diff -Nru webkit2gtk-2.20.2/debian/changelog webkit2gtk-2.20.3/debian/changelog --- webkit2gtk-2.20.2/debian/changelog 2018-05-07 11:41:30.000000000 +0000 +++ webkit2gtk-2.20.3/debian/changelog 2018-06-12 09:58:42.000000000 +0000 @@ -1,3 +1,24 @@ +webkit2gtk (2.20.3-1) unstable; urgency=high + + * New upstream release. + + This fixes CVE-2018-4190, CVE-2018-4199, CVE-2018-4218, + CVE-2018-4222, CVE-2018-4232, CVE-2018-4233, CVE-2018-4246 and + CVE-2018-11646. + * debian/control: + + Remove compatibility with versions of debhelper < 9.20151219 in + override_dh_strip, we require version 10 since 2.20.1-1. + * debian/patches/fix-atomics-build.patch: + + The __atomic_fetch_add_8() check is now in this release. Update the + patch to enable THREADS_PREFER_PTHREAD_FLAG. This fixes the riscv64 + build. + * debian/rules: + + Build with -DRELEASE_WITHOUT_OPTIMIZATIONS if "noopt" is set. + * debian/libwebkit2gtk-4.0-doc.install, debian/rules: + + Update path of installed documentation. This changed upstream in + 2.20.2 but it was reverted in this release. + + -- Alberto Garcia Tue, 12 Jun 2018 12:58:42 +0300 + webkit2gtk (2.20.2-1) unstable; urgency=high * New upstream release. diff -Nru webkit2gtk-2.20.2/debian/libwebkit2gtk-4.0-doc.install webkit2gtk-2.20.3/debian/libwebkit2gtk-4.0-doc.install --- webkit2gtk-2.20.2/debian/libwebkit2gtk-4.0-doc.install 2018-05-07 11:41:30.000000000 +0000 +++ webkit2gtk-2.20.3/debian/libwebkit2gtk-4.0-doc.install 2018-06-12 09:58:42.000000000 +0000 @@ -1 +1 @@ -usr/share/gtk-doc/html/webkit2gtk-4.0/webkit2gtk-4.0/* usr/share/doc/libwebkit2gtk-4.0-doc/html/ +usr/share/gtk-doc/html/webkit2gtk-4.0/* usr/share/doc/libwebkit2gtk-4.0-doc/html/ diff -Nru webkit2gtk-2.20.2/debian/patches/fix-atomics-build.patch webkit2gtk-2.20.3/debian/patches/fix-atomics-build.patch --- webkit2gtk-2.20.2/debian/patches/fix-atomics-build.patch 2018-05-07 11:41:30.000000000 +0000 +++ webkit2gtk-2.20.3/debian/patches/fix-atomics-build.patch 2018-06-12 09:58:42.000000000 +0000 @@ -1,63 +1,7 @@ From: Alberto Garcia -Subject: Detect __sync_add_and_fetch_8() and __atomic_fetch_add_8() +Subject: Fix riscv64 build due to not linking against libatomic +Bug-Debian: https://bugs.debian.org/895969 Bug: https://bugs.webkit.org/show_bug.cgi?id=182622 -Index: webkitgtk/Source/WTF/wtf/CMakeLists.txt -=================================================================== ---- webkitgtk.orig/Source/WTF/wtf/CMakeLists.txt -+++ webkitgtk/Source/WTF/wtf/CMakeLists.txt -@@ -315,7 +315,6 @@ set(WTF_HEADERS - - set(WTF_SOURCES - Assertions.cpp -- Atomics.cpp - AutomaticThread.cpp - BitVector.cpp - CPUTime.cpp -@@ -458,6 +457,16 @@ if (NOT USE_SYSTEM_MALLOC) - list(APPEND WTF_LIBRARIES bmalloc) - endif () - -+file(WRITE ${CMAKE_BINARY_DIR}/test_atomics.cpp -+ "int main(void)\n" -+ "{ long long x = 1; return (int) __sync_add_and_fetch_8(&x, 1); }\n") -+try_compile(ATOMICS_BUILD_SUCCEEDED ${CMAKE_BINARY_DIR} ${CMAKE_BINARY_DIR}/test_atomics.cpp) -+message(STATUS "Found __sync_add_and_fetch_8(): ${ATOMICS_BUILD_SUCCEEDED}") -+if (NOT ATOMICS_BUILD_SUCCEEDED) -+ list(APPEND WTF_SOURCES Atomics.cpp) -+endif () -+file(REMOVE ${CMAKE_BINARY_DIR}/test_atomics.cpp) -+ - list(APPEND WTF_SOURCES - unicode/CollatorDefault.cpp - -Index: webkitgtk/Source/JavaScriptCore/CMakeLists.txt -=================================================================== ---- webkitgtk.orig/Source/JavaScriptCore/CMakeLists.txt -+++ webkitgtk/Source/JavaScriptCore/CMakeLists.txt -@@ -116,15 +116,15 @@ set(JavaScriptCore_LIBRARIES - ${LLVM_LIBRARIES} - ) - --# Since r228149, on MIPS we need to link with -latomic, because --# __atomic_fetch_add_8 is not available as a compiler intrinsic. It is --# available on other platforms (including 32-bit Arm), so the link with --# libatomic is only neede on MIPS. --if (WTF_CPU_MIPS) -- list(APPEND JavaScriptCore_LIBRARIES -- -latomic -- ) -+file(WRITE ${CMAKE_BINARY_DIR}/test_atomics.cpp -+ "int main(void)\n" -+ "{ long long x = 1; return (int) __atomic_fetch_add_8(&x, 1, 1); }\n") -+try_compile(ATOMICS_BUILD_SUCCEEDED ${CMAKE_BINARY_DIR} ${CMAKE_BINARY_DIR}/test_atomics.cpp) -+message(STATUS "Found __atomic_fetch_add_8(): ${ATOMICS_BUILD_SUCCEEDED}") -+if (NOT ATOMICS_BUILD_SUCCEEDED) -+ list(APPEND JavaScriptCore_LIBRARIES -latomic) - endif () -+file(REMOVE ${CMAKE_BINARY_DIR}/test_atomics.cpp) - - set(JavaScriptCore_SCRIPTS_SOURCES_DIR "${JAVASCRIPTCORE_DIR}/Scripts") - Index: webkitgtk/Source/cmake/OptionsGTK.cmake =================================================================== --- webkitgtk.orig/Source/cmake/OptionsGTK.cmake diff -Nru webkit2gtk-2.20.2/debian/rules webkit2gtk-2.20.3/debian/rules --- webkit2gtk-2.20.2/debian/rules 2018-05-07 11:41:30.000000000 +0000 +++ webkit2gtk-2.20.3/debian/rules 2018-06-12 09:58:42.000000000 +0000 @@ -8,8 +8,6 @@ CFLAGS = $(shell dpkg-buildflags --get CFLAGS) LDFLAGS = $(shell dpkg-buildflags --get LDFLAGS) -Wl,--as-needed -DEBHELPER_VERSION = $(shell dpkg-query -W -f='$${source:Version}' debhelper) - EXTRA_CMAKE_ARGUMENTS = # Sacrifice speed in order to make it more likely resource limits @@ -36,6 +34,7 @@ ifneq (,$(filter noopt,$(DEB_BUILD_OPTIONS))) EXTRA_CMAKE_ARGUMENTS += -DUSE_SYSTEM_MALLOC=ON + CPPFLAGS += -DRELEASE_WITHOUT_OPTIMIZATIONS endif ifneq (,$(filter nodoc,$(DEB_BUILD_OPTIONS))) @@ -76,15 +75,13 @@ # Create a dummy doc directory in case the "nodoc" build option is set override_dh_install: - mkdir -p $(CURDIR)/debian/tmp/usr/share/gtk-doc/html/webkit2gtk-4.0/webkit2gtk-4.0 - touch $(CURDIR)/debian/tmp/usr/share/gtk-doc/html/webkit2gtk-4.0/webkit2gtk-4.0/index.html + mkdir -p $(CURDIR)/debian/tmp/usr/share/gtk-doc/html/webkit2gtk-4.0 + touch $(CURDIR)/debian/tmp/usr/share/gtk-doc/html/webkit2gtk-4.0/index.html dh_install override_dh_strip: - if dpkg --compare-versions $(DEBHELPER_VERSION) ge 9.20151219; then \ - dh_strip -plibwebkit2gtk-4.0-37 --ddeb-migration='libwebkit2gtk-4.0-37-dbg (<< 2.10.5-1~)' ; \ - dh_strip -plibjavascriptcoregtk-4.0-18 --ddeb-migration='libjavascriptcoregtk-4.0-18-dbg (<< 2.10.5-1~)' ; \ - fi + dh_strip -plibwebkit2gtk-4.0-37 --ddeb-migration='libwebkit2gtk-4.0-37-dbg (<< 2.10.5-1~)' ; \ + dh_strip -plibjavascriptcoregtk-4.0-18 --ddeb-migration='libjavascriptcoregtk-4.0-18-dbg (<< 2.10.5-1~)' ; \ dh_strip override_dh_makeshlibs: diff -Nru webkit2gtk-2.20.2/Documentation/webkit2gtk-4.0/html/index.html webkit2gtk-2.20.3/Documentation/webkit2gtk-4.0/html/index.html --- webkit2gtk-2.20.2/Documentation/webkit2gtk-4.0/html/index.html 2018-05-07 10:27:03.000000000 +0000 +++ webkit2gtk-2.20.3/Documentation/webkit2gtk-4.0/html/index.html 2018-06-11 11:49:14.000000000 +0000 @@ -14,7 +14,7 @@
-

for WebKit2GTK+ 2.20.2

+

for WebKit2GTK+ 2.20.3

diff -Nru webkit2gtk-2.20.2/Documentation/webkit2gtk-4.0/html/webkit2gtk-4.0-WebKitVersion.html webkit2gtk-2.20.3/Documentation/webkit2gtk-4.0/html/webkit2gtk-4.0-WebKitVersion.html --- webkit2gtk-2.20.2/Documentation/webkit2gtk-4.0/html/webkit2gtk-4.0-WebKitVersion.html 2018-05-07 10:27:03.000000000 +0000 +++ webkit2gtk-2.20.3/Documentation/webkit2gtk-4.0/html/webkit2gtk-4.0-WebKitVersion.html 2018-06-11 11:49:14.000000000 +0000 @@ -213,7 +213,7 @@

WEBKIT_MICRO_VERSION

-
#define WEBKIT_MICRO_VERSION (2)
+
#define WEBKIT_MICRO_VERSION (3)
 

 
Like webkit_get_micro_version(), but from the headers used at
 application compile time, rather than from the library linked
diff -Nru webkit2gtk-2.20.2/Documentation/webkitdomgtk-4.0/html/index.html webkit2gtk-2.20.3/Documentation/webkitdomgtk-4.0/html/index.html
--- webkit2gtk-2.20.2/Documentation/webkitdomgtk-4.0/html/index.html	2018-05-07 10:26:40.000000000 +0000
+++ webkit2gtk-2.20.3/Documentation/webkitdomgtk-4.0/html/index.html	2018-06-11 11:48:54.000000000 +0000
@@ -14,7 +14,7 @@
 

 

 

-
for WebKitDOMGTK+ 2.20.2

+
for WebKitDOMGTK+ 2.20.3

 

 

 

diff -Nru webkit2gtk-2.20.2/NEWS webkit2gtk-2.20.3/NEWS
--- webkit2gtk-2.20.2/NEWS	2018-05-07 10:24:42.000000000 +0000
+++ webkit2gtk-2.20.3/NEWS	2018-06-11 11:48:04.000000000 +0000
@@ -1,4 +1,20 @@
 ==================
+WebKitGTK+  2.20.3
+==================
+
+What's new in WebKitGTK+ 2.20.3?
+
+  - Fix installation directory of API documentation.
+  - Disable Gigacage if mmap fails to allocate in Linux.
+  - Add user agent quirk for paypal website.
+  - Properly detect compiler flags, needed libs, and fallbacks for usage of 64-bit atomic operations.
+  - Fix a network process crash when trying to get cookies of about:blank page.
+  - Fix UI process crash when closing the window under Wayland.
+  - Fix several crashes and rendering issues.
+  - Security fixes: CVE-2018-4190, CVE-2018-4199, CVE-2018-4218, CVE-2018-4222, CVE-2018-4232,
+    CVE-2018-4233, CVE-2018-4246, CVE-2018-11646.
+
+==================
 WebKitGTK+  2.20.2
 ==================
 
diff -Nru webkit2gtk-2.20.2/Source/bmalloc/bmalloc/Gigacage.h webkit2gtk-2.20.3/Source/bmalloc/bmalloc/Gigacage.h
--- webkit2gtk-2.20.2/Source/bmalloc/bmalloc/Gigacage.h	2018-05-07 07:58:18.000000000 +0000
+++ webkit2gtk-2.20.3/Source/bmalloc/bmalloc/Gigacage.h	2018-06-11 08:39:29.000000000 +0000
@@ -45,6 +45,13 @@
 #define GIGACAGE_ALLOCATION_CAN_FAIL 0
 #endif
 
+// In Linux, if `vm.overcommit_memory = 2` is specified, mmap with large size can fail if it exceeds the size of RAM.
+// So we specify GIGACAGE_ALLOCATION_CAN_FAIL = 1.
+#if BOS(LINUX)
+#undef GIGACAGE_ALLOCATION_CAN_FAIL
+#define GIGACAGE_ALLOCATION_CAN_FAIL 1
+#endif
+
 static_assert(bmalloc::isPowerOfTwo(PRIMITIVE_GIGACAGE_SIZE), "");
 static_assert(bmalloc::isPowerOfTwo(JSVALUE_GIGACAGE_SIZE), "");
 static_assert(bmalloc::isPowerOfTwo(STRING_GIGACAGE_SIZE), "");
diff -Nru webkit2gtk-2.20.2/Source/cmake/FindLibGBM.cmake webkit2gtk-2.20.3/Source/cmake/FindLibGBM.cmake
--- webkit2gtk-2.20.2/Source/cmake/FindLibGBM.cmake	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Source/cmake/FindLibGBM.cmake	1970-01-01 00:00:00.000000000 +0000
@@ -1,47 +0,0 @@
-# - Try to find gbm.
-# Once done, this will define
-#
-#  LIBGBM_INCLUDE_DIRS - the gbm include directories
-#  LIBGBM_LIBRARIES - link these to use gbm.
-#
-# Copyright (C) 2015 Igalia S.L.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1.  Redistributions of source code must retain the above copyright
-#     notice, this list of conditions and the following disclaimer.
-# 2.  Redistributions in binary form must reproduce the above copyright
-#     notice, this list of conditions and the following disclaimer in the
-#     documentation and/or other materials provided with the distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND ITS CONTRIBUTORS ``AS
-# IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
-# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR ITS
-# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
-# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
-# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-find_package(PkgConfig)
-pkg_check_modules(PC_LIBGBM gbm)
-
-find_path(LIBGBM_INCLUDE_DIRS
-    NAMES gbm.h
-    HINTS ${PC_LIBGBM_INCLUDE_DIRS} ${PC_LIBGBM_INCUDEDIR}
-)
-
-find_library(LIBGBM_LIBRARIES
-    NAMES gbm
-    HINTS ${PC_LIBGBM_LIBRARY_DIRS} ${PC_LIBGBM_LIBDIR}
-)
-
-include(FindPackageHandleStandardArgs)
-find_package_handle_standard_args(LibGBM REQUIRED_VARS LIBGBM_LIBRARIES
-                                  FOUND_VAR LIBGBM_FOUND)
-
-mark_as_advanced(LIBGBM_INCLUDE_DIRS LIBGBM_LIBRARIES)
diff -Nru webkit2gtk-2.20.2/Source/cmake/FindWPEBackend.cmake webkit2gtk-2.20.3/Source/cmake/FindWPEBackend.cmake
--- webkit2gtk-2.20.2/Source/cmake/FindWPEBackend.cmake	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Source/cmake/FindWPEBackend.cmake	2018-06-11 08:16:31.000000000 +0000
@@ -29,15 +29,15 @@
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 find_package(PkgConfig)
-pkg_check_modules(PC_WPE QUIET wpe)
+pkg_check_modules(PC_WPE QUIET wpe-0.1)
 
 find_path(WPE_INCLUDE_DIRS
-    NAMES wpe/loader.h
+    NAMES wpe/wpe.h
     HINTS ${PC_WPE_INCLUDEDIR} ${PC_WPE_INCLUDE_DIRS}
 )
 
 find_library(WPE_LIBRARIES
-    NAMES WPEBackend
+    NAMES WPEBackend-0.1
     HINTS ${PC_WPE_LIBDIR} ${PC_WPE_LIBRARY_DIRS}
 )
 
diff -Nru webkit2gtk-2.20.2/Source/cmake/FindWPEBackend-fdo.cmake webkit2gtk-2.20.3/Source/cmake/FindWPEBackend-fdo.cmake
--- webkit2gtk-2.20.2/Source/cmake/FindWPEBackend-fdo.cmake	1970-01-01 00:00:00.000000000 +0000
+++ webkit2gtk-2.20.3/Source/cmake/FindWPEBackend-fdo.cmake	2018-06-11 08:16:31.000000000 +0000
@@ -0,0 +1,47 @@
+# - Try to find WPEBackend-fdo.
+# Once done, this will define
+#
+#  WPEBACKEND_FDO_FOUND - system has WPEBackend-fdo.
+#  WPEBACKEND_FDO_INCLUDE_DIRS - the WPEBackend-fdo include directories
+#  WPEBACKEND_FDO_LIBRARIES - link these to use WPEBackend-fdo.
+#
+# Copyright (C) 2016 Igalia S.L.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1.  Redistributions of source code must retain the above copyright
+#     notice, this list of conditions and the following disclaimer.
+# 2.  Redistributions in binary form must reproduce the above copyright
+#     notice, this list of conditions and the following disclaimer in the
+#     documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND ITS CONTRIBUTORS ``AS
+# IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR ITS
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+find_package(PkgConfig)
+pkg_check_modules(PC_WPEBACKEND_FDO QUIET wpebackend-fdo-0.1)
+
+find_path(WPEBACKEND_FDO_INCLUDE_DIRS
+    NAMES wpe/fdo.h
+    HINTS ${PC_WPEBACKEND_FDO_INCLUDEDIR} ${PC_WPEBACKEND_FDO_INCLUDE_DIRS}
+)
+
+find_library(WPEBACKEND_FDO_LIBRARIES
+    NAMES WPEBackend-fdo-0.1
+    HINTS ${PC_WPEBACKEND_FDO_LIBDIR} ${PC_WPEBACKEND_FDO_LIBRARY_DIRS}
+)
+
+mark_as_advanced(WPEBACKEND_FDO_INCLUDE_DIRS WPEBACKEND_FDO_LIBRARIES)
+
+include(FindPackageHandleStandardArgs)
+find_package_handle_standard_args(WPEBackend-fdo REQUIRED_VARS WPEBACKEND_FDO_INCLUDE_DIRS WPEBACKEND_FDO_LIBRARIES)
diff -Nru webkit2gtk-2.20.2/Source/cmake/FindWPEBackend-mesa.cmake webkit2gtk-2.20.3/Source/cmake/FindWPEBackend-mesa.cmake
--- webkit2gtk-2.20.2/Source/cmake/FindWPEBackend-mesa.cmake	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Source/cmake/FindWPEBackend-mesa.cmake	1970-01-01 00:00:00.000000000 +0000
@@ -1,47 +0,0 @@
-# - Try to find WPE-mesa.
-# Once done, this will define
-#
-#  WPE_MESA_FOUND - system has WPE-mesa.
-#  WPE_MESA_INCLUDE_DIRS - the WPE-mesa include directories
-#  WPE_MESA_LIBRARIES - link these to use WPE-mesa.
-#
-# Copyright (C) 2016 Igalia S.L.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1.  Redistributions of source code must retain the above copyright
-#     notice, this list of conditions and the following disclaimer.
-# 2.  Redistributions in binary form must reproduce the above copyright
-#     notice, this list of conditions and the following disclaimer in the
-#     documentation and/or other materials provided with the distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND ITS CONTRIBUTORS ``AS
-# IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
-# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR ITS
-# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
-# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
-# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-find_package(PkgConfig)
-pkg_check_modules(PC_WPE_MESA QUIET wpe-mesa)
-
-find_path(WPE_MESA_INCLUDE_DIRS
-    NAMES wpe-mesa/view-backend-exportable-dma-buf.h
-    HINTS ${PC_WPE_MESA_INCLUDEDIR} ${PC_WPE_MESA_INCLUDE_DIRS}
-)
-
-find_library(WPE_MESA_LIBRARIES
-    NAMES WPEBackend-mesa
-    HINTS ${PC_WPE_MESA_LIBDIR} ${PC_WPE_MESA_LIBRARY_DIRS}
-)
-
-mark_as_advanced(WPE_MESA_INCLUDE_DIRS WPE_MESA_LIBRARIES)
-
-include(FindPackageHandleStandardArgs)
-find_package_handle_standard_args(WPEBackend-mesa REQUIRED_VARS WPE_MESA_INCLUDE_DIRS WPE_MESA_LIBRARIES)
diff -Nru webkit2gtk-2.20.2/Source/cmake/OptionsCommon.cmake webkit2gtk-2.20.3/Source/cmake/OptionsCommon.cmake
--- webkit2gtk-2.20.2/Source/cmake/OptionsCommon.cmake	2018-03-05 12:48:41.000000000 +0000
+++ webkit2gtk-2.20.3/Source/cmake/OptionsCommon.cmake	2018-06-11 08:16:31.000000000 +0000
@@ -107,8 +107,8 @@
     set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${OpenMP_CXX_FLAGS}")
 endif ()
 
-# GTK uses the GNU installation directories as defaults.
-if (NOT PORT STREQUAL "GTK")
+# GTK and WPE use the GNU installation directories as defaults.
+if (NOT PORT STREQUAL "GTK" AND NOT PORT STREQUAL "WPE")
     set(LIB_INSTALL_DIR "${CMAKE_INSTALL_PREFIX}/lib" CACHE PATH "Absolute path to library installation directory")
     set(EXEC_INSTALL_DIR "${CMAKE_INSTALL_PREFIX}/bin" CACHE PATH "Absolute path to executable installation directory")
     set(LIBEXEC_INSTALL_DIR "${CMAKE_INSTALL_PREFIX}/bin" CACHE PATH "Absolute path to install executables executed by the library")
diff -Nru webkit2gtk-2.20.2/Source/cmake/OptionsGTK.cmake webkit2gtk-2.20.3/Source/cmake/OptionsGTK.cmake
--- webkit2gtk-2.20.2/Source/cmake/OptionsGTK.cmake	2018-05-07 10:14:55.000000000 +0000
+++ webkit2gtk-2.20.3/Source/cmake/OptionsGTK.cmake	2018-06-11 11:40:23.000000000 +0000
@@ -1,11 +1,11 @@
 include(GNUInstallDirs)
 include(VersioningUtils)
 
-SET_PROJECT_VERSION(2 20 2)
+SET_PROJECT_VERSION(2 20 3)
 set(WEBKITGTK_API_VERSION 4.0)
 
-CALCULATE_LIBRARY_VERSIONS_FROM_LIBTOOL_TRIPLE(WEBKIT 65 2 28)
-CALCULATE_LIBRARY_VERSIONS_FROM_LIBTOOL_TRIPLE(JAVASCRIPTCORE 25 10 7)
+CALCULATE_LIBRARY_VERSIONS_FROM_LIBTOOL_TRIPLE(WEBKIT 65 3 28)
+CALCULATE_LIBRARY_VERSIONS_FROM_LIBTOOL_TRIPLE(JAVASCRIPTCORE 25 11 7)
 
 # These are shared variables, but we special case their definition so that we can use the
 # CMAKE_INSTALL_* variables that are populated by the GNUInstallDirs macro.
diff -Nru webkit2gtk-2.20.2/Source/cmake/WebKitCompilerFlags.cmake webkit2gtk-2.20.3/Source/cmake/WebKitCompilerFlags.cmake
--- webkit2gtk-2.20.2/Source/cmake/WebKitCompilerFlags.cmake	2018-02-19 13:11:37.000000000 +0000
+++ webkit2gtk-2.20.3/Source/cmake/WebKitCompilerFlags.cmake	2018-06-11 09:00:22.000000000 +0000
@@ -219,3 +219,16 @@
    DETERMINE_GCC_SYSTEM_INCLUDE_DIRS("c++" "${CMAKE_CXX_COMPILER}" "${CMAKE_CXX_FLAGS}" SYSTEM_INCLUDE_DIRS)
    set(CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES ${CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES} ${SYSTEM_INCLUDE_DIRS})
 endif ()
+
+if (COMPILER_IS_GCC_OR_CLANG)
+    set(ATOMIC_TEST_SOURCE "
+        #include 
+        int main() { std::atomic i(0); i++; return 0; }
+    ")
+    check_cxx_source_compiles("${ATOMIC_TEST_SOURCE}" ATOMIC_INT64_IS_BUILTIN)
+    if (NOT ATOMIC_INT64_IS_BUILTIN)
+        set(CMAKE_REQUIRED_LIBRARIES atomic)
+        check_cxx_source_compiles("${ATOMIC_TEST_SOURCE}" ATOMIC_INT64_REQUIRES_LIBATOMIC)
+        unset(CMAKE_REQUIRED_LIBRARIES)
+    endif ()
+endif ()
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/assembler/ProbeContext.h webkit2gtk-2.20.3/Source/JavaScriptCore/assembler/ProbeContext.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/assembler/ProbeContext.h	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/assembler/ProbeContext.h	2018-06-11 08:16:31.000000000 +0000
@@ -85,7 +85,7 @@
     CPUState* cpu = const_cast(this);
     auto& from = cpu->gpr(id);
     typename std::remove_const::type to { };
-    std::memcpy(&to, &from, sizeof(to)); // Use std::memcpy to avoid strict aliasing issues.
+    std::memcpy(static_cast(&to), &from, sizeof(to)); // Use std::memcpy to avoid strict aliasing issues.
     return to;
 }
 
@@ -95,7 +95,7 @@
     CPUState* cpu = const_cast(this);
     auto& from = cpu->spr(id);
     typename std::remove_const::type to { };
-    std::memcpy(&to, &from, sizeof(to)); // Use std::memcpy to avoid strict aliasing issues.
+    std::memcpy(static_cast(&to), &from, sizeof(to)); // Use std::memcpy to avoid strict aliasing issues.
     return to;
 }
 
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/b3/air/AirArg.h webkit2gtk-2.20.3/Source/JavaScriptCore/b3/air/AirArg.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/b3/air/AirArg.h	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/b3/air/AirArg.h	2018-06-11 08:16:31.000000000 +0000
@@ -889,6 +889,7 @@
             case Width64:
                 return B3::isRepresentableAs(value);
             }
+            RELEASE_ASSERT_NOT_REACHED();
         case Unsigned:
             switch (width) {
             case Width8:
@@ -901,7 +902,7 @@
                 return B3::isRepresentableAs(value);
             }
         }
-        ASSERT_NOT_REACHED();
+        RELEASE_ASSERT_NOT_REACHED();
     }
 
     bool isRepresentableAs(Width, Signedness) const;
@@ -920,6 +921,7 @@
             case Width64:
                 return static_cast(value);
             }
+            RELEASE_ASSERT_NOT_REACHED();
         case Unsigned:
             switch (width) {
             case Width8:
@@ -932,7 +934,7 @@
                 return static_cast(value);
             }
         }
-        ASSERT_NOT_REACHED();
+        RELEASE_ASSERT_NOT_REACHED();
     }
 
     template
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/ArrayIteratorPrototype.js webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/ArrayIteratorPrototype.js
--- webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/ArrayIteratorPrototype.js	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/ArrayIteratorPrototype.js	2018-06-11 10:29:18.000000000 +0000
@@ -31,7 +31,7 @@
     if (this == null)
         @throwTypeError("%ArrayIteratorPrototype%.next requires that |this| not be null or undefined");
 
-    let next = this.@arrayIteratorNext;
+    let next = @getByIdDirectPrivate(this, "arrayIteratorNext");
     if (next === @undefined)
         @throwTypeError("%ArrayIteratorPrototype%.next requires that |this| be an Array Iterator instance");
 
@@ -45,9 +45,9 @@
     var done = true;
     var value;
 
-    var array = this.@iteratedObject;
-    if (!this.@arrayIteratorIsDone) {
-        var index = this.@arrayIteratorNextIndex;
+    var array = @getByIdDirectPrivate(this, "iteratedObject");
+    if (!@getByIdDirectPrivate(this, "arrayIteratorIsDone")) {
+        var index = @getByIdDirectPrivate(this, "arrayIteratorNextIndex");
         var length = array.length >>> 0;
         if (index >= length) {
             this.@arrayIteratorIsDone = true;
@@ -68,9 +68,9 @@
     var done = true;
     var value;
 
-    var array = this.@iteratedObject;
-    if (!this.@arrayIteratorIsDone) {
-        var index = this.@arrayIteratorNextIndex;
+    var array = @getByIdDirectPrivate(this, "iteratedObject");
+    if (!@getByIdDirectPrivate(this, "arrayIteratorIsDone")) {
+        var index = @getByIdDirectPrivate(this, "arrayIteratorNextIndex");
         var length = array.length >>> 0;
         if (index >= length) {
             this.@arrayIteratorIsDone = true;
@@ -91,9 +91,9 @@
     var done = true;
     var value;
 
-    var array = this.@iteratedObject;
-    if (!this.@arrayIteratorIsDone) {
-        var index = this.@arrayIteratorNextIndex;
+    var array = @getByIdDirectPrivate(this, "iteratedObject");
+    if (!@getByIdDirectPrivate(this, "arrayIteratorIsDone")) {
+        var index = @getByIdDirectPrivate(this, "arrayIteratorNextIndex");
         var length = array.length >>> 0;
         if (index >= length) {
             this.@arrayIteratorIsDone = true;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/AsyncFromSyncIteratorPrototype.js webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/AsyncFromSyncIteratorPrototype.js
--- webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/AsyncFromSyncIteratorPrototype.js	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/AsyncFromSyncIteratorPrototype.js	2018-06-11 10:29:18.000000000 +0000
@@ -29,15 +29,15 @@
 
     const promiseCapability = @newPromiseCapability(@Promise);
 
-    if (!@isObject(this) || !@isObject(this.@syncIterator)) {
+    if (!@isObject(this) || !@isObject(@getByIdDirectPrivate(this, "syncIterator"))) {
         promiseCapability.@reject.@call(@undefined, new @TypeError('Iterator is not an object.'));
         return promiseCapability.@promise;
     }
 
-    const syncIterator = this.@syncIterator;
+    const syncIterator = @getByIdDirectPrivate(this, "syncIterator");
 
     try {
-        const { done: nextDone, value: nextValue } = this.@nextMethod.@call(syncIterator, value);
+        const { done: nextDone, value: nextValue } = @getByIdDirectPrivate(this, "nextMethod").@call(syncIterator, value);
         const valueWrapperCapability = @newPromiseCapability(@Promise);
         valueWrapperCapability.@resolve.@call(@undefined, nextValue);
         valueWrapperCapability.@promise.@then(
@@ -56,12 +56,12 @@
 
     const promiseCapability = @newPromiseCapability(@Promise);
 
-    if (!@isObject(this) || !@isObject(this.@syncIterator)) {
+    if (!@isObject(this) || !@isObject(@getByIdDirectPrivate(this, "syncIterator"))) {
         promiseCapability.@reject.@call(@undefined, new @TypeError('Iterator is not an object.'));
         return promiseCapability.@promise;
     }
 
-    const syncIterator = this.@syncIterator;
+    const syncIterator = @getByIdDirectPrivate(this, "syncIterator");
 
     let returnMethod;
 
@@ -105,12 +105,12 @@
 
     const promiseCapability = @newPromiseCapability(@Promise);
 
-    if (!@isObject(this) || !@isObject(this.@syncIterator)) {
+    if (!@isObject(this) || !@isObject(@getByIdDirectPrivate(this, "syncIterator"))) {
         promiseCapability.@reject.@call(@undefined, new @TypeError('Iterator is not an object.'));
         return promiseCapability.@promise;
     }
 
-    const syncIterator = this.@syncIterator;
+    const syncIterator = @getByIdDirectPrivate(this, "syncIterator");
 
     let throwMethod;
 
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/AsyncFunctionPrototype.js webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/AsyncFunctionPrototype.js
--- webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/AsyncFunctionPrototype.js	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/AsyncFunctionPrototype.js	2018-06-11 10:29:18.000000000 +0000
@@ -27,7 +27,7 @@
 function asyncFunctionResume(generator, promiseCapability, sentValue, resumeMode)
 {
     "use strict";
-    let state = generator.@generatorState;
+    let state = @getByIdDirectPrivate(generator, "generatorState");
     let value = @undefined;
 
     if (state === @GeneratorStateCompleted || (resumeMode !== @GeneratorResumeModeNormal && resumeMode !== @GeneratorResumeModeThrow))
@@ -35,8 +35,8 @@
 
     try {
         generator.@generatorState = @GeneratorStateExecuting;
-        value = generator.@generatorNext.@call(generator.@generatorThis, generator, state, sentValue, resumeMode, generator.@generatorFrame);
-        if (generator.@generatorState === @GeneratorStateExecuting) {
+        value = @getByIdDirectPrivate(generator, "generatorNext").@call(@getByIdDirectPrivate(generator, "generatorThis"), generator, state, sentValue, resumeMode, @getByIdDirectPrivate(generator, "generatorFrame"));
+        if (@getByIdDirectPrivate(generator, "generatorState") === @GeneratorStateExecuting) {
             generator.@generatorState = @GeneratorStateCompleted;
             promiseCapability.@resolve(value);
             return promiseCapability.@promise;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/AsyncGeneratorPrototype.js webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/AsyncGeneratorPrototype.js
--- webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/AsyncGeneratorPrototype.js	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/AsyncGeneratorPrototype.js	2018-06-11 10:29:18.000000000 +0000
@@ -28,7 +28,7 @@
 {
     "use strict";
 
-    return generator.@asyncGeneratorQueueLast === null;
+    return @getByIdDirectPrivate(generator, "asyncGeneratorQueueLast") === null;
 }
 
 @globalPrivate
@@ -36,16 +36,17 @@
 {
     "use strict";
 
-    @assert(item.@asyncGeneratorQueueItemNext === null && item.@asyncGeneratorQueueItemPrevious === null);
+    @assert(@getByIdDirectPrivate(item, "asyncGeneratorQueueItemNext") === null && @getByIdDirectPrivate(item, "asyncGeneratorQueueItemPrevious") === null);
 
-    if (generator.@asyncGeneratorQueueFirst === null) {
-        @assert(generator.@asyncGeneratorQueueLast === null);
+    if (@getByIdDirectPrivate(generator, "asyncGeneratorQueueFirst") === null) {
+        @assert(@getByIdDirectPrivate(generator, "asyncGeneratorQueueLast") === null);
 
         generator.@asyncGeneratorQueueFirst = item;
         generator.@asyncGeneratorQueueLast = item;
     } else {
-        item.@asyncGeneratorQueueItemPrevious = generator.@asyncGeneratorQueueLast;
-        generator.@asyncGeneratorQueueLast.@asyncGeneratorQueueItemNext = item;
+        var last = @getByIdDirectPrivate(generator, "asyncGeneratorQueueLast");
+        item.@asyncGeneratorQueueItemPrevious = last;
+        last.@asyncGeneratorQueueItemNext = item;
         generator.@asyncGeneratorQueueLast = item;
     }
 }
@@ -55,13 +56,14 @@
 {
     "use strict";
 
-    if (generator.@asyncGeneratorQueueFirst === null)
+    const result = @getByIdDirectPrivate(generator, "asyncGeneratorQueueFirst");
+    if (result === null)
         return null;
 
-    const result = generator.@asyncGeneratorQueueFirst;
-    generator.@asyncGeneratorQueueFirst = result.@asyncGeneratorQueueItemNext;
+    var updatedFirst = @getByIdDirectPrivate(result, "asyncGeneratorQueueItemNext");
+    generator.@asyncGeneratorQueueFirst = updatedFirst;
 
-    if (generator.@asyncGeneratorQueueFirst === null)
+    if (updatedFirst === null)
         generator.@asyncGeneratorQueueLast = null;
 
     return result;
@@ -72,7 +74,7 @@
 {
     "use strict";
 
-    const queue = generator.@asyncGeneratorQueue;
+    const queue = @getByIdDirectPrivate(generator, "asyncGeneratorQueue");
 
     @assert(!@asyncGeneratorQueueIsEmpty(generator), "Async genetator's Queue is an empty List.");
     
@@ -84,9 +86,11 @@
 {
     "use strict";
 
-    return (generator.@generatorState > 0 && generator.@asyncGeneratorSuspendReason === @AsyncGeneratorSuspendReasonNone)
-        || generator.@generatorState === @AsyncGeneratorStateExecuting
-        || generator.@asyncGeneratorSuspendReason === @AsyncGeneratorSuspendReasonAwait;
+    var state = @getByIdDirectPrivate(generator, "generatorState");
+    var reason = @getByIdDirectPrivate(generator, "asyncGeneratorSuspendReason");
+    return (state > 0 && reason === @AsyncGeneratorSuspendReasonNone)
+        || state === @AsyncGeneratorStateExecuting
+        || reason === @AsyncGeneratorSuspendReasonAwait;
 }
 
 @globalPrivate
@@ -94,8 +98,9 @@
 {
     "use strict";
 
-    return (generator.@generatorState > 0 && generator.@asyncGeneratorSuspendReason === @AsyncGeneratorSuspendReasonYield)
-        || generator.@generatorState === @AsyncGeneratorStateSuspendedYield;
+    var state = @getByIdDirectPrivate(generator, "generatorState");
+    return (state > 0 && @getByIdDirectPrivate(generator, "asyncGeneratorSuspendReason") === @AsyncGeneratorSuspendReasonYield)
+        || state === @AsyncGeneratorStateSuspendedYield;
 }
 
 @globalPrivate
@@ -103,7 +108,7 @@
 {
     "use strict";
 
-    @assert(typeof generator.@asyncGeneratorSuspendReason === "number", "Generator is not an AsyncGenerator instance.");
+    @assert(typeof @getByIdDirectPrivate(generator, "asyncGeneratorSuspendReason") === "number", "Generator is not an AsyncGenerator instance.");
 
     const { promiseCapability } = @asyncGeneratorDequeue(generator);
     promiseCapability.@reject.@call(@undefined, exception);
@@ -116,7 +121,7 @@
 {
     "use strict";
 
-    @assert(typeof generator.@asyncGeneratorSuspendReason === "number", "Generator is not an AsyncGenerator instance.");
+    @assert(typeof @getByIdDirectPrivate(generator, "asyncGeneratorSuspendReason") === "number", "Generator is not an AsyncGenerator instance.");
 
     const { promiseCapability } = @asyncGeneratorDequeue(generator);
     promiseCapability.@resolve.@call(@undefined, { done, value: value });
@@ -163,14 +168,14 @@
     "use strict";
 
     let value = @undefined;
-    let state = generator.@generatorState;
+    let state = @getByIdDirectPrivate(generator, "generatorState");
 
     generator.@generatorState = @AsyncGeneratorStateExecuting;
     generator.@asyncGeneratorSuspendReason = @AsyncGeneratorSuspendReasonNone;
 
     try {
-        value = generator.@generatorNext.@call(generator.@generatorThis, generator, state, resumeValue, resumeMode, generator.@generatorFrame);
-        if (generator.@generatorState === @AsyncGeneratorStateExecuting)
+        value = @getByIdDirectPrivate(generator, "generatorNext").@call(@getByIdDirectPrivate(generator, "generatorThis"), generator, state, resumeValue, resumeMode, @getByIdDirectPrivate(generator, "generatorFrame"));
+        if (@getByIdDirectPrivate(generator, "generatorState") === @AsyncGeneratorStateExecuting)
             generator.@generatorState = @AsyncGeneratorStateCompleted;
     } catch (error) {
         generator.@generatorState = @AsyncGeneratorStateCompleted;
@@ -179,7 +184,7 @@
         return @asyncGeneratorReject(generator, error);
     }
 
-    if (generator.@asyncGeneratorSuspendReason === @AsyncGeneratorSuspendReasonAwait) {
+    if (@getByIdDirectPrivate(generator, "asyncGeneratorSuspendReason") === @AsyncGeneratorSuspendReasonAwait) {
         const onFulfilled = function(result) { @doAsyncGeneratorBodyCall(generator, result, @GeneratorResumeModeNormal); };
 
         @awaitValue(generator, value, onFulfilled);
@@ -187,10 +192,10 @@
         return @undefined;
     }
 
-    if (generator.@asyncGeneratorSuspendReason === @AsyncGeneratorSuspendReasonYield)
+    if (@getByIdDirectPrivate(generator, "asyncGeneratorSuspendReason") === @AsyncGeneratorSuspendReasonYield)
         return @asyncGeneratorYield(generator, value, resumeMode);
 
-    if (generator.@generatorState === @AsyncGeneratorStateCompleted) {
+    if (@getByIdDirectPrivate(generator, "generatorState") === @AsyncGeneratorStateCompleted) {
         generator.@asyncGeneratorSuspendReason = @AsyncGeneratorSuspendReasonNone;
         return @asyncGeneratorResolve(generator, value, true);
     }
@@ -203,9 +208,9 @@
 {
     "use strict";
 
-    @assert(typeof generator.@asyncGeneratorSuspendReason === "number", "Generator is not an AsyncGenerator instance.");
+    @assert(typeof @getByIdDirectPrivate(generator, "asyncGeneratorSuspendReason") === "number", "Generator is not an AsyncGenerator instance.");
 
-    let state = generator.@generatorState;
+    let state = @getByIdDirectPrivate(generator, "generatorState");
 
     @assert(state !== @AsyncGeneratorStateExecuting, "Async generator should not be in executing state");
 
@@ -215,7 +220,7 @@
     if (@asyncGeneratorQueueIsEmpty(generator))
         return @undefined;
 
-    const next = generator.@asyncGeneratorQueueFirst;
+    const next = @getByIdDirectPrivate(generator, "asyncGeneratorQueueFirst");
 
     if (next.resumeMode !== @GeneratorResumeModeNormal) {
         if (state === @AsyncGeneratorStateSuspendedStart) {
@@ -259,7 +264,7 @@
     "use strict";
     
     const promiseCapability = @newPromiseCapability(@Promise);
-    if (!@isObject(generator) || typeof generator.@asyncGeneratorSuspendReason !== 'number') {
+    if (!@isObject(generator) || typeof @getByIdDirectPrivate(generator, "asyncGeneratorSuspendReason") !== 'number') {
         promiseCapability.@reject.@call(@undefined, new @TypeError('|this| should be an async generator'));
         return promiseCapability.@promise;
     }
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/GeneratorPrototype.js webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/GeneratorPrototype.js
--- webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/GeneratorPrototype.js	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/GeneratorPrototype.js	2018-06-11 10:29:18.000000000 +0000
@@ -35,8 +35,8 @@
     if (!done) {
         try {
             generator.@generatorState = @GeneratorStateExecuting;
-            value = generator.@generatorNext.@call(generatorThis, generator, state, sentValue, resumeMode, generator.@generatorFrame);
-            if (generator.@generatorState === @GeneratorStateExecuting) {
+            value = @getByIdDirectPrivate(generator, "generatorNext").@call(generatorThis, generator, state, sentValue, resumeMode, @getByIdDirectPrivate(generator, "generatorFrame"));
+            if (@getByIdDirectPrivate(generator, "generatorState") === @GeneratorStateExecuting) {
                 generator.@generatorState = @GeneratorStateCompleted;
                 done = true;
             }
@@ -52,35 +52,35 @@
 {
     "use strict";
 
-    var state = this.@generatorState;
+    var state = @getByIdDirectPrivate(this, "generatorState");
     if (typeof state !== "number")
         @throwTypeError("|this| should be a generator");
 
     if (state === @GeneratorStateExecuting)
         @throwTypeError("Generator is executing");
 
-    return @generatorResume(this, state, this.@generatorThis, value, @undefined, @GeneratorResumeModeNormal);
+    return @generatorResume(this, state, @getByIdDirectPrivate(this, "generatorThis"), value, @undefined, @GeneratorResumeModeNormal);
 }
 
 function return(value)
 {
     "use strict";
 
-    var state = this.@generatorState;
+    var state = @getByIdDirectPrivate(this, "generatorState");
     if (typeof state !== "number")
         @throwTypeError("|this| should be a generator");
 
     if (state === @GeneratorStateExecuting)
         @throwTypeError("Generator is executing");
 
-    return @generatorResume(this, state, this.@generatorThis, value, value, @GeneratorResumeModeReturn);
+    return @generatorResume(this, state, @getByIdDirectPrivate(this, "generatorThis"), value, value, @GeneratorResumeModeReturn);
 }
 
 function throw(exception)
 {
     "use strict";
 
-    var state = this.@generatorState;
+    var state = @getByIdDirectPrivate(this, "generatorState");
     if (typeof state !== "number")
         @throwTypeError("|this| should be a generator");
 
@@ -90,5 +90,5 @@
     if (state === @GeneratorStateCompleted)
         throw exception;
 
-    return @generatorResume(this, state, this.@generatorThis, exception, @undefined, @GeneratorResumeModeThrow);
+    return @generatorResume(this, state, @getByIdDirectPrivate(this, "generatorThis"), exception, @undefined, @GeneratorResumeModeThrow);
 }
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/MapIteratorPrototype.js webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/MapIteratorPrototype.js
--- webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/MapIteratorPrototype.js	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/MapIteratorPrototype.js	2018-06-11 10:29:18.000000000 +0000
@@ -51,8 +51,8 @@
     if (this == null)
         @throwTypeError("%MapIteratorPrototype%.next requires that |this| not be null or undefined");
 
-    var bucket = this.@mapBucket;
+    var bucket = @getByIdDirectPrivate(this, "mapBucket");
     if (bucket === @undefined)
         @throwTypeError("%MapIteratorPrototype%.next requires that |this| be a Map Iterator instance");
-    return @mapIteratorNext.@call(this, bucket, this.@mapIteratorKind);
+    return @mapIteratorNext.@call(this, bucket, @getByIdDirectPrivate(this, "mapIteratorKind"));
 }
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/PromiseOperations.js webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/PromiseOperations.js
--- webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/PromiseOperations.js	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/PromiseOperations.js	2018-06-11 10:29:18.000000000 +0000
@@ -31,7 +31,7 @@
 {
     "use strict";
 
-    return @isObject(promise) && !!promise.@promiseState;
+    return @isObject(promise) && !!@getByIdDirectPrivate(promise, "promiseState");
 }
 
 @globalPrivate
@@ -106,14 +106,14 @@
 {
     "use strict";
 
-    var reactions = promise.@promiseReactions;
+    var reactions = @getByIdDirectPrivate(promise, "promiseReactions");
     promise.@promiseResult = reason;
     promise.@promiseReactions = @undefined;
     promise.@promiseState = @promiseStateRejected;
 
     @InspectorInstrumentation.promiseRejected(promise, reason, reactions);
 
-    if (!promise.@promiseIsHandled)
+    if (!@getByIdDirectPrivate(promise, "promiseIsHandled"))
         @hostPromiseRejectionTracker(promise, @promiseRejectionReject);
 
     @triggerPromiseReactions(@promiseStateRejected, reactions, reason);
@@ -124,7 +124,7 @@
 {
     "use strict";
 
-    var reactions = promise.@promiseReactions;
+    var reactions = @getByIdDirectPrivate(promise, "promiseReactions");
     promise.@promiseResult = value;
     promise.@promiseReactions = @undefined;
     promise.@promiseState = @promiseStateFulfilled;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/PromisePrototype.js webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/PromisePrototype.js
--- webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/PromisePrototype.js	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/PromisePrototype.js	2018-06-11 10:29:18.000000000 +0000
@@ -49,13 +49,14 @@
 
     var reaction = @newPromiseReaction(resultCapability, onFulfilled, onRejected);
 
-    var state = this.@promiseState;
-    if (state === @promiseStatePending)
-        @putByValDirect(this.@promiseReactions, this.@promiseReactions.length, reaction);
-    else {
-        if (state === @promiseStateRejected && !this.@promiseIsHandled)
+    var state = @getByIdDirectPrivate(this, "promiseState");
+    if (state === @promiseStatePending) {
+        var reactions = @getByIdDirectPrivate(this, "promiseReactions");
+        @putByValDirect(reactions, reactions.length, reaction);
+    } else {
+        if (state === @promiseStateRejected && !@getByIdDirectPrivate(this, "promiseIsHandled"))
             @hostPromiseRejectionTracker(this, @promiseRejectionHandle);
-        @enqueueJob(@promiseReactionJob, [state, reaction, this.@promiseResult]);
+        @enqueueJob(@promiseReactionJob, [state, reaction, @getByIdDirectPrivate(this, "promiseResult")]);
     }
 
     this.@promiseIsHandled = true;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/SetIteratorPrototype.js webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/SetIteratorPrototype.js
--- webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/SetIteratorPrototype.js	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/SetIteratorPrototype.js	2018-06-11 10:29:18.000000000 +0000
@@ -48,8 +48,8 @@
     if (this == null)
         @throwTypeError("%SetIteratorPrototype%.next requires that |this| not be null or undefined");
 
-    var bucket = this.@setBucket;
+    var bucket = @getByIdDirectPrivate(this, "setBucket");
     if (bucket === @undefined)
         @throwTypeError("%SetIteratorPrototype%.next requires that |this| be a Set Iterator instance");
-    return @setIteratorNext.@call(this, bucket, this.@setIteratorKind);
+    return @setIteratorNext.@call(this, bucket, @getByIdDirectPrivate(this, "setIteratorKind"));
 }
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/StringIteratorPrototype.js webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/StringIteratorPrototype.js
--- webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/StringIteratorPrototype.js	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/StringIteratorPrototype.js	2018-06-11 10:29:18.000000000 +0000
@@ -30,14 +30,14 @@
     if (this == null)
         @throwTypeError("%StringIteratorPrototype%.next requires that |this| not be null or undefined");
 
-    var position = this.@stringIteratorNextIndex;
+    var position = @getByIdDirectPrivate(this, "stringIteratorNextIndex");
     if (position === @undefined)
         @throwTypeError("%StringIteratorPrototype%.next requires that |this| be a String Iterator instance");
 
     var done = true;
     var value = @undefined;
 
-    var string = this.@iteratedString;
+    var string = @getByIdDirectPrivate(this, "iteratedString");
     if (string !== @undefined) {
         var length = string.length >>> 0;
         if (position >= length) {
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/TypedArrayConstructor.js webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/TypedArrayConstructor.js
--- webkit2gtk-2.20.2/Source/JavaScriptCore/builtins/TypedArrayConstructor.js	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/builtins/TypedArrayConstructor.js	2018-06-11 10:29:18.000000000 +0000
@@ -32,7 +32,7 @@
 {
     "use strict";
     let len = arguments.length;
-    let constructFunction = this.@allocateTypedArray;
+    let constructFunction = @getByIdDirectPrivate(this, "allocateTypedArray");
     if (constructFunction === @undefined)
         @throwTypeError("TypedArray.of requires its this argument to subclass a TypedArray constructor");
 
@@ -85,7 +85,7 @@
             k++;
         }
 
-        let constructFunction = this.@allocateTypedArray;
+        let constructFunction = @getByIdDirectPrivate(this, "allocateTypedArray");
         if (constructFunction === @undefined)
             @throwTypeError("TypedArray.from requires its this argument subclass a TypedArray constructor");
 
@@ -100,7 +100,7 @@
 
     let arrayLikeLength = @toLength(arrayLike.length);
 
-    let constructFunction = this.@allocateTypedArray;
+    let constructFunction = @getByIdDirectPrivate(this, "allocateTypedArray");
     if (constructFunction === @undefined)
         @throwTypeError("this does not subclass a TypedArray constructor");
 
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/BytecodeDumper.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/BytecodeDumper.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/BytecodeDumper.cpp	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/BytecodeDumper.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -1026,6 +1026,17 @@
         dumpValueProfiling(out, it, hasPrintedProfiling);
         break;
     }
+    case op_get_by_id_direct: {
+        int r0 = (++it)->u.operand;
+        int r1 = (++it)->u.operand;
+        int id0 = (++it)->u.operand;
+        printLocationAndOp(out, location, it, "get_by_id_direct");
+        out.printf("%s, %s, %s", registerName(r0).data(), registerName(r1).data(), idName(id0, identifier(id0)).data());
+        it += 2; // Increment up to the value profiler.
+        printGetByIdCacheStatus(out, location, stubInfos);
+        dumpValueProfiling(out, it, hasPrintedProfiling);
+        break;
+    }
     case op_get_by_id:
     case op_get_by_id_proto_load:
     case op_get_by_id_unset:
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/BytecodeIntrinsicRegistry.h webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/BytecodeIntrinsicRegistry.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/BytecodeIntrinsicRegistry.h	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/BytecodeIntrinsicRegistry.h	2018-06-11 10:29:22.000000000 +0000
@@ -40,6 +40,8 @@
 #define JSC_COMMON_BYTECODE_INTRINSIC_FUNCTIONS_EACH_NAME(macro) \
     macro(argument) \
     macro(argumentCount) \
+    macro(getByIdDirect) \
+    macro(getByIdDirectPrivate) \
     macro(idWithProfile) \
     macro(isObject) \
     macro(isJSArray) \
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/BytecodeList.json webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/BytecodeList.json
--- webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/BytecodeList.json	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/BytecodeList.json	2018-06-11 10:29:22.000000000 +0000
@@ -87,6 +87,7 @@
             { "name" : "op_get_by_id_unset", "length" : 9 },
             { "name" : "op_get_by_id_with_this", "length" : 6 },
             { "name" : "op_get_by_val_with_this", "length" : 6 },
+            { "name" : "op_get_by_id_direct", "length" : 7  },
             { "name" : "op_try_get_by_id", "length" : 5 },
             { "name" : "op_put_by_id", "length" : 9 },
             { "name" : "op_put_by_id_with_this", "length" : 5 },
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/BytecodeUseDef.h webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/BytecodeUseDef.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/BytecodeUseDef.h	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/BytecodeUseDef.h	2018-06-11 10:29:22.000000000 +0000
@@ -181,6 +181,7 @@
     case op_get_by_id:
     case op_get_by_id_proto_load:
     case op_get_by_id_unset:
+    case op_get_by_id_direct:
     case op_get_array_length:
     case op_typeof:
     case op_is_empty:
@@ -429,6 +430,7 @@
     case op_get_by_id:
     case op_get_by_id_proto_load:
     case op_get_by_id_unset:
+    case op_get_by_id_direct:
     case op_get_by_id_with_this:
     case op_get_by_val_with_this:
     case op_get_array_length:
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/CodeBlock.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/CodeBlock.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/CodeBlock.cpp	2018-02-20 08:08:15.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/CodeBlock.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -566,6 +566,7 @@
         case op_get_by_id:
         case op_get_by_id_with_this:
         case op_try_get_by_id:
+        case op_get_by_id_direct:
         case op_get_by_val_with_this:
         case op_get_from_arguments:
         case op_to_number:
@@ -1251,6 +1252,16 @@
             clearLLIntGetByIdCache(curInstruction);
             break;
         }
+        case op_get_by_id_direct: {
+            StructureID oldStructureID = curInstruction[4].u.structureID;
+            if (!oldStructureID || Heap::isMarked(vm.heap.structureIDTable().get(oldStructureID)))
+                break;
+            if (Options::verboseOSR())
+                dataLogF("Clearing LLInt property access.\n");
+            curInstruction[4].u.pointer = nullptr;
+            curInstruction[5].u.pointer = nullptr;
+            break;
+        }
         case op_put_by_id: {
             StructureID oldStructureID = curInstruction[4].u.structureID;
             StructureID newStructureID = curInstruction[6].u.structureID;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/GetByIdStatus.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/GetByIdStatus.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/GetByIdStatus.cpp	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/GetByIdStatus.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -29,6 +29,7 @@
 #include "CodeBlock.h"
 #include "ComplexGetStatus.h"
 #include "GetterSetterAccessCase.h"
+#include "InterpreterInlines.h"
 #include "IntrinsicGetterAccessCase.h"
 #include "JSCInlines.h"
 #include "JSScope.h"
@@ -76,40 +77,46 @@
 
 GetByIdStatus GetByIdStatus::computeFromLLInt(CodeBlock* profiledBlock, unsigned bytecodeIndex, UniquedStringImpl* uid)
 {
-    UNUSED_PARAM(profiledBlock);
-    UNUSED_PARAM(bytecodeIndex);
-    UNUSED_PARAM(uid);
-
     VM& vm = *profiledBlock->vm();
     
     Instruction* instruction = profiledBlock->instructions().begin() + bytecodeIndex;
 
-    Opcode opcode = instruction[0].u.opcode;
+    switch (Interpreter::getOpcodeID(instruction[0].u.opcode)) {
+    case op_get_by_id:
+    case op_get_by_id_direct: {
+        StructureID structureID = instruction[4].u.structureID;
+        if (!structureID)
+            return GetByIdStatus(NoInformation, false);
 
-    ASSERT(opcode == LLInt::getOpcode(op_get_array_length) || opcode == LLInt::getOpcode(op_try_get_by_id) || opcode == LLInt::getOpcode(op_get_by_id_proto_load) || opcode == LLInt::getOpcode(op_get_by_id) || opcode == LLInt::getOpcode(op_get_by_id_unset));
+        Structure* structure = vm.heap.structureIDTable().get(structureID);
 
-    // FIXME: We should not just bail if we see a try_get_by_id or a get_by_id_proto_load.
-    // https://bugs.webkit.org/show_bug.cgi?id=158039
-    if (opcode != LLInt::getOpcode(op_get_by_id))
-        return GetByIdStatus(NoInformation, false);
+        if (structure->takesSlowPathInDFGForImpureProperty())
+            return GetByIdStatus(NoInformation, false);
 
-    StructureID structureID = instruction[4].u.structureID;
-    if (!structureID)
-        return GetByIdStatus(NoInformation, false);
+        unsigned attributes;
+        PropertyOffset offset = structure->getConcurrently(uid, attributes);
+        if (!isValidOffset(offset))
+            return GetByIdStatus(NoInformation, false);
+        if (attributes & PropertyAttribute::CustomAccessor)
+            return GetByIdStatus(NoInformation, false);
 
-    Structure* structure = vm.heap.structureIDTable().get(structureID);
+        return GetByIdStatus(Simple, false, GetByIdVariant(StructureSet(structure), offset));
+    }
 
-    if (structure->takesSlowPathInDFGForImpureProperty())
+    case op_get_array_length:
+    case op_try_get_by_id:
+    case op_get_by_id_proto_load:
+    case op_get_by_id_unset: {
+        // FIXME: We should not just bail if we see a try_get_by_id or a get_by_id_proto_load.
+        // https://bugs.webkit.org/show_bug.cgi?id=158039
         return GetByIdStatus(NoInformation, false);
+    }
 
-    unsigned attributes;
-    PropertyOffset offset = structure->getConcurrently(uid, attributes);
-    if (!isValidOffset(offset))
-        return GetByIdStatus(NoInformation, false);
-    if (attributes & PropertyAttribute::CustomAccessor)
+    default: {
+        ASSERT_NOT_REACHED();
         return GetByIdStatus(NoInformation, false);
-    
-    return GetByIdStatus(Simple, false, GetByIdVariant(StructureSet(structure), offset));
+    }
+    }
 }
 
 GetByIdStatus GetByIdStatus::computeFor(CodeBlock* profiledBlock, StubInfoMap& map, unsigned bytecodeIndex, UniquedStringImpl* uid)
@@ -361,6 +368,10 @@
 {
     // For now we only handle the super simple self access case. We could handle the
     // prototype case in the future.
+    //
+    // Note that this code is also used for GetByIdDirect since this function only looks
+    // into direct properties. When supporting prototype chains, we should split this for
+    // GetById and GetByIdDirect.
     
     if (set.isEmpty())
         return GetByIdStatus();
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp	2018-06-11 10:29:18.000000000 +0000
@@ -228,6 +228,9 @@
     case AccessType::GetWithThis:
         resetGetByID(codeBlock, *this, GetByIDKind::WithThis);
         break;
+    case AccessType::GetDirect:
+        resetGetByID(codeBlock, *this, GetByIDKind::Direct);
+        break;
     case AccessType::Put:
         resetPutByID(codeBlock, *this);
         break;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/StructureStubInfo.h webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/StructureStubInfo.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/bytecode/StructureStubInfo.h	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/bytecode/StructureStubInfo.h	2018-06-11 10:29:18.000000000 +0000
@@ -47,6 +47,7 @@
 enum class AccessType : int8_t {
     Get,
     GetWithThis,
+    GetDirect,
     TryGet,
     Put,
     In
@@ -219,6 +220,38 @@
     return structureStubInfo.codeOrigin;
 }
 
+inline J_JITOperation_ESsiJI appropriateOptimizingGetByIdFunction(AccessType type)
+{
+    switch (type) {
+    case AccessType::Get:
+        return operationGetByIdOptimize;
+    case AccessType::TryGet:
+        return operationTryGetByIdOptimize;
+    case AccessType::GetDirect:
+        return operationGetByIdDirectOptimize;
+    case AccessType::GetWithThis:
+    default:
+        ASSERT_NOT_REACHED();
+        return nullptr;
+    }
+}
+
+inline J_JITOperation_EJI appropriateGenericGetByIdFunction(AccessType type)
+{
+    switch (type) {
+    case AccessType::Get:
+        return operationGetByIdGeneric;
+    case AccessType::TryGet:
+        return operationTryGetByIdGeneric;
+    case AccessType::GetDirect:
+        return operationGetByIdDirectGeneric;
+    case AccessType::GetWithThis:
+    default:
+        ASSERT_NOT_REACHED();
+        return nullptr;
+    }
+}
+
 #else
 
 class StructureStubInfo;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp	2018-02-20 08:08:15.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -2697,6 +2697,22 @@
     return dst;
 }
 
+RegisterID* BytecodeGenerator::emitDirectGetById(RegisterID* dst, RegisterID* base, const Identifier& property)
+{
+    ASSERT_WITH_MESSAGE(!parseIndex(property), "Indexed properties should be handled with get_by_val_direct.");
+
+    m_codeBlock->addPropertyAccessInstruction(instructions().size());
+
+    UnlinkedValueProfile profile = emitProfiledOpcode(op_get_by_id_direct);
+    instructions().append(kill(dst));
+    instructions().append(base->index());
+    instructions().append(addConstant(property));
+    instructions().append(0);
+    instructions().append(0);
+    instructions().append(profile);
+    return dst;
+}
+
 RegisterID* BytecodeGenerator::emitPutById(RegisterID* base, const Identifier& property, RegisterID* value)
 {
     ASSERT_WITH_MESSAGE(!parseIndex(property), "Indexed properties should be handled with put_by_val.");
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h webkit2gtk-2.20.3/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h	2018-02-20 08:08:15.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h	2018-06-11 10:29:22.000000000 +0000
@@ -678,6 +678,7 @@
         RegisterID* emitTryGetById(RegisterID* dst, RegisterID* base, const Identifier& property);
         RegisterID* emitGetById(RegisterID* dst, RegisterID* base, const Identifier& property);
         RegisterID* emitGetById(RegisterID* dst, RegisterID* base, RegisterID* thisVal, const Identifier& property);
+        RegisterID* emitDirectGetById(RegisterID* dst, RegisterID* base, const Identifier& property);
         RegisterID* emitPutById(RegisterID* base, const Identifier& property, RegisterID* value);
         RegisterID* emitPutById(RegisterID* base, RegisterID* thisValue, const Identifier& property, RegisterID* value);
         RegisterID* emitDirectPutById(RegisterID* base, const Identifier& property, RegisterID* value, PropertyNode::PutType);
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp	2018-02-26 09:44:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -919,6 +919,29 @@
     return (this->*m_emitter)(generator, dst);
 }
 
+RegisterID* BytecodeIntrinsicNode::emit_intrinsic_getByIdDirect(BytecodeGenerator& generator, RegisterID* dst)
+{
+    ArgumentListNode* node = m_args->m_listNode;
+    RefPtr base = generator.emitNode(node);
+    node = node->m_next;
+    ASSERT(node->m_expr->isString());
+    const Identifier& ident = static_cast(node->m_expr)->value();
+    ASSERT(!node->m_next);
+    return generator.emitDirectGetById(generator.finalDestination(dst), base.get(), ident);
+}
+
+RegisterID* BytecodeIntrinsicNode::emit_intrinsic_getByIdDirectPrivate(BytecodeGenerator& generator, RegisterID* dst)
+{
+    ArgumentListNode* node = m_args->m_listNode;
+    RefPtr base = generator.emitNode(node);
+    node = node->m_next;
+    ASSERT(node->m_expr->isString());
+    const Identifier* ident = generator.vm()->propertyNames->lookUpPrivateName(static_cast(node->m_expr)->value());
+    ASSERT(ident);
+    ASSERT(!node->m_next);
+    return generator.emitDirectGetById(generator.finalDestination(dst), base.get(), *ident);
+}
+
 RegisterID* BytecodeIntrinsicNode::emit_intrinsic_argument(BytecodeGenerator& generator, RegisterID* dst)
 {
     ArgumentListNode* node = m_args->m_listNode;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/CMakeLists.txt webkit2gtk-2.20.3/Source/JavaScriptCore/CMakeLists.txt
--- webkit2gtk-2.20.2/Source/JavaScriptCore/CMakeLists.txt	2018-04-10 07:33:13.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/CMakeLists.txt	2018-06-11 09:01:08.000000000 +0000
@@ -116,14 +116,8 @@
     ${LLVM_LIBRARIES}
 )
 
-# Since r228149, on MIPS we need to link with -latomic, because
-# __atomic_fetch_add_8 is not available as a compiler intrinsic. It is
-# available on other platforms (including 32-bit Arm), so the link with
-# libatomic is only neede on MIPS.
-if (WTF_CPU_MIPS)
-    list(APPEND JavaScriptCore_LIBRARIES
-        -latomic
-    )
+if (ATOMIC_INT64_REQUIRES_LIBATOMIC)
+    list(APPEND JavaScriptCore_LIBRARIES atomic)
 endif ()
 
 set(JavaScriptCore_SCRIPTS_SOURCES_DIR "${JAVASCRIPTCORE_DIR}/Scripts")
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h	2018-06-11 10:29:22.000000000 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013-2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2013-2018 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -2253,6 +2253,7 @@
 
     case CreateThis: {
         // FIXME: We can fold this to NewObject if the incoming callee is a constant.
+        clobberWorld(node->origin.semantic, clobberLimit);
         forNode(node).setType(m_graph, SpecFinalObject);
         break;
     }
@@ -2495,6 +2496,8 @@
         forNode(node).makeHeapTop();
         break;
 
+    case GetByIdDirect:
+    case GetByIdDirectFlush:
     case GetById:
     case GetByIdFlush: {
         if (!node->prediction()) {
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -3965,8 +3965,10 @@
     NodeType getById;
     if (type == AccessType::Get)
         getById = getByIdStatus.makesCalls() ? GetByIdFlush : GetById;
-    else
+    else if (type == AccessType::TryGet)
         getById = TryGetById;
+    else
+        getById = getByIdStatus.makesCalls() ? GetByIdDirectFlush : GetByIdDirect;
 
     if (getById != TryGetById && getByIdStatus.isModuleNamespace()) {
         if (handleModuleNamespaceLoad(destinationOperand, prediction, base, getByIdStatus)) {
@@ -3990,7 +3992,7 @@
         }
     }
 
-    ASSERT(type == AccessType::Get || !getByIdStatus.makesCalls());
+    ASSERT(type == AccessType::Get || type == AccessType::GetDirect ||  !getByIdStatus.makesCalls());
     if (!getByIdStatus.isSimple() || !getByIdStatus.numVariants() || !Options::useAccessInlining()) {
         set(VirtualRegister(destinationOperand),
             addToGraph(getById, OpInfo(identifierNumber), OpInfo(prediction), base));
@@ -4060,7 +4062,7 @@
     if (UNLIKELY(m_graph.compilation()))
         m_graph.compilation()->noticeInlinedGetById();
 
-    ASSERT(type == AccessType::Get || !variant.callLinkStatus());
+    ASSERT(type == AccessType::Get || type == AccessType::GetDirect || !variant.callLinkStatus());
     if (!variant.callLinkStatus() && variant.intrinsic() == NoIntrinsic) {
         set(VirtualRegister(destinationOperand), loadedValue);
         return;
@@ -5128,6 +5130,7 @@
             NEXT_OPCODE(op_define_accessor_property);
         }
 
+        case op_get_by_id_direct:
         case op_try_get_by_id:
         case op_get_by_id:
         case op_get_by_id_proto_load:
@@ -5143,15 +5146,25 @@
                 m_inlineStackTop->m_profiledBlock, m_dfgCodeBlock,
                 m_inlineStackTop->m_stubInfos, m_dfgStubInfos,
                 currentCodeOrigin(), uid);
-            AccessType type = op_try_get_by_id == opcodeID ? AccessType::TryGet : AccessType::Get;
 
-            unsigned opcodeLength = opcodeID == op_try_get_by_id ? OPCODE_LENGTH(op_try_get_by_id) : OPCODE_LENGTH(op_get_by_id);
+            AccessType type = AccessType::Get;
+            unsigned opcodeLength = OPCODE_LENGTH(op_get_by_id);
+            if (opcodeID == op_try_get_by_id) {
+                type = AccessType::TryGet;
+                opcodeLength = OPCODE_LENGTH(op_try_get_by_id);
+            } else if (opcodeID == op_get_by_id_direct) {
+                type = AccessType::GetDirect;
+                opcodeLength = OPCODE_LENGTH(op_get_by_id_direct);
+            }
 
             handleGetById(
                 currentInstruction[1].u.operand, prediction, base, identifierNumber, getByIdStatus, type, opcodeLength);
 
-            if (op_try_get_by_id == opcodeID)
-                NEXT_OPCODE(op_try_get_by_id); // Opcode's length is different from others in this case.
+            // Opcode's length is different from others in try and direct cases.
+            if (opcodeID == op_try_get_by_id)
+                NEXT_OPCODE(op_try_get_by_id);
+            else if (opcodeID == op_get_by_id_direct)
+                NEXT_OPCODE(op_get_by_id_direct);
             else
                 NEXT_OPCODE(op_get_by_id);
         }
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGCapabilities.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGCapabilities.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGCapabilities.cpp	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGCapabilities.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -167,6 +167,7 @@
     case op_get_by_id_proto_load:
     case op_get_by_id_unset:
     case op_get_by_id_with_this:
+    case op_get_by_id_direct:
     case op_get_by_val_with_this:
     case op_get_array_length:
     case op_put_by_id:
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGClobberize.h webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGClobberize.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGClobberize.h	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGClobberize.h	2018-06-11 10:29:22.000000000 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013-2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2013-2018 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -272,28 +272,12 @@
         write(MathDotRandomState);
         return;
 
-    case HasGenericProperty:
-    case HasStructureProperty:
-    case GetPropertyEnumerator: {
-        read(World);
-        write(Heap);
-        return;
-    }
-
     case GetEnumerableLength: {
         read(Heap);
         write(SideState);
         return;
     }
 
-    case GetDirectPname: {
-        // This reads and writes heap because it can end up calling a generic getByVal 
-        // if the Structure changed, which could in turn end up calling a getter.
-        read(World);
-        write(Heap);
-        return;
-    }
-
     case ToIndexString:
     case GetEnumeratorStructurePname:
     case GetEnumeratorGenericPname: {
@@ -537,18 +521,12 @@
         write(HeapObjectCount);
         return;
 
-    case ToObject:
-        read(World);
-        write(Heap);
-        return;
-
     case CallObjectConstructor:
         read(HeapObjectCount);
         write(HeapObjectCount);
         return;
 
     case ToThis:
-    case CreateThis:
         read(MiscFields);
         read(HeapObjectCount);
         write(HeapObjectCount);
@@ -607,6 +585,8 @@
     case GetById:
     case GetByIdFlush:
     case GetByIdWithThis:
+    case GetByIdDirect:
+    case GetByIdDirectFlush:
     case GetByValWithThis:
     case PutById:
     case PutByIdWithThis:
@@ -645,6 +625,15 @@
     case PutDynamicVar:
     case ResolveScopeForHoistingFuncDeclInEval:
     case ResolveScope:
+    case ToObject:
+    case HasGenericProperty:
+    case HasStructureProperty:
+    case GetPropertyEnumerator:
+    case GetDirectPname:
+    case InstanceOfCustom:
+    case ToNumber:
+    case NumberToStringWithRadix:
+    case CreateThis:
         read(World);
         write(Heap);
         return;
@@ -1037,11 +1026,6 @@
         def(HeapLocation(InstanceOfLoc, JSCell_structureID, node->child1(), node->child2()), LazyNode(node));
         return;
 
-    case InstanceOfCustom:
-        read(World);
-        write(Heap);
-        return;
-
     case PutStructure:
         read(JSObject_butterfly);
         write(JSCell_structureID);
@@ -1571,12 +1555,6 @@
         def(PureValue(node));
         return;
 
-    case ToNumber: {
-        read(World);
-        write(Heap);
-        return;
-    }
-        
     case ToString:
     case CallStringConstructor:
         switch (node->child1().useKind()) {
@@ -1719,12 +1697,6 @@
         def(PureValue(node));
         return;
 
-    case NumberToStringWithRadix:
-        // If the radix is invalid, NumberToStringWithRadix can throw an error.
-        read(World);
-        write(Heap);
-        return;
-
     case NumberToStringWithValidRadixConstant:
         def(PureValue(node, node->validRadixConstant()));
         return;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGConstantFoldingPhase.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGConstantFoldingPhase.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGConstantFoldingPhase.cpp	2018-02-20 07:31:41.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGConstantFoldingPhase.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -488,6 +488,8 @@
                 break;
             }
         
+            case GetByIdDirect:
+            case GetByIdDirectFlush:
             case GetById:
             case GetByIdFlush: {
                 Edge childEdge = node->child1();
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGDoesGC.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGDoesGC.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGDoesGC.cpp	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGDoesGC.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -101,6 +101,8 @@
     case GetById:
     case GetByIdFlush:
     case GetByIdWithThis:
+    case GetByIdDirect:
+    case GetByIdDirectFlush:
     case PutById:
     case PutByIdFlush:
     case PutByIdWithThis:
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGDoubleFormatState.h webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGDoubleFormatState.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGDoubleFormatState.h	2018-02-19 07:45:14.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGDoubleFormatState.h	2018-06-11 08:16:31.000000000 +0000
@@ -48,6 +48,7 @@
         case CantUseDoubleFormat:
             return CantUseDoubleFormat;
         }
+        RELEASE_ASSERT_NOT_REACHED();
     case NotUsingDoubleFormat:
         switch (b) {
         case EmptyDoubleFormatState:
@@ -57,6 +58,7 @@
         case CantUseDoubleFormat:
             return CantUseDoubleFormat;
         }
+        RELEASE_ASSERT_NOT_REACHED();
     case CantUseDoubleFormat:
         return CantUseDoubleFormat;
     }
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGFixupPhase.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGFixupPhase.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGFixupPhase.cpp	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGFixupPhase.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -1370,6 +1370,13 @@
             break;
         }
 
+        case GetByIdDirect:
+        case GetByIdDirectFlush: {
+            if (node->child1()->shouldSpeculateCell())
+                fixEdge(node->child1());
+            break;
+        }
+
         case GetById:
         case GetByIdFlush: {
             // FIXME: This should be done in the ByteCodeParser based on reading the
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGNode.h webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGNode.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGNode.h	2018-02-26 11:20:37.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGNode.h	2018-06-11 10:29:22.000000000 +0000
@@ -552,7 +552,7 @@
     
     void convertToGetByOffset(StorageAccessData& data, Edge storage, Edge base)
     {
-        ASSERT(m_op == GetById || m_op == GetByIdFlush || m_op == MultiGetByOffset);
+        ASSERT(m_op == GetById || m_op == GetByIdFlush || m_op == GetByIdDirect || m_op == GetByIdDirectFlush || m_op == MultiGetByOffset);
         m_opInfo = &data;
         children.setChild1(storage);
         children.setChild2(base);
@@ -562,7 +562,7 @@
     
     void convertToMultiGetByOffset(MultiGetByOffsetData* data)
     {
-        ASSERT(m_op == GetById || m_op == GetByIdFlush);
+        ASSERT(m_op == GetById || m_op == GetByIdFlush || m_op == GetByIdDirect || m_op == GetByIdDirectFlush);
         m_opInfo = data;
         child1().setUseKind(CellUse);
         m_op = MultiGetByOffset;
@@ -1001,6 +1001,8 @@
         case GetById:
         case GetByIdFlush:
         case GetByIdWithThis:
+        case GetByIdDirect:
+        case GetByIdDirectFlush:
         case PutById:
         case PutByIdFlush:
         case PutByIdDirect:
@@ -1568,6 +1570,8 @@
         case GetById:
         case GetByIdFlush:
         case GetByIdWithThis:
+        case GetByIdDirect:
+        case GetByIdDirectFlush:
         case GetPrototypeOf:
         case TryGetById:
         case GetByVal:
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGNodeType.h webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGNodeType.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGNodeType.h	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGNodeType.h	2018-06-11 10:29:22.000000000 +0000
@@ -186,6 +186,8 @@
     macro(GetById, NodeResultJS | NodeMustGenerate) \
     macro(GetByIdFlush, NodeResultJS | NodeMustGenerate) \
     macro(GetByIdWithThis, NodeResultJS | NodeMustGenerate) \
+    macro(GetByIdDirect, NodeResultJS | NodeMustGenerate) \
+    macro(GetByIdDirectFlush, NodeResultJS | NodeMustGenerate) \
     macro(PutById, NodeMustGenerate) \
     macro(PutByIdFlush, NodeMustGenerate) \
     macro(PutByIdDirect, NodeMustGenerate) \
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGOperations.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGOperations.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGOperations.cpp	2018-03-05 11:19:26.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGOperations.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -1234,18 +1234,6 @@
     return JSValue::encode(jsNumber(JSValue::decode(value).toNumber(exec)));
 }
 
-EncodedJSValue JIT_OPERATION operationGetByIdWithThis(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, UniquedStringImpl* impl)
-{
-    VM& vm = exec->vm();
-    NativeCallFrameTracer tracer(&vm, exec);
-
-    JSValue baseValue = JSValue::decode(encodedBase);
-    JSValue thisVal = JSValue::decode(encodedThis);
-    PropertySlot slot(thisVal, PropertySlot::PropertySlot::InternalMethodType::Get);
-    JSValue result = baseValue.get(exec, Identifier::fromUid(exec, impl), slot);
-    return JSValue::encode(result);
-}
-
 EncodedJSValue JIT_OPERATION operationGetByValWithThis(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, EncodedJSValue encodedSubscript)
 {
     VM& vm = exec->vm();
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGOperations.h webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGOperations.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGOperations.h	2018-03-05 11:19:26.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGOperations.h	2018-06-11 10:29:22.000000000 +0000
@@ -76,7 +76,6 @@
 EncodedJSValue JIT_OPERATION operationGetByValObjectSymbol(ExecState*, JSCell*, JSCell* symbol) WTF_INTERNAL;
 EncodedJSValue JIT_OPERATION operationToPrimitive(ExecState*, EncodedJSValue) WTF_INTERNAL;
 EncodedJSValue JIT_OPERATION operationToNumber(ExecState*, EncodedJSValue) WTF_INTERNAL;
-EncodedJSValue JIT_OPERATION operationGetByIdWithThis(ExecState*, EncodedJSValue, EncodedJSValue, UniquedStringImpl*) WTF_INTERNAL;
 EncodedJSValue JIT_OPERATION operationGetByValWithThis(ExecState*, EncodedJSValue, EncodedJSValue, EncodedJSValue) WTF_INTERNAL;
 EncodedJSValue JIT_OPERATION operationGetPrototypeOf(ExecState*, EncodedJSValue) WTF_INTERNAL;
 EncodedJSValue JIT_OPERATION operationGetPrototypeOfObject(ExecState*, JSObject*) WTF_INTERNAL;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -704,6 +704,8 @@
         case GetById:
         case GetByIdFlush:
         case GetByIdWithThis:
+        case GetByIdDirect:
+        case GetByIdDirectFlush:
         case TryGetById:
         case GetByValWithThis:
         case GetByOffset:
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGSafeToExecute.h webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGSafeToExecute.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGSafeToExecute.h	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGSafeToExecute.h	2018-06-11 10:29:22.000000000 +0000
@@ -226,6 +226,8 @@
     case GetByIdWithThis:
     case GetByValWithThis:
     case GetByIdFlush:
+    case GetByIdDirect:
+    case GetByIdDirectFlush:
     case PutById:
     case PutByIdFlush:
     case PutByIdWithThis:
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp	2018-06-11 11:29:41.000000000 +0000
@@ -177,7 +177,7 @@
     unsigned identifierNumber, JITCompiler::Jump slowPathTarget, SpillRegistersMode spillMode, AccessType type)
 {
     // This is a hacky fix for when the register allocator decides to alias the base payload with the result tag. This only happens
-    // in the case of GetByIdFlush, which has a relatively expensive register allocation story already so we probably don't need to
+    // in the case of GetByIdFlush/GetByIdDirectFlush, which has a relatively expensive register allocation story already so we probably don't need to
     // trip over one move instruction.
     if (basePayloadGPR == resultTagGPR) {
         RELEASE_ASSERT(basePayloadGPR != resultPayloadGPR);
@@ -209,22 +209,16 @@
         slowCases.append(slowPathTarget);
     slowCases.append(gen.slowPathJump());
 
-    J_JITOperation_ESsiJI getByIdFunction;
-    if (type == AccessType::Get)
-        getByIdFunction = operationGetByIdOptimize;
-    else
-        getByIdFunction = operationTryGetByIdOptimize;
-
     std::unique_ptr slowPath;
     if (baseTagGPROrNone == InvalidGPRReg) {
         slowPath = slowPathCall(
-            slowCases, this, getByIdFunction,
+            slowCases, this, appropriateOptimizingGetByIdFunction(type),
             JSValueRegs(resultTagGPR, resultPayloadGPR), gen.stubInfo(),
             static_cast(JSValue::CellTag), basePayloadGPR,
             identifierUID(identifierNumber));
     } else {
         slowPath = slowPathCall(
-            slowCases, this, getByIdFunction,
+            slowCases, this, appropriateOptimizingGetByIdFunction(type),
             JSValueRegs(resultTagGPR, resultPayloadGPR), gen.stubInfo(), JSValueRegs(baseTagGPROrNone, basePayloadGPR), identifierUID(identifierNumber));
     }
 
@@ -3862,55 +3856,27 @@
     }
 
     case TryGetById: {
-        compileTryGetById(node);
+        compileGetById(node, AccessType::TryGet);
+        break;
+    }
+
+    case GetByIdDirect: {
+        compileGetById(node, AccessType::GetDirect);
+        break;
+    }
+
+    case GetByIdDirectFlush: {
+        compileGetByIdFlush(node, AccessType::GetDirect);
         break;
     }
 
     case GetById: {
-        // FIXME https://bugs.webkit.org/show_bug.cgi?id=161158
-        // dedup with SpeculativeJIT::compileTryGetById and 64-bit version of this.
-        switch (node->child1().useKind()) {
-        case CellUse: {
-            SpeculateCellOperand base(this, node->child1());
-            GPRTemporary resultTag(this);
-            GPRTemporary resultPayload(this, Reuse, base);
-            
-            GPRReg baseGPR = base.gpr();
-            GPRReg resultTagGPR = resultTag.gpr();
-            GPRReg resultPayloadGPR = resultPayload.gpr();
+        compileGetById(node, AccessType::Get);
+        break;
+    }
 
-            base.use();
-            
-            cachedGetById(node->origin.semantic, InvalidGPRReg, baseGPR, resultTagGPR, resultPayloadGPR, node->identifierNumber());
-            
-            jsValueResult(resultTagGPR, resultPayloadGPR, node, UseChildrenCalledExplicitly);
-            break;
-        }
-        
-        case UntypedUse: {
-            JSValueOperand base(this, node->child1());
-            GPRTemporary resultTag(this);
-            GPRTemporary resultPayload(this, Reuse, base, TagWord);
-        
-            GPRReg baseTagGPR = base.tagGPR();
-            GPRReg basePayloadGPR = base.payloadGPR();
-            GPRReg resultTagGPR = resultTag.gpr();
-            GPRReg resultPayloadGPR = resultPayload.gpr();
-        
-            base.use();
-        
-            JITCompiler::Jump notCell = m_jit.branchIfNotCell(base.jsValueRegs());
-        
-            cachedGetById(node->origin.semantic, baseTagGPR, basePayloadGPR, resultTagGPR, resultPayloadGPR, node->identifierNumber(), notCell);
-        
-            jsValueResult(resultTagGPR, resultPayloadGPR, node, UseChildrenCalledExplicitly);
-            break;
-        }
-            
-        default:
-            RELEASE_ASSERT_NOT_REACHED();
-            break;
-        }
+    case GetByIdFlush: {
+        compileGetByIdFlush(node, AccessType::Get);
         break;
     }
 
@@ -3954,62 +3920,6 @@
         break;
     }
 
-    case GetByIdFlush: {
-        if (!node->prediction()) {
-            terminateSpeculativeExecution(InadequateCoverage, JSValueRegs(), 0);
-            break;
-        }
-        
-        switch (node->child1().useKind()) {
-        case CellUse: {
-            SpeculateCellOperand base(this, node->child1());
-            
-            GPRReg baseGPR = base.gpr();
-
-            GPRFlushedCallResult resultPayload(this);
-            GPRFlushedCallResult2 resultTag(this);
-            GPRReg resultPayloadGPR = resultPayload.gpr();
-            GPRReg resultTagGPR = resultTag.gpr();
-
-            base.use();
-            
-            flushRegisters();
-            
-            cachedGetById(node->origin.semantic, InvalidGPRReg, baseGPR, resultTagGPR, resultPayloadGPR, node->identifierNumber(), JITCompiler::Jump(), DontSpill);
-            
-            jsValueResult(resultTagGPR, resultPayloadGPR, node, UseChildrenCalledExplicitly);
-            break;
-        }
-        
-        case UntypedUse: {
-            JSValueOperand base(this, node->child1());
-            GPRReg baseTagGPR = base.tagGPR();
-            GPRReg basePayloadGPR = base.payloadGPR();
-
-            GPRFlushedCallResult resultPayload(this);
-            GPRFlushedCallResult2 resultTag(this);
-            GPRReg resultPayloadGPR = resultPayload.gpr();
-            GPRReg resultTagGPR = resultTag.gpr();
-
-            base.use();
-        
-            flushRegisters();
-        
-            JITCompiler::Jump notCell = m_jit.branchIfNotCell(base.jsValueRegs());
-        
-            cachedGetById(node->origin.semantic, baseTagGPR, basePayloadGPR, resultTagGPR, resultPayloadGPR, node->identifierNumber(), notCell, DontSpill);
-        
-            jsValueResult(resultTagGPR, resultPayloadGPR, node, UseChildrenCalledExplicitly);
-            break;
-        }
-            
-        default:
-            RELEASE_ASSERT_NOT_REACHED();
-            break;
-        }
-        break;
-    }
-
     case GetArrayLength:
         compileGetArrayLength(node);
         break;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp	2018-06-11 10:31:35.000000000 +0000
@@ -178,9 +178,9 @@
     if (slowPathTarget.isSet())
         slowCases.append(slowPathTarget);
     slowCases.append(gen.slowPathJump());
-    
+
     auto slowPath = slowPathCall(
-        slowCases, this, type == AccessType::Get ? operationGetByIdOptimize : operationTryGetByIdOptimize,
+        slowCases, this, appropriateOptimizingGetByIdFunction(type),
         spillMode, ExceptionCheckRequirement::CheckNeeded,
         resultGPR, gen.stubInfo(), baseGPR, identifierUID(identifierNumber));
     
@@ -4059,100 +4059,27 @@
     }
 
     case TryGetById: {
-        compileTryGetById(node);
+        compileGetById(node, AccessType::TryGet);
         break;
     }
 
-    case GetById: {
-        // FIXME https://bugs.webkit.org/show_bug.cgi?id=161158
-        // dedup with SpeculativeJIT::compileTryGetById and 32-bit version of this.
-        switch (node->child1().useKind()) {
-        case CellUse: {
-            SpeculateCellOperand base(this, node->child1());
-            GPRTemporary result(this, Reuse, base);
-            
-            GPRReg baseGPR = base.gpr();
-            GPRReg resultGPR = result.gpr();
-            
-            base.use();
-            
-            cachedGetById(node->origin.semantic, baseGPR, resultGPR, node->identifierNumber());
-            
-            jsValueResult(resultGPR, node, UseChildrenCalledExplicitly);
-            break;
-        }
-        
-        case UntypedUse: {
-            JSValueOperand base(this, node->child1());
-            GPRTemporary result(this, Reuse, base);
-        
-            GPRReg baseGPR = base.gpr();
-            GPRReg resultGPR = result.gpr();
-        
-            base.use();
-        
-            JITCompiler::Jump notCell = m_jit.branchIfNotCell(JSValueRegs(baseGPR));
-        
-            cachedGetById(node->origin.semantic, baseGPR, resultGPR, node->identifierNumber(), notCell);
-        
-            jsValueResult(resultGPR, node, UseChildrenCalledExplicitly);
-            break;
-        }
-            
-        default:
-            DFG_CRASH(m_jit.graph(), node, "Bad use kind");
-            break;
-        }
+    case GetByIdDirect: {
+        compileGetById(node, AccessType::GetDirect);
         break;
     }
 
-    case GetByIdFlush: {
-        if (!node->prediction()) {
-            terminateSpeculativeExecution(InadequateCoverage, JSValueRegs(), 0);
-            break;
-        }
-
-        switch (node->child1().useKind()) {
-        case CellUse: {
-            SpeculateCellOperand base(this, node->child1());
-            GPRReg baseGPR = base.gpr();
+    case GetByIdDirectFlush: {
+        compileGetByIdFlush(node, AccessType::GetDirect);
+        break;
+    }
 
-            GPRFlushedCallResult result(this);
-            
-            GPRReg resultGPR = result.gpr();
-            
-            base.use();
-            
-            flushRegisters();
-            
-            cachedGetById(node->origin.semantic, baseGPR, resultGPR, node->identifierNumber(), JITCompiler::Jump(), DontSpill);
-            
-            jsValueResult(resultGPR, node, UseChildrenCalledExplicitly);
-            break;
-        }
-        
-        case UntypedUse: {
-            JSValueOperand base(this, node->child1());
-            GPRReg baseGPR = base.gpr();
+    case GetById: {
+        compileGetById(node, AccessType::Get);
+        break;
+    }
 
-            GPRFlushedCallResult result(this);
-            GPRReg resultGPR = result.gpr();
-        
-            base.use();
-            flushRegisters();
-        
-            JITCompiler::Jump notCell = m_jit.branchIfNotCell(JSValueRegs(baseGPR));
-        
-            cachedGetById(node->origin.semantic, baseGPR, resultGPR, node->identifierNumber(), notCell, DontSpill);
-        
-            jsValueResult(resultGPR, node, UseChildrenCalledExplicitly);
-            break;
-        }
-            
-        default:
-            DFG_CRASH(m_jit.graph(), node, "Bad use kind");
-            break;
-        }
+    case GetByIdFlush: {
+        compileGetByIdFlush(node, AccessType::Get);
         break;
     }
 
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -966,8 +966,10 @@
     }
 }
 
-void SpeculativeJIT::compileTryGetById(Node* node)
+void SpeculativeJIT::compileGetById(Node* node, AccessType accessType)
 {
+    ASSERT(accessType == AccessType::Get || accessType == AccessType::GetDirect || accessType == AccessType::TryGet);
+
     switch (node->child1().useKind()) {
     case CellUse: {
         SpeculateCellOperand base(this, node->child1());
@@ -978,7 +980,7 @@
 
         base.use();
 
-        cachedGetById(node->origin.semantic, baseRegs, resultRegs, node->identifierNumber(), JITCompiler::Jump(), NeedToSpill, AccessType::TryGet);
+        cachedGetById(node->origin.semantic, baseRegs, resultRegs, node->identifierNumber(), JITCompiler::Jump(), NeedToSpill, accessType);
 
         jsValueResult(resultRegs, node, DataFormatJS, UseChildrenCalledExplicitly);
         break;
@@ -995,7 +997,52 @@
 
         JITCompiler::Jump notCell = m_jit.branchIfNotCell(baseRegs);
 
-        cachedGetById(node->origin.semantic, baseRegs, resultRegs, node->identifierNumber(), notCell, NeedToSpill, AccessType::TryGet);
+        cachedGetById(node->origin.semantic, baseRegs, resultRegs, node->identifierNumber(), notCell, NeedToSpill, accessType);
+
+        jsValueResult(resultRegs, node, DataFormatJS, UseChildrenCalledExplicitly);
+        break;
+    }
+
+    default:
+        DFG_CRASH(m_jit.graph(), node, "Bad use kind");
+        break;
+    }
+}
+
+void SpeculativeJIT::compileGetByIdFlush(Node* node, AccessType accessType)
+{
+    switch (node->child1().useKind()) {
+    case CellUse: {
+        SpeculateCellOperand base(this, node->child1());
+        JSValueRegs baseRegs = JSValueRegs::payloadOnly(base.gpr());
+
+        JSValueRegsFlushedCallResult result(this);
+        JSValueRegs resultRegs = result.regs();
+
+        base.use();
+
+        flushRegisters();
+
+        cachedGetById(node->origin.semantic, baseRegs, resultRegs, node->identifierNumber(), JITCompiler::Jump(), DontSpill, accessType);
+
+        jsValueResult(resultRegs, node, DataFormatJS, UseChildrenCalledExplicitly);
+        break;
+    }
+
+    case UntypedUse: {
+        JSValueOperand base(this, node->child1());
+        JSValueRegs baseRegs = base.jsValueRegs();
+
+        JSValueRegsFlushedCallResult result(this);
+        JSValueRegs resultRegs = result.regs();
+
+        base.use();
+
+        flushRegisters();
+
+        JITCompiler::Jump notCell = m_jit.branchIfNotCell(baseRegs);
+
+        cachedGetById(node->origin.semantic, baseRegs, resultRegs, node->identifierNumber(), notCell, DontSpill, accessType);
 
         jsValueResult(resultRegs, node, DataFormatJS, UseChildrenCalledExplicitly);
         break;
@@ -1004,7 +1051,7 @@
     default:
         DFG_CRASH(m_jit.graph(), node, "Bad use kind");
         break;
-    } 
+    }
 }
 
 void SpeculativeJIT::compileIn(Node* node)
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h	2018-06-11 10:29:22.000000000 +0000
@@ -723,14 +723,14 @@
     void compileMovHint(Node*);
     void compileMovHintAndCheck(Node*);
 
-    void cachedGetById(CodeOrigin, JSValueRegs base, JSValueRegs result, unsigned identifierNumber, JITCompiler::Jump slowPathTarget = JITCompiler::Jump(), SpillRegistersMode = NeedToSpill, AccessType = AccessType::Get);
+    void cachedGetById(CodeOrigin, JSValueRegs base, JSValueRegs result, unsigned identifierNumber, JITCompiler::Jump slowPathTarget, SpillRegistersMode, AccessType);
 
 #if USE(JSVALUE64)
-    void cachedGetById(CodeOrigin, GPRReg baseGPR, GPRReg resultGPR, unsigned identifierNumber, JITCompiler::Jump slowPathTarget = JITCompiler::Jump(), SpillRegistersMode = NeedToSpill, AccessType = AccessType::Get);
+    void cachedGetById(CodeOrigin, GPRReg baseGPR, GPRReg resultGPR, unsigned identifierNumber, JITCompiler::Jump slowPathTarget, SpillRegistersMode, AccessType);
     void cachedPutById(CodeOrigin, GPRReg base, GPRReg value, GPRReg scratchGPR, unsigned identifierNumber, PutKind, JITCompiler::Jump slowPathTarget = JITCompiler::Jump(), SpillRegistersMode = NeedToSpill);
     void cachedGetByIdWithThis(CodeOrigin, GPRReg baseGPR, GPRReg thisGPR, GPRReg resultGPR, unsigned identifierNumber, JITCompiler::JumpList slowPathTarget = JITCompiler::JumpList());
 #elif USE(JSVALUE32_64)
-    void cachedGetById(CodeOrigin, GPRReg baseTagGPROrNone, GPRReg basePayloadGPR, GPRReg resultTagGPR, GPRReg resultPayloadGPR, unsigned identifierNumber, JITCompiler::Jump slowPathTarget = JITCompiler::Jump(), SpillRegistersMode = NeedToSpill, AccessType = AccessType::Get);
+    void cachedGetById(CodeOrigin, GPRReg baseTagGPROrNone, GPRReg basePayloadGPR, GPRReg resultTagGPR, GPRReg resultPayloadGPR, unsigned identifierNumber, JITCompiler::Jump slowPathTarget, SpillRegistersMode, AccessType);
     void cachedPutById(CodeOrigin, GPRReg basePayloadGPR, GPRReg valueTagGPR, GPRReg valuePayloadGPR, GPRReg scratchGPR, unsigned identifierNumber, PutKind, JITCompiler::Jump slowPathTarget = JITCompiler::Jump(), SpillRegistersMode = NeedToSpill);
     void cachedGetByIdWithThis(CodeOrigin, GPRReg baseTagGPROrNone, GPRReg basePayloadGPR, GPRReg thisTagGPROrNone, GPRReg thisPayloadGPR, GPRReg resultTagGPR, GPRReg resultPayloadGPR, unsigned identifierNumber, JITCompiler::JumpList slowPathTarget = JITCompiler::JumpList());
 #endif
@@ -738,7 +738,8 @@
     void compileDeleteById(Node*);
     void compileDeleteByVal(Node*);
     void compilePushWithScope(Node*);
-    void compileTryGetById(Node*);
+    void compileGetById(Node*, AccessType);
+    void compileGetByIdFlush(Node*, AccessType);
     void compileIn(Node*);
     
     void nonSpeculativeNonPeepholeCompareNullOrUndefined(Edge operand);
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/ftl/FTLCapabilities.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/ftl/FTLCapabilities.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/ftl/FTLCapabilities.cpp	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/ftl/FTLCapabilities.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -195,6 +195,8 @@
     case GetById:
     case GetByIdFlush:
     case GetByIdWithThis:
+    case GetByIdDirect:
+    case GetByIdDirectFlush:
     case ToThis:
     case MultiGetByOffset:
     case MultiPutByOffset:
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp	2018-05-07 09:35:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -701,6 +701,10 @@
         case GetByIdWithThis:
             compileGetByIdWithThis();
             break;
+        case GetByIdDirect:
+        case GetByIdDirectFlush:
+            compileGetById(AccessType::GetDirect);
+            break;
         case In:
             compileIn();
             break;
@@ -3033,7 +3037,7 @@
     
     void compileGetById(AccessType type)
     {
-        ASSERT(type == AccessType::Get || type == AccessType::TryGet);
+        ASSERT(type == AccessType::Get || type == AccessType::TryGet || type == AccessType::GetDirect);
         switch (m_node->child1().useKind()) {
         case CellUse: {
             setJSValue(getById(lowCell(m_node->child1()), type));
@@ -3057,11 +3061,7 @@
             ValueFromBlock cellResult = m_out.anchor(getById(value, type));
             m_out.jump(continuation);
 
-            J_JITOperation_EJI getByIdFunction;
-            if (type == AccessType::Get)
-                getByIdFunction = operationGetByIdGeneric;
-            else
-                getByIdFunction = operationTryGetByIdGeneric;
+            J_JITOperation_EJI getByIdFunction = appropriateGenericGetByIdFunction(type);
 
             m_out.appendTo(notCellCase, continuation);
             ValueFromBlock notCellResult = m_out.anchor(vmCall(
@@ -3108,7 +3108,7 @@
 
             m_out.appendTo(notCellCase, continuation);
             ValueFromBlock notCellResult = m_out.anchor(vmCall(
-                Int64, m_out.operation(operationGetByIdWithThis),
+                Int64, m_out.operation(operationGetByIdWithThisGeneric),
                 m_callFrame, base, thisValue,
                 m_out.constIntPtr(m_graph.identifiers()[m_node->identifierNumber()])));
             m_out.jump(continuation);
@@ -11392,7 +11392,7 @@
         patchpoint->append(m_tagMask, ValueRep::lateReg(GPRInfo::tagMaskRegister));
         patchpoint->append(m_tagTypeNumber, ValueRep::lateReg(GPRInfo::tagTypeNumberRegister));
 
-        // FIXME: If this is a GetByIdFlush, we might get some performance boost if we claim that it
+        // FIXME: If this is a GetByIdFlush/GetByIdDirectFlush, we might get some performance boost if we claim that it
         // clobbers volatile registers late. It's not necessary for correctness, though, since the
         // IC code is super smart about saving registers.
         // https://bugs.webkit.org/show_bug.cgi?id=152848
@@ -11431,11 +11431,7 @@
                     [=] (CCallHelpers& jit) {
                         AllowMacroScratchRegisterUsage allowScratch(jit);
 
-                        J_JITOperation_ESsiJI optimizationFunction;
-                        if (type == AccessType::Get)
-                            optimizationFunction = operationGetByIdOptimize;
-                        else
-                            optimizationFunction = operationTryGetByIdOptimize;
+                        J_JITOperation_ESsiJI optimizationFunction = appropriateOptimizingGetByIdFunction(type);
 
                         generator->slowPathJump().link(&jit);
                         CCallHelpers::Label slowPathBegin = jit.label();
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/heap/MarkedBlock.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/heap/MarkedBlock.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/heap/MarkedBlock.cpp	2018-02-20 11:38:56.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/heap/MarkedBlock.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -358,7 +358,7 @@
         
         if (m_attributes.securityKind != SecurityKind::JSValueOOB
             || m_securityOriginToken != securityOriginToken)
-            memset(&block(), 0, m_endAtom * atomSize);
+            memset(static_cast(&block()), 0, m_endAtom * atomSize);
     }
     
     m_attributes = directory->attributes();
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/heap/MarkedBlockInlines.h webkit2gtk-2.20.3/Source/JavaScriptCore/heap/MarkedBlockInlines.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/heap/MarkedBlockInlines.h	2018-02-20 10:12:21.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/heap/MarkedBlockInlines.h	2018-06-11 08:16:31.000000000 +0000
@@ -388,6 +388,7 @@
                     specializedSweep(freeList, IsEmpty, SweepOnly, BlockHasDestructors, DontScribble, DoesNotHaveNewlyAllocated, MarksStale, destroyFunc);
                     return true;
                 }
+                RELEASE_ASSERT_NOT_REACHED();
             case SweepToFreeList:
                 switch (marksMode) {
                 case MarksNotStale:
@@ -398,6 +399,7 @@
                     return true;
                 }
             }
+            RELEASE_ASSERT_NOT_REACHED();
         case NotEmpty:
             switch (sweepMode) {
             case SweepOnly:
@@ -409,6 +411,7 @@
                     specializedSweep(freeList, NotEmpty, SweepOnly, BlockHasDestructors, DontScribble, DoesNotHaveNewlyAllocated, MarksStale, destroyFunc);
                     return true;
                 }
+                RELEASE_ASSERT_NOT_REACHED();
             case SweepToFreeList:
                 switch (marksMode) {
                 case MarksNotStale:
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorUtils.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorUtils.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorUtils.cpp	2018-02-19 07:45:15.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorUtils.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -45,7 +45,7 @@
 #if PLATFORM(WPE)
     static std::once_flag flag;
     std::call_once(flag, [] {
-        GModule* resourcesModule = g_module_open("libWPEWebInspectorResources.so", G_MODULE_BIND_LAZY);
+        GModule* resourcesModule = g_module_open(PKGLIBDIR G_DIR_SEPARATOR_S "libWPEWebInspectorResources.so", G_MODULE_BIND_LAZY);
         if (!resourcesModule) {
             WTFLogAlways("Error loading libWPEWebInspectorResources.so: %s", g_module_error());
             return;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/jit/JIT.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/jit/JIT.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/jit/JIT.cpp	2018-03-05 11:22:50.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/jit/JIT.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -333,6 +333,7 @@
         case op_get_by_id_unset:
         DEFINE_OP(op_get_by_id)
         DEFINE_OP(op_get_by_id_with_this)
+        DEFINE_OP(op_get_by_id_direct)
         DEFINE_OP(op_get_by_val)
         DEFINE_OP(op_overrides_has_instance)
         DEFINE_OP(op_instanceof)
@@ -509,6 +510,7 @@
         case op_get_by_id_unset:
         DEFINE_SLOWCASE_OP(op_get_by_id)
         DEFINE_SLOWCASE_OP(op_get_by_id_with_this)
+        DEFINE_SLOWCASE_OP(op_get_by_id_direct)
         DEFINE_SLOWCASE_OP(op_get_by_val)
         DEFINE_SLOWCASE_OP(op_instanceof)
         DEFINE_SLOWCASE_OP(op_instanceof_custom)
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/jit/JIT.h webkit2gtk-2.20.3/Source/JavaScriptCore/jit/JIT.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/jit/JIT.h	2018-05-07 07:58:22.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/jit/JIT.h	2018-06-11 10:29:22.000000000 +0000
@@ -491,6 +491,7 @@
         void emit_op_try_get_by_id(Instruction*);
         void emit_op_get_by_id(Instruction*);
         void emit_op_get_by_id_with_this(Instruction*);
+        void emit_op_get_by_id_direct(Instruction*);
         void emit_op_get_arguments_length(Instruction*);
         void emit_op_get_by_val(Instruction*);
         void emit_op_get_argument_by_val(Instruction*);
@@ -598,6 +599,7 @@
         void emitSlow_op_try_get_by_id(Instruction*, Vector::iterator&);
         void emitSlow_op_get_by_id(Instruction*, Vector::iterator&);
         void emitSlow_op_get_by_id_with_this(Instruction*, Vector::iterator&);
+        void emitSlow_op_get_by_id_direct(Instruction*, Vector::iterator&);
         void emitSlow_op_get_arguments_length(Instruction*, Vector::iterator&);
         void emitSlow_op_get_by_val(Instruction*, Vector::iterator&);
         void emitSlow_op_get_argument_by_val(Instruction*, Vector::iterator&);
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/jit/JITOperations.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/jit/JITOperations.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/jit/JITOperations.cpp	2018-02-26 08:10:27.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/jit/JITOperations.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -220,6 +220,61 @@
     return JSValue::encode(slot.getPureResult());
 }
 
+EncodedJSValue JIT_OPERATION operationGetByIdDirect(ExecState* exec, StructureStubInfo* stubInfo, EncodedJSValue base, UniquedStringImpl* uid)
+{
+    VM& vm = exec->vm();
+    NativeCallFrameTracer tracer(&vm, exec);
+    auto scope = DECLARE_THROW_SCOPE(vm);
+    Identifier ident = Identifier::fromUid(&vm, uid);
+    stubInfo->tookSlowPath = true;
+
+    JSValue baseValue = JSValue::decode(base);
+    PropertySlot slot(baseValue, PropertySlot::InternalMethodType::GetOwnProperty);
+
+    bool found = baseValue.getOwnPropertySlot(exec, ident, slot);
+    RETURN_IF_EXCEPTION(scope, encodedJSValue());
+
+    scope.release();
+    return JSValue::encode(found ? slot.getValue(exec, ident) : jsUndefined());
+}
+
+EncodedJSValue JIT_OPERATION operationGetByIdDirectGeneric(ExecState* exec, EncodedJSValue base, UniquedStringImpl* uid)
+{
+    VM& vm = exec->vm();
+    NativeCallFrameTracer tracer(&vm, exec);
+    auto scope = DECLARE_THROW_SCOPE(vm);
+    Identifier ident = Identifier::fromUid(&vm, uid);
+
+    JSValue baseValue = JSValue::decode(base);
+    PropertySlot slot(baseValue, PropertySlot::InternalMethodType::GetOwnProperty);
+
+    bool found = baseValue.getOwnPropertySlot(exec, ident, slot);
+    RETURN_IF_EXCEPTION(scope, encodedJSValue());
+
+    scope.release();
+    return JSValue::encode(found ? slot.getValue(exec, ident) : jsUndefined());
+}
+
+EncodedJSValue JIT_OPERATION operationGetByIdDirectOptimize(ExecState* exec, StructureStubInfo* stubInfo, EncodedJSValue base, UniquedStringImpl* uid)
+{
+    VM& vm = exec->vm();
+    NativeCallFrameTracer tracer(&vm, exec);
+    auto scope = DECLARE_THROW_SCOPE(vm);
+    Identifier ident = Identifier::fromUid(&vm, uid);
+
+    JSValue baseValue = JSValue::decode(base);
+    PropertySlot slot(baseValue, PropertySlot::InternalMethodType::GetOwnProperty);
+
+    bool found = baseValue.getOwnPropertySlot(exec, ident, slot);
+    RETURN_IF_EXCEPTION(scope, encodedJSValue());
+
+    if (stubInfo->considerCaching(exec->codeBlock(), baseValue.structureOrNull()))
+        repatchGetByID(exec, baseValue, ident, slot, *stubInfo, GetByIDKind::Direct);
+
+    scope.release();
+    return JSValue::encode(found ? slot.getValue(exec, ident) : jsUndefined());
+}
+
 EncodedJSValue JIT_OPERATION operationGetById(ExecState* exec, StructureStubInfo* stubInfo, EncodedJSValue base, UniquedStringImpl* uid)
 {
     SuperSamplerScope superSamplerScope(false);
@@ -269,7 +324,7 @@
     }));
 }
 
-EncodedJSValue JIT_OPERATION operationGetByIdWithThisGeneric(ExecState* exec, StructureStubInfo* stubInfo, EncodedJSValue base, EncodedJSValue thisEncoded, UniquedStringImpl* uid)
+EncodedJSValue JIT_OPERATION operationGetByIdWithThis(ExecState* exec, StructureStubInfo* stubInfo, EncodedJSValue base, EncodedJSValue thisEncoded, UniquedStringImpl* uid)
 {
     SuperSamplerScope superSamplerScope(false);
 
@@ -281,6 +336,21 @@
 
     JSValue baseValue = JSValue::decode(base);
     JSValue thisValue = JSValue::decode(thisEncoded);
+    PropertySlot slot(thisValue, PropertySlot::InternalMethodType::Get);
+
+    return JSValue::encode(baseValue.get(exec, ident, slot));
+}
+
+EncodedJSValue JIT_OPERATION operationGetByIdWithThisGeneric(ExecState* exec, EncodedJSValue base, EncodedJSValue thisEncoded, UniquedStringImpl* uid)
+{
+    SuperSamplerScope superSamplerScope(false);
+
+    VM* vm = &exec->vm();
+    NativeCallFrameTracer tracer(vm, exec);
+    Identifier ident = Identifier::fromUid(vm, uid);
+
+    JSValue baseValue = JSValue::decode(base);
+    JSValue thisValue = JSValue::decode(thisEncoded);
     PropertySlot slot(thisValue, PropertySlot::InternalMethodType::Get);
 
     return JSValue::encode(baseValue.get(exec, ident, slot));
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/jit/JITOperations.h webkit2gtk-2.20.3/Source/JavaScriptCore/jit/JITOperations.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/jit/JITOperations.h	2018-02-19 07:45:15.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/jit/JITOperations.h	2018-06-11 10:29:22.000000000 +0000
@@ -363,8 +363,12 @@
 EncodedJSValue JIT_OPERATION operationGetById(ExecState*, StructureStubInfo*, EncodedJSValue, UniquedStringImpl*) WTF_INTERNAL;
 EncodedJSValue JIT_OPERATION operationGetByIdGeneric(ExecState*, EncodedJSValue, UniquedStringImpl*) WTF_INTERNAL;
 EncodedJSValue JIT_OPERATION operationGetByIdOptimize(ExecState*, StructureStubInfo*, EncodedJSValue, UniquedStringImpl*) WTF_INTERNAL;
-EncodedJSValue JIT_OPERATION operationGetByIdWithThisGeneric(ExecState*, StructureStubInfo*, EncodedJSValue, EncodedJSValue, UniquedStringImpl*) WTF_INTERNAL;
+EncodedJSValue JIT_OPERATION operationGetByIdWithThis(ExecState*, StructureStubInfo*, EncodedJSValue, EncodedJSValue, UniquedStringImpl*) WTF_INTERNAL;
+EncodedJSValue JIT_OPERATION operationGetByIdWithThisGeneric(ExecState*, EncodedJSValue, EncodedJSValue, UniquedStringImpl*) WTF_INTERNAL;
 EncodedJSValue JIT_OPERATION operationGetByIdWithThisOptimize(ExecState*, StructureStubInfo*, EncodedJSValue, EncodedJSValue, UniquedStringImpl*) WTF_INTERNAL;
+EncodedJSValue JIT_OPERATION operationGetByIdDirect(ExecState*, StructureStubInfo*, EncodedJSValue, UniquedStringImpl*) WTF_INTERNAL;
+EncodedJSValue JIT_OPERATION operationGetByIdDirectGeneric(ExecState*, EncodedJSValue, UniquedStringImpl*) WTF_INTERNAL;
+EncodedJSValue JIT_OPERATION operationGetByIdDirectOptimize(ExecState*, StructureStubInfo*, EncodedJSValue, UniquedStringImpl*) WTF_INTERNAL;
 EncodedJSValue JIT_OPERATION operationInOptimize(ExecState*, StructureStubInfo*, JSCell*, UniquedStringImpl*) WTF_INTERNAL;
 EncodedJSValue JIT_OPERATION operationIn(ExecState*, StructureStubInfo*, JSCell*, UniquedStringImpl*) WTF_INTERNAL;
 EncodedJSValue JIT_OPERATION operationGenericIn(ExecState*, JSCell*, EncodedJSValue) WTF_INTERNAL;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp	2018-03-05 11:22:50.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp	2018-06-11 11:00:40.000000000 +0000
@@ -620,6 +620,43 @@
 }
 
 
+void JIT::emit_op_get_by_id_direct(Instruction* currentInstruction)
+{
+    int dst = currentInstruction[1].u.operand;
+    int base = currentInstruction[2].u.operand;
+    const Identifier* ident = &(m_codeBlock->identifier(currentInstruction[3].u.operand));
+
+    emitLoad(base, regT1, regT0);
+    emitJumpSlowCaseIfNotJSCell(base, regT1);
+
+    JITGetByIdGenerator gen(
+        m_codeBlock, CodeOrigin(m_bytecodeOffset), CallSiteIndex(currentInstruction), RegisterSet::stubUnavailableRegisters(),
+        ident->impl(), JSValueRegs::payloadOnly(regT0), JSValueRegs(regT1, regT0), AccessType::GetDirect);
+    gen.generateFastPath(*this);
+    addSlowCase(gen.slowPathJump());
+    m_getByIds.append(gen);
+
+    emitValueProfilingSite();
+    emitStore(dst, regT1, regT0);
+}
+
+void JIT::emitSlow_op_get_by_id_direct(Instruction* currentInstruction, Vector::iterator& iter)
+{
+    linkAllSlowCases(iter);
+
+    int resultVReg = currentInstruction[1].u.operand;
+    const Identifier* ident = &(m_codeBlock->identifier(currentInstruction[3].u.operand));
+
+    JITGetByIdGenerator& gen = m_getByIds[m_getByIdIndex++];
+
+    Label coldPathBegin = label();
+
+    Call call = callOperation(WithProfile, operationGetByIdDirectOptimize, resultVReg, gen.stubInfo(), regT1, regT0, ident->impl());
+
+    gen.reportSlowPathCall(coldPathBegin, call);
+}
+
+
 void JIT::emit_op_get_by_id(Instruction* currentInstruction)
 {
     int dst = currentInstruction[1].u.operand;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/jit/JITPropertyAccess.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/jit/JITPropertyAccess.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/jit/JITPropertyAccess.cpp	2018-03-05 11:22:50.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/jit/JITPropertyAccess.cpp	2018-06-11 10:58:25.000000000 +0000
@@ -605,6 +605,43 @@
     gen.reportSlowPathCall(coldPathBegin, call);
 }
 
+void JIT::emit_op_get_by_id_direct(Instruction* currentInstruction)
+{
+    int resultVReg = currentInstruction[1].u.operand;
+    int baseVReg = currentInstruction[2].u.operand;
+    const Identifier* ident = &(m_codeBlock->identifier(currentInstruction[3].u.operand));
+
+    emitGetVirtualRegister(baseVReg, regT0);
+
+    emitJumpSlowCaseIfNotJSCell(regT0, baseVReg);
+
+    JITGetByIdGenerator gen(
+        m_codeBlock, CodeOrigin(m_bytecodeOffset), CallSiteIndex(m_bytecodeOffset), RegisterSet::stubUnavailableRegisters(),
+        ident->impl(), JSValueRegs(regT0), JSValueRegs(regT0), AccessType::GetDirect);
+    gen.generateFastPath(*this);
+    addSlowCase(gen.slowPathJump());
+    m_getByIds.append(gen);
+
+    emitValueProfilingSite();
+    emitPutVirtualRegister(resultVReg);
+}
+
+void JIT::emitSlow_op_get_by_id_direct(Instruction* currentInstruction, Vector::iterator& iter)
+{
+    linkAllSlowCases(iter);
+
+    int resultVReg = currentInstruction[1].u.operand;
+    const Identifier* ident = &(m_codeBlock->identifier(currentInstruction[3].u.operand));
+
+    JITGetByIdGenerator& gen = m_getByIds[m_getByIdIndex++];
+
+    Label coldPathBegin = label();
+
+    Call call = callOperation(WithProfile, operationGetByIdDirectOptimize, resultVReg, gen.stubInfo(), regT0, ident->impl());
+
+    gen.reportSlowPathCall(coldPathBegin, call);
+}
+
 void JIT::emit_op_get_by_id(Instruction* currentInstruction)
 {
     int resultVReg = currentInstruction[1].u.operand;
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/jit/Repatch.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/jit/Repatch.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/jit/Repatch.cpp	2018-03-05 11:22:50.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/jit/Repatch.cpp	2018-06-11 10:33:09.000000000 +0000
@@ -149,20 +149,34 @@
 
 inline FunctionPtr appropriateOptimizingGetByIdFunction(GetByIDKind kind)
 {
-    if (kind == GetByIDKind::Normal)
+    switch (kind) {
+    case GetByIDKind::Normal:
         return operationGetByIdOptimize;
-    else if (kind == GetByIDKind::WithThis)
+    case GetByIDKind::WithThis:
         return operationGetByIdWithThisOptimize;
-    return operationTryGetByIdOptimize;
+    case GetByIDKind::Try:
+        return operationTryGetByIdOptimize;
+    case GetByIDKind::Direct:
+        return operationGetByIdDirectOptimize;
+    }
+    ASSERT_NOT_REACHED();
+    return operationGetById;
 }
 
-inline FunctionPtr appropriateGenericGetByIdFunction(GetByIDKind kind)
+inline FunctionPtr appropriateGetByIdFunction(GetByIDKind kind)
 {
-    if (kind == GetByIDKind::Normal)
+    switch (kind) {
+    case GetByIDKind::Normal:
         return operationGetById;
-    else if (kind == GetByIDKind::WithThis)
-        return operationGetByIdWithThisGeneric;
-    return operationTryGetById;
+    case GetByIDKind::WithThis:
+        return operationGetByIdWithThis;
+    case GetByIDKind::Try:
+        return operationTryGetById;
+    case GetByIDKind::Direct:
+        return operationGetByIdDirect;
+    }
+    ASSERT_NOT_REACHED();
+    return operationGetById;
 }
 
 static InlineCacheAction tryCacheGetByID(ExecState* exec, JSValue baseValue, const Identifier& propertyName, const PropertySlot& slot, StructureStubInfo& stubInfo, GetByIDKind kind)
@@ -273,28 +287,32 @@
                 if (slot.isUnset() && structure->typeInfo().getOwnPropertySlotIsImpureForPropertyAbsence())
                     return GiveUpOnCache;
 
-                bool usesPolyProto;
-                prototypeAccessChain = PolyProtoAccessChain::create(exec->lexicalGlobalObject(), baseCell, slot, usesPolyProto);
-                if (!prototypeAccessChain) {
-                    // It's invalid to access this prototype property.
-                    return GiveUpOnCache;
-                }
-
-                if (!usesPolyProto) {
-                    // We use ObjectPropertyConditionSet instead for faster accesses.
-                    prototypeAccessChain = nullptr;
-
-                    if (slot.isUnset()) {
-                        conditionSet = generateConditionsForPropertyMiss(
-                            vm, codeBlock, exec, structure, propertyName.impl());
-                    } else {
-                        conditionSet = generateConditionsForPrototypePropertyHit(
-                            vm, codeBlock, exec, structure, slot.slotBase(),
-                            propertyName.impl());
+                // If a kind is GetByIDKind::Direct, we do not need to investigate prototype chains further.
+                // Cacheability just depends on the head structure.
+                if (kind != GetByIDKind::Direct) {
+                    bool usesPolyProto;
+                    prototypeAccessChain = PolyProtoAccessChain::create(exec->lexicalGlobalObject(), baseCell, slot, usesPolyProto);
+                    if (!prototypeAccessChain) {
+                        // It's invalid to access this prototype property.
+                        return GiveUpOnCache;
                     }
 
-                    if (!conditionSet.isValid())
-                        return GiveUpOnCache;
+                    if (!usesPolyProto) {
+                        // We use ObjectPropertyConditionSet instead for faster accesses.
+                        prototypeAccessChain = nullptr;
+
+                        if (slot.isUnset()) {
+                            conditionSet = generateConditionsForPropertyMiss(
+                                vm, codeBlock, exec, structure, propertyName.impl());
+                        } else {
+                            conditionSet = generateConditionsForPrototypePropertyHit(
+                                vm, codeBlock, exec, structure, slot.slotBase(),
+                                propertyName.impl());
+                        }
+
+                        if (!conditionSet.isValid())
+                            return GiveUpOnCache;
+                    }
                 }
 
                 offset = slot.isUnset() ? invalidOffset : slot.cachedOffset();
@@ -368,8 +386,10 @@
 {
     SuperSamplerScope superSamplerScope(false);
     
-    if (tryCacheGetByID(exec, baseValue, propertyName, slot, stubInfo, kind) == GiveUpOnCache)
-        ftlThunkAwareRepatchCall(exec->codeBlock(), stubInfo.slowPathCallLocation(), appropriateGenericGetByIdFunction(kind));
+    if (tryCacheGetByID(exec, baseValue, propertyName, slot, stubInfo, kind) == GiveUpOnCache) {
+        CodeBlock* codeBlock = exec->codeBlock();
+        ftlThunkAwareRepatchCall(codeBlock, stubInfo.slowPathCallLocation(), FunctionPtr(appropriateGetByIdFunction(kind)));
+    }
 }
 
 static V_JITOperation_ESsiJJI appropriateGenericPutByIdFunction(const PutPropertySlot &slot, PutKind putKind)
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/jit/Repatch.h webkit2gtk-2.20.3/Source/JavaScriptCore/jit/Repatch.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/jit/Repatch.h	2018-02-19 07:45:16.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/jit/Repatch.h	2018-06-11 10:29:22.000000000 +0000
@@ -35,7 +35,8 @@
 enum class GetByIDKind {
     Normal,
     Try,
-    WithThis
+    WithThis,
+    Direct
 };
 
 void repatchGetByID(ExecState*, JSValue, const Identifier&, const PropertySlot&, StructureStubInfo&, GetByIDKind);
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp	2018-02-26 08:10:27.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp	2018-06-11 10:29:22.000000000 +0000
@@ -593,6 +593,56 @@
     LLINT_RETURN_PROFILED(op_try_get_by_id, result);
 }
 
+LLINT_SLOW_PATH_DECL(slow_path_get_by_id_direct)
+{
+    LLINT_BEGIN();
+    CodeBlock* codeBlock = exec->codeBlock();
+    const Identifier& ident = codeBlock->identifier(pc[3].u.operand);
+    JSValue baseValue = LLINT_OP_C(2).jsValue();
+    PropertySlot slot(baseValue, PropertySlot::PropertySlot::InternalMethodType::GetOwnProperty);
+
+    bool found = baseValue.getOwnPropertySlot(exec, ident, slot);
+    LLINT_CHECK_EXCEPTION();
+    JSValue result = found ? slot.getValue(exec, ident) : jsUndefined();
+    LLINT_CHECK_EXCEPTION();
+
+    if (!LLINT_ALWAYS_ACCESS_SLOW && slot.isCacheable()) {
+        {
+            StructureID oldStructureID = pc[4].u.structureID;
+            if (oldStructureID) {
+                Structure* a = vm.heap.structureIDTable().get(oldStructureID);
+                Structure* b = baseValue.asCell()->structure(vm);
+
+                if (Structure::shouldConvertToPolyProto(a, b)) {
+                    ASSERT(a->rareData()->sharedPolyProtoWatchpoint().get() == b->rareData()->sharedPolyProtoWatchpoint().get());
+                    a->rareData()->sharedPolyProtoWatchpoint()->invalidate(vm, StringFireDetail("Detected poly proto opportunity."));
+                }
+            }
+        }
+
+        JSCell* baseCell = baseValue.asCell();
+        Structure* structure = baseCell->structure();
+        if (slot.isValue()) {
+            // Start out by clearing out the old cache.
+            pc[4].u.pointer = nullptr; // old structure
+            pc[5].u.pointer = nullptr; // offset
+
+            if (structure->propertyAccessesAreCacheable()
+                && !structure->needImpurePropertyWatchpoint()) {
+                vm.heap.writeBarrier(codeBlock);
+
+                ConcurrentJSLocker locker(codeBlock->m_lock);
+
+                pc[4].u.structureID = structure->id();
+                pc[5].u.operand = slot.cachedOffset();
+            }
+        }
+    }
+
+    LLINT_RETURN_PROFILED(op_get_by_id_direct, result);
+}
+
+
 static void setupGetByIdPrototypeCache(ExecState* exec, VM& vm, Instruction* pc, JSCell* baseCell, PropertySlot& slot, const Identifier& ident)
 {
     CodeBlock* codeBlock = exec->codeBlock();
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/llint/LLIntSlowPaths.h webkit2gtk-2.20.3/Source/JavaScriptCore/llint/LLIntSlowPaths.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/llint/LLIntSlowPaths.h	2018-02-19 07:45:16.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/llint/LLIntSlowPaths.h	2018-06-11 10:29:22.000000000 +0000
@@ -70,6 +70,7 @@
 LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_instanceof);
 LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_instanceof_custom);
 LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_try_get_by_id);
+LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_get_by_id_direct);
 LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_get_by_id);
 LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_get_arguments_length);
 LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_put_by_id);
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm webkit2gtk-2.20.3/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm
--- webkit2gtk-2.20.2/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm	2018-02-26 08:10:27.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm	2018-06-11 10:29:22.000000000 +0000
@@ -1352,6 +1352,25 @@
 # convert opcode into a get_by_id_proto_load/get_by_id_unset, respectively, after an
 # execution counter hits zero.
 
+_llint_op_get_by_id_direct:
+    traceExecution()
+    loadi 8[PC], t0
+    loadi 16[PC], t1
+    loadConstantOrVariablePayload(t0, CellTag, t3, .opGetByIdDirectSlow)
+    loadi 20[PC], t2
+    bineq JSCell::m_structureID[t3], t1, .opGetByIdDirectSlow
+    loadPropertyAtVariableOffset(t2, t3, t0, t1)
+    loadi 4[PC], t2
+    storei t0, TagOffset[cfr, t2, 8]
+    storei t1, PayloadOffset[cfr, t2, 8]
+    valueProfile(t0, t1, 24, t2)
+    dispatch(constexpr op_get_by_id_direct_length)
+
+.opGetByIdDirectSlow:
+    callSlowPath(_llint_slow_path_get_by_id_direct)
+    dispatch(constexpr op_get_by_id_direct_length)
+
+
 _llint_op_get_by_id:
     traceExecution()
     loadi 8[PC], t0
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm webkit2gtk-2.20.3/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
--- webkit2gtk-2.20.2/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm	2018-02-26 08:10:27.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm	2018-06-11 10:29:22.000000000 +0000
@@ -1259,6 +1259,26 @@
     storeq value, (firstOutOfLineOffset - 2) * 8[objectAndStorage, propertyOffsetAsInt, 8]
 end
 
+
+_llint_op_get_by_id_direct:
+    traceExecution()
+    loadisFromInstruction(2, t0)
+    loadConstantOrVariableCell(t0, t3, .opGetByIdDirectSlow)
+    loadi JSCell::m_structureID[t3], t1
+    loadisFromInstruction(4, t2)
+    bineq t2, t1, .opGetByIdDirectSlow
+    loadisFromInstruction(5, t1)
+    loadisFromInstruction(1, t2)
+    loadPropertyAtVariableOffset(t1, t3, t0)
+    storeq t0, [cfr, t2, 8]
+    valueProfile(t0, 6, t1)
+    dispatch(constexpr op_get_by_id_direct_length)
+
+.opGetByIdDirectSlow:
+    callSlowPath(_llint_slow_path_get_by_id_direct)
+    dispatch(constexpr op_get_by_id_direct_length)
+
+
 _llint_op_get_by_id:
     traceExecution()
     loadisFromInstruction(2, t0)
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/ConfigFile.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/ConfigFile.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/ConfigFile.cpp	2018-02-19 07:45:16.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/ConfigFile.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -488,8 +488,19 @@
             bool shouldAddPathSeparator = filenameBuffer[pathnameLength - 1] != '/';
             if (sizeof(filenameBuffer) - 1  >= pathnameLength + shouldAddPathSeparator) {
                 if (shouldAddPathSeparator)
-                    strncat(filenameBuffer, "/", 1);
+                    strncat(filenameBuffer, "/", 2); // Room for '/' plus NUL
+#if COMPILER(GCC)
+#if GCC_VERSION_AT_LEAST(8, 0, 0)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wstringop-truncation"
+#endif
+#endif
                 strncat(filenameBuffer, m_filename, sizeof(filenameBuffer) - strlen(filenameBuffer) - 1);
+#if COMPILER(GCC)
+#if GCC_VERSION_AT_LEAST(8, 0, 0)
+#pragma GCC diagnostic pop
+#endif
+#endif
                 strncpy(m_filename, filenameBuffer, s_maxPathLength);
                 m_filename[s_maxPathLength] = '\0';
             }
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/IntlDateTimeFormat.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/IntlDateTimeFormat.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/IntlDateTimeFormat.cpp	2018-02-19 07:45:16.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/IntlDateTimeFormat.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -964,7 +964,7 @@
     case UDAT_STANDALONE_QUARTER_FIELD:
     case UDAT_RELATED_YEAR_FIELD:
     case UDAT_TIME_SEPARATOR_FIELD:
-#if U_ICU_VERSION_MAJOR_NUM < 58
+#if U_ICU_VERSION_MAJOR_NUM < 58 || !defined(U_HIDE_DEPRECATED_API)
     case UDAT_FIELD_COUNT:
 #endif
         return "literal";
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/JSCJSValue.h webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/JSCJSValue.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/JSCJSValue.h	2018-02-19 07:45:17.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/JSCJSValue.h	2018-06-11 10:29:22.000000000 +0000
@@ -288,6 +288,8 @@
     template typename std::result_of::type getPropertySlot(ExecState*, PropertyName, CallbackWhenNoException) const;
     template typename std::result_of::type getPropertySlot(ExecState*, PropertyName, PropertySlot&, CallbackWhenNoException) const;
 
+    bool getOwnPropertySlot(ExecState*, PropertyName, PropertySlot&) const;
+
     bool put(ExecState*, PropertyName, JSValue, PutPropertySlot&);
     bool putInline(ExecState*, PropertyName, JSValue, PutPropertySlot&);
     JS_EXPORT_PRIVATE bool putToPrimitive(ExecState*, PropertyName, JSValue, PutPropertySlot&);
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/JSCJSValueInlines.h webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/JSCJSValueInlines.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/JSCJSValueInlines.h	2018-02-19 07:45:17.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/JSCJSValueInlines.h	2018-06-11 10:29:22.000000000 +0000
@@ -853,6 +853,24 @@
     return object->getPropertySlot(exec, propertyName, slot);
 }
 
+ALWAYS_INLINE bool JSValue::getOwnPropertySlot(ExecState* exec, PropertyName propertyName, PropertySlot& slot) const
+{
+    // If this is a primitive, we'll need to synthesize the prototype -
+    // and if it's a string there are special properties to check first.
+    auto scope = DECLARE_THROW_SCOPE(exec->vm());
+    if (UNLIKELY(!isObject())) {
+        if (isString()) {
+            scope.release();
+            return asString(*this)->getStringPropertySlot(exec, propertyName, slot);
+        }
+        if (isUndefinedOrNull())
+            throwException(exec, scope, createNotAnObjectError(exec, *this));
+        return false;
+    }
+    scope.release();
+    return asObject(asCell())->getOwnPropertySlotInline(exec, propertyName, slot);
+}
+
 ALWAYS_INLINE JSValue JSValue::get(ExecState* exec, unsigned propertyName) const
 {
     PropertySlot slot(asValue(), PropertySlot::InternalMethodType::Get);
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/JSGlobalObject.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/JSGlobalObject.cpp	2018-04-10 07:33:13.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/JSGlobalObject.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -612,9 +612,10 @@
     m_generatorPrototype.set(vm, this, GeneratorPrototype::create(vm, this, GeneratorPrototype::createStructure(vm, this, m_iteratorPrototype.get())));
     m_asyncGeneratorPrototype.set(vm, this, AsyncGeneratorPrototype::create(vm, this, AsyncGeneratorPrototype::createStructure(vm, this, m_asyncIteratorPrototype.get())));
 
-#define CREATE_PROTOTYPE_FOR_SIMPLE_TYPE(capitalName, lowerName, properName, instanceType, jsName, prototypeBase) \
-m_ ## lowerName ## Prototype.set(vm, this, capitalName##Prototype::create(vm, this, capitalName##Prototype::createStructure(vm, this, m_ ## prototypeBase ## Prototype.get()))); \
-m_ ## properName ## Structure.set(vm, this, instanceType::createStructure(vm, this, m_ ## lowerName ## Prototype.get()));
+#define CREATE_PROTOTYPE_FOR_SIMPLE_TYPE(capitalName, lowerName, properName, instanceType, jsName, prototypeBase) do { \
+        m_ ## lowerName ## Prototype.set(vm, this, capitalName##Prototype::create(vm, this, capitalName##Prototype::createStructure(vm, this, m_ ## prototypeBase ## Prototype.get()))); \
+        m_ ## properName ## Structure.set(vm, this, instanceType::createStructure(vm, this, m_ ## lowerName ## Prototype.get())); \
+    } while (0);
     
     FOR_EACH_SIMPLE_BUILTIN_TYPE(CREATE_PROTOTYPE_FOR_SIMPLE_TYPE)
 
@@ -1415,9 +1416,10 @@
     visitor.append(thisObject->m_sharedArrayBufferStructure);
 #endif
 
-#define VISIT_SIMPLE_TYPE(CapitalName, lowerName, properName, instanceType, jsName, prototypeBase) \
-    visitor.append(thisObject->m_ ## lowerName ## Prototype); \
-    visitor.append(thisObject->m_ ## properName ## Structure); \
+#define VISIT_SIMPLE_TYPE(CapitalName, lowerName, properName, instanceType, jsName, prototypeBase) do { \
+        visitor.append(thisObject->m_ ## lowerName ## Prototype); \
+        visitor.append(thisObject->m_ ## properName ## Structure); \
+    } while (0);
 
     FOR_EACH_SIMPLE_BUILTIN_TYPE(VISIT_SIMPLE_TYPE)
     if (UNLIKELY(Options::useBigInt()))
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/JSObject.h webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/JSObject.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/JSObject.h	2018-04-09 13:01:39.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/JSObject.h	2018-06-11 10:29:22.000000000 +0000
@@ -174,6 +174,7 @@
 
     static bool getOwnPropertySlot(JSObject*, ExecState*, PropertyName, PropertySlot&);
     JS_EXPORT_PRIVATE static bool getOwnPropertySlotByIndex(JSObject*, ExecState*, unsigned propertyName, PropertySlot&);
+    bool getOwnPropertySlotInline(ExecState*, PropertyName, PropertySlot&);
 
     // The key difference between this and getOwnPropertySlot is that getOwnPropertySlot
     // currently returns incorrect results for the DOM window (with non-own properties)
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/JSObjectInlines.h webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/JSObjectInlines.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/runtime/JSObjectInlines.h	2018-02-19 07:45:17.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/runtime/JSObjectInlines.h	2018-06-11 10:29:22.000000000 +0000
@@ -161,6 +161,14 @@
     }
 }
 
+inline bool JSObject::getOwnPropertySlotInline(ExecState* exec, PropertyName propertyName, PropertySlot& slot)
+{
+    VM& vm = exec->vm();
+    if (UNLIKELY(TypeInfo::overridesGetOwnPropertySlot(inlineTypeFlags())))
+        return methodTable(vm)->getOwnPropertySlot(this, exec, propertyName, slot);
+    return JSObject::getOwnPropertySlot(this, exec, propertyName, slot);
+}
+
 inline void JSObject::putDirectWithoutTransition(VM& vm, PropertyName propertyName, JSValue value, unsigned attributes)
 {
     ASSERT(!value.isGetterSetter() && !(attributes & PropertyAttribute::Accessor));
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/wasm/js/JSWebAssemblyHelpers.h webkit2gtk-2.20.3/Source/JavaScriptCore/wasm/js/JSWebAssemblyHelpers.h
--- webkit2gtk-2.20.2/Source/JavaScriptCore/wasm/js/JSWebAssemblyHelpers.h	2018-02-19 07:45:17.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/wasm/js/JSWebAssemblyHelpers.h	2018-06-11 10:18:57.000000000 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2016-2018 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -49,7 +49,7 @@
     return static_cast(doubleValue);
 }
 
-ALWAYS_INLINE uint8_t* getWasmBufferFromValue(ExecState* exec, JSValue value, size_t& byteOffset, size_t& byteSize)
+ALWAYS_INLINE std::pair getWasmBufferFromValue(ExecState* exec, JSValue value)
 {
     VM& vm = exec->vm();
     auto throwScope = DECLARE_THROW_SCOPE(vm);
@@ -59,26 +59,26 @@
     if (!(arrayBuffer || arrayBufferView)) {
         throwException(exec, throwScope, createTypeError(exec,
             ASCIILiteral("first argument must be an ArrayBufferView or an ArrayBuffer"), defaultSourceAppender, runtimeTypeForValue(value)));
-        return nullptr;
+        return { nullptr, 0 };
     }
 
     if (arrayBufferView ? arrayBufferView->isNeutered() : arrayBuffer->impl()->isNeutered()) {
         throwException(exec, throwScope, createTypeError(exec,
             ASCIILiteral("underlying TypedArray has been detatched from the ArrayBuffer"), defaultSourceAppender, runtimeTypeForValue(value)));
-        return nullptr;
+        return { nullptr, 0 };
     }
 
-    byteOffset = arrayBufferView ? arrayBufferView->byteOffset() : 0;
-    byteSize = arrayBufferView ? arrayBufferView->length() : arrayBuffer->impl()->byteLength();
-    return arrayBufferView ? static_cast(arrayBufferView->vector()) : static_cast(arrayBuffer->impl()->data());
+    uint8_t* base = arrayBufferView ? static_cast(arrayBufferView->vector()) : static_cast(arrayBuffer->impl()->data());
+    size_t byteSize = arrayBufferView ? arrayBufferView->length() : arrayBuffer->impl()->byteLength();
+    return { base, byteSize };
 }
 
 ALWAYS_INLINE Vector createSourceBufferFromValue(VM& vm, ExecState* exec, JSValue value)
 {
     auto throwScope = DECLARE_THROW_SCOPE(vm);
-    size_t byteOffset;
+    uint8_t* data;
     size_t byteSize;
-    uint8_t* data = getWasmBufferFromValue(exec, value, byteOffset, byteSize);
+    std::tie(data, byteSize) = getWasmBufferFromValue(exec, value);
     RETURN_IF_EXCEPTION(throwScope, Vector());
 
     Vector result;
@@ -88,7 +88,7 @@
     }
 
     result.grow(byteSize);
-    memcpy(result.data(), data + byteOffset, byteSize);
+    memcpy(result.data(), data, byteSize);
     return result;
 }
 
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/wasm/js/WebAssemblyPrototype.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/wasm/js/WebAssemblyPrototype.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/wasm/js/WebAssemblyPrototype.cpp	2018-02-19 07:45:17.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/wasm/js/WebAssemblyPrototype.cpp	2018-06-11 10:18:53.000000000 +0000
@@ -220,11 +220,11 @@
     VM& vm = exec->vm();
     auto scope = DECLARE_THROW_SCOPE(vm);
 
-    size_t byteOffset;
+    uint8_t* base;
     size_t byteSize;
-    uint8_t* base = getWasmBufferFromValue(exec, exec->argument(0), byteOffset, byteSize);
+    std::tie(base, byteSize) = getWasmBufferFromValue(exec, exec->argument(0));
     RETURN_IF_EXCEPTION(scope, encodedJSValue());
-    BBQPlan plan(&vm.wasmContext, base + byteOffset, byteSize, BBQPlan::Validation, Plan::dontFinalize());
+    BBQPlan plan(&vm.wasmContext, base, byteSize, BBQPlan::Validation, Plan::dontFinalize());
     // FIXME: We might want to throw an OOM exception here if we detect that something will OOM.
     // https://bugs.webkit.org/show_bug.cgi?id=166015
     return JSValue::encode(jsBoolean(plan.parseAndValidateModule()));
diff -Nru webkit2gtk-2.20.2/Source/JavaScriptCore/wasm/WasmModuleParser.cpp webkit2gtk-2.20.3/Source/JavaScriptCore/wasm/WasmModuleParser.cpp
--- webkit2gtk-2.20.2/Source/JavaScriptCore/wasm/WasmModuleParser.cpp	2018-02-19 07:45:17.000000000 +0000
+++ webkit2gtk-2.20.3/Source/JavaScriptCore/wasm/WasmModuleParser.cpp	2018-06-11 10:18:53.000000000 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2016-2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2016-2018 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -69,7 +69,7 @@
         uint32_t sectionLength;
         WASM_PARSER_FAIL_IF(!validateOrder(previousKnownSection, section), "invalid section order, ", previousKnownSection, " followed by ", section);
         WASM_PARSER_FAIL_IF(!parseVarUInt32(sectionLength), "can't get ", section, " section's length");
-        WASM_PARSER_FAIL_IF(sectionLength > length() - m_offset, section, "section of size ", sectionLength, " would overflow Module's size");
+        WASM_PARSER_FAIL_IF(sectionLength > length() - m_offset, section, " section of size ", sectionLength, " would overflow Module's size");
 
         auto end = m_offset + sectionLength;
 
diff -Nru webkit2gtk-2.20.2/Source/PlatformGTK.cmake webkit2gtk-2.20.3/Source/PlatformGTK.cmake
--- webkit2gtk-2.20.2/Source/PlatformGTK.cmake	2018-05-07 08:30:18.000000000 +0000
+++ webkit2gtk-2.20.3/Source/PlatformGTK.cmake	2018-06-11 08:37:48.000000000 +0000
@@ -15,10 +15,10 @@
 
 if (ENABLE_GTKDOC)
     install(DIRECTORY ${CMAKE_BINARY_DIR}/Documentation/webkit2gtk-${WEBKITGTK_API_VERSION}/html/webkit2gtk-${WEBKITGTK_API_VERSION}
-            DESTINATION "${CMAKE_INSTALL_DATADIR}/gtk-doc/html/webkit2gtk-${WEBKITGTK_API_VERSION}"
+            DESTINATION "${CMAKE_INSTALL_DATADIR}/gtk-doc/html"
     )
     install(DIRECTORY ${CMAKE_BINARY_DIR}/Documentation/webkitdomgtk-${WEBKITGTK_API_VERSION}/html/webkitdomgtk-${WEBKITGTK_API_VERSION}
-            DESTINATION "${CMAKE_INSTALL_DATADIR}/gtk-doc/html/webkitdomgtk-${WEBKITGTK_API_VERSION}"
+            DESTINATION "${CMAKE_INSTALL_DATADIR}/gtk-doc/html"
     )
 endif ()
 
diff -Nru webkit2gtk-2.20.2/Source/ThirdParty/gtest/CMakeLists.txt webkit2gtk-2.20.3/Source/ThirdParty/gtest/CMakeLists.txt
--- webkit2gtk-2.20.2/Source/ThirdParty/gtest/CMakeLists.txt	2018-04-09 10:35:31.000000000 +0000
+++ webkit2gtk-2.20.3/Source/ThirdParty/gtest/CMakeLists.txt	2018-06-11 08:16:31.000000000 +0000
@@ -35,6 +35,7 @@
 add_definitions(-DGTEST_HAS_RTTI=0)
 
 WEBKIT_ADD_TARGET_CXX_FLAGS(gtest -Wno-undef
+                                  -Wno-stringop-truncation
                                   -Wno-suggest-attribute=format)
 
 # FIXME: This works around compatibility problems in the old version of the third-pary
diff -Nru webkit2gtk-2.20.2/Source/ThirdParty/xdgmime/CMakeLists.txt webkit2gtk-2.20.3/Source/ThirdParty/xdgmime/CMakeLists.txt
--- webkit2gtk-2.20.2/Source/ThirdParty/xdgmime/CMakeLists.txt	2018-02-19 07:45:20.000000000 +0000
+++ webkit2gtk-2.20.3/Source/ThirdParty/xdgmime/CMakeLists.txt	2018-06-11 08:16:31.000000000 +0000
@@ -21,6 +21,7 @@
 add_library(xdgmime STATIC ${XDGMIME_SOURCES})
 
 if (COMPILER_IS_GCC_OR_CLANG)
-    WEBKIT_ADD_TARGET_C_FLAGS(xdgmime -Wno-sign-compare
+    WEBKIT_ADD_TARGET_C_FLAGS(xdgmime -Wno-cast-function-type
+                                      -Wno-sign-compare
                                       -Wno-unused-parameter)
 endif ()
diff -Nru webkit2gtk-2.20.2/Source/WebCore/accessibility/AXObjectCache.cpp webkit2gtk-2.20.3/Source/WebCore/accessibility/AXObjectCache.cpp
--- webkit2gtk-2.20.2/Source/WebCore/accessibility/AXObjectCache.cpp	2018-02-20 08:25:28.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/accessibility/AXObjectCache.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -1961,7 +1961,9 @@
 
 void AXObjectCache::startOrEndTextMarkerDataForRange(TextMarkerData& textMarkerData, RefPtr range, bool isStart)
 {
-    memset(&textMarkerData, 0, sizeof(TextMarkerData));
+    // This memory must be zero'd so instances of TextMarkerData can be tested for byte-equivalence.
+    // Warning: This is risky and bad because TextMarkerData is a nontrivial type.
+    memset(static_cast(&textMarkerData), 0, sizeof(TextMarkerData));
     
     CharacterOffset characterOffset = startOrEndCharacterOffsetForRange(range, isStart);
     if (characterOffset.isNull())
@@ -2018,7 +2020,10 @@
 
 void AXObjectCache::textMarkerDataForCharacterOffset(TextMarkerData& textMarkerData, const CharacterOffset& characterOffset)
 {
-    memset(&textMarkerData, 0, sizeof(TextMarkerData));
+    // This memory must be zero'd so instances of TextMarkerData can be tested for byte-equivalence.
+    // Warning: This is risky and bad because TextMarkerData is a nontrivial type.
+    memset(static_cast(&textMarkerData), 0, sizeof(TextMarkerData));
+
     setTextMarkerDataWithCharacterOffset(textMarkerData, characterOffset);
 }
 
@@ -2198,8 +2203,9 @@
     RefPtr obj = cache->getOrCreate(domNode);
 
     // This memory must be zero'd so instances of TextMarkerData can be tested for byte-equivalence.
+    // Warning: This is risky and bad because TextMarkerData is a nontrivial type.
     TextMarkerData textMarkerData;
-    memset(&textMarkerData, 0, sizeof(TextMarkerData));
+    memset(static_cast(&textMarkerData), 0, sizeof(TextMarkerData));
     
     textMarkerData.axID = obj.get()->axObjectID();
     textMarkerData.node = domNode;
@@ -2226,8 +2232,9 @@
         return std::nullopt;
 
     // This memory must be zero'd so instances of TextMarkerData can be tested for byte-equivalence.
+    // Warning: This is risky and bad because TextMarkerData is a nontrivial type.
     TextMarkerData textMarkerData;
-    memset(&textMarkerData, 0, sizeof(TextMarkerData));
+    memset(static_cast(&textMarkerData), 0, sizeof(TextMarkerData));
     
     textMarkerData.axID = obj.get()->axObjectID();
     textMarkerData.node = &textControl;
diff -Nru webkit2gtk-2.20.2/Source/WebCore/css/CSSFontFace.cpp webkit2gtk-2.20.3/Source/WebCore/css/CSSFontFace.cpp
--- webkit2gtk-2.20.2/Source/WebCore/css/CSSFontFace.cpp	2018-02-19 07:45:31.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/css/CSSFontFace.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -605,6 +605,7 @@
         case FontLoadingBehavior::Optional:
             return { 0.1_s, 0_s };
         }
+        RELEASE_ASSERT_NOT_REACHED();
     case Settings::FontLoadTimingOverride::Block:
         return { Seconds::infinity(), 0_s };
     case Settings::FontLoadTimingOverride::Swap:
@@ -612,8 +613,7 @@
     case Settings::FontLoadTimingOverride::Failure:
         return { 0_s, 0_s };
     }
-    ASSERT_NOT_REACHED();
-    return { 3_s, Seconds::infinity() };
+    RELEASE_ASSERT_NOT_REACHED();
 }
 
 void CSSFontFace::setStatus(Status newStatus)
diff -Nru webkit2gtk-2.20.2/Source/WebCore/css/CSSSelectorList.cpp webkit2gtk-2.20.3/Source/WebCore/css/CSSSelectorList.cpp
--- webkit2gtk-2.20.2/Source/WebCore/css/CSSSelectorList.cpp	2018-02-19 13:45:44.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/css/CSSSelectorList.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -67,7 +67,7 @@
             {
                 // Move item from the parser selector vector into m_selectorArray without invoking destructor (Ugh.)
                 CSSSelector* currentSelector = current->releaseSelector().release();
-                memcpy(&m_selectorArray[arrayIndex], currentSelector, sizeof(CSSSelector));
+                memcpy(static_cast(&m_selectorArray[arrayIndex]), static_cast(currentSelector), sizeof(CSSSelector));
 
                 // Free the underlying memory without invoking the destructor.
                 operator delete (currentSelector);
diff -Nru webkit2gtk-2.20.2/Source/WebCore/dom/Document.cpp webkit2gtk-2.20.3/Source/WebCore/dom/Document.cpp
--- webkit2gtk-2.20.2/Source/WebCore/dom/Document.cpp	2018-05-07 08:25:49.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/dom/Document.cpp	2018-06-11 09:32:58.000000000 +0000
@@ -7496,7 +7496,7 @@
     ASSERT(settings().storageAccessAPIEnabled());
 
 #if HAVE(CFNETWORK_STORAGE_PARTITIONING)
-    if (hasFrameSpecificStorageAccess()) {
+    if (m_frame && hasFrameSpecificStorageAccess()) {
         promise->resolve(true);
         return;
     }
@@ -7547,7 +7547,7 @@
     ASSERT(settings().storageAccessAPIEnabled());
     
 #if HAVE(CFNETWORK_STORAGE_PARTITIONING)
-    if (hasFrameSpecificStorageAccess()) {
+    if (m_frame && hasFrameSpecificStorageAccess()) {
         promise->resolve();
         return;
     }
diff -Nru webkit2gtk-2.20.2/Source/WebCore/editing/TextIterator.cpp webkit2gtk-2.20.3/Source/WebCore/editing/TextIterator.cpp
--- webkit2gtk-2.20.2/Source/WebCore/editing/TextIterator.cpp	2018-02-20 08:25:28.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/editing/TextIterator.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -1999,6 +1999,12 @@
     return false;
 }
 
+#if COMPILER(GCC_OR_CLANG)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
+// NOTE: ICU's unorm_normalize function is deprecated.
+
 static void normalizeCharacters(const UChar* characters, unsigned length, Vector& buffer)
 {
     ASSERT(length);
@@ -2020,6 +2026,10 @@
     ASSERT(status == U_STRING_NOT_TERMINATED_WARNING);
 }
 
+#if COMPILER(GCC_OR_CLANG)
+#pragma GCC diagnostic pop
+#endif
+
 static bool isNonLatin1Separator(UChar32 character)
 {
     ASSERT_ARG(character, character >= 256);
diff -Nru webkit2gtk-2.20.2/Source/WebCore/Modules/websockets/WebSocketChannel.cpp webkit2gtk-2.20.3/Source/WebCore/Modules/websockets/WebSocketChannel.cpp
--- webkit2gtk-2.20.2/Source/WebCore/Modules/websockets/WebSocketChannel.cpp	2018-02-19 11:04:38.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/Modules/websockets/WebSocketChannel.cpp	2018-06-11 10:17:44.000000000 +0000
@@ -443,13 +443,11 @@
         if (m_handshake->mode() == WebSocketHandshake::Connected) {
             if (m_identifier)
                 InspectorInstrumentation::didReceiveWebSocketHandshakeResponse(m_document, m_identifier, m_handshake->serverHandshakeResponse());
-            if (!m_handshake->serverSetCookie().isEmpty()) {
-                if (m_document && cookiesEnabled(*m_document)) {
-                    // Exception (for sandboxed documents) ignored.
-                    m_document->setCookie(m_handshake->serverSetCookie());
-                }
+            String serverSetCookie = m_handshake->serverSetCookie();
+            if (!serverSetCookie.isEmpty()) {
+                if (m_document && cookiesEnabled(*m_document))
+                    setCookies(*m_document, m_handshake->httpURLForAuthenticationAndCookies(), serverSetCookie);
             }
-            // FIXME: handle set-cookie2.
             LOG(Network, "WebSocketChannel %p Connected", this);
             skipBuffer(headerLength);
             m_client->didConnect();
diff -Nru webkit2gtk-2.20.2/Source/WebCore/Modules/websockets/WebSocketHandshake.h webkit2gtk-2.20.3/Source/WebCore/Modules/websockets/WebSocketHandshake.h
--- webkit2gtk-2.20.2/Source/WebCore/Modules/websockets/WebSocketHandshake.h	2018-02-19 07:45:31.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/Modules/websockets/WebSocketHandshake.h	2018-06-11 10:17:44.000000000 +0000
@@ -52,6 +52,7 @@
 
     const URL& url() const;
     void setURL(const URL&);
+    URL httpURLForAuthenticationAndCookies() const;
     const String host() const;
 
     const String& clientProtocol() const;
@@ -86,7 +87,6 @@
     static String getExpectedWebSocketAccept(const String& secWebSocketKey);
 
 private:
-    URL httpURLForAuthenticationAndCookies() const;
 
     int readStatusLine(const char* header, size_t headerLength, int& statusCode, String& statusText);
 
diff -Nru webkit2gtk-2.20.2/Source/WebCore/page/Settings.yaml webkit2gtk-2.20.3/Source/WebCore/page/Settings.yaml
--- webkit2gtk-2.20.2/Source/WebCore/page/Settings.yaml	2018-02-20 13:38:15.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/page/Settings.yaml	2018-06-11 10:10:08.000000000 +0000
@@ -103,6 +103,8 @@
   initial: false
 needsStorageAccessFromFileURLsQuirk:
   initial: true
+useAnonymousModeWhenFetchingMaskImages:
+  initial: true
 javaScriptCanOpenWindowsAutomatically:
   initial: false
 javaScriptCanAccessClipboard:
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/graphics/cairo/FontCairoHarfbuzzNG.cpp webkit2gtk-2.20.3/Source/WebCore/platform/graphics/cairo/FontCairoHarfbuzzNG.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/graphics/cairo/FontCairoHarfbuzzNG.cpp	2018-03-05 13:11:47.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/graphics/cairo/FontCairoHarfbuzzNG.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -49,7 +49,14 @@
 {
     UErrorCode error = U_ZERO_ERROR;
     Vector normalizedCharacters(length);
+#if COMPILER(GCC_OR_CLANG)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
     int32_t normalizedLength = unorm_normalize(characters, length, UNORM_NFC, UNORM_UNICODE_3_2, normalizedCharacters.data(), length, &error);
+#if COMPILER(GCC_OR_CLANG)
+#pragma GCC diagnostic pop
+#endif
     if (U_FAILURE(error))
         return nullptr;
 
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/graphics/cairo/ImageBufferCairo.cpp webkit2gtk-2.20.3/Source/WebCore/platform/graphics/cairo/ImageBufferCairo.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/graphics/cairo/ImageBufferCairo.cpp	2018-02-19 11:04:38.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/graphics/cairo/ImageBufferCairo.cpp	2018-06-11 09:16:54.000000000 +0000
@@ -343,11 +343,28 @@
 template 
 RefPtr getImageData(const IntRect& rect, const IntRect& logicalRect, const ImageBufferData& data, const IntSize& size, const IntSize& logicalSize, float resolutionScale)
 {
-    auto result = Uint8ClampedArray::createUninitialized(rect.width() * rect.height() * 4);
+    // The area can overflow if the rect is too big.
+    Checked area = 4;
+    area *= rect.width();
+    area *= rect.height();
+    if (area.hasOverflowed())
+        return nullptr;
+
+    auto result = Uint8ClampedArray::createUninitialized(area.unsafeGet());
     if (!result)
         return nullptr;
 
-    if (rect.x() < 0 || rect.y() < 0 || (rect.x() + rect.width()) > size.width() || (rect.y() + rect.height()) > size.height())
+    // Can overflow, as we are adding 2 ints.
+    int endx = 0;
+    if (!WTF::safeAdd(rect.x(), rect.width(), endx))
+        return nullptr;
+
+    // Can overflow, as we are adding 2 ints.
+    int endy = 0;
+    if (!WTF::safeAdd(rect.y(), rect.height(), endy))
+        return nullptr;
+
+    if (rect.x() < 0 || rect.y() < 0 || endx > size.width() || endy > size.height())
         result->zeroFill();
 
     int originx = rect.x();
@@ -356,7 +373,7 @@
         destx = -originx;
         originx = 0;
     }
-    int endx = rect.maxX();
+
     if (endx > size.width())
         endx = size.width();
     int numColumns = endx - originx;
@@ -367,11 +384,15 @@
         desty = -originy;
         originy = 0;
     }
-    int endy = rect.maxY();
+
     if (endy > size.height())
         endy = size.height();
     int numRows = endy - originy;
 
+    // Nothing will be copied, so just return the result.
+    if (numColumns <= 0 || numRows <= 0)
+        return result;
+
     // The size of the derived surface is in BackingStoreCoordinateSystem.
     // We need to set the device scale for the derived surface from this ImageBuffer.
     IntRect imageRect(originx, originy, numColumns, numRows);
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/graphics/egl/GLContextEGLWPE.cpp webkit2gtk-2.20.3/Source/WebCore/platform/graphics/egl/GLContextEGLWPE.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/graphics/egl/GLContextEGLWPE.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/graphics/egl/GLContextEGLWPE.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -26,7 +26,7 @@
 // somehow deducible from the build configuration.
 #define __GBM__ 1
 #include "EpoxyEGL.h"
-#include 
+#include 
 
 namespace WebCore {
 
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp webkit2gtk-2.20.3/Source/WebCore/platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -48,7 +48,7 @@
     // this cairo_font_face_t is destroyed, it cleans up the FreeType face as well.
     static cairo_user_data_key_t freeTypeFaceKey;
     cairo_font_face_set_user_data(m_fontFace, &freeTypeFaceKey, freeTypeFace,
-         reinterpret_cast(FT_Done_Face));
+        reinterpret_cast(reinterpret_cast(FT_Done_Face)));
 }
 
 FontCustomPlatformData::~FontCustomPlatformData()
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/graphics/freetype/SimpleFontDataFreeType.cpp webkit2gtk-2.20.3/Source/WebCore/platform/graphics/freetype/SimpleFontDataFreeType.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/graphics/freetype/SimpleFontDataFreeType.cpp	2018-03-05 13:11:47.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/graphics/freetype/SimpleFontDataFreeType.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -199,7 +199,14 @@
 
     UErrorCode error = U_ZERO_ERROR;
     Vector normalizedCharacters(length);
+#if COMPILER(GCC_OR_CLANG)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
     int32_t normalizedLength = unorm_normalize(characters, length, UNORM_NFC, UNORM_UNICODE_3_2, &normalizedCharacters[0], length, &error);
+#if COMPILER(GCC_OR_CLANG)
+#pragma GCC diagnostic pop
+#endif
     if (U_FAILURE(error))
         return false;
 
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/graphics/Gradient.cpp webkit2gtk-2.20.3/Source/WebCore/platform/graphics/Gradient.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/graphics/Gradient.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/graphics/Gradient.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -213,7 +213,8 @@
     COMPILE_ASSERT(!(sizeof(ColorStop) % 2), Color_stop_size_should_be_multiple_of_two);
     
     // Ensure that any padding in the struct is zero-filled, so it will not affect the hash value.
-    memset(¶meters, 0, sizeof(parameters));
+    // FIXME: This is asking for trouble, because it is a nontrivial type.
+    memset(static_cast(¶meters), 0, sizeof(parameters));
     
     WTF::switchOn(m_data,
         [¶meters] (const LinearData& data) {
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp webkit2gtk-2.20.3/Source/WebCore/platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -255,7 +255,7 @@
 
     if (!subSampleCount) {
         // Full sample encryption.
-        GST_TRACE_OBJECT(self, "full sample encryption: %d encrypted bytes", map.size);
+        GST_TRACE_OBJECT(self, "full sample encryption: %zu encrypted bytes", map.size);
 
         // Check if the buffer is empty.
         if (map.size) {
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp webkit2gtk-2.20.3/Source/WebCore/platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -86,9 +86,8 @@
     return memory->data;
 }
 
-static gboolean gstAllocatorFastMallocMemUnmap(GstMemoryFastMalloc*)
+static void gstAllocatorFastMallocMemUnmap(GstMemoryFastMalloc*)
 {
-    return TRUE;
 }
 
 static GstMemoryFastMalloc* gstAllocatorFastMallocMemCopy(GstMemoryFastMalloc* memory, gssize offset, gsize size)
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp webkit2gtk-2.20.3/Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp	2018-05-07 08:18:04.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -70,7 +70,17 @@
 #if USE(LIBEPOXY)
 // Include the  header before .
 #include 
+
+// Workaround build issue with RPi userland GLESv2 headers and libepoxy 
+#if !GST_CHECK_VERSION(1, 14, 0)
+#include 
+#if defined(GST_GL_HAVE_WINDOW_DISPMANX) && GST_GL_HAVE_WINDOW_DISPMANX
+#define __gl2_h_
+#undef GST_GL_HAVE_GLSYNC
+#define GST_GL_HAVE_GLSYNC 1
 #endif
+#endif // !GST_CHECK_VERSION(1, 14, 0)
+#endif // USE(LIBEPOXY)
 
 #define GST_USE_UNSTABLE_API
 #include 
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp webkit2gtk-2.20.3/Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp	2018-05-07 07:57:26.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -1232,8 +1232,9 @@
 }
 #endif
 
-static int findHLSQueue(const GValue* item)
+static gint findHLSQueue(gconstpointer a, gconstpointer)
 {
+    GValue* item = static_cast(const_cast(a));
     GstElement* element = GST_ELEMENT(g_value_get_object(item));
     if (g_str_has_prefix(GST_ELEMENT_NAME(element), "queue")) {
         GstElement* parent = GST_ELEMENT(GST_ELEMENT_PARENT(element));
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/graphics/SurrogatePairAwareTextIterator.cpp webkit2gtk-2.20.3/Source/WebCore/platform/graphics/SurrogatePairAwareTextIterator.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/graphics/SurrogatePairAwareTextIterator.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/graphics/SurrogatePairAwareTextIterator.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -69,6 +69,12 @@
     return true;
 }
 
+#if COMPILER(GCC_OR_CLANG)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
+// NOTE: ICU's unorm_normalize function is deprecated.
+
 UChar32 SurrogatePairAwareTextIterator::normalizeVoicingMarks()
 {
     // According to http://www.unicode.org/Public/UNIDATA/UCD.html#Canonical_Combining_Class_Values
@@ -89,4 +95,8 @@
     return 0;
 }
 
+#if COMPILER(GCC_OR_CLANG)
+#pragma GCC diagnostic pop
+#endif
+
 }
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/Length.h webkit2gtk-2.20.3/Source/WebCore/platform/Length.h
--- webkit2gtk-2.20.2/Source/WebCore/platform/Length.h	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/Length.h	2018-06-11 08:16:31.000000000 +0000
@@ -195,7 +195,7 @@
     if (isCalculated())
         deref();
 
-    memcpy(this, &other, sizeof(Length));
+    memcpy(static_cast(this), static_cast(const_cast(&other)), sizeof(Length));
     return *this;
 }
 
@@ -207,7 +207,7 @@
     if (isCalculated())
         deref();
 
-    memcpy(this, &other, sizeof(Length));
+    memcpy(static_cast(this), static_cast(&other), sizeof(Length));
     other.m_type = Auto;
     return *this;
 }
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/network/soup/CookieJarSoup.cpp webkit2gtk-2.20.3/Source/WebCore/platform/network/soup/CookieJarSoup.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/network/soup/CookieJarSoup.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/network/soup/CookieJarSoup.cpp	2018-06-11 09:42:30.000000000 +0000
@@ -54,12 +54,16 @@
 {
     UNUSED_PARAM(frameID);
     UNUSED_PARAM(pageID);
-    SoupCookieJar* jar = session.cookieStorage();
-
     GUniquePtr origin = url.createSoupURI();
+    if (!origin)
+        return;
+
     GUniquePtr firstPartyURI = firstParty.createSoupURI();
+    if (!firstPartyURI)
+        return;
 
     // Get existing cookies for this origin.
+    SoupCookieJar* jar = session.cookieStorage();
     GSList* existingCookies = soup_cookie_jar_get_cookie_list(jar, origin.get(), TRUE);
 
     Vector cookies;
@@ -87,6 +91,9 @@
 static std::pair cookiesForSession(const NetworkStorageSession& session, const URL& url, bool forHTTPHeader, IncludeSecureCookies includeSecureCookies)
 {
     GUniquePtr uri = url.createSoupURI();
+    if (!uri)
+        return { { }, false };
+
     GSList* cookies = soup_cookie_jar_get_cookie_list(session.cookieStorage(), uri.get(), forHTTPHeader);
     bool didAccessSecureCookies = false;
 
@@ -145,6 +152,9 @@
     UNUSED_PARAM(pageID);
     rawCookies.clear();
     GUniquePtr uri = url.createSoupURI();
+    if (!uri)
+        return false;
+
     GUniquePtr cookies(soup_cookie_jar_get_cookie_list(session.cookieStorage(), uri.get(), TRUE));
     if (!cookies)
         return false;
@@ -162,9 +172,11 @@
 
 void deleteCookie(const NetworkStorageSession& session, const URL& url, const String& name)
 {
-    SoupCookieJar* jar = session.cookieStorage();
-
     GUniquePtr uri = url.createSoupURI();
+    if (!uri)
+        return;
+
+    SoupCookieJar* jar = session.cookieStorage();
     GUniquePtr cookies(soup_cookie_jar_get_cookie_list(jar, uri.get(), TRUE));
     if (!cookies)
         return;
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/network/soup/NetworkStorageSessionSoup.cpp webkit2gtk-2.20.3/Source/WebCore/platform/network/soup/NetworkStorageSessionSoup.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/network/soup/NetworkStorageSessionSoup.cpp	2018-04-09 13:36:08.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/network/soup/NetworkStorageSessionSoup.cpp	2018-06-11 09:42:30.000000000 +0000
@@ -251,6 +251,7 @@
             data->completionHandler(Credential(user, String::fromUTF8(passwordData, length), CredentialPersistencePermanent));
         }, data.release());
 #else
+    UNUSED_PARAM(cancellable);
     UNUSED_PARAM(protectionSpace);
     completionHandler({ });
 #endif
@@ -317,6 +318,9 @@
 {
     Vector cookies;
     GUniquePtr uri = url.createSoupURI();
+    if (!uri)
+        return cookies;
+
     GUniquePtr cookiesList(soup_cookie_jar_get_cookie_list(cookieStorage(), uri.get(), TRUE));
     for (GSList* item = cookiesList.get(); item; item = g_slist_next(item)) {
         GUniquePtr soupCookie(static_cast(item->data));
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp webkit2gtk-2.20.3/Source/WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp	2018-05-07 08:56:55.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -268,7 +268,7 @@
 
     m_writeReadySource = adoptGRef(g_pollable_output_stream_create_source(m_outputStream.get(), m_cancellable.get()));
     ref();
-    g_source_set_callback(m_writeReadySource.get(), reinterpret_cast(writeReadyCallback), this, [](gpointer handle) { 
+    g_source_set_callback(m_writeReadySource.get(), reinterpret_cast(reinterpret_cast(writeReadyCallback)), this, [](gpointer handle) {
         static_cast(handle)->deref();
     });
     g_source_attach(m_writeReadySource.get(), g_main_context_get_thread_default());
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/network/soup/SoupNetworkSession.h webkit2gtk-2.20.3/Source/WebCore/platform/network/soup/SoupNetworkSession.h
--- webkit2gtk-2.20.2/Source/WebCore/platform/network/soup/SoupNetworkSession.h	2018-05-07 08:56:05.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/network/soup/SoupNetworkSession.h	2018-06-11 09:14:02.000000000 +0000
@@ -26,6 +26,7 @@
 #ifndef SoupNetworkSession_h
 #define SoupNetworkSession_h
 
+#include "URL.h"
 #include 
 #include 
 #include 
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/text/TextEncoding.cpp webkit2gtk-2.20.3/Source/WebCore/platform/text/TextEncoding.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/text/TextEncoding.cpp	2018-03-05 08:48:55.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/text/TextEncoding.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -69,6 +69,12 @@
     return newTextCodec(*this)->decode(data, length, true, stopOnError, sawError);
 }
 
+#if COMPILER(GCC_OR_CLANG)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
+// NOTE: ICU's unorm_quickCheck and unorm_normalize functions are deprecated.
+
 Vector TextEncoding::encode(StringView text, UnencodableHandling handling) const
 {
     if (!m_name || text.isEmpty())
@@ -106,6 +112,10 @@
     return newTextCodec(*this)->encode(StringView { source, sourceLength }, handling);
 }
 
+#if COMPILER(GCC_OR_CLANG)
+#pragma GCC diagnostic pop
+#endif
+
 const char* TextEncoding::domName() const
 {
     if (noExtendedTextEncodingNameUsed())
diff -Nru webkit2gtk-2.20.2/Source/WebCore/platform/UserAgentQuirks.cpp webkit2gtk-2.20.3/Source/WebCore/platform/UserAgentQuirks.cpp
--- webkit2gtk-2.20.2/Source/WebCore/platform/UserAgentQuirks.cpp	2018-05-07 09:31:27.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/platform/UserAgentQuirks.cpp	2018-06-11 09:18:08.000000000 +0000
@@ -93,6 +93,10 @@
     if (baseDomain == "whatsapp.com")
         return true;
 
+    // paypal.com completely blocks users with WebKitGTK+'s standard user agent.
+    if (baseDomain == "paypal.com")
+        return true;
+
     // chase.com displays a huge "please update your browser" warning with
     // WebKitGTK+'s standard user agent.
     if (baseDomain == "chase.com")
diff -Nru webkit2gtk-2.20.2/Source/WebCore/PlatformGTK.cmake webkit2gtk-2.20.3/Source/WebCore/PlatformGTK.cmake
--- webkit2gtk-2.20.2/Source/WebCore/PlatformGTK.cmake	2018-02-19 07:45:31.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/PlatformGTK.cmake	2018-06-11 08:16:31.000000000 +0000
@@ -156,11 +156,11 @@
     )
     target_include_directories(WebCorePlatformGTK2 PRIVATE
         ${WebCore_INCLUDE_DIRECTORIES}
-        ${GTK2_INCLUDE_DIRS}
-        ${GDK2_INCLUDE_DIRS}
     )
     target_include_directories(WebCorePlatformGTK2 SYSTEM PRIVATE
         ${WebCore_SYSTEM_INCLUDE_DIRECTORIES}
+        ${GTK2_INCLUDE_DIRS}
+        ${GDK2_INCLUDE_DIRS}
     )
     target_link_libraries(WebCorePlatformGTK2
          ${WebCore_LIBRARIES}
diff -Nru webkit2gtk-2.20.2/Source/WebCore/rendering/RenderImage.cpp webkit2gtk-2.20.3/Source/WebCore/rendering/RenderImage.cpp
--- webkit2gtk-2.20.2/Source/WebCore/rendering/RenderImage.cpp	2018-05-07 07:43:49.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/rendering/RenderImage.cpp	2018-06-11 09:21:47.000000000 +0000
@@ -700,7 +700,7 @@
 void RenderImage::layout()
 {
     // Recomputing overflow is required only when child content is present. 
-    if (needsSimplifiedNormalFlowLayout() && !m_hasShadowControls) {
+    if (needsSimplifiedNormalFlowLayoutOnly() && !m_hasShadowControls) {
         clearNeedsLayout();
         return;
     }
diff -Nru webkit2gtk-2.20.2/Source/WebCore/rendering/RenderObject.h webkit2gtk-2.20.3/Source/WebCore/rendering/RenderObject.h
--- webkit2gtk-2.20.2/Source/WebCore/rendering/RenderObject.h	2018-02-26 16:00:31.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/rendering/RenderObject.h	2018-06-11 09:21:47.000000000 +0000
@@ -474,6 +474,7 @@
 
     bool posChildNeedsLayout() const { return m_bitfields.posChildNeedsLayout(); }
     bool needsSimplifiedNormalFlowLayout() const { return m_bitfields.needsSimplifiedNormalFlowLayout(); }
+    bool needsSimplifiedNormalFlowLayoutOnly() const;
     bool normalChildNeedsLayout() const { return m_bitfields.normalChildNeedsLayout(); }
     
     bool preferredLogicalWidthsDirty() const { return m_bitfields.preferredLogicalWidthsDirty(); }
@@ -1089,6 +1090,12 @@
     return m_bitfields.boxDecorationState() == HasBoxDecorationsAndBackgroundIsKnownToBeObscured;
 }
 
+inline bool RenderObject::needsSimplifiedNormalFlowLayoutOnly() const
+{
+    return m_bitfields.needsSimplifiedNormalFlowLayout() && !m_bitfields.needsLayout() && !m_bitfields.normalChildNeedsLayout()
+        && !m_bitfields.posChildNeedsLayout() && !m_bitfields.needsPositionedMovementLayout();
+}
+
 #if ENABLE(TREE_DEBUGGING)
 void printRenderTreeForLiveDocuments();
 void printLayerTreeForLiveDocuments();
diff -Nru webkit2gtk-2.20.2/Source/WebCore/style/StylePendingResources.cpp webkit2gtk-2.20.3/Source/WebCore/style/StylePendingResources.cpp
--- webkit2gtk-2.20.2/Source/WebCore/style/StylePendingResources.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/style/StylePendingResources.cpp	2018-06-11 10:15:35.000000000 +0000
@@ -41,17 +41,18 @@
 namespace WebCore {
 namespace Style {
 
-enum class LoadPolicy { Normal, ShapeOutside };
-static void loadPendingImage(Document& document, const StyleImage* styleImage, const Element* element, LoadPolicy loadPolicy = LoadPolicy::Normal)
+// 
+enum class LoadPolicy { NoCORS, Anonymous };
+static void loadPendingImage(Document& document, const StyleImage* styleImage, const Element* element, LoadPolicy loadPolicy = LoadPolicy::NoCORS)
 {
     if (!styleImage || !styleImage->isPending())
         return;
 
+    bool isInUserAgentShadowTree = element && element->isInUserAgentShadowTree();
     ResourceLoaderOptions options = CachedResourceLoader::defaultCachedResourceOptions();
-    options.contentSecurityPolicyImposition = element && element->isInUserAgentShadowTree() ? ContentSecurityPolicyImposition::SkipPolicyCheck : ContentSecurityPolicyImposition::DoPolicyCheck;
+    options.contentSecurityPolicyImposition = isInUserAgentShadowTree ? ContentSecurityPolicyImposition::SkipPolicyCheck : ContentSecurityPolicyImposition::DoPolicyCheck;
 
-    // FIXME: Why does shape-outside have different policy than other properties?
-    if (loadPolicy == LoadPolicy::ShapeOutside) {
+    if (loadPolicy == LoadPolicy::Anonymous && !isInUserAgentShadowTree && document.settings().useAnonymousModeWhenFetchingMaskImages()) {
         options.mode = FetchOptions::Mode::Cors;
         options.credentials = FetchOptions::Credentials::SameOrigin;
         options.storedCredentialsPolicy = StoredCredentialsPolicy::DoNotUse;
@@ -85,11 +86,14 @@
     if (auto* reflection = style.boxReflect())
         loadPendingImage(document, reflection->mask().image(), element);
 
+    // Masking operations may be sensitive to timing attacks that can be used to reveal the pixel data of
+    // the image used as the mask. As a means to mitigate such attacks CSS mask images and shape-outside
+    // images are retreived in "Anonymous" mode, which uses a potentially CORS-enabled fetch.
     for (auto* maskLayer = &style.maskLayers(); maskLayer; maskLayer = maskLayer->next())
-        loadPendingImage(document, maskLayer->image(), element);
+        loadPendingImage(document, maskLayer->image(), element, LoadPolicy::Anonymous);
 
     if (style.shapeOutside())
-        loadPendingImage(document, style.shapeOutside()->image(), element, LoadPolicy::ShapeOutside);
+        loadPendingImage(document, style.shapeOutside()->image(), element, LoadPolicy::Anonymous);
 }
 
 }
diff -Nru webkit2gtk-2.20.2/Source/WebCore/svg/SVGPathElement.cpp webkit2gtk-2.20.3/Source/WebCore/svg/SVGPathElement.cpp
--- webkit2gtk-2.20.2/Source/WebCore/svg/SVGPathElement.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/svg/SVGPathElement.cpp	2018-06-11 10:00:09.000000000 +0000
@@ -1,6 +1,7 @@
 /*
  * Copyright (C) 2004, 2005, 2006, 2008 Nikolas Zimmermann 
  * Copyright (C) 2004, 2005, 2006, 2007 Rob Buis 
+ * Copyright (C) 2018 Apple Inc. All rights reserved.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Library General Public
@@ -255,7 +256,7 @@
         if (m_pathSegList.shouldSynchronize && !SVGAnimatedProperty::lookupWrapper(this, dPropertyInfo())->isAnimating()) {
             SVGPathSegListValues newList(PathSegUnalteredRole);
             buildSVGPathSegListValuesFromByteStream(m_pathByteStream, *this, newList, UnalteredParsing);
-            m_pathSegList.value = newList;
+            m_pathSegList.value = WTFMove(newList);
         }
 
         if (renderer)
diff -Nru webkit2gtk-2.20.2/Source/WebCore/svg/SVGPathSegList.cpp webkit2gtk-2.20.3/Source/WebCore/svg/SVGPathSegList.cpp
--- webkit2gtk-2.20.2/Source/WebCore/svg/SVGPathSegList.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/svg/SVGPathSegList.cpp	2018-06-11 10:00:07.000000000 +0000
@@ -1,5 +1,6 @@
 /*
  * Copyright (C) Research In Motion Limited 2010. All rights reserved.
+ * Copyright (C) 2018 Apple Inc. All rights reserved.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Library General Public
@@ -26,20 +27,11 @@
 
 namespace WebCore {
 
-void SVGPathSegList::clearContextAndRoles()
-{
-    ASSERT(m_values);
-    for (auto& item : *m_values)
-        static_cast(item.get())->setContextAndRole(nullptr, PathSegUndefinedRole);
-}
-
 ExceptionOr SVGPathSegList::clear()
 {
     ASSERT(m_values);
     if (m_values->isEmpty())
         return { };
-
-    clearContextAndRoles();
     return Base::clearValues();
 }
 
@@ -50,24 +42,19 @@
 
 ExceptionOr> SVGPathSegList::replaceItem(Ref&& newItem, unsigned index)
 {
-    if (index < m_values->size()) {
-        ListItemType replacedItem = m_values->at(index);
-        ASSERT(replacedItem);
-        static_cast(replacedItem.get())->setContextAndRole(nullptr, PathSegUndefinedRole);
-    }
-
+    if (index < m_values->size())
+        m_values->clearItemContextAndRole(index);
     return Base::replaceItemValues(WTFMove(newItem), index);
 }
 
 ExceptionOr> SVGPathSegList::removeItem(unsigned index)
 {
+    if (index < m_values->size())
+        m_values->clearItemContextAndRole(index);
     auto result = Base::removeItemValues(index);
     if (result.hasException())
         return result;
-    auto removedItem = result.releaseReturnValue();
-    if (removedItem)
-        static_cast(*removedItem).setContextAndRole(nullptr, PathSegUndefinedRole);
-    return WTFMove(removedItem);
+    return result.releaseReturnValue();
 }
 
 SVGPathElement* SVGPathSegList::contextElement() const
diff -Nru webkit2gtk-2.20.2/Source/WebCore/svg/SVGPathSegList.h webkit2gtk-2.20.3/Source/WebCore/svg/SVGPathSegList.h
--- webkit2gtk-2.20.2/Source/WebCore/svg/SVGPathSegList.h	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/svg/SVGPathSegList.h	2018-06-11 10:00:07.000000000 +0000
@@ -1,5 +1,6 @@
 /*
  * Copyright (C) Research In Motion Limited 2010. All rights reserved.
+ * Copyright (C) 2018 Apple Inc. All rights reserved.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Library General Public
@@ -72,7 +73,6 @@
 
     ExceptionOr> initialize(Ref&& newItem)
     {
-        clearContextAndRoles();
         return Base::initializeValues(WTFMove(newItem));
     }
 
@@ -101,9 +101,6 @@
     }
 
     SVGPathElement* contextElement() const;
-
-    void clearContextAndRoles();
-
     using Base::m_role;
 
     bool isReadOnly() const final
diff -Nru webkit2gtk-2.20.2/Source/WebCore/svg/SVGPathSegListValues.cpp webkit2gtk-2.20.3/Source/WebCore/svg/SVGPathSegListValues.cpp
--- webkit2gtk-2.20.2/Source/WebCore/svg/SVGPathSegListValues.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/svg/SVGPathSegListValues.cpp	2018-06-11 10:00:07.000000000 +0000
@@ -3,6 +3,7 @@
  * Copyright (C) 2004, 2005 Rob Buis 
  * Copyright (C) 2007 Eric Seidel 
  * Copyright (C) Research In Motion Limited 2010. All rights reserved.
+ * Copyright (C) 2018 Apple Inc. All rights reserved.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Library General Public
@@ -40,4 +41,17 @@
     downcast(contextElement).pathSegListChanged(m_role, listModification);
 }
 
+void SVGPathSegListValues::clearItemContextAndRole(unsigned index)
+{
+    auto& item = at(index);
+    static_cast(*item).setContextAndRole(nullptr, PathSegUndefinedRole);
+}
+    
+void SVGPathSegListValues::clearContextAndRoles()
+{
+    auto count = size();
+    while (count--)
+        clearItemContextAndRole(count);
+}
+    
 }
diff -Nru webkit2gtk-2.20.2/Source/WebCore/svg/SVGPathSegListValues.h webkit2gtk-2.20.3/Source/WebCore/svg/SVGPathSegListValues.h
--- webkit2gtk-2.20.2/Source/WebCore/svg/SVGPathSegListValues.h	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebCore/svg/SVGPathSegListValues.h	2018-06-11 10:00:07.000000000 +0000
@@ -1,5 +1,6 @@
 /*
  * Copyright (C) 2007 Eric Seidel 
+ * Copyright (C) 2018 Apple Inc. All rights reserved.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Library General Public
@@ -35,16 +36,42 @@
 
 class SVGPathSegListValues : public Vector> {
 public:
+    using Base = Vector>;
+    
     explicit SVGPathSegListValues(SVGPathSegRole role)
         : m_role(role)
     {
     }
+    
+    SVGPathSegListValues(const SVGPathSegListValues&) = default;
+    SVGPathSegListValues(SVGPathSegListValues&&) = default;
+    
+    SVGPathSegListValues& operator=(const SVGPathSegListValues& other)
+    {
+        clearContextAndRoles();
+        return static_cast(Base::operator=(other));
+    }
+
+    SVGPathSegListValues& operator=(SVGPathSegListValues&& other)
+    {
+        clearContextAndRoles();
+        return static_cast(Base::operator=(WTFMove(other)));
+    }
+    
+    void clear()
+    {
+        clearContextAndRoles();
+        Base::clear();
+    }
 
     String valueAsString() const;
 
     void commitChange(SVGElement& contextElement, ListModification);
+    void clearItemContextAndRole(unsigned index);
 
 private:
+    void clearContextAndRoles();
+
     SVGPathSegRole m_role;
 };
 
diff -Nru webkit2gtk-2.20.2/Source/WebDriver/glib/SessionHostGlib.cpp webkit2gtk-2.20.3/Source/WebDriver/glib/SessionHostGlib.cpp
--- webkit2gtk-2.20.2/Source/WebDriver/glib/SessionHostGlib.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebDriver/glib/SessionHostGlib.cpp	2018-06-11 09:43:08.000000000 +0000
@@ -306,6 +306,8 @@
     if (targetList.isEmpty()) {
         m_target = Target();
         m_connectionID = 0;
+        if (m_dbusConnection)
+            g_dbus_connection_close(m_dbusConnection.get(), nullptr, nullptr, nullptr);
         return;
     }
 
diff -Nru webkit2gtk-2.20.2/Source/WebKit/CMakeLists.txt webkit2gtk-2.20.3/Source/WebKit/CMakeLists.txt
--- webkit2gtk-2.20.2/Source/WebKit/CMakeLists.txt	2018-03-05 08:47:55.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/CMakeLists.txt	2018-06-11 09:28:11.000000000 +0000
@@ -778,22 +778,8 @@
     set(JavaScriptCore_SCRIPTS_DIR "${FORWARDING_HEADERS_DIR}/JavaScriptCore/Scripts")
 endif ()
 
-if (COMPILER_IS_GCC_OR_CLANG)
-    set(ATOMIC_TEST_SOURCE
-    "
-        #include 
-        int main() { std::atomic i(0); i++; return 0; }
-    "
-    )
-    check_cxx_source_compiles("${ATOMIC_TEST_SOURCE}" ATOMIC_INT64_IS_BUILTIN)
-    if (NOT ATOMIC_INT64_IS_BUILTIN)
-        set(CMAKE_REQUIRED_LIBRARIES atomic)
-        check_cxx_source_compiles("${ATOMIC_TEST_SOURCE}" ATOMIC_INT64_REQUIRES_LIBATOMIC)
-        if (ATOMIC_INT64_REQUIRES_LIBATOMIC)
-            list(APPEND WebKit_LIBRARIES atomic)
-        endif ()
-        unset(CMAKE_REQUIRED_LIBRARIES)
-    endif ()
+if (ATOMIC_INT64_REQUIRES_LIBATOMIC)
+    list(APPEND WebKit_LIBRARIES atomic)
 endif ()
 
 if (UNIX)
diff -Nru webkit2gtk-2.20.2/Source/WebKit/Platform/IPC/glib/GSocketMonitor.cpp webkit2gtk-2.20.3/Source/WebKit/Platform/IPC/glib/GSocketMonitor.cpp
--- webkit2gtk-2.20.2/Source/WebKit/Platform/IPC/glib/GSocketMonitor.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/Platform/IPC/glib/GSocketMonitor.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -51,7 +51,7 @@
     m_source = adoptGRef(g_socket_create_source(socket, condition, m_cancellable.get()));
     g_source_set_name(m_source.get(), "[WebKit] Socket monitor");
     m_callback = WTFMove(callback);
-    g_source_set_callback(m_source.get(), reinterpret_cast(socketSourceCallback), this, nullptr);
+    g_source_set_callback(m_source.get(), reinterpret_cast(reinterpret_cast(socketSourceCallback)), this, nullptr);
     g_source_set_priority(m_source.get(), RunLoopSourcePriority::RunLoopDispatcher);
     g_source_attach(m_source.get(), runLoop.mainContext());
 }
diff -Nru webkit2gtk-2.20.2/Source/WebKit/PlatformGTK.cmake webkit2gtk-2.20.3/Source/WebKit/PlatformGTK.cmake
--- webkit2gtk-2.20.2/Source/WebKit/PlatformGTK.cmake	2018-04-10 07:33:13.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/PlatformGTK.cmake	2018-06-11 08:16:31.000000000 +0000
@@ -607,11 +607,12 @@
 
         Shared/cairo/ShareableBitmapCairo.cpp
 
+        Shared/glib/ProcessExecutablePathGLib.cpp
+
         Shared/gtk/NativeWebKeyboardEventGtk.cpp
         Shared/gtk/NativeWebMouseEventGtk.cpp
         Shared/gtk/NativeWebTouchEventGtk.cpp
         Shared/gtk/NativeWebWheelEventGtk.cpp
-        Shared/gtk/ProcessExecutablePathGtk.cpp
         Shared/gtk/WebEventFactory.cpp
 
         Shared/soup/WebCoreArgumentCodersSoup.cpp
diff -Nru webkit2gtk-2.20.2/Source/WebKit/Shared/API/glib/WebKitContextMenu.cpp webkit2gtk-2.20.3/Source/WebKit/Shared/API/glib/WebKitContextMenu.cpp
--- webkit2gtk-2.20.2/Source/WebKit/Shared/API/glib/WebKitContextMenu.cpp	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/Shared/API/glib/WebKitContextMenu.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -136,7 +136,7 @@
 WebKitContextMenu* webkit_context_menu_new_with_items(GList* items)
 {
     WebKitContextMenu* menu = webkit_context_menu_new();
-    g_list_foreach(items, reinterpret_cast(g_object_ref_sink), 0);
+    g_list_foreach(items, reinterpret_cast(reinterpret_cast(g_object_ref_sink)), 0);
     menu->priv->items = g_list_copy(items);
 
     return menu;
diff -Nru webkit2gtk-2.20.2/Source/WebKit/Shared/glib/ProcessExecutablePathGLib.cpp webkit2gtk-2.20.3/Source/WebKit/Shared/glib/ProcessExecutablePathGLib.cpp
--- webkit2gtk-2.20.2/Source/WebKit/Shared/glib/ProcessExecutablePathGLib.cpp	1970-01-01 00:00:00.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/Shared/glib/ProcessExecutablePathGLib.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -0,0 +1,105 @@
+/*
+ * Copyright (C) 2010 Apple Inc. All rights reserved.
+ * Portions Copyright (c) 2010 Motorola Mobility, Inc.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY MOTOROLA INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL MOTOROLA INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "ProcessExecutablePath.h"
+
+#include 
+#include 
+#include 
+
+using namespace WebCore;
+
+namespace WebKit {
+
+#if ENABLE(DEVELOPER_MODE)
+static String getExecutablePath()
+{
+    CString executablePath = getCurrentExecutablePath();
+    if (!executablePath.isNull())
+        return FileSystem::directoryName(FileSystem::stringFromFileSystemRepresentation(executablePath.data()));
+    return { };
+}
+#endif
+
+static String findWebKitProcess(const char* processName)
+{
+#if ENABLE(DEVELOPER_MODE)
+    static const char* execDirectory = g_getenv("WEBKIT_EXEC_PATH");
+    if (execDirectory) {
+        String processPath = FileSystem::pathByAppendingComponent(FileSystem::stringFromFileSystemRepresentation(execDirectory), processName);
+        if (FileSystem::fileExists(processPath))
+            return processPath;
+    }
+
+    static String executablePath = getExecutablePath();
+    if (!executablePath.isNull()) {
+        String processPath = FileSystem::pathByAppendingComponent(executablePath, processName);
+        if (FileSystem::fileExists(processPath))
+            return processPath;
+    }
+#endif
+
+    return FileSystem::pathByAppendingComponent(FileSystem::stringFromFileSystemRepresentation(PKGLIBEXECDIR), processName);
+}
+
+String executablePathOfWebProcess()
+{
+#if PLATFORM(WPE)
+    return findWebKitProcess("WPEWebProcess");
+#else
+    return findWebKitProcess("WebKitWebProcess");
+#endif
+}
+
+String executablePathOfPluginProcess()
+{
+#if PLATFORM(WPE)
+    return findWebKitProcess("WPEPluginProcess");
+#else
+    return findWebKitProcess("WebKitPluginProcess");
+#endif
+}
+
+String executablePathOfNetworkProcess()
+{
+#if PLATFORM(WPE)
+    return findWebKitProcess("WPENetworkProcess");
+#else
+    return findWebKitProcess("WebKitNetworkProcess");
+#endif
+}
+
+String executablePathOfStorageProcess()
+{
+#if PLATFORM(WPE)
+    return findWebKitProcess("WPEStorageProcess");
+#else
+    return findWebKitProcess("WebKitStorageProcess");
+#endif
+}
+
+} // namespace WebKit
diff -Nru webkit2gtk-2.20.2/Source/WebKit/Shared/gtk/ProcessExecutablePathGtk.cpp webkit2gtk-2.20.3/Source/WebKit/Shared/gtk/ProcessExecutablePathGtk.cpp
--- webkit2gtk-2.20.2/Source/WebKit/Shared/gtk/ProcessExecutablePathGtk.cpp	2018-02-20 06:53:53.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/Shared/gtk/ProcessExecutablePathGtk.cpp	1970-01-01 00:00:00.000000000 +0000
@@ -1,91 +0,0 @@
-/*
- * Copyright (C) 2010 Apple Inc. All rights reserved.
- * Portions Copyright (c) 2010 Motorola Mobility, Inc.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY MOTOROLA INC. AND ITS CONTRIBUTORS ``AS IS''
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL MOTOROLA INC. OR ITS CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
- * THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "config.h"
-#include "ProcessExecutablePath.h"
-
-#include 
-#include 
-
-#if ENABLE(DEVELOPER_MODE)
-#include 
-#endif
-
-namespace WebKit {
-using namespace WebCore;
-
-#if ENABLE(DEVELOPER_MODE)
-static String getExecutablePath()
-{
-    CString executablePath = getCurrentExecutablePath();
-    if (!executablePath.isNull())
-        return FileSystem::directoryName(FileSystem::stringFromFileSystemRepresentation(executablePath.data()));
-    return String();
-}
-#endif
-
-static String findWebKitProcess(const char* processName)
-{
-#if ENABLE(DEVELOPER_MODE)
-    static const char* execDirectory = g_getenv("WEBKIT_EXEC_PATH");
-    if (execDirectory) {
-        String processPath = FileSystem::pathByAppendingComponent(FileSystem::stringFromFileSystemRepresentation(execDirectory), processName);
-        if (FileSystem::fileExists(processPath))
-            return processPath;
-    }
-
-    static String executablePath = getExecutablePath();
-    if (!executablePath.isNull()) {
-        String processPath = FileSystem::pathByAppendingComponent(executablePath, processName);
-        if (FileSystem::fileExists(processPath))
-            return processPath;
-    }
-#endif
-
-    return FileSystem::pathByAppendingComponent(FileSystem::stringFromFileSystemRepresentation(PKGLIBEXECDIR), processName);
-}
-
-String executablePathOfWebProcess()
-{
-    return findWebKitProcess("WebKitWebProcess");
-}
-
-String executablePathOfPluginProcess()
-{
-    return findWebKitProcess("WebKitPluginProcess");
-}
-
-String executablePathOfNetworkProcess()
-{
-    return findWebKitProcess("WebKitNetworkProcess");
-}
-
-String executablePathOfStorageProcess()
-{
-    return findWebKitProcess("WebKitStorageProcess");
-}
-
-} // namespace WebKit
diff -Nru webkit2gtk-2.20.2/Source/WebKit/Shared/NativeWebTouchEvent.h webkit2gtk-2.20.3/Source/WebKit/Shared/NativeWebTouchEvent.h
--- webkit2gtk-2.20.2/Source/WebKit/Shared/NativeWebTouchEvent.h	2018-02-19 07:45:32.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/Shared/NativeWebTouchEvent.h	2018-06-11 08:16:31.000000000 +0000
@@ -35,7 +35,7 @@
 #elif PLATFORM(GTK)
 #include 
 #elif PLATFORM(WPE)
-#include 
+#include 
 #endif
 
 namespace WebKit {
diff -Nru webkit2gtk-2.20.2/Source/WebKit/SourcesGTK.txt webkit2gtk-2.20.3/Source/WebKit/SourcesGTK.txt
--- webkit2gtk-2.20.2/Source/WebKit/SourcesGTK.txt	2018-04-10 07:33:13.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/SourcesGTK.txt	2018-06-11 08:16:31.000000000 +0000
@@ -77,6 +77,7 @@
 
 Shared/cairo/ShareableBitmapCairo.cpp @no-unify
 
+Shared/glib/ProcessExecutablePathGLib.cpp @no-unify
 Shared/glib/WebContextMenuItemGlib.cpp
 Shared/glib/WebErrorsGlib.cpp
 
@@ -86,7 +87,6 @@
 Shared/gtk/NativeWebTouchEventGtk.cpp
 Shared/gtk/NativeWebWheelEventGtk.cpp
 Shared/gtk/PrintInfoGtk.cpp
-Shared/gtk/ProcessExecutablePathGtk.cpp @no-unify
 Shared/gtk/WebErrorsGtk.cpp
 Shared/gtk/WebEventFactory.cpp
 Shared/gtk/WebSelectionData.cpp
diff -Nru webkit2gtk-2.20.2/Source/WebKit/SourcesWPE.txt webkit2gtk-2.20.3/Source/WebKit/SourcesWPE.txt
--- webkit2gtk-2.20.2/Source/WebKit/SourcesWPE.txt	2018-04-09 15:50:34.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/SourcesWPE.txt	2018-06-11 08:16:31.000000000 +0000
@@ -72,6 +72,7 @@
 
 Shared/cairo/ShareableBitmapCairo.cpp
 
+Shared/glib/ProcessExecutablePathGLib.cpp
 Shared/glib/WebContextMenuItemGlib.cpp
 Shared/glib/WebErrorsGlib.cpp
 
@@ -86,7 +87,6 @@
 Shared/wpe/NativeWebMouseEventWPE.cpp
 Shared/wpe/NativeWebTouchEventWPE.cpp
 Shared/wpe/NativeWebWheelEventWPE.cpp
-Shared/wpe/ProcessExecutablePathWPE.cpp
 Shared/wpe/WebEventFactory.cpp
 
 StorageProcess/glib/StorageProcessMainGLib.cpp
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitAutomationSession.cpp webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitAutomationSession.cpp
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitAutomationSession.cpp	2018-04-09 12:32:38.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitAutomationSession.cpp	2018-06-11 09:43:56.000000000 +0000
@@ -82,6 +82,11 @@
         return String::fromUTF8(m_session->priv->id.data());
     }
 
+    void didDisconnectFromRemote(WebAutomationSession&) override
+    {
+        webkitWebContextWillCloseAutomationSession(m_session->priv->webContext);
+    }
+
     WebPageProxy* didRequestNewWindow(WebAutomationSession&) override
     {
         WebKitWebView* webView = nullptr;
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitCookieManager.cpp webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitCookieManager.cpp
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitCookieManager.cpp	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitCookieManager.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -420,6 +420,7 @@
     return g_task_propagate_boolean(G_TASK(result), error);
 }
 
+#if PLATFORM(GTK)
 /**
  * webkit_cookie_manager_get_domains_with_cookies:
  * @cookie_manager: a #WebKitCookieManager
@@ -518,3 +519,4 @@
 
     webkit_website_data_manager_clear(manager->priv->dataManager, WEBKIT_WEBSITE_DATA_COOKIES, 0, nullptr, nullptr, nullptr);
 }
+#endif
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitFaviconDatabase.cpp webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitFaviconDatabase.cpp
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitFaviconDatabase.cpp	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitFaviconDatabase.cpp	2018-06-11 09:14:05.000000000 +0000
@@ -192,6 +192,9 @@
     if (!priv->isURLImportCompleted)
         return;
 
+    if (pageURL.isEmpty())
+        return;
+
     const String& currentIconURL = priv->pageURLToIconURLMap.get(pageURL);
     if (iconURL == currentIconURL)
         return;
@@ -316,6 +319,9 @@
     if (!webkitFaviconDatabaseIsOpen(database))
         return;
 
+    if (pageURL.isEmpty())
+        return;
+
     WebKitFaviconDatabasePrivate* priv = database->priv;
     SetForScope change(priv->isSettingIcon, true);
     priv->iconDatabase->setIconURLForPageURL(icon.url.string(), pageURL);
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitFormSubmissionRequest.cpp webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitFormSubmissionRequest.cpp
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitFormSubmissionRequest.cpp	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitFormSubmissionRequest.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -86,6 +86,7 @@
     return request;
 }
 
+#if PLATFORM(GTK)
 /**
  * webkit_form_submission_request_get_text_fields:
  * @request: a #WebKitFormSubmissionRequest
@@ -115,6 +116,7 @@
 
     return request->priv->values.get();
 }
+#endif
 
 /**
  * webkit_form_submission_request_list_text_fields:
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitNavigationPolicyDecision.cpp webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitNavigationPolicyDecision.cpp
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitNavigationPolicyDecision.cpp	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitNavigationPolicyDecision.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -59,10 +59,12 @@
 enum {
     PROP_0,
     PROP_NAVIGATION_ACTION,
+#if PLATFORM(GTK)
     PROP_NAVIGATION_TYPE,
     PROP_MOUSE_BUTTON,
     PROP_MODIFIERS,
     PROP_REQUEST,
+#endif
     PROP_FRAME_NAME,
 };
 
@@ -73,6 +75,7 @@
     case PROP_NAVIGATION_ACTION:
         g_value_set_boxed(value, webkit_navigation_policy_decision_get_navigation_action(decision));
         break;
+#if PLATFORM(GTK)
     case PROP_NAVIGATION_TYPE:
         g_value_set_enum(value, webkit_navigation_action_get_navigation_type(decision->priv->navigationAction));
         break;
@@ -85,6 +88,7 @@
     case PROP_REQUEST:
         g_value_set_object(value, webkit_navigation_action_get_request(decision->priv->navigationAction));
         break;
+#endif
     case PROP_FRAME_NAME:
         g_value_set_string(value, webkit_navigation_policy_decision_get_frame_name(decision));
         break;
@@ -116,6 +120,7 @@
             WEBKIT_TYPE_NAVIGATION_ACTION,
             WEBKIT_PARAM_READABLE));
 
+#if PLATFORM(GTK)
     /**
      * WebKitNavigationPolicyDecision:navigation-type:
      *
@@ -187,6 +192,7 @@
                                                       _("The URI request that is associated with this navigation"),
                                                       WEBKIT_TYPE_URI_REQUEST,
                                                       WEBKIT_PARAM_READABLE));
+#endif
 
     /**
      * WebKitNavigationPolicyDecision:frame-name:
@@ -221,6 +227,7 @@
     return decision->priv->navigationAction;
 }
 
+#if PLATFORM(GTK)
 /**
  * webkit_navigation_policy_decision_get_navigation_type:
  * @decision: a #WebKitNavigationPolicyDecision
@@ -284,6 +291,7 @@
     g_return_val_if_fail(WEBKIT_IS_NAVIGATION_POLICY_DECISION(decision), nullptr);
     return webkit_navigation_action_get_request(decision->priv->navigationAction);
 }
+#endif
 
 /**
  * webkit_navigation_policy_decision_get_frame_name:
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitPrivate.cpp webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitPrivate.cpp
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitPrivate.cpp	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitPrivate.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -27,7 +27,7 @@
 #if PLATFORM(GTK)
 #include 
 #elif PLATFORM(WPE)
-#include 
+#include 
 #endif
 
 #if PLATFORM(GTK)
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitSettings.cpp webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitSettings.cpp
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitSettings.cpp	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitSettings.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -127,7 +127,9 @@
     PROP_DEFAULT_MONOSPACE_FONT_SIZE,
     PROP_MINIMUM_FONT_SIZE,
     PROP_DEFAULT_CHARSET,
+#if PLATFORM(GTK)
     PROP_ENABLE_PRIVATE_BROWSING,
+#endif
     PROP_ENABLE_DEVELOPER_EXTRAS,
     PROP_ENABLE_RESIZABLE_TEXT_AREAS,
     PROP_ENABLE_TABS_TO_LINKS,
@@ -266,11 +268,13 @@
     case PROP_DEFAULT_CHARSET:
         webkit_settings_set_default_charset(settings, g_value_get_string(value));
         break;
+#if PLATFORM(GTK)
     case PROP_ENABLE_PRIVATE_BROWSING:
         G_GNUC_BEGIN_IGNORE_DEPRECATIONS;
         webkit_settings_set_enable_private_browsing(settings, g_value_get_boolean(value));
         G_GNUC_END_IGNORE_DEPRECATIONS;
         break;
+#endif
     case PROP_ENABLE_DEVELOPER_EXTRAS:
         webkit_settings_set_enable_developer_extras(settings, g_value_get_boolean(value));
         break;
@@ -443,11 +447,13 @@
     case PROP_DEFAULT_CHARSET:
         g_value_set_string(value, webkit_settings_get_default_charset(settings));
         break;
+#if PLATFORM(GTK)
     case PROP_ENABLE_PRIVATE_BROWSING:
         G_GNUC_BEGIN_IGNORE_DEPRECATIONS;
         g_value_set_boolean(value, webkit_settings_get_enable_private_browsing(settings));
         G_GNUC_END_IGNORE_DEPRECATIONS;
         break;
+#endif
     case PROP_ENABLE_DEVELOPER_EXTRAS:
         g_value_set_boolean(value, webkit_settings_get_enable_developer_extras(settings));
         break;
@@ -879,6 +885,7 @@
                                                         "iso-8859-1",
                                                         readWriteConstructParamFlags));
 
+#if PLATFORM(GTK)
     /**
      * WebKitSettings:enable-private-browsing:
      *
@@ -894,6 +901,7 @@
                                                          _("Whether to enable private browsing"),
                                                          FALSE,
                                                          readWriteConstructParamFlags));
+#endif
 
     /**
      * WebKitSettings:enable-developer-extras:
@@ -2242,6 +2250,7 @@
     g_object_notify(G_OBJECT(settings), "default-charset");
 }
 
+#if PLATFORM(GTK)
 /**
  * webkit_settings_get_enable_private_browsing:
  * @settings: a #WebKitSettings
@@ -2280,6 +2289,7 @@
     priv->preferences->setPrivateBrowsingEnabled(enabled);
     g_object_notify(G_OBJECT(settings), "enable-private-browsing");
 }
+#endif
 
 /**
  * webkit_settings_get_enable_developer_extras:
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitUserContentManager.cpp webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitUserContentManager.cpp
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitUserContentManager.cpp	2018-04-10 07:33:13.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitUserContentManager.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -73,10 +73,13 @@
     LAST_SIGNAL
 };
 
+#if PLATFORM(GTK)
 static guint signals[LAST_SIGNAL] = { 0, };
+#endif
 
 static void webkit_user_content_manager_class_init(WebKitUserContentManagerClass* klass)
 {
+#if PLATFORM(GTK)
     GObjectClass* gObjectClass = G_OBJECT_CLASS(klass);
 
     /**
@@ -100,6 +103,7 @@
             g_cclosure_marshal_VOID__BOXED,
             G_TYPE_NONE, 1,
             WEBKIT_TYPE_JAVASCRIPT_RESULT);
+#endif
 }
 
 /**
@@ -180,6 +184,7 @@
     manager->priv->userContentController->removeAllUserScripts();
 }
 
+#if PLATFORM(GTK)
 class ScriptMessageClientGtk final : public WebScriptMessageHandler::Client {
 public:
     ScriptMessageClientGtk(WebKitUserContentManager* manager, const char* handlerName)
@@ -263,6 +268,7 @@
     g_return_if_fail(name);
     manager->priv->userContentController->removeUserMessageHandlerForName(String::fromUTF8(name), API::UserContentWorld::normalWorld());
 }
+#endif
 
 WebUserContentControllerProxy* webkitUserContentManagerGetUserContentControllerProxy(WebKitUserContentManager* manager)
 {
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp	2018-03-09 10:57:57.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp	2018-06-11 09:43:08.000000000 +0000
@@ -109,7 +109,9 @@
 enum {
     PROP_0,
 
+#if PLATFORM(GTK)
     PROP_LOCAL_STORAGE_DIRECTORY,
+#endif
     PROP_WEBSITE_DATA_MANAGER
 };
 
@@ -240,6 +242,12 @@
 
     WebKitWebContext* m_webContext;
 };
+
+void webkitWebContextWillCloseAutomationSession(WebKitWebContext* webContext)
+{
+    webContext->priv->processPool->setAutomationSession(nullptr);
+    webContext->priv->automationSession = nullptr;
+}
 #endif // ENABLE(REMOTE_INSPECTOR)
 
 WEBKIT_DEFINE_TYPE(WebKitWebContext, webkit_web_context, G_TYPE_OBJECT)
@@ -263,8 +271,8 @@
         G_DIR_SEPARATOR_S "injected-bundle" G_DIR_SEPARATOR_S;
     return injectedBundlePath;
 #elif PLATFORM(WPE)
-    // FIXME: Make it possible to use installed injected bundle in WPE.
-    return nullptr;
+    static const char* injectedBundlePath = PKGLIBDIR G_DIR_SEPARATOR_S "injected-bundle" G_DIR_SEPARATOR_S;
+    return injectedBundlePath;
 #endif
 }
 
@@ -273,9 +281,11 @@
     WebKitWebContext* context = WEBKIT_WEB_CONTEXT(object);
 
     switch (propID) {
+#if PLATFORM(GTK)
     case PROP_LOCAL_STORAGE_DIRECTORY:
         g_value_set_string(value, context->priv->localStorageDirectory.data());
         break;
+#endif
     case PROP_WEBSITE_DATA_MANAGER:
         g_value_set_object(value, webkit_web_context_get_website_data_manager(context));
         break;
@@ -289,9 +299,11 @@
     WebKitWebContext* context = WEBKIT_WEB_CONTEXT(object);
 
     switch (propID) {
+#if PLATFORM(GTK)
     case PROP_LOCAL_STORAGE_DIRECTORY:
         context->priv->localStorageDirectory = g_value_get_string(value);
         break;
+#endif
     case PROP_WEBSITE_DATA_MANAGER: {
         gpointer manager = g_value_get_object(value);
         context->priv->websiteDataManager = manager ? WEBKIT_WEBSITE_DATA_MANAGER(manager) : nullptr;
@@ -394,6 +406,7 @@
     gObjectClass->constructed = webkitWebContextConstructed;
     gObjectClass->dispose = webkitWebContextDispose;
 
+#if PLATFORM(GTK)
     /**
      * WebKitWebContext:local-storage-directory:
      *
@@ -412,6 +425,7 @@
             _("The directory where local storage data will be saved"),
             nullptr,
             static_cast(WEBKIT_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)));
+#endif
 
     /**
      * WebKitWebContext:website-data-manager:
@@ -1337,6 +1351,7 @@
     context->priv->webExtensionsInitializationUserData = userData;
 }
 
+#if PLATFORM(GTK)
 /**
  * webkit_web_context_set_disk_cache_directory:
  * @context: a #WebKitWebContext
@@ -1359,6 +1374,7 @@
 
     context->priv->processPool->configuration().setDiskCacheDirectory(WebCore::FileSystem::pathByAppendingComponent(WebCore::FileSystem::stringFromFileSystemRepresentation(directory), networkCacheSubdirectory));
 }
+#endif
 
 /**
  * webkit_web_context_prefetch_dns:
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitWebContextPrivate.h webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitWebContextPrivate.h
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitWebContextPrivate.h	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitWebContextPrivate.h	2018-06-11 09:43:08.000000000 +0000
@@ -47,3 +47,6 @@
 WebKitWebView* webkitWebContextGetWebViewForPage(WebKitWebContext*, WebKit::WebPageProxy*);
 GVariant* webkitWebContextInitializeWebExtensions(WebKitWebContext*);
 void webkitWebContextInitializeNotificationPermissions(WebKitWebContext*);
+#if ENABLE(REMOTE_INSPECTOR)
+void webkitWebContextWillCloseAutomationSession(WebKitWebContext*);
+#endif
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp	2018-05-07 07:55:43.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -144,7 +144,9 @@
 
     INSECURE_CONTENT_DETECTED,
 
+#if PLATFORM(GTK)
     WEB_PROCESS_CRASHED,
+#endif
     WEB_PROCESS_TERMINATED,
 
     AUTHENTICATE,
@@ -367,11 +369,6 @@
         webkitWebViewHandleDownloadRequest(m_webView, &downloadProxy);
     }
 
-    JSGlobalContextRef javascriptGlobalContext() override
-    {
-        return webkit_web_view_get_javascript_global_context(m_webView);
-    }
-
     WebKitWebView* m_webView;
 };
 #endif
@@ -626,10 +623,6 @@
 
     WebKitWebView* webView = WEBKIT_WEB_VIEW(object);
     WebKitWebViewPrivate* priv = webView->priv;
-#if PLATFORM(WPE)
-    if (!priv->backend)
-        priv->backend = webkitWebViewBackendCreateDefault();
-#endif
     if (priv->relatedView) {
         priv->context = webkit_web_view_get_context(priv->relatedView);
         priv->isEphemeral = webkit_web_view_is_ephemeral(priv->relatedView);
@@ -1795,6 +1788,7 @@
             G_TYPE_NONE, 1,
             WEBKIT_TYPE_INSECURE_CONTENT_EVENT);
 
+#if PLATFORM(GTK)
     /**
      * WebKitWebView::web-process-crashed:
      * @web_view: the #WebKitWebView
@@ -1814,6 +1808,7 @@
         g_signal_accumulator_true_handled, nullptr,
         g_cclosure_marshal_generic,
         G_TYPE_BOOLEAN, 0);
+#endif
 
     /**
      * WebKitWebView::web-process-terminated:
@@ -2349,9 +2344,13 @@
 
 void webkitWebViewHandleAuthenticationChallenge(WebKitWebView* webView, AuthenticationChallengeProxy* authenticationChallenge)
 {
+#if PLATFORM(GTK)
     G_GNUC_BEGIN_IGNORE_DEPRECATIONS;
     gboolean privateBrowsingEnabled = webView->priv->isEphemeral || webkit_settings_get_enable_private_browsing(webView->priv->settings.get());
     G_GNUC_END_IGNORE_DEPRECATIONS;
+#else
+    gboolean privateBrowsingEnabled = webView->priv->isEphemeral;
+#endif
     webView->priv->authenticationRequest = adoptGRef(webkitAuthenticationRequestCreate(authenticationChallenge, privateBrowsingEnabled));
     gboolean returnValue;
     g_signal_emit(webView, signals[AUTHENTICATE], 0, webView->priv->authenticationRequest.get(), &returnValue);
@@ -3250,6 +3249,7 @@
     return webView->priv->findController.get();
 }
 
+#if PLATFORM(GTK)
 /**
  * webkit_web_view_get_javascript_global_context:
  * @web_view: a #WebKitWebView
@@ -3470,6 +3470,7 @@
 
     return static_cast(g_task_propagate_pointer(G_TASK(result), error));
 }
+#endif
 
 /**
  * webkit_web_view_get_main_resource:
@@ -3839,10 +3840,12 @@
 
 void webkitWebViewWebProcessTerminated(WebKitWebView* webView, WebKitWebProcessTerminationReason reason)
 {
+#if PLATFORM(GTK)
     if (reason == WEBKIT_WEB_PROCESS_CRASHED) {
         gboolean returnValue;
         g_signal_emit(webView, signals[WEB_PROCESS_CRASHED], 0, &returnValue);
     }
+#endif
     g_signal_emit(webView, signals[WEB_PROCESS_TERMINATED], 0, reason);
 }
 
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/gtk/InputMethodFilter.cpp webkit2gtk-2.20.3/Source/WebKit/UIProcess/gtk/InputMethodFilter.cpp
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/gtk/InputMethodFilter.cpp	2018-02-20 06:53:53.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/gtk/InputMethodFilter.cpp	2018-06-11 09:50:56.000000000 +0000
@@ -81,15 +81,31 @@
     g_signal_handlers_disconnect_matched(m_context.get(), G_SIGNAL_MATCH_DATA, 0, 0, nullptr, nullptr, this);
 }
 
+bool InputMethodFilter::isViewFocused() const
+{
+#if ENABLE(API_TESTS)
+    ASSERT(m_page || m_testingMode);
+    if (m_testingMode)
+        return true;
+#else
+    ASSERT(m_page);
+#endif
+    return m_page->isViewFocused();
+}
+
 void InputMethodFilter::setEnabled(bool enabled)
 {
+#if ENABLE(API_TESTS)
+    ASSERT(m_page || m_testingMode);
+#else
     ASSERT(m_page);
+#endif
 
     // Notify focus out before changing the m_enabled.
     if (!enabled)
         notifyFocusedOut();
     m_enabled = enabled;
-    if (enabled)
+    if (enabled && isViewFocused())
         notifyFocusedIn();
 }
 
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/gtk/InputMethodFilter.h webkit2gtk-2.20.3/Source/WebKit/UIProcess/gtk/InputMethodFilter.h
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/gtk/InputMethodFilter.h	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/gtk/InputMethodFilter.h	2018-06-11 09:50:56.000000000 +0000
@@ -93,6 +93,8 @@
     void confirmCurrentComposition();
     void cancelContextComposition();
 
+    bool isViewFocused() const;
+
 #if ENABLE(API_TESTS)
     void logHandleKeyboardEventForTesting(GdkEventKey*, const String&, EventFakedForComposition);
     void logHandleKeyboardEventWithCompositionResultsForTesting(GdkEventKey*, ResultsToSend, EventFakedForComposition);
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/Launcher/glib/ProcessLauncherGLib.cpp webkit2gtk-2.20.3/Source/WebKit/UIProcess/Launcher/glib/ProcessLauncherGLib.cpp
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/Launcher/glib/ProcessLauncherGLib.cpp	2018-02-20 06:53:53.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/Launcher/glib/ProcessLauncherGLib.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -41,7 +41,7 @@
 #include 
 
 #if PLATFORM(WPE)
-#include 
+#include 
 #endif
 
 namespace WebKit {
diff -Nru webkit2gtk-2.20.2/Source/WebKit/UIProcess/WebPageProxy.h webkit2gtk-2.20.3/Source/WebKit/UIProcess/WebPageProxy.h
--- webkit2gtk-2.20.2/Source/WebKit/UIProcess/WebPageProxy.h	2018-04-10 07:33:13.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/UIProcess/WebPageProxy.h	2018-06-11 09:50:40.000000000 +0000
@@ -485,6 +485,7 @@
 
     WebCore::IntSize viewSize() const;
     bool isViewVisible() const { return m_activityState & WebCore::ActivityState::IsVisible; }
+    bool isViewFocused() const { return m_activityState & WebCore::ActivityState::IsFocused; }
     bool isViewWindowActive() const;
 
     void addMIMETypeWithCustomContentProvider(const String& mimeType);
diff -Nru webkit2gtk-2.20.2/Source/WebKit/WebProcess/InjectedBundle/API/glib/WebKitFrame.cpp webkit2gtk-2.20.3/Source/WebKit/WebProcess/InjectedBundle/API/glib/WebKitFrame.cpp
--- webkit2gtk-2.20.2/Source/WebKit/WebProcess/InjectedBundle/API/glib/WebKitFrame.cpp	2018-04-10 07:33:13.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/WebProcess/InjectedBundle/API/glib/WebKitFrame.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -90,6 +90,7 @@
     return frame->priv->uri.data();
 }
 
+#if PLATFORM(GTK)
 /**
  * webkit_frame_get_javascript_global_context:
  * @frame: a #WebKitFrame
@@ -126,3 +127,4 @@
 
     return frame->priv->webFrame->jsContextForWorld(webkitScriptWorldGetInjectedBundleScriptWorld(world));
 }
+#endif
diff -Nru webkit2gtk-2.20.2/Source/WebKit/WebProcess/WebProcess.cpp webkit2gtk-2.20.3/Source/WebKit/WebProcess/WebProcess.cpp
--- webkit2gtk-2.20.2/Source/WebKit/WebProcess/WebProcess.cpp	2018-05-07 07:44:53.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WebKit/WebProcess/WebProcess.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -1211,6 +1211,7 @@
             // In this particular case, the storage process can be terminated by the UI process while the
             // connection is being done, so we always want to exit instead of crashing.
             // See https://bugs.webkit.org/show_bug.cgi?id=183348.
+            exit(0);
 #else
             CRASH();
 #endif
diff -Nru webkit2gtk-2.20.2/Source/WTF/wtf/Atomics.cpp webkit2gtk-2.20.3/Source/WTF/wtf/Atomics.cpp
--- webkit2gtk-2.20.2/Source/WTF/wtf/Atomics.cpp	2018-02-19 07:45:30.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WTF/wtf/Atomics.cpp	1970-01-01 00:00:00.000000000 +0000
@@ -1,77 +0,0 @@
-/*
- * Copyright (C) 2007, 2008, 2010, 2012, 2015 Apple Inc. All rights reserved.
- * Copyright (C) 2007 Justin Haygood (jhaygood@reaktix.com)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1.  Redistributions of source code must retain the above copyright
- *     notice, this list of conditions and the following disclaimer.
- * 2.  Redistributions in binary form must reproduce the above copyright
- *     notice, this list of conditions and the following disclaimer in the
- *     documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "config.h"
-#include "Atomics.h"
-
-// Some architectures, like MIPS32, don't have GCC implementation for builtin __sync_* functions
-// with 64 bits variable size. Official GCC answer for the problem: If a target doesn't support
-// atomic operations on certain variable sizes, you are out of luck with atomicity in that case
-// (http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56296). GCC >= 4.8 will support __atomic_* builtin
-// functions for this purpose for all the GCC targets, but for current compilers we have to include
-// our own implementation.
-#if COMPILER(GCC_OR_CLANG) && !defined(__GCC_HAVE_SYNC_COMPARE_AND_SWAP_8) && USE(PTHREADS)
-
-#include "ThreadingPrimitives.h"
-
-namespace WTF {
-
-static const size_t kSwapLockCount = 32;
-static Mutex s_swapLocks[kSwapLockCount];
-
-static inline Mutex& getSwapLock(const volatile int64_t* addr)
-{
-    return s_swapLocks[(reinterpret_cast(addr) >> 3U) % kSwapLockCount];
-}
-
-static int64_t atomicStep(int64_t volatile* addend, int64_t step)
-{
-    Mutex& mutex = getSwapLock(addend);
-
-    mutex.lock();
-    int64_t value = *addend + step;
-    *addend = value;
-    mutex.unlock();
-
-    return value;
-}
-
-extern "C" {
-
-int64_t __sync_add_and_fetch_8(int64_t volatile* addend, int64_t value)
-{
-    return atomicStep(addend, value);
-}
-
-int64_t __sync_sub_and_fetch_8(int64_t volatile* addend, int64_t value)
-{
-    return atomicStep(addend, -value);
-}
-
-} // extern "C"
-
-} // namespace WTF
-
-#endif
diff -Nru webkit2gtk-2.20.2/Source/WTF/wtf/CMakeLists.txt webkit2gtk-2.20.3/Source/WTF/wtf/CMakeLists.txt
--- webkit2gtk-2.20.2/Source/WTF/wtf/CMakeLists.txt	2018-02-19 09:36:10.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WTF/wtf/CMakeLists.txt	2018-06-11 08:16:31.000000000 +0000
@@ -315,7 +315,6 @@
 
 set(WTF_SOURCES
     Assertions.cpp
-    Atomics.cpp
     AutomaticThread.cpp
     BitVector.cpp
     CPUTime.cpp
diff -Nru webkit2gtk-2.20.2/Source/WTF/wtf/glib/WTFGType.h webkit2gtk-2.20.3/Source/WTF/wtf/glib/WTFGType.h
--- webkit2gtk-2.20.2/Source/WTF/wtf/glib/WTFGType.h	2018-02-19 07:45:31.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WTF/wtf/glib/WTFGType.h	2018-06-11 08:16:31.000000000 +0000
@@ -54,7 +54,7 @@
     G_OBJECT_CLASS(type_name##_parent_class)->finalize(object); \
 } \
 \
-static void type_name##_class_intern_init(gpointer klass) \
+static void type_name##_class_intern_init(gpointer klass, gpointer) \
 { \
     GObjectClass* gObjectClass = G_OBJECT_CLASS(klass); \
     g_type_class_add_private(klass, sizeof(TypeName##Private)); \
@@ -63,7 +63,7 @@
     gObjectClass->finalize = type_name##_finalize; \
 } \
 \
-static void type_name##_init(TypeName* self) \
+static void type_name##_init(TypeName* self, gpointer) \
 { \
     TypeName##Private* priv = G_TYPE_INSTANCE_GET_PRIVATE(self, type_name##_get_type(), TypeName##Private); \
     self->priv = priv; \
diff -Nru webkit2gtk-2.20.2/Source/WTF/wtf/HashTable.h webkit2gtk-2.20.3/Source/WTF/wtf/HashTable.h
--- webkit2gtk-2.20.2/Source/WTF/wtf/HashTable.h	2018-02-19 07:45:30.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WTF/wtf/HashTable.h	2018-06-11 08:16:31.000000000 +0000
@@ -847,7 +847,7 @@
             // This initializes the bucket without copying the empty value.
             // That makes it possible to use this with types that don't support copying.
             // The memset to 0 looks like a slow operation but is optimized by the compilers.
-            memset(std::addressof(bucket), 0, sizeof(bucket));
+            memset(static_cast(std::addressof(bucket)), 0, sizeof(bucket));
         }
     };
     
diff -Nru webkit2gtk-2.20.2/Source/WTF/wtf/StdLibExtras.h webkit2gtk-2.20.3/Source/WTF/wtf/StdLibExtras.h
--- webkit2gtk-2.20.2/Source/WTF/wtf/StdLibExtras.h	2018-02-19 07:45:31.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WTF/wtf/StdLibExtras.h	2018-06-11 08:16:31.000000000 +0000
@@ -142,7 +142,7 @@
     static_assert(__is_trivially_copyable(FromType), "bitwise_cast of non-trivially-copyable type!");
 #endif
     typename std::remove_const::type to { };
-    std::memcpy(&to, &from, sizeof(to));
+    std::memcpy(static_cast(&to), static_cast(&from), sizeof(to));
     return to;
 }
 
diff -Nru webkit2gtk-2.20.2/Source/WTF/wtf/Vector.h webkit2gtk-2.20.3/Source/WTF/wtf/Vector.h
--- webkit2gtk-2.20.2/Source/WTF/wtf/Vector.h	2018-02-19 07:45:31.000000000 +0000
+++ webkit2gtk-2.20.3/Source/WTF/wtf/Vector.h	2018-06-11 08:16:31.000000000 +0000
@@ -86,7 +86,7 @@
 {
     static void initialize(T* begin, T* end) 
     {
-        memset(begin, 0, reinterpret_cast(end) - reinterpret_cast(begin));
+        memset(static_cast(begin), 0, reinterpret_cast(end) - reinterpret_cast(begin));
     }
 };
 
@@ -126,11 +126,11 @@
 {
     static void move(const T* src, const T* srcEnd, T* dst) 
     {
-        memcpy(dst, src, reinterpret_cast(srcEnd) - reinterpret_cast(src));
+        memcpy(static_cast(dst), static_cast(const_cast(src)), reinterpret_cast(srcEnd) - reinterpret_cast(src));
     }
     static void moveOverlapping(const T* src, const T* srcEnd, T* dst) 
     {
-        memmove(dst, src, reinterpret_cast(srcEnd) - reinterpret_cast(src));
+        memmove(static_cast(dst), static_cast(const_cast(src)), reinterpret_cast(srcEnd) - reinterpret_cast(src));
     }
 };
 
@@ -156,7 +156,7 @@
 {
     static void uninitializedCopy(const T* src, const T* srcEnd, T* dst)
     {
-        memcpy(dst, src, reinterpret_cast(srcEnd) - reinterpret_cast(src));
+        memcpy(static_cast(dst), static_cast(const_cast(src)), reinterpret_cast(srcEnd) - reinterpret_cast(src));
     }
     template
     static void uninitializedCopy(const T* src, const T* srcEnd, U* dst)
diff -Nru webkit2gtk-2.20.2/Tools/MiniBrowser/gtk/BrowserWindow.c webkit2gtk-2.20.3/Tools/MiniBrowser/gtk/BrowserWindow.c
--- webkit2gtk-2.20.2/Tools/MiniBrowser/gtk/BrowserWindow.c	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Tools/MiniBrowser/gtk/BrowserWindow.c	2018-06-11 09:37:55.000000000 +0000
@@ -177,6 +177,9 @@
     if (progress == 1.0) {
         window->resetEntryProgressTimeoutId = g_timeout_add(500, (GSourceFunc)resetEntryProgress, window);
         g_source_set_name_by_id(window->resetEntryProgressTimeoutId, "[WebKit] resetEntryProgress");
+    } else if (window->resetEntryProgressTimeoutId) {
+        g_source_remove(window->resetEntryProgressTimeoutId);
+        window->resetEntryProgressTimeoutId = 0;
     }
 }
 
diff -Nru webkit2gtk-2.20.2/Tools/TestWebKitAPI/CMakeLists.txt webkit2gtk-2.20.3/Tools/TestWebKitAPI/CMakeLists.txt
--- webkit2gtk-2.20.2/Tools/TestWebKitAPI/CMakeLists.txt	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Tools/TestWebKitAPI/CMakeLists.txt	2018-06-11 08:16:31.000000000 +0000
@@ -178,6 +178,7 @@
     ${WEBKIT_DIR}/Shared/Plugins
     ${WEBKIT_DIR}/UIProcess
     ${WEBKIT_DIR}/UIProcess/API
+    ${WEBKIT_DIR}/UIProcess/API/C
     ${WEBKIT_DIR}/WebProcess/InjectedBundle
     ${WEBKIT_DIR}/WebProcess/InjectedBundle/API/c
 )
diff -Nru webkit2gtk-2.20.2/Tools/TestWebKitAPI/glib/CMakeLists.txt webkit2gtk-2.20.3/Tools/TestWebKitAPI/glib/CMakeLists.txt
--- webkit2gtk-2.20.2/Tools/TestWebKitAPI/glib/CMakeLists.txt	2018-04-10 07:33:13.000000000 +0000
+++ webkit2gtk-2.20.3/Tools/TestWebKitAPI/glib/CMakeLists.txt	2018-06-11 08:16:31.000000000 +0000
@@ -62,8 +62,12 @@
     add_executable(${test_name} ${ARGN})
     add_dependencies(${test_name}
         test-gresource-bundle
-        WebExtensionTest
     )
+    if (PORT STREQUAL "GTK")
+        add_dependencies(${test_name}
+            WebExtensionTest
+        )
+    endif ()
     set_target_properties(${test_name} PROPERTIES
         RUNTIME_OUTPUT_DIRECTORY ${TEST_BINARY_DIR}
     )
@@ -112,28 +116,32 @@
     DEPENDS ${TEST_RESOURCES_DIR}/webkitglib-tests-resources.gresource
 )
 
-ADD_WK2_TEST_WEB_EXTENSION(WebExtensionTest ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/WebExtensionTest.cpp)
-ADD_WK2_TEST_WEB_EXTENSION(WebProcessTest ${WebKitGLibAPIWebProcessTests})
-
 ADD_WK2_TEST(TestAuthentication ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestAuthentication.cpp)
 ADD_WK2_TEST(TestAutomationSession ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestAutomationSession.cpp)
-ADD_WK2_TEST(TestBackForwardList ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestBackForwardList.cpp)
-ADD_WK2_TEST(TestCookieManager ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestCookieManager.cpp)
 ADD_WK2_TEST(TestDownloads ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestDownloads.cpp)
 ADD_WK2_TEST(TestWebKitFaviconDatabase ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebKitFaviconDatabase.cpp)
 ADD_WK2_TEST(TestWebKitFindController ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebKitFindController.cpp)
-ADD_WK2_TEST(TestFrame ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestFrame.cpp)
-ADD_WK2_TEST(TestLoaderClient ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestLoaderClient.cpp)
 ADD_WK2_TEST(TestMultiprocess ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestMultiprocess.cpp)
-ADD_WK2_TEST(TestResources ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestResources.cpp)
-ADD_WK2_TEST(TestSSL ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestSSL.cpp)
-ADD_WK2_TEST(TestUIClient ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestUIClient.cpp)
-ADD_WK2_TEST(TestWebExtensions ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebExtensions.cpp)
 ADD_WK2_TEST(TestWebKitPolicyClient ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebKitPolicyClient.cpp)
 ADD_WK2_TEST(TestWebKitSecurityOrigin ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebKitSecurityOrigin.cpp)
 ADD_WK2_TEST(TestWebKitSettings ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebKitSettings.cpp)
-ADD_WK2_TEST(TestWebKitWebContext ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebContext.cpp)
-ADD_WK2_TEST(TestWebKitWebView ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebView.cpp)
-ADD_WK2_TEST(TestWebKitUserContentManager ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentManager.cpp)
-ADD_WK2_TEST(TestWebsiteData ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebsiteData.cpp)
-ADD_WK2_TEST(TestConsoleMessage ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestConsoleMessage.cpp)
+
+# FIXME: Enable for WPE
+if (PORT STREQUAL "GTK")
+    ADD_WK2_TEST(TestBackForwardList ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestBackForwardList.cpp)
+    ADD_WK2_TEST(TestConsoleMessage ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestConsoleMessage.cpp)
+    ADD_WK2_TEST(TestCookieManager ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestCookieManager.cpp)
+    ADD_WK2_TEST(TestFrame ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestFrame.cpp)
+    ADD_WK2_TEST(TestLoaderClient ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestLoaderClient.cpp)
+    ADD_WK2_TEST(TestResources ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestResources.cpp)
+    ADD_WK2_TEST(TestSSL ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestSSL.cpp)
+    ADD_WK2_TEST(TestUIClient ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestUIClient.cpp)
+    ADD_WK2_TEST(TestWebExtensions ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebExtensions.cpp)
+    ADD_WK2_TEST(TestWebKitUserContentManager ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentManager.cpp)
+    ADD_WK2_TEST(TestWebKitWebContext ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebContext.cpp)
+    ADD_WK2_TEST(TestWebKitWebView ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebView.cpp)
+    ADD_WK2_TEST(TestWebsiteData ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/TestWebsiteData.cpp)
+
+    ADD_WK2_TEST_WEB_EXTENSION(WebExtensionTest ${TOOLS_DIR}/TestWebKitAPI/Tests/WebKitGLib/WebExtensionTest.cpp)
+    ADD_WK2_TEST_WEB_EXTENSION(WebProcessTest ${WebKitGLibAPIWebProcessTests})
+endif ()
diff -Nru webkit2gtk-2.20.2/Tools/TestWebKitAPI/glib/WebKitGLib/TestMain.h webkit2gtk-2.20.3/Tools/TestWebKitAPI/glib/WebKitGLib/TestMain.h
--- webkit2gtk-2.20.2/Tools/TestWebKitAPI/glib/WebKitGLib/TestMain.h	2018-05-07 07:55:43.000000000 +0000
+++ webkit2gtk-2.20.3/Tools/TestWebKitAPI/glib/WebKitGLib/TestMain.h	2018-06-11 08:16:31.000000000 +0000
@@ -142,9 +142,6 @@
 #if PLATFORM(WPE)
     static WebKitWebViewBackend* createWebViewBackend()
     {
-        const char* useHeadlessViewBackend = g_getenv("WPE_USE_HEADLESS_VIEW_BACKEND");
-        if (!useHeadlessViewBackend || !strcmp(useHeadlessViewBackend, "0"))
-            return nullptr;
         auto* headlessBackend = new HeadlessViewBackend;
         return webkit_web_view_backend_new(headlessBackend->backend(), [](gpointer userData) {
             delete static_cast(userData);
diff -Nru webkit2gtk-2.20.2/Tools/TestWebKitAPI/glib/WebKitGLib/WebViewTest.cpp webkit2gtk-2.20.3/Tools/TestWebKitAPI/glib/WebKitGLib/WebViewTest.cpp
--- webkit2gtk-2.20.2/Tools/TestWebKitAPI/glib/WebKitGLib/WebViewTest.cpp	2018-04-10 07:33:13.000000000 +0000
+++ webkit2gtk-2.20.3/Tools/TestWebKitAPI/glib/WebKitGLib/WebViewTest.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -37,8 +37,10 @@
 WebViewTest::~WebViewTest()
 {
     platformDestroy();
+#if PLATFORM(GTK)
     if (m_javascriptResult)
         webkit_javascript_result_unref(m_javascriptResult);
+#endif
     if (m_surface)
         cairo_surface_destroy(m_surface);
     g_object_unref(m_webView);
@@ -259,6 +261,7 @@
     return m_resourceData.get();
 }
 
+#if PLATFORM(GTK)
 static void runJavaScriptReadyCallback(GObject*, GAsyncResult* result, WebViewTest* test)
 {
     test->m_javascriptResult = webkit_web_view_run_javascript_finish(test->m_webView, result, test->m_javascriptError);
@@ -358,7 +361,6 @@
     return JSValueIsUndefined(context, value);
 }
 
-#if PLATFORM(GTK)
 static void onSnapshotReady(WebKitWebView* web_view, GAsyncResult* res, WebViewTest* test)
 {
     GUniqueOutPtr error;
@@ -378,7 +380,6 @@
     g_main_loop_run(m_mainLoop);
     return m_surface;
 }
-#endif
 
 bool WebViewTest::runWebProcessTest(const char* suiteName, const char* testName, const char* contents, const char* contentType)
 {
@@ -399,3 +400,4 @@
     waitUntilLoadFinished();
     return javascriptResultToBoolean(javascriptResult);
 }
+#endif
diff -Nru webkit2gtk-2.20.2/Tools/TestWebKitAPI/glib/WebKitGLib/WebViewTest.h webkit2gtk-2.20.3/Tools/TestWebKitAPI/glib/WebKitGLib/WebViewTest.h
--- webkit2gtk-2.20.2/Tools/TestWebKitAPI/glib/WebKitGLib/WebViewTest.h	2018-04-09 10:48:48.000000000 +0000
+++ webkit2gtk-2.20.3/Tools/TestWebKitAPI/glib/WebKitGLib/WebViewTest.h	2018-06-11 08:16:31.000000000 +0000
@@ -67,7 +67,6 @@
     void showInWindow(GtkWindowType = GTK_WINDOW_POPUP);
     void showInWindowAndWaitUntilMapped(GtkWindowType = GTK_WINDOW_POPUP, int width = 0, int height = 0);
     void emitPopupMenuSignal();
-#endif
 
     WebKitJavascriptResult* runJavaScriptAndWaitUntilFinished(const char* javascript, GError**);
     WebKitJavascriptResult* runJavaScriptFromGResourceAndWaitUntilFinished(const char* resource, GError**);
@@ -79,11 +78,10 @@
     static bool javascriptResultIsNull(WebKitJavascriptResult*);
     static bool javascriptResultIsUndefined(WebKitJavascriptResult*);
 
-#if PLATFORM(GTK)
     cairo_surface_t* getSnapshotAndWaitUntilReady(WebKitSnapshotRegion, WebKitSnapshotOptions);
-#endif
 
     bool runWebProcessTest(const char* suiteName, const char* testName, const char* contents = nullptr, const char* contentType = nullptr);
+#endif
 
     // Prohibit overrides because this is called when the web view is created
     // in our constructor, before a derived class's vtable is ready.
@@ -96,7 +94,9 @@
     GMainLoop* m_mainLoop;
     CString m_activeURI;
     CString m_expectedTitle;
+#if PLATFORM(GTK)
     WebKitJavascriptResult* m_javascriptResult { nullptr };
+#endif
     GError** m_javascriptError { nullptr };
     GUniquePtr m_resourceData { nullptr };
     size_t m_resourceDataSize { 0 };
diff -Nru webkit2gtk-2.20.2/Tools/TestWebKitAPI/PlatformWebView.h webkit2gtk-2.20.3/Tools/TestWebKitAPI/PlatformWebView.h
--- webkit2gtk-2.20.2/Tools/TestWebKitAPI/PlatformWebView.h	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Tools/TestWebKitAPI/PlatformWebView.h	2018-06-11 08:16:31.000000000 +0000
@@ -88,9 +88,6 @@
 
     PlatformWKView m_view;
     PlatformWindow m_window;
-#if PLATFORM(WPE)
-    struct wpe_view_backend* m_backend { nullptr };
-#endif
 };
 
 } // namespace TestWebKitAPI
diff -Nru webkit2gtk-2.20.2/Tools/TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp webkit2gtk-2.20.3/Tools/TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp
--- webkit2gtk-2.20.2/Tools/TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp	2018-05-07 09:31:27.000000000 +0000
+++ webkit2gtk-2.20.3/Tools/TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp	2018-06-11 09:18:37.000000000 +0000
@@ -94,6 +94,7 @@
     assertUserAgentForURLHasMacPlatformQuirk("http://web.whatsapp.com/");
     assertUserAgentForURLHasMacPlatformQuirk("http://outlook.live.com/");
     assertUserAgentForURLHasMacPlatformQuirk("http://www.chase.com/");
+    assertUserAgentForURLHasMacPlatformQuirk("http://paypal.com");
 }
 
 } // namespace TestWebKitAPI
diff -Nru webkit2gtk-2.20.2/Tools/TestWebKitAPI/Tests/WebKitGLib/TestAuthentication.cpp webkit2gtk-2.20.3/Tools/TestWebKitAPI/Tests/WebKitGLib/TestAuthentication.cpp
--- webkit2gtk-2.20.2/Tools/TestWebKitAPI/Tests/WebKitGLib/TestAuthentication.cpp	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Tools/TestWebKitAPI/Tests/WebKitGLib/TestAuthentication.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -184,6 +184,8 @@
     g_assert_cmpstr(webkit_web_view_get_title(test->m_webView), ==, authExpectedFailureTitle);
 }
 
+// FIXME: Find a way to not use the private browsing setting and enable for WPE.
+#if PLATFORM(GTK)
 static void testWebViewAuthenticationStorage(AuthenticationTest* test, gconstpointer)
 {
     // Enable private browsing before authentication request to test that credentials can't be saved.
@@ -207,6 +209,7 @@
     g_assert(webkit_authentication_request_can_save_credentials(request));
 #endif
 }
+#endif
 
 static void testWebViewAuthenticationSuccess(AuthenticationTest* test, gconstpointer)
 {
@@ -416,7 +419,9 @@
     AuthenticationTest::add("Authentication", "authentication-success", testWebViewAuthenticationSuccess);
     AuthenticationTest::add("Authentication", "authentication-failure", testWebViewAuthenticationFailure);
     AuthenticationTest::add("Authentication", "authentication-no-credential", testWebViewAuthenticationNoCredential);
+#if PLATFORM(GTK)
     AuthenticationTest::add("Authentication", "authentication-storage", testWebViewAuthenticationStorage);
+#endif
     AuthenticationTest::add("Authentication", "authentication-empty-realm", testWebViewAuthenticationEmptyRealm);
     ProxyAuthenticationTest::add("Authentication", "authentication-proxy", testWebViewAuthenticationProxy);
     ProxyAuthenticationTest::add("Authentication", "authentication-proxy-https", testWebViewAuthenticationProxyHTTPS);
diff -Nru webkit2gtk-2.20.2/Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitSettings.cpp webkit2gtk-2.20.3/Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitSettings.cpp
--- webkit2gtk-2.20.2/Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitSettings.cpp	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitSettings.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -200,11 +200,13 @@
     webkit_settings_set_default_charset(settings, "utf8");
     g_assert_cmpstr(webkit_settings_get_default_charset(settings), ==, "utf8");
 
+#if PLATFORM(GTK)
     G_GNUC_BEGIN_IGNORE_DEPRECATIONS;
     g_assert(!webkit_settings_get_enable_private_browsing(settings));
     webkit_settings_set_enable_private_browsing(settings, TRUE);
     g_assert(webkit_settings_get_enable_private_browsing(settings));
     G_GNUC_END_IGNORE_DEPRECATIONS;
+#endif
 
     g_assert(!webkit_settings_get_enable_developer_extras(settings));
     webkit_settings_set_enable_developer_extras(settings, TRUE);
diff -Nru webkit2gtk-2.20.2/Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebView.cpp webkit2gtk-2.20.3/Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebView.cpp
--- webkit2gtk-2.20.2/Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebView.cpp	2018-05-07 07:55:43.000000000 +0000
+++ webkit2gtk-2.20.3/Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebView.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -122,26 +122,33 @@
 #if PLATFORM(WPE)
 static void testWebViewWebBackend(Test* test, gconstpointer)
 {
-    // Use the default backend (we don't have a way to check the backend will be actually freed).
-    GRefPtr webView = adoptGRef(webkit_web_view_new(nullptr));
-    test->assertObjectIsDeletedWhenTestFinishes(G_OBJECT(webView.get()));
-    auto* viewBackend = webkit_web_view_get_backend(webView.get());
-    g_assert(viewBackend);
-    auto* wpeBackend = webkit_web_view_backend_get_wpe_backend(viewBackend);
-    g_assert(wpeBackend);
-    webView = nullptr;
+    static struct wpe_view_backend_interface s_testingInterface = {
+        // create
+        [](void*, struct wpe_view_backend*) -> void* { return nullptr; },
+        // destroy
+        [](void*) { },
+        // initialize
+        [](void*) { },
+        // get_renderer_host_fd
+        [](void*) -> int { return -1; },
+        // padding
+        nullptr,
+        nullptr,
+        nullptr,
+        nullptr
+    };
 
     // User provided backend with default deleter (we don't have a way to check the backend will be actually freed).
-    webView = adoptGRef(webkit_web_view_new(webkit_web_view_backend_new(wpe_view_backend_create(), nullptr, nullptr)));
+    GRefPtr webView = adoptGRef(webkit_web_view_new(webkit_web_view_backend_new(wpe_view_backend_create_with_backend_interface(&s_testingInterface, nullptr), nullptr, nullptr)));
     test->assertObjectIsDeletedWhenTestFinishes(G_OBJECT(webView.get()));
-    viewBackend = webkit_web_view_get_backend(webView.get());
+    auto* viewBackend = webkit_web_view_get_backend(webView.get());
     g_assert(viewBackend);
-    wpeBackend = webkit_web_view_backend_get_wpe_backend(viewBackend);
+    auto* wpeBackend = webkit_web_view_backend_get_wpe_backend(viewBackend);
     g_assert(wpeBackend);
     webView = nullptr;
 
     // User provided backend with destroy notify.
-    wpeBackend = wpe_view_backend_create();
+    wpeBackend = wpe_view_backend_create_with_backend_interface(&s_testingInterface, nullptr);
     webView = adoptGRef(webkit_web_view_new(webkit_web_view_backend_new(wpeBackend, [](gpointer userData) {
         auto* backend = *static_cast(userData);
         wpe_view_backend_destroy(backend);
@@ -168,7 +175,7 @@
 
         struct wpe_view_backend* backend;
     };
-    auto* owner = new BackendOwner(wpe_view_backend_create());
+    auto* owner = new BackendOwner(wpe_view_backend_create_with_backend_interface(&s_testingInterface, nullptr));
     g_assert(hasInstance);
     webView = adoptGRef(webkit_web_view_new(webkit_web_view_backend_new(owner->backend, [](gpointer userData) {
         delete static_cast(userData);
@@ -426,7 +433,9 @@
 #if ENABLE(FULLSCREEN_API)
 static void testWebViewFullScreen(FullScreenClientTest* test, gconstpointer)
 {
+#if PLATFORM(GTK)
     test->showInWindowAndWaitUntilMapped();
+#endif
     test->loadHtml("FullScreen test", 0);
     test->waitUntilLoadFinished();
     test->requestFullScreenAndWaitUntilEnteredFullScreen();
diff -Nru webkit2gtk-2.20.2/Tools/TestWebKitAPI/Tests/WTF/AtomicString.cpp webkit2gtk-2.20.3/Tools/TestWebKitAPI/Tests/WTF/AtomicString.cpp
--- webkit2gtk-2.20.2/Tools/TestWebKitAPI/Tests/WTF/AtomicString.cpp	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Tools/TestWebKitAPI/Tests/WTF/AtomicString.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -63,8 +63,8 @@
 
 static inline const char* testAtomicStringNumber(double number)
 {
-    static char testBuffer[100];
-    std::strncpy(testBuffer, AtomicString::number(number).string().utf8().data(), 100);
+    static char testBuffer[100] = { };
+    std::strncpy(testBuffer, AtomicString::number(number).string().utf8().data(), 99);
     return testBuffer;
 }
 
diff -Nru webkit2gtk-2.20.2/Tools/TestWebKitAPI/Tests/WTF/WTFString.cpp webkit2gtk-2.20.3/Tools/TestWebKitAPI/Tests/WTF/WTFString.cpp
--- webkit2gtk-2.20.2/Tools/TestWebKitAPI/Tests/WTF/WTFString.cpp	2018-02-19 07:45:33.000000000 +0000
+++ webkit2gtk-2.20.3/Tools/TestWebKitAPI/Tests/WTF/WTFString.cpp	2018-06-11 08:16:31.000000000 +0000
@@ -67,8 +67,8 @@
 
 static inline const char* testStringNumberFixedPrecision(double number)
 {
-    static char testBuffer[100];
-    std::strncpy(testBuffer, String::number(number).utf8().data(), 100);
+    static char testBuffer[100] = { };
+    std::strncpy(testBuffer, String::number(number).utf8().data(), 99);
     return testBuffer;
 }
 
@@ -116,8 +116,8 @@
 
 static inline const char* testStringNumberFixedWidth(double number)
 {
-    static char testBuffer[100];
-    std::strncpy(testBuffer, String::numberToStringFixedWidth(number, 6).utf8().data(), 100);
+    static char testBuffer[100] = { };
+    std::strncpy(testBuffer, String::numberToStringFixedWidth(number, 6).utf8().data(), 99);
     return testBuffer;
 }
 
@@ -165,8 +165,8 @@
 
 static inline const char* testStringNumber(double number)
 {
-    static char testBuffer[100];
-    std::strncpy(testBuffer, String::numberToStringECMAScript(number).utf8().data(), 100);
+    static char testBuffer[100] = { };
+    std::strncpy(testBuffer, String::numberToStringECMAScript(number).utf8().data(), 99);
     return testBuffer;
 }