diff --git a/js/src/jit-test/tests/jaeger/loops/bug684621.js b/js/src/jit-test/tests/jaeger/loops/bug684621.js
new file mode 100644
index 000000000000..9ca13bc7f4c5
--- /dev/null
+++ b/js/src/jit-test/tests/jaeger/loops/bug684621.js
@@ -0,0 +1,15 @@
+function runRichards() {
+    queue = new Packet;
+    Packet(queue, ID_DEVICE_A, KIND_DEVICE);
+    new Packet;
+}
+var ID_DEVICE_A = 4;
+var KIND_DEVICE = 0;
+Packet = function (queue) {
+    this.link = null
+    if (queue == null) return;
+    var peek, next = queue;
+    while ((peek = next.link) != null)
+    ID_HANDLER_B
+};
+runRichards()
diff --git a/js/src/methodjit/FrameState.cpp b/js/src/methodjit/FrameState.cpp
index 21b2502ed522..347ba7d083d8 100644
--- a/js/src/methodjit/FrameState.cpp
+++ b/js/src/methodjit/FrameState.cpp
@@ -1949,9 +1949,6 @@ FrameState::pushCopyOf(FrameEntry *backing)
 FrameEntry *
 FrameState::walkTrackerForUncopy(FrameEntry *original)
 {
-    /* Temporary entries are immutable and should never be uncopied. */
-    JS_ASSERT(!isTemporary(original));
-
     uint32 firstCopy = InvalidIndex;
     FrameEntry *bestFe = NULL;
     uint32 ncopies = 0;
@@ -1978,7 +1975,7 @@ FrameState::walkTrackerForUncopy(FrameEntry *original)
 
     JS_ASSERT(firstCopy != InvalidIndex);
     JS_ASSERT(bestFe);
-    JS_ASSERT(bestFe > original);
+    JS_ASSERT_IF(!isTemporary(original), bestFe > original);
 
     /* Mark all extra copies as copies of the new backing index. */
     bestFe->setCopyOf(NULL);
@@ -2873,6 +2870,8 @@ FrameState::clearTemporaries()
     for (FrameEntry *fe = temporaries; fe < temporariesTop; fe++) {
         if (!fe->isTracked())
             continue;
+        if (fe->isCopied())
+            uncopy(fe);
         forgetAllRegs(fe);
         fe->resetSynced();
     }