Merge branch 'master' into v2.1

diff --cc src/lj_bc.h
Simple merge

diff --cc src/lj_parse.c
Simple merge

diff --cc src/lj_snap.c
index cb1044392ff1c095d1c3e32d22094c7ee3c605b0,5426002119b7782d19d01f09b6a33e85ad78a320..d0d28c817e02a7c00da10203bcb46d0f1dd96ccc
--- 1/src/lj_snap.c
--- 2/src/lj_snap.c
+++ b/src/lj_snap.c
@@@ -945,19 -865,17 +945,21 @@@ const BCIns *lj_snap_restore(jit_State 
    SnapShot *snap = &T->snap[snapno];
    MSize n, nent = snap->nent;
    SnapEntry *map = &T->snapmap[snap->mapofs];
 -  SnapEntry *flinks = &T->snapmap[snap_nextofs(T, snap)-1];
 -  int32_t ftsz0;
 +#if !LJ_FR2 || defined(LUA_USE_ASSERT)
 +  SnapEntry *flinks = &T->snapmap[snap_nextofs(T, snap)-1-LJ_FR2];
 +#endif
 +#if !LJ_FR2
 +  ptrdiff_t ftsz0;
 +#endif
    TValue *frame;
    BloomFilter rfilt = snap_renamefilter(T, snapno);
 -  const BCIns *pc = snap_pc(map[nent]);
 +  const BCIns *pc = snap_pc(&map[nent]);
    lua_State *L = J->L;
  
-   /* Set interpreter PC to the next PC to get correct error messages. */
-   setcframe_pc(L->cframe, pc+1);
+   /* Set interpreter PC to the next PC to get correct error messages.
+   ** But not for returns or tail calls, since pc+1 may be out-of-range.
+   */
+   setcframe_pc(L->cframe, bc_isret_or_tail(bc_op(*pc)) ? pc : pc+1);
    setcframe_pc(cframe_raw(cframe_prev(L->cframe)), pc);
  
    /* Make sure the stack is big enough for the slots from the snapshot. */