--- /dev/null
+From d1a968702e2fec725255ec77de254293104b191f Mon Sep 17 00:00:00 2001
+From: Jan Vorlicek <janvorli@microsoft.com>
+Date: Wed, 13 Sep 2017 08:16:39 -0700
+Subject: [PATCH] Port to 2.0.0 - Fix ARM32 secure delegate bug
+
+This change fixes a bug that causes crashes when secure delegate is
+invoked on ARM32 with legacy codegen. Register R4 was loaded with
+indirection slot address and immediatelly marked as trashed, so the JIT
+compiler reused it before the call that was supposed to have that value
+in R4.
+The fix was to move the reg trashing after the call.
+There was also an incorrect marking of that address as EA_PTRSIZE
+while it should be EA_BYREF, so I've fixed that too.
+---
+ src/jit/codegenlegacy.cpp | 17 ++++++++++++++++-
+ 1 file changed, 16 insertions(+), 1 deletion(-)
+
+diff --git a/src/jit/codegenlegacy.cpp b/src/jit/codegenlegacy.cpp
+index d653511..b8a239a 100644
+--- a/src/jit/codegenlegacy.cpp
++++ b/src/jit/codegenlegacy.cpp
+@@ -18632,12 +18632,20 @@ regMaskTP CodeGen::genCodeForCall(GenTreeCall* call, bool valUsed)
+ firstTgtOffs = pInfo->offsetOfDelegateFirstTarget;
+
+ #ifdef _TARGET_ARM_
++ // Ensure that we don't trash any of these registers if we have to load
++ // the helper call target into a register to invoke it.
++ regMaskTP regsUsed = 0;
++
+ if ((call->gtCallMoreFlags & GTF_CALL_M_SECURE_DELEGATE_INV))
+ {
+- getEmitter()->emitIns_R_R_I(INS_add, EA_PTRSIZE, REG_VIRTUAL_STUB_PARAM, regThis,
++ getEmitter()->emitIns_R_R_I(INS_add, EA_BYREF, REG_VIRTUAL_STUB_PARAM, regThis,
+ pInfo->offsetOfSecureDelegateIndirectCell);
+ regTracker.rsTrackRegTrash(REG_VIRTUAL_STUB_PARAM);
++
++ // Ensure that the virtual stub param info register doesn't get reused before the call is taken
++ regSet.rsLockReg(RBM_VIRTUAL_STUB_PARAM, ®sUsed);
+ }
++
+ #endif // _TARGET_ARM_
+
+ // Grab an available register to use for the CALL indirection
+@@ -18661,6 +18669,13 @@ regMaskTP CodeGen::genCodeForCall(GenTreeCall* call, bool valUsed)
+ INDEBUG_LDISASM_COMMA(sigInfo) NULL, // addr
+ args, retSize, gcInfo.gcVarPtrSetCur, gcInfo.gcRegGCrefSetCur,
+ gcInfo.gcRegByrefSetCur, ilOffset, indCallReg);
++
++#ifdef _TARGET_ARM_
++ if ((call->gtCallMoreFlags & GTF_CALL_M_SECURE_DELEGATE_INV))
++ {
++ regSet.rsUnlockReg(RBM_VIRTUAL_STUB_PARAM, regsUsed);
++ }
++#endif // _TARGET_ARM_
+ }
+ else
+
+--
+2.7.4
+
--- /dev/null
+From d768ef837a0a4f13cec786f0d8aa7278abf10bdb Mon Sep 17 00:00:00 2001
+From: Jonghyun Park <parjong@gmail.com>
+Date: Tue, 19 Sep 2017 17:17:10 +0900
+Subject: [PATCH] Disable VSD Stub Kind Prediction on H/W Exception (#14051)
+
+* Disable VSD Stub Kind Prediction on H/W Exception
+
+* Add a comment on a false argument
+
+* Use BOOL (instead of bool) for consistency
+
+* Replace remaining bool/true/false with BOOL/TRUE/FALSE
+---
+ src/vm/exceptionhandling.cpp | 2 +-
+ src/vm/virtualcallstub.cpp | 8 ++++----
+ src/vm/virtualcallstub.h | 7 ++++---
+ 3 files changed, 9 insertions(+), 8 deletions(-)
+
+diff --git a/src/vm/exceptionhandling.cpp b/src/vm/exceptionhandling.cpp
+index abea194..2802f73 100644
+--- a/src/vm/exceptionhandling.cpp
++++ b/src/vm/exceptionhandling.cpp
+@@ -5146,7 +5146,7 @@ static BOOL IsIPinVirtualStub(PCODE f_IP)
+ }
+
+ VirtualCallStubManager::StubKind sk;
+- VirtualCallStubManager::FindStubManager(f_IP, &sk);
++ VirtualCallStubManager::FindStubManager(f_IP, &sk, FALSE /* usePredictStubKind */);
+
+ if (sk == VirtualCallStubManager::SK_DISPATCH)
+ {
+diff --git a/src/vm/virtualcallstub.cpp b/src/vm/virtualcallstub.cpp
+index e753860..e659e35 100644
+--- a/src/vm/virtualcallstub.cpp
++++ b/src/vm/virtualcallstub.cpp
+@@ -970,7 +970,7 @@ void VirtualCallStubManager::Reclaim()
+
+ //----------------------------------------------------------------------------
+ /* static */
+-VirtualCallStubManager *VirtualCallStubManager::FindStubManager(PCODE stubAddress, StubKind* wbStubKind)
++VirtualCallStubManager *VirtualCallStubManager::FindStubManager(PCODE stubAddress, StubKind* wbStubKind, BOOL usePredictStubKind)
+ {
+ CONTRACTL {
+ NOTHROW;
+@@ -995,7 +995,7 @@ VirtualCallStubManager *VirtualCallStubManager::FindStubManager(PCODE stubAddres
+ // VirtualCallStubManager::isDispatchingStub
+ //
+ CONTRACT_VIOLATION(SOToleranceViolation);
+- kind = pCur->getStubKind(stubAddress);
++ kind = pCur->getStubKind(stubAddress, usePredictStubKind);
+ if (kind != SK_UNKNOWN)
+ {
+ if (wbStubKind)
+@@ -1007,7 +1007,7 @@ VirtualCallStubManager *VirtualCallStubManager::FindStubManager(PCODE stubAddres
+ // See if we are managed by the shared domain
+ //
+ pCur = SharedDomain::GetDomain()->GetLoaderAllocator()->GetVirtualCallStubManager();
+- kind = pCur->getStubKind(stubAddress);
++ kind = pCur->getStubKind(stubAddress, usePredictStubKind);
+ if (kind != SK_UNKNOWN)
+ {
+ if (wbStubKind)
+@@ -1022,7 +1022,7 @@ VirtualCallStubManager *VirtualCallStubManager::FindStubManager(PCODE stubAddres
+ {
+ _ASSERTE(pCur != NULL);
+
+- kind = pCur->getStubKind(stubAddress);
++ kind = pCur->getStubKind(stubAddress, usePredictStubKind);
+ if (kind != SK_UNKNOWN)
+ {
+ if (wbStubKind)
+diff --git a/src/vm/virtualcallstub.h b/src/vm/virtualcallstub.h
+index 7b6fedf..b8984ea 100644
+--- a/src/vm/virtualcallstub.h
++++ b/src/vm/virtualcallstub.h
+@@ -317,7 +317,7 @@ public:
+ /* know thine own stubs. It is possible that when multiple
+ virtualcallstub managers are built that these may need to become
+ non-static, and the callers modified accordingly */
+- StubKind getStubKind(PCODE stubStartAddress)
++ StubKind getStubKind(PCODE stubStartAddress, BOOL usePredictStubKind = TRUE)
+ {
+ WRAPPER_NO_CONTRACT;
+ SUPPORTS_DAC;
+@@ -329,7 +329,7 @@ public:
+
+ // Rather than calling IsInRange(stubStartAddress) for each possible stub kind
+ // we can peek at the assembly code and predict which kind of a stub we have
+- StubKind predictedKind = predictStubKind(stubStartAddress);
++ StubKind predictedKind = (usePredictStubKind) ? predictStubKind(stubStartAddress) : SK_UNKNOWN;
+
+ if (predictedKind == SK_DISPATCH)
+ {
+@@ -732,7 +732,8 @@ private:
+ public:
+ // Given a stub address, find the VCSManager that owns it.
+ static VirtualCallStubManager *FindStubManager(PCODE addr,
+- StubKind* wbStubKind = NULL);
++ StubKind* wbStubKind = NULL,
++ BOOL usePredictStubKind = TRUE);
+
+ #ifndef DACCESS_COMPILE
+ // insert a linked list of indirection cells at the beginning of m_RecycledIndCellList
+--
+2.7.4
+