Null-check LocalFrame::Client() before accessing in LocalWindowProxy

When the frame has already been detached, Client() will be nullptr.
Since we can call LocalWindowProxy methods even when detached,
e.g. through ToV8ContextEvenIfDetached(), we should null-check the client.

This is a band-aid fix, because we actually should not initialize context
on a detached frame and change ToV8ContextEvenIfDetached to never force
context. However, the proper solution has many risks and needs additional
investigation.

Bug: 805882
Change-Id: Idcd6bbc0e6eec9b2de53acfb646b30bd9636d797
Reviewed-on: https://chromium-review.googlesource.com/949603
Commit-Queue: Dmitry Gozman <dgozman@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Yuki Shiino <yukishiino@chromium.org>
Cr-Commit-Position: refs/heads/master@{#543266}

third_party/WebKit/Source/bindings/core/v8/LocalWindowProxy.cpp

@@ -77,6 +77,9 @@ void LocalWindowProxy::DisposeContext(Lifecycle next_status,
   // The embedder could run arbitrary code in response to the
   // willReleaseScriptContext callback, so all disposing should happen after
   // it returns.
+  // TODO(yukishiino): Apparently, we can create context for a detached frame
+  // (see comment in CreateContext), but then we do not dispose it. We should
+  // make sure that create/dispose operations are balanced.
   GetFrame()->Client()->WillReleaseScriptContext(context, world_->GetWorldId());
   MainThreadDebugger::Instance()->ContextWillBeDestroyed(script_state_.get());
 
@@ -170,7 +173,12 @@ void LocalWindowProxy::Initialize() {
                  GetFrame()->IsMainFrame());
     MainThreadDebugger::Instance()->ContextCreated(script_state_.get(),
                                                    GetFrame(), origin);
-    GetFrame()->Client()->DidCreateScriptContext(context, world_->GetWorldId());
+    // TODO(yukishiino): Remove this client check, we should not create context
+    // on a frame without client.
+    if (GetFrame()->Client()) {
+      GetFrame()->Client()->DidCreateScriptContext(context,
+                                                   world_->GetWorldId());
+    }
   }
 
   InstallConditionalFeatures();
@@ -189,7 +197,9 @@ void LocalWindowProxy::CreateContext() {
 
   Vector<const char*> extension_names;
   // Dynamically tell v8 about our extensions now.
-  if (GetFrame()->Client()->AllowScriptExtensions()) {
+  // TODO(yukishiino): Remove this client check, we should not create context
+  // on a frame without client.
+  if (GetFrame()->Client() && GetFrame()->Client()->AllowScriptExtensions()) {
     const V8Extensions& extensions = ScriptController::RegisteredExtensions();
     extension_names.ReserveInitialCapacity(extensions.size());
     for (const auto* extension : extensions)