From 2f396c6db7c1f0737ebd32c82265befa563b1586 Mon Sep 17 00:00:00 2001
From: Mike Pall <mike>
Date: Sun, 15 Jan 2012 17:05:34 +0100
Subject: [PATCH] FFI: Don't touch frame in callbacks with tailcalls to fast
 functions.

---
 src/lj_ccallback.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/lj_ccallback.c b/src/lj_ccallback.c
index f3474588..3c95958d 100644
--- a/src/lj_ccallback.c
+++ b/src/lj_ccallback.c
@@ -274,6 +274,7 @@ void lj_ccallback_mcode_free(CTState *cts)
 #elif LJ_TARGET_ARM
 
 #define CALLBACK_HANDLE_REGARG \
+  UNUSED(isfp); \
   if (n > 1) ngpr = (ngpr + 1u) & ~1u;  /* Align to regpair. */ \
   if (ngpr + n <= maxgpr) { \
     sp = &cts->cb.gpr[ngpr]; \
@@ -455,11 +456,13 @@ void LJ_FASTCALL lj_ccallback_leave(CTState *cts, TValue *o)
   GCfunc *fn;
   TValue *obase = L->base;
   L->base = L->top;  /* Keep continuation frame for throwing errors. */
-  /* PC of RET* is lost. Point to last line for result conv. errors. */
-  fn = curr_func(L);
-  if (isluafunc(fn)) {
-    GCproto *pt = funcproto(fn);
-    setcframe_pc(L->cframe, proto_bc(pt)+pt->sizebc+1);
+  if (o >= L->base) {
+    /* PC of RET* is lost. Point to last line for result conv. errors. */
+    fn = curr_func(L);
+    if (isluafunc(fn)) {
+      GCproto *pt = funcproto(fn);
+      setcframe_pc(L->cframe, proto_bc(pt)+pt->sizebc+1);
+    }
   }
   callback_conv_result(cts, L, o);
   /* Finally drop C frame and continuation frame. */