[inspector] warmup dom bindings before calling anything on them

We try to prevent side effects by forbidding running any JavaScript
when we get property from node object.
In case of object node it is possible that by calling property we force
internal object initialization which may force creation of new context,
this initialization can not be made with forbided JavaScript and at the
same time is side effect free.
As workaround we can warmup dom objects first and then generate
description.

R=dgozman@chromium.org

Bug: chromium:827585
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ifd2c6317ffd5cb3822d2a2eedf3d0b0f36a201f1
Reviewed-on: https://chromium-review.googlesource.com/1041078Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54505}

src/inspector/injected-script-source.js

@@ -594,6 +594,9 @@ InjectedScript.prototype = {
             return toString(obj);
 
         if (subtype === "node") {
+            // We should warmup blink dom binding before calling anything,
+            // see (crbug.com/827585) for details.
+            InjectedScriptHost.getOwnPropertyDescriptor(/** @type {!Object} */(obj), "nodeName");
             var description = "";
             var nodeName = InjectedScriptHost.getProperty(obj, "nodeName");
             if (nodeName) {