From cd4af8ad80bb6430ad2e547f7af236268c9be7d9 Mon Sep 17 00:00:00 2001
From: Mike Pall <mike>
Date: Wed, 28 May 2025 21:02:31 +0200
Subject: Avoid out-of-range PC for stack overflow error from snapshot restore.

Reported by Sergey Kaplun. #1359
---
 src/lj_snap.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'src/lj_snap.c')

diff --git a/src/lj_snap.c b/src/lj_snap.c
index 82ab6983..54260021 100644
--- a/src/lj_snap.c
+++ b/src/lj_snap.c
@@ -872,8 +872,10 @@ const BCIns *lj_snap_restore(jit_State *J, void *exptr)
   const BCIns *pc = snap_pc(map[nent]);
   lua_State *L = J->L;
 
-  /* Set interpreter PC to the next PC to get correct error messages. */
-  setcframe_pc(L->cframe, pc+1);
+  /* Set interpreter PC to the next PC to get correct error messages.
+  ** But not for returns or tail calls, since pc+1 may be out-of-range.
+  */
+  setcframe_pc(L->cframe, bc_isret_or_tail(bc_op(*pc)) ? pc : pc+1);
   setcframe_pc(cframe_raw(cframe_prev(L->cframe)), pc);
 
   /* Make sure the stack is big enough for the slots from the snapshot. */
-- 
cgit v1.2.3-55-g6feb