There are two calls in _evaluate that need to go.

The first call here is equivalent to checking JS_IsGlobalObject and for the second one JS::CurrentGlobalOrNull(cx) preserves behavior because we wrapped the object into the current compartment. This is written in a bit of a defensive style because I doubt we have great tests for this.

Comment on attachment 8994190 [details] [diff] [review] Stop using js::GetGlobalForObjectCrossCompartment in NPAPI code r=me. Might be worth adding a comment that the return value of nsNPObjWrapper::GetNewOrUsed is always in the compartment the passed-in JSContext is in. That would make it clear why expect the equality in the release assert to hold.

(In reply to Boris Zbarsky [:bz] (no decent commit message means r-) from comment #2) > r=me. Might be worth adding a comment that the return value of > nsNPObjWrapper::GetNewOrUsed is always in the compartment the passed-in > JSContext is in. That would make it clear why expect the equality in the > release assert to hold. OK, will add a comment to both the nsNPObjWrapper::GetNewOrUsed definition and near the MOZ_RELEASE_ASSERT.

Pushed by jandemooij@gmail.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/4cd287c3f96f Stop using js::GetGlobalForObjectCrossCompartment in NPAPI code. r=bz