diff --git a/sys/cddl/dev/fbt/arm/fbt_isa.c b/sys/cddl/dev/fbt/arm/fbt_isa.c
index c3b6fca83081..0e948dd90979 100644
--- a/sys/cddl/dev/fbt/arm/fbt_isa.c
+++ b/sys/cddl/dev/fbt/arm/fbt_isa.c
@@ -35,6 +35,7 @@
 #include <sys/param.h>
 
 #include <sys/dtrace.h>
+#include <machine/stack.h>
 #include <machine/trap.h>
 
 #include "fbt.h"
@@ -42,6 +43,7 @@
 #define	FBT_PUSHM		0xe92d0000
 #define	FBT_POPM		0xe8bd0000
 #define	FBT_JUMP		0xea000000
+#define	FBT_SUBSP		0xe24dd000
 
 #define	FBT_ENTRY	"entry"
 #define	FBT_RETURN	"return"
@@ -111,12 +113,18 @@ fbt_provide_module_function(linker_file_t lf, int symindx,
 	instr = (uint32_t *)symval->value;
 	limit = (uint32_t *)(symval->value + symval->size);
 
-	for (; instr < limit; instr++)
-		if ((*instr & 0xffff0000) == FBT_PUSHM &&
-		    (*instr & 0x4000) != 0)
-			break;
+	/*
+	 * va_arg functions has first instruction of
+	 * sub sp, sp, #?
+	 */
+	if ((*instr & 0xfffff000) == FBT_SUBSP)
+		instr++;
 
-	if (instr >= limit)
+	/*
+	 * check if insn is a pushm with LR
+	 */
+	if ((*instr & 0xffff0000) != FBT_PUSHM ||
+	    (*instr & (1 << LR)) == 0)
 		return (0);
 
 	fbt = malloc(sizeof (fbt_probe_t), M_FBT, M_WAITOK | M_ZERO);