improve false positive detection in ufuzz (#3977)

test/ufuzz/index.js

@@ -1182,11 +1182,19 @@ function fuzzy_match(original, uglified) {
 }
 
 function patch_try_catch(orig, toplevel) {
-    var code = orig;
-    var tries = [];
-    var offset = 0;
+    var stack = [ {
+        code: orig,
+        index: 0,
+        offset: 0,
+        tries: [],
+    } ];
     var re = /(?:(?:^|[\s{}):;])try|}\s*catch\s*\(([^)]+)\)|}\s*finally)\s*(?={)/g;
+    while (stack.length) {
+        var code = stack[0].code;
+        var offset = stack[0].offset;
+        var tries = stack[0].tries;
         var match;
+        re.lastIndex = stack.shift().index;
         while (match = re.exec(code)) {
             var index = match.index + match[0].length + 1;
             if (/(?:^|[\s{}):;])try\s*$/.test(match[0])) {
@@ -1213,6 +1221,12 @@ function patch_try_catch(orig, toplevel) {
             var new_code = code.slice(0, index) + insert + code.slice(index);
             var result = sandbox.run_code(new_code, toplevel);
             if (typeof result != "object" || typeof result.name != "string" || typeof result.message != "string") {
+                if (match[1]) stack.push({
+                    code: code,
+                    index: index,
+                    offset: offset,
+                    tries: JSON.parse(JSON.stringify(tries)),
+                });
                 offset += insert.length;
                 code = new_code;
             } else if (result.name == "TypeError" && /'in'/.test(result.message)) {
@@ -1224,6 +1238,7 @@ function patch_try_catch(orig, toplevel) {
             }
         }
     }
+}
 
 var fallback_options = [ JSON.stringify({
     compress: false,