diff --git a/js/src/jstracer.cpp b/js/src/jstracer.cpp
index 7ef0775e861..e77076e19c1 100644
--- a/js/src/jstracer.cpp
+++ b/js/src/jstracer.cpp
@@ -11751,10 +11751,9 @@ TraceRecorder::record_JSOP_GETELEM()
             uintN int_idx = JSVAL_TO_INT(idx);
             jsval* vp = &afp->argv[int_idx];
             if (idx_ins->isconstf()) {
-                if (int_idx >= 0 && int_idx < afp->argc)
-                    v_ins = get(vp);
-                else
-                    v_ins = INS_VOID();
+                if (int_idx < 0 || int_idx >= afp->argc)
+                    RETURN_STOP_A("cannot trace arguments with out of range index");
+                v_ins = get(vp);
             } else {
                 // If the index is not a constant expression, we generate LIR to load the value from
                 // the native stack area. The guard on js_ArgumentClass above ensures the up-to-date
diff --git a/js/src/trace-test/tests/arguments/bug554670-1.js b/js/src/trace-test/tests/arguments/bug554670-1.js
new file mode 100644
index 00000000000..75606c33bec
--- /dev/null
+++ b/js/src/trace-test/tests/arguments/bug554670-1.js
@@ -0,0 +1,8 @@
+x = true;
+(function() {
+  for each(let c in [0, x]) {
+    (arguments)[4] *= c
+  }
+})()
+
+// don't assert
diff --git a/js/src/trace-test/tests/arguments/bug554670-2.js b/js/src/trace-test/tests/arguments/bug554670-2.js
new file mode 100644
index 00000000000..6aeba78fa1d
--- /dev/null
+++ b/js/src/trace-test/tests/arguments/bug554670-2.js
@@ -0,0 +1,8 @@
+var c;
+(function() {
+  for each(e in [0, 0]) {
+    (arguments)[1] *= c
+  }
+})()
+
+// don't assert