context');
+      assert.strictEqual(topContext.origin, '');
+      assert.strictEqual(topContext.auxData.isDefault, true);
+    }
+
+    let vmContext;
+
+    // Attaching contextified sandbox.
+    {
+      const eventPromise = fires(once('Runtime.executionContextCreated'));
+      attachContext(sandbox, {
+        name: VM_CONTEXT_NAME,
+        origin: VM_CONTEXT_ORIGIN
+      });
+      vmContext = (await eventPromise).params.context;
+      assert.strictEqual(vmContext.name, VM_CONTEXT_NAME);
+      assert.strictEqual(vmContext.origin, VM_CONTEXT_ORIGIN);
+      assert.strictEqual(vmContext.auxData.isDefault, false);
+    }
+
+    // Evaluating expressions in the specified context.
+    {
+      const { result } = await post('Runtime.evaluate', {
+        expression: 'propInSandbox++',
+        contextId: vmContext.id
+      });
+      assert.strictEqual(result.type, 'number');
+      assert.strictEqual(result.value, 42);
+      assert.strictEqual(sandbox.propInSandbox, 43);
+    }
+
+    // Trying to attach the same context twice.
+    {
+      const eventPromise =
+          neverFires(once('Runtime.executionContextCreated'));
+      attachContext(sandbox, {
+        name: VM_CONTEXT_NAME,
+        origin: VM_CONTEXT_ORIGIN
+      });
+      await eventPromise;
+    }
+
+    // Detach context.
+    {
+      const eventPromise = fires(once('Runtime.executionContextDestroyed'));
+      detachContext(sandbox);
+      const destroyedId = (await eventPromise).params.executionContextId;
+      assert.strictEqual(destroyedId, vmContext.id);
+    }
+
+    // Trying to detach multiple times.
+    {
+      const eventPromise =
+          neverFires(once('Runtime.executionContextDestroyed'));
+      detachContext(sandbox);
+      await eventPromise;
+    }
+  }
+
+  // Default context names.
+  {
+    const contexts = [
+      createContext(),
+      createContext(),
+      createContext()
+    ];
+    const ids = new Map();
+    for (const [i, context] of contexts.entries()) {
+      const eventPromise = fires(once('Runtime.executionContextCreated'));
+      attachContext(context);
+      const info = (await eventPromise).params.context;
+      assert.strictEqual(info.name, `vm Module Context ${i + 1}`);
+      assert.strictEqual(info.origin, '');
+      assert.strictEqual(info.auxData.isDefault, false);
+      ids.set(context, info.id);
+    }
+    for (const context of contexts) {
+      const eventPromise = fires(once('Runtime.executionContextDestroyed'));
+      detachContext(context);
+      const destroyedId = (await eventPromise).params.executionContextId;
+      assert.strictEqual(destroyedId, ids.get(context));
+    }
+  }
+
+  session.disconnect();
+}
+
+main();
diff --git a/test/inspector/test-inspector-contexts.js b/test/inspector/test-inspector-contexts.js
new file mode 100644
index 00000000000000..25fe8805d22a30
--- /dev/null
+++ b/test/inspector/test-inspector-contexts.js
@@ -0,0 +1,159 @@
+'use strict';
+const common = require('../common');
+common.skipIfInspectorDisabled();
+const assert = require('assert');
+const helper = require('./inspector-helper.js');
+
+const ROOT_CONTEXT_NAME = 'Node.js Main Context';
+const ROOT_CONTEXT_ORIGIN = '';
+const VM_CONTEXT_NAME = 'New VM Context';
+const VM_CONTEXT_ORIGIN = 'https://nodejs.org/api/vm.html';
+
+let topContextId;
+let vmContextId;
+
+function setupExpectContextCreation(idx) {
+  return (message) => {
+    if (message.method === 'Runtime.executionContextCreated') {
+      const { context } = message.params;
+      assert.strictEqual(typeof context.id, 'number');
+      if (idx === 0) {
+        topContextId = context.id;
+        assert.strictEqual(context.name, ROOT_CONTEXT_NAME);
+        assert.strictEqual(context.origin, ROOT_CONTEXT_ORIGIN);
+        assert.strictEqual(context.auxData.isDefault, true);
+      } else {
+        vmContextId = context.id;
+        assert.strictEqual(context.name, VM_CONTEXT_NAME);
+        assert.strictEqual(context.origin, VM_CONTEXT_ORIGIN);
+        assert.strictEqual(context.auxData.isDefault, false);
+      }
+      return true;
+    }
+  };
+}
+
+function setupExpectBreakInContext(functionName) {
+  return (message) => {
+    if (message.method === 'Debugger.paused') {
+      if (functionName) {
+        const callFrame = message.params.callFrames[0];
+        assert.strictEqual(callFrame.functionName, functionName);
+      }
+      return true;
+    }
+  };
+}
+
+function setupExpectContextDestroyed(idx) {
+  return (message) => {
+    if (message.method === 'Runtime.executionContextDestroyed') {
+      const { executionContextId } = message.params;
+      assert.strictEqual(executionContextId,
+                         idx === 0 ? topContextId : vmContextId);
+      return true;
+    }
+  };
+}
+
+function testBreakpointInContext(session) {
+  console.log('[test]',
+              'Verifying debugger stops on start (--inspect-brk option)');
+  const commands = [
+    { 'method': 'Runtime.enable' },
+    { 'method': 'Debugger.enable' },
+    { 'method': 'Runtime.runIfWaitingForDebugger' },
+  ];
+  const messages = [
+    setupExpectContextCreation(0),
+    setupExpectContextCreation(1),
+    setupExpectBreakInContext('testfn'),
+  ];
+  session
+    .sendInspectorCommands(commands)
+    .expectMessages(messages);
+}
+
+function resume(session) {
+  console.log('[test]', 'Resuming and waiting for pause');
+  session
+    .sendInspectorCommands({ 'method': 'Debugger.resume' })
+    .expectMessages(setupExpectBreakInContext());
+}
+
+function testEvaluateInContext(session) {
+  console.log('[test]', 'Evaluate in VM context');
+  session.sendInspectorCommands([
+    [
+      { method: 'Runtime.evaluate',
+        params: { expression: 'propInSandbox++',
+                  contextId: vmContextId } },
+      ({ result }) => {
+        assert.strictEqual(result.type, 'number');
+        assert.strictEqual(result.value, 42);
+      }
+    ],
+    [
+      { method: 'Runtime.evaluate',
+        params: { expression: 'sandbox.propInSandbox' } },
+      ({ result }) => {
+        assert.strictEqual(result.type, 'number');
+        assert.strictEqual(result.value, 43);
+      }
+    ]
+  ]);
+}
+
+function testDetachContext(session) {
+  console.log('[test]', 'Verify V8 acknowledges context detachment');
+  session
+    .sendInspectorCommands({ 'method': 'Debugger.resume' })
+    .expectMessages([
+      setupExpectContextDestroyed(1),
+      setupExpectBreakInContext()
+    ]);
+}
+
+function resumeAndTerminate(session) {
+  session
+    .sendInspectorCommands({ 'method': 'Debugger.resume'})
+    .disconnect(true);
+}
+
+function runTests(harness) {
+  harness
+    .runFrontendSession([
+      testBreakpointInContext,
+      resume,
+      testEvaluateInContext,
+      testDetachContext,
+      resumeAndTerminate
+    ]).expectShutDown(0);
+}
+
+const script = `
+'use strict';
+const { attachContext, detachContext } = require('inspector');
+const { createContext, runInContext } = require('vm');
+
+const sandbox = {
+  propInSandbox: 42
+};
+createContext(sandbox);
+
+attachContext(sandbox, {
+  name: ${JSON.stringify(VM_CONTEXT_NAME)},
+  origin: ${JSON.stringify(VM_CONTEXT_ORIGIN)}
+});
+runInContext(\`
+  function testfn() {
+    debugger;
+  }
+  testfn();
+\`, sandbox);
+debugger;
+detachContext(sandbox);
+debugger;
+`;
+
+helper.startNodeForInspectorTest(runTests, '--inspect-brk', script);

From 0352a48f8f8e8e6cb5bf158694b4ed9dc3c2b560 Mon Sep 17 00:00:00 2001
From: Timothy Gu <timothygu99@gmail.com>
Date: Sun, 16 Jul 2017 22:28:48 +0800
Subject: [PATCH 08/12] contextAttached

---
 lib/inspector.js       |  9 ++++++++-
 src/inspector_agent.cc | 37 ++++++++++++++++++++++++++++++++-----
 src/inspector_agent.h  |  1 +
 3 files changed, 41 insertions(+), 6 deletions(-)

diff --git a/lib/inspector.js b/lib/inspector.js
index 643a4175df6341..cbfe5d3d756cd6 100644
--- a/lib/inspector.js
+++ b/lib/inspector.js
@@ -8,6 +8,7 @@ const {
   connect,
   open,
   url,
+  contextAttached: _contextAttached,
   attachContext: _attachContext,
   detachContext: _detachContext
 } = process.binding('inspector');
@@ -126,11 +127,17 @@ function detachContext(sandbox) {
   _detachContext(sandbox);
 }
 
+function contextAttached(sandbox) {
+  checkSandbox(sandbox);
+  return _contextAttached(sandbox);
+}
+
 module.exports = {
   open: (port, host, wait) => open(port, host, !!wait),
   close: process._debugEnd,
   url: url,
   Session,
   attachContext,
-  detachContext
+  detachContext,
+  contextAttached
 };
diff --git a/src/inspector_agent.cc b/src/inspector_agent.cc
index 57d1d6f1a6ab8c..719ea47c68bb14 100644
--- a/src/inspector_agent.cc
+++ b/src/inspector_agent.cc
@@ -422,6 +422,28 @@ void AttachContext(const v8::FunctionCallbackInfo<v8::Value>& args) {
   env->inspector_agent()->ContextCreated(info);
 }
 
+void ContextAttached(const v8::FunctionCallbackInfo<v8::Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+  if (!args[0]->IsObject()) {
+    env->ThrowTypeError("sandbox must be an object");
+    return;
+  }
+  Local<Object> sandbox = args[0].As<Object>();
+  ContextifyContext* contextify_context =
+      ContextifyContext::ContextFromContextifiedSandbox(env, sandbox);
+  if (contextify_context == nullptr) {
+    return env->ThrowTypeError(
+        "sandbox argument must have been converted to a context.");
+  }
+
+  if (contextify_context->context().IsEmpty())
+    return;
+
+  args.GetReturnValue().Set(
+      env->inspector_agent()->ContextRegistered(
+          contextify_context->context()));
+}
+
 void DetachContext(const v8::FunctionCallbackInfo<v8::Value>& args) {
   Environment* env = Environment::GetCurrent(args);
   if (!args[0]->IsObject()) {
@@ -621,14 +643,18 @@ Agent::Agent(Environment* env) : parent_env_(env),
 Agent::~Agent() {
 }
 
-bool Agent::ContextCreated(const node::inspector::ContextInfo* info) {
-  auto isolate = parent_env_->isolate();
+bool Agent::ContextRegistered(Local<Context> context) {
   auto it = std::find_if(
       contexts_.begin(), contexts_.end(),
-      [&] (const node::inspector::ContextInfo*& cur) {
-        return cur->context(isolate) == info->context(isolate);
+      [&] (const node::inspector::ContextInfo*& info) {
+        return info->context(parent_env_->isolate()) == context;
       });
-  if (it != contexts_.end()) {
+  return it != contexts_.end();
+}
+
+bool Agent::ContextCreated(const node::inspector::ContextInfo* info) {
+  auto isolate = parent_env_->isolate();
+  if (ContextRegistered(info->context(isolate))) {
     return false;
   }
   contexts_.push_back(info);
@@ -822,6 +848,7 @@ void Agent::InitInspector(Local<Object> target, Local<Value> unused,
   Environment* env = Environment::GetCurrent(context);
   Agent* agent = env->inspector_agent();
   env->SetMethod(target, "consoleCall", InspectorConsoleCall);
+  env->SetMethod(target, "contextAttached", ContextAttached);
   env->SetMethod(target, "attachContext", AttachContext);
   env->SetMethod(target, "detachContext", DetachContext);
   if (agent->debug_options_.wait_for_connect())
diff --git a/src/inspector_agent.h b/src/inspector_agent.h
index 5a429cca09f772..5cf545f7f03ffc 100644
--- a/src/inspector_agent.h
+++ b/src/inspector_agent.h
@@ -88,6 +88,7 @@ class Agent {
   // Stop and destroy io_
   void Stop();
 
+  bool ContextRegistered(v8::Local<v8::Context> context);
   bool ContextCreated(const node::inspector::ContextInfo* info);
   void ContextDestroyed(v8::Local<v8::Context> context);
 

From 06f635b30ad9ce141819cb48d1130fae76e98c05 Mon Sep 17 00:00:00 2001
From: Timothy Gu <timothygu99@gmail.com>
Date: Sun, 16 Jul 2017 22:42:42 +0800
Subject: [PATCH 09/12] contextAttached tests

---
 test/inspector/test-inspector-contexts-js.js | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/test/inspector/test-inspector-contexts-js.js b/test/inspector/test-inspector-contexts-js.js
index 35bd65fed03a0c..48f7c27fec90ca 100644
--- a/test/inspector/test-inspector-contexts-js.js
+++ b/test/inspector/test-inspector-contexts-js.js
@@ -3,7 +3,12 @@ const common = require('../common');
 const { fires, neverFires } = common;
 common.skipIfInspectorDisabled();
 const assert = require('assert');
-const { Session, attachContext, detachContext } = require('inspector');
+const {
+  Session,
+  attachContext,
+  detachContext,
+  contextAttached
+} = require('inspector');
 const { promisify } = require('util');
 const { createContext } = require('vm');
 
@@ -49,6 +54,7 @@ async function main() {
       assert.strictEqual(vmContext.name, VM_CONTEXT_NAME);
       assert.strictEqual(vmContext.origin, VM_CONTEXT_ORIGIN);
       assert.strictEqual(vmContext.auxData.isDefault, false);
+      assert.strictEqual(contextAttached(sandbox), true);
     }
 
     // Evaluating expressions in the specified context.
@@ -71,6 +77,7 @@ async function main() {
         origin: VM_CONTEXT_ORIGIN
       });
       await eventPromise;
+      assert.strictEqual(contextAttached(sandbox), true);
     }
 
     // Detach context.
@@ -79,6 +86,7 @@ async function main() {
       detachContext(sandbox);
       const destroyedId = (await eventPromise).params.executionContextId;
       assert.strictEqual(destroyedId, vmContext.id);
+      assert.strictEqual(contextAttached(sandbox), false);
     }
 
     // Trying to detach multiple times.
@@ -87,6 +95,7 @@ async function main() {
           neverFires(once('Runtime.executionContextDestroyed'));
       detachContext(sandbox);
       await eventPromise;
+      assert.strictEqual(contextAttached(sandbox), false);
     }
   }
 

From fc7d4085bba9ce4a7a9defd038ff168f4854143f Mon Sep 17 00:00:00 2001
From: Timothy Gu <timothygu99@gmail.com>
Date: Sun, 16 Jul 2017 22:43:04 +0800
Subject: [PATCH 10/12] auto attachment from runInContext

Not recommended for multiple runs on the same context.
---
 lib/vm.js                                    | 29 +++++--
 test/inspector/test-inspector-contexts-js.js | 89 +++++++++++++++++++-
 2 files changed, 112 insertions(+), 6 deletions(-)

diff --git a/lib/vm.js b/lib/vm.js
index 5bee450becec8b..5050e36298537b 100644
--- a/lib/vm.js
+++ b/lib/vm.js
@@ -23,6 +23,13 @@
 
 const binding = process.binding('contextify');
 const Script = binding.ContextifyScript;
+const { contextAttached, attachContext, detachContext } = (() => {
+  try {
+    return require('inspector');
+  } catch (err) {
+    return {};
+  }
+})();
 
 // The binding provides a few useful primitives:
 // - Script(code, { filename = "evalmachine.anonymous",
@@ -46,11 +53,23 @@ Script.prototype.runInThisContext = function(options) {
 };
 
 Script.prototype.runInContext = function(contextifiedSandbox, options) {
-  if (options && options.breakOnSigint && process._events.SIGINT) {
-    return sigintHandlersWrap(realRunInContext, this,
-                              [contextifiedSandbox, options]);
-  } else {
-    return realRunInContext.call(this, contextifiedSandbox, options);
+  const needToAttach = contextAttached &&
+                       !(options && options.doNotInformInspector) &&
+                       !contextAttached(contextifiedSandbox);
+  if (needToAttach) {
+    attachContext(contextifiedSandbox);
+  }
+  try {
+    if (options && options.breakOnSigint && process._events.SIGINT) {
+      return sigintHandlersWrap(realRunInContext, this,
+                                [contextifiedSandbox, options]);
+    } else {
+      return realRunInContext.call(this, contextifiedSandbox, options);
+    }
+  } finally {
+    if (needToAttach) {
+      detachContext(contextifiedSandbox);
+    }
   }
 };
 
diff --git a/test/inspector/test-inspector-contexts-js.js b/test/inspector/test-inspector-contexts-js.js
index 48f7c27fec90ca..0fea5f530c4d52 100644
--- a/test/inspector/test-inspector-contexts-js.js
+++ b/test/inspector/test-inspector-contexts-js.js
@@ -10,7 +10,7 @@ const {
   contextAttached
 } = require('inspector');
 const { promisify } = require('util');
-const { createContext } = require('vm');
+const { createContext, runInContext } = require('vm');
 
 common.crashOnUnhandledRejection();
 
@@ -97,6 +97,43 @@ async function main() {
       await eventPromise;
       assert.strictEqual(contextAttached(sandbox), false);
     }
+
+    // Re-attaching contextified sandbox.
+    {
+      const VM_CONTEXT_NAME = 'New VM Context';
+      const VM_CONTEXT_ORIGIN = 'https://nodejs.org/api/vm.html';
+
+      const eventPromise = fires(once('Runtime.executionContextCreated'));
+      attachContext(sandbox, {
+        name: VM_CONTEXT_NAME,
+        origin: VM_CONTEXT_ORIGIN
+      });
+      vmContext = (await eventPromise).params.context;
+      assert.strictEqual(vmContext.name, VM_CONTEXT_NAME);
+      assert.strictEqual(vmContext.origin, VM_CONTEXT_ORIGIN);
+      assert.strictEqual(vmContext.auxData.isDefault, false);
+      assert.strictEqual(contextAttached(sandbox), true);
+    }
+
+    // Evaluating expressions in the specified context.
+    {
+      const { result } = await post('Runtime.evaluate', {
+        expression: 'propInSandbox++',
+        contextId: vmContext.id
+      });
+      assert.strictEqual(result.type, 'number');
+      assert.strictEqual(result.value, 43);
+      assert.strictEqual(sandbox.propInSandbox, 44);
+    }
+
+    // Detach context.
+    {
+      const eventPromise = fires(once('Runtime.executionContextDestroyed'));
+      detachContext(sandbox);
+      const destroyedId = (await eventPromise).params.executionContextId;
+      assert.strictEqual(destroyedId, vmContext.id);
+      assert.strictEqual(contextAttached(sandbox), false);
+    }
   }
 
   // Default context names.
@@ -124,6 +161,56 @@ async function main() {
     }
   }
 
+  // Automatic attachment from vm.runInContext.
+  {
+    const sandbox = {
+      propInSandbox: 42
+    };
+    createContext(sandbox);
+    {
+      const createdPromise = fires(once('Runtime.executionContextCreated'));
+      const destroyedPromise = fires(once('Runtime.executionContextDestroyed'));
+      const result = runInContext('propInSandbox++', sandbox);
+      assert.strictEqual(result, 42);
+      assert.strictEqual(sandbox.propInSandbox, 43);
+      await createdPromise;
+      await destroyedPromise;
+      assert.strictEqual(contextAttached(sandbox), false);
+    }
+
+    // doNotInformInspector
+    {
+      const createdPromise =
+          neverFires(once('Runteme.executionContextCreated'));
+      const destroyedPromise =
+          neverFires(once('Runtime.executionContextDestroyed'));
+      const result = runInContext('propInSandbox++', sandbox, {
+        doNotInformInspector: true
+      });
+      assert.strictEqual(result, 43);
+      assert.strictEqual(sandbox.propInSandbox, 44);
+      await createdPromise;
+      await destroyedPromise;
+      assert.strictEqual(contextAttached(sandbox), false);
+    }
+
+    // Do not try to attach or detach when sandbox is already attached.
+    attachContext(sandbox);
+    {
+      const createdPromise =
+          neverFires(once('Runtime.executionContextCreated'));
+      const destroyedPromise =
+          neverFires(once('Runtime.executionContextDestroyed'));
+      const result = runInContext('propInSandbox++', sandbox);
+      assert.strictEqual(result, 44);
+      assert.strictEqual(sandbox.propInSandbox, 45);
+      await createdPromise;
+      await destroyedPromise;
+      assert.strictEqual(contextAttached(sandbox), true);
+    }
+    detachContext(sandbox);
+  }
+
   session.disconnect();
 }
 

From a0c6f685c1b27687a4ef4e220ead003e353ff686 Mon Sep 17 00:00:00 2001
From: Timothy Gu <timothygu99@gmail.com>
Date: Mon, 17 Jul 2017 10:15:37 +0800
Subject: [PATCH 11/12] Add docs

---
 doc/api/inspector.md | 41 +++++++++++++++++++++++++++++++++++++++++
 doc/api/vm.md        | 44 ++++++++++++++++++++++++++++++++++++++++++++
 lib/inspector.js     | 18 +++++++++---------
 3 files changed, 94 insertions(+), 9 deletions(-)

diff --git a/doc/api/inspector.md b/doc/api/inspector.md
index 00fc927d0d35ee..5ffa3332302493 100644
--- a/doc/api/inspector.md
+++ b/doc/api/inspector.md
@@ -10,6 +10,45 @@ It can be accessed using:
 const inspector = require('inspector');
 ```
 
+## inspector.attachContext(contextifiedSandbox[, options])
+
+* `contextifiedSandbox` {Object} The [contextified][] object to attach to the
+  inspector.
+* `options` {Object}
+  * `name` {string} Name of the context. If not specified, a default name `vm
+    Module Context ${idx}` where `idx` is the incrementing index corresponding
+    to this call will be used.
+  * `origin` {string} URL of the webpage this context corresponds to. Defaults
+    to `false`.
+<!--
+  TODO
+  * `console` {string} Controls whether the V8 console will be available.
+    Defaults to `'merge'`.
+-->
+
+Make inspector aware of the specified context. This allows code running in that
+context to be debugged, including support for [`debugger` statement][]. If the
+context is already being tracked by inspector, this function is a no-op.
+
+*Note:* Calling this function will prevent `contextifiedSandbox` from being
+garbage collected. To prevent memory leaks, [`inspector.detachContext()`][]
+*must* be called after work on the context has been completed.
+
+## inspector.contextAttached(contextifiedSandbox)
+
+* `contextifiedSandbox` {Object} A [contextified][] object
+* Returns: {boolean}
+
+Check if the specified context is attached to V8 inspector.
+
+## inspector.detachContext(contextifiedSandbox)
+
+* `contextifiedSandbox` {Object} The [contextified][] object to detach from
+  inspector
+
+Inform the V8 inspector that the context has been destroyed. If the context is
+not being tracked by inspector, this function is a no-op.
+
 ## inspector.open([port[, host[, wait]]])
 
 * port {number} Port to listen on for inspector connections. Optional,
@@ -135,6 +174,8 @@ messages again. Reconnected session will lose all inspector state, such as
 enabled agents or configured breakpoints.
 
 
+[contextified]: vm.html#vm_what_does_it_mean_to_contextify_an_object
+[`debugger` statement]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/debugger
 [`session.connect()`]: #inspector_session_connect
 [`Debugger.paused`]: https://chromedevtools.github.io/devtools-protocol/v8/Debugger/#event-paused
 [`EventEmitter`]: events.html#events_class_eventemitter
diff --git a/doc/api/vm.md b/doc/api/vm.md
index 42046e01191b51..a6f50b00a19d01 100644
--- a/doc/api/vm.md
+++ b/doc/api/vm.md
@@ -94,12 +94,28 @@ changes:
     event that have been attached via `process.on("SIGINT")` will be disabled
     during script execution, but will continue to work after that.
     If execution is terminated, an [`Error`][] will be thrown.
+  * `doNotInformInspector` {boolean} If `true`, do not try to attach the
+    context to inspector. Debugging with `--inspect` will not work for code in
+    the context in that case.
 
 
 Runs the compiled code contained by the `vm.Script` object within the given
 `contextifiedSandbox` and returns the result. Running code does not have access
 to local scope.
 
+By default, this function checks if inspector was already aware of the context
+(if support for inspector is available in the Node.js build). If not, and if
+`doNotInformInspector` is not specified, this function attaches it to inspector
+using [`inspector.attachContext()`][], and detaches it before returning.
+However, *it is still recommended that you handle context attachment and
+detachment manually,* since:
+
+1. Asynchronous code running in the context would still not have inspector
+   debugging support, if relying on automatic attachment provided by this
+   function.
+2. Attaching and detaching per `runInContext()` run can have a significant
+   performance cost if this is done for the same context again and again.
+
 The following example compiles code that increments a global variable, sets
 the value of another global variable, then execute the code multiple times.
 The globals are contained in the `sandbox` object.
@@ -149,11 +165,23 @@ added: v0.3.1
   * `timeout` {number} Specifies the number of milliseconds to execute `code`
     before terminating execution. If execution is terminated, an [`Error`][]
     will be thrown.
+  * `doNotInformInspector` {boolean} If `true`, do not try to attach the
+    context to inspector. Debugging with `--inspect` will not work for code in
+    the context in that case.
 
 First contextifies the given `sandbox`, runs the compiled code contained by
 the `vm.Script` object within the created sandbox, and returns the result.
 Running code does not have access to local scope.
 
+By default, if support for inspector is available in the Node.js build, and if
+`doNotInformInspector` is not specified, this function attaches the new context
+to inspector using [`inspector.attachContext()`][], and detaches it before
+returning. However, if debugging supported is desired, *it is recommended that
+you handle context creation, attachment to inspector, and detachment from
+inspector manually,* since asynchronous code running in the context would still
+not have inspector debugging support, if relying on automatic attachment
+provided by this function.
+
 The following example compiles code that sets a global variable, then executes
 the code multiple times in different contexts. The globals are set on and
 contained within each individual `sandbox`.
@@ -284,12 +312,28 @@ Returns `true` if the given `sandbox` object has been [contextified][] using
   * `timeout` {number} Specifies the number of milliseconds to execute `code`
     before terminating execution. If execution is terminated, an [`Error`][]
     will be thrown.
+  * `doNotInformInspector` {boolean} If `true`, do not try to attach the
+    context to inspector. Debugging with `--inspect` will not work for code in
+    the context in that case.
 
 The `vm.runInContext()` method compiles `code`, runs it within the context of
 the `contextifiedSandbox`, then returns the result. Running code does not have
 access to the local scope. The `contextifiedSandbox` object *must* have been
 previously [contextified][] using the [`vm.createContext()`][] method.
 
+By default, this function checks if inspector was already aware of the context
+(if support for inspector is available in the Node.js build). If not, and if
+`doNotInformInspector` is not specified, this function attaches it to inspector
+using [`inspector.attachContext()`][], and detaches it before returning.
+However, *it is still recommended that you handle context attachment and
+detachment manually,* since:
+
+1. Asynchronous code running in the context would still not have inspector
+   debugging support, if relying on automatic attachment provided by this
+   function.
+2. Attaching and detaching per `runInContext()` run can have a significant
+   performance cost if this is done for the same context again and again.
+
 The following example compiles and executes different scripts using a single
 [contextified][] object:
 
diff --git a/lib/inspector.js b/lib/inspector.js
index cbfe5d3d756cd6..34a24056c61781 100644
--- a/lib/inspector.js
+++ b/lib/inspector.js
@@ -106,11 +106,11 @@ function checkSandbox(sandbox) {
 }
 
 let ctxIdx = 1;
-function attachContext(sandbox, {
+function attachContext(contextifiedSandbox, {
   name = `vm Module Context ${ctxIdx++}`,
   origin
 } = {}) {
-  checkSandbox(sandbox);
+  checkSandbox(contextifiedSandbox);
   if (typeof name !== 'string') {
     throw new errors.TypeError('ERR_INVALID_ARG_TYPE', 'options.name',
                                'string', name);
@@ -119,17 +119,17 @@ function attachContext(sandbox, {
     throw new errors.TypeError('ERR_INVALID_ARG_TYPE', 'options.origin',
                                'string', origin);
   }
-  _attachContext(sandbox, name, origin);
+  _attachContext(contextifiedSandbox, name, origin);
 }
 
-function detachContext(sandbox) {
-  checkSandbox(sandbox);
-  _detachContext(sandbox);
+function detachContext(contextifiedSandbox) {
+  checkSandbox(contextifiedSandbox);
+  _detachContext(contextifiedSandbox);
 }
 
-function contextAttached(sandbox) {
-  checkSandbox(sandbox);
-  return _contextAttached(sandbox);
+function contextAttached(contextifiedSandbox) {
+  checkSandbox(contextifiedSandbox);
+  return _contextAttached(contextifiedSandbox);
 }
 
 module.exports = {

From 15a8ff8f52a8e01f41e773ea1f4e970976625aac Mon Sep 17 00:00:00 2001
From: Timothy Gu <timothygu99@gmail.com>
Date: Mon, 17 Jul 2017 13:06:23 +0800
Subject: [PATCH 12/12] vm: support binding a script to a context

---
 doc/api/vm.md                                 |   5 +
 lib/vm.js                                     |  22 +++-
 src/node_contextify.cc                        |  43 ++++++++
 .../test-vm-inspector-scriptparsed-context.js | 104 ++++++++++++++++++
 4 files changed, 173 insertions(+), 1 deletion(-)
 create mode 100644 test/parallel/test-vm-inspector-scriptparsed-context.js

diff --git a/doc/api/vm.md b/doc/api/vm.md
index a6f50b00a19d01..44924317232ff7 100644
--- a/doc/api/vm.md
+++ b/doc/api/vm.md
@@ -59,6 +59,11 @@ changes:
     `cachedData` property of the returned `vm.Script` instance.
     The `cachedDataProduced` value will be set to either `true` or `false`
     depending on whether code cache data is produced successfully.
+  * `contextifiedSandbox` {Object} A [contextified][] sandbox to associate with
+    the current script. This does not bind the created script to this context
+    (i.e. `runInContext` still works with all contexts), but merely informs V8
+    (and V8 inspector) that the script is associated with the context. Defaults
+    to the current context.
 
 Creating a new `vm.Script` object compiles `code` but does not run it. The
 compiled `vm.Script` can be run later multiple times. It is important to note
diff --git a/lib/vm.js b/lib/vm.js
index 5050e36298537b..1eb17535cce7f7 100644
--- a/lib/vm.js
+++ b/lib/vm.js
@@ -123,12 +123,32 @@ function runInDebugContext(code) {
 }
 
 function runInContext(code, contextifiedSandbox, options) {
+  options = Object.assign({}, options, {
+    contextifiedSandbox
+  });
   return createScript(code, options)
     .runInContext(contextifiedSandbox, options);
 }
 
 function runInNewContext(code, sandbox, options) {
-  return createScript(code, options).runInNewContext(sandbox, options);
+  sandbox = createContext(sandbox);
+  const needToAttach = contextAttached &&
+                       !(options && options.doNotInformInspector) &&
+                       !contextAttached(sandbox);
+  if (needToAttach) {
+    attachContext(sandbox);
+  }
+  try {
+    options = Object.assign({}, options, {
+      contextifiedSandbox: sandbox,
+      doNotInformInspector: true
+    });
+    return createScript(code, options).runInNewContext(sandbox, options);
+  } finally {
+    if (needToAttach) {
+      detachContext(sandbox);
+    }
+  }
 }
 
 function runInThisContext(code, options) {
diff --git a/src/node_contextify.cc b/src/node_contextify.cc
index 0b8f9c27f6c2fa..137e0e4a5715bb 100644
--- a/src/node_contextify.cc
+++ b/src/node_contextify.cc
@@ -537,6 +537,7 @@ class ContextifyScript : public BaseObject {
     Maybe<bool> maybe_display_errors = GetDisplayErrorsArg(env, options);
     MaybeLocal<Uint8Array> cached_data_buf = GetCachedData(env, options);
     Maybe<bool> maybe_produce_cached_data = GetProduceCachedData(env, options);
+    MaybeLocal<Context> maybe_context = GetContext(env, options);
     if (try_catch.HasCaught()) {
       try_catch.ReThrow();
       return;
@@ -565,6 +566,11 @@ class ContextifyScript : public BaseObject {
     else if (produce_cached_data)
       compile_options = ScriptCompiler::kProduceCodeCache;
 
+    Context::Scope scope(
+        maybe_context.IsEmpty() ?
+            env->context() :
+            maybe_context.ToLocalChecked());
+
     MaybeLocal<UnboundScript> v8_script = ScriptCompiler::CompileUnboundScript(
         env->isolate(),
         &source,
@@ -917,6 +923,43 @@ class ContextifyScript : public BaseObject {
     return value->ToInteger(env->context());
   }
 
+  static MaybeLocal<Context> GetContext(Environment* env,
+                                        Local<Value> options) {
+    if (!options->IsObject())
+      return MaybeLocal<Context>();
+
+    MaybeLocal<Value> maybe_value =
+      options.As<Object>()->Get(
+          env->context(),
+          FIXED_ONE_BYTE_STRING(env->isolate(), "contextifiedSandbox"));
+    if (maybe_value.IsEmpty())
+      return MaybeLocal<Context>();
+
+    Local<Value> value = maybe_value.ToLocalChecked();
+    if (!value->IsObject()) {
+      if (!value->IsNullOrUndefined()) {
+        env->ThrowTypeError(
+            "contextifiedSandbox property must be an object.");
+      }
+      return MaybeLocal<Context>();
+    }
+
+    ContextifyContext* sandbox =
+        ContextifyContext::ContextFromContextifiedSandbox(
+            env, value.As<Object>());
+    if (!sandbox) {
+      env->ThrowTypeError(
+          "contextifiedSandbox property must have been converted to a "
+          "context.");
+      return MaybeLocal<Context>();
+    }
+
+    Local<Context> context = sandbox->context();
+    if (context.IsEmpty())
+      return MaybeLocal<Context>();
+    return context;
+  }
+
 
   static bool EvalMachine(Environment* env,
                           const int64_t timeout,
diff --git a/test/parallel/test-vm-inspector-scriptparsed-context.js b/test/parallel/test-vm-inspector-scriptparsed-context.js
new file mode 100644
index 00000000000000..130b9b48f22422
--- /dev/null
+++ b/test/parallel/test-vm-inspector-scriptparsed-context.js
@@ -0,0 +1,104 @@
+'use strict';
+const common = require('../common');
+const { fires, neverFires } = common;
+common.skipIfInspectorDisabled();
+const assert = require('assert');
+const {
+  Session,
+  attachContext,
+  detachContext
+} = require('inspector');
+const { promisify } = require('util');
+const {
+  Script,
+  createContext,
+  runInContext,
+  runInNewContext,
+  runInThisContext
+} = require('vm');
+
+common.crashOnUnhandledRejection();
+
+const session = new Session();
+const once = common.cancellableOnce.bind(session);
+const post = promisify(session.post).bind(session);
+
+async function main() {
+  session.connect();
+
+  post('Debugger.enable');
+
+  // Get info about default context.
+  let topContext;
+  {
+    const eventPromise = fires(once('Runtime.executionContextCreated'));
+    post('Runtime.enable');
+    topContext = (await eventPromise).params.context;
+    assert.strictEqual(topContext.auxData.isDefault, true);
+  }
+
+  // Create sandbox for use later.
+  const sandbox = createContext();
+  let vmContext;
+  {
+    const eventPromise = fires(once('Runtime.executionContextCreated'));
+    attachContext(sandbox);
+    vmContext = (await eventPromise).params.context;
+  }
+
+  // Script
+  {
+    // Bind to current context by default
+    {
+      const eventPromise = fires(once('Debugger.scriptParsed'));
+      new Script('Array;');
+      const { params } = await eventPromise;
+      assert.strictEqual(params.executionContextId, topContext.id);
+    }
+
+    // Bind to selected context
+    {
+      const eventPromise = fires(once('Debugger.scriptParsed'));
+      new Script('Array;', {
+        contextifiedSandbox: sandbox
+      });
+      const { params } = await eventPromise;
+      assert.strictEqual(params.executionContextId, vmContext.id);
+    }
+  }
+
+  // runInContext: Bind script to specified context.
+  {
+    const eventPromise = fires(once('Debugger.scriptParsed'));
+    runInContext('Array;', sandbox);
+    const { params } = await eventPromise;
+    assert.strictEqual(params.executionContextId, vmContext.id);
+  }
+
+  // runInNewContext: Bind script to new context.
+  {
+    const createdPromise =
+        fires(once('Runtime.executionContextCreated'));
+    const destroyedPromise =
+        fires(once('Runtime.executionContextDestroyed'));
+    const eventPromise = fires(once('Debugger.scriptParsed'));
+    runInNewContext('Array;', {});
+    await createdPromise;
+    const { params } = await eventPromise;
+    assert.notStrictEqual(params.executionContextId, topContext.id);
+    assert.notStrictEqual(params.executionContextId, vmContext.id);
+    await destroyedPromise;
+  }
+
+  // runInThisContext: Bind script to current context.
+  {
+    const eventPromise = fires(once('Debugger.scriptParsed'));
+    runInThisContext('Array;');
+    const { params } = await eventPromise;
+    assert.strictEqual(params.executionContextId, topContext.id);
+  }
+
+  session.disconnect();
+}
+
+main();