diff --git a/js/src/jit-test/tests/debug/bug1684821.js b/js/src/jit-test/tests/debug/bug1684821.js
new file mode 100644
index 000000000000..dfbefd996270
--- /dev/null
+++ b/js/src/jit-test/tests/debug/bug1684821.js
@@ -0,0 +1,26 @@
+let g = newGlobal({newCompartment: true});
+let d = new Debugger(g);
+
+d.onDebuggerStatement = function (frame) {
+  frame.environment;
+};
+
+g.evaluate(`
+  function * foo() {
+    // Force CallObject + LexicalEnvironmentObject
+    let x;
+    let y = () => x;
+
+    // Force DebuggerEnvironment
+    debugger;
+
+    // Force suspend and frame snapshot
+    yield;
+
+    // Popping this frame will trigger a second snapshot
+  }
+`)
+
+let x = g.foo();
+x.next();
+x.next();
diff --git a/js/src/vm/EnvironmentObject.cpp b/js/src/vm/EnvironmentObject.cpp
index ce6385ffdfeb..7160f77abf03 100644
--- a/js/src/vm/EnvironmentObject.cpp
+++ b/js/src/vm/EnvironmentObject.cpp
@@ -2468,8 +2468,7 @@ ArrayObject* DebugEnvironmentProxy::maybeSnapshot() const {
 void DebugEnvironmentProxy::initSnapshot(ArrayObject& o) {
   MOZ_ASSERT_IF(
       maybeSnapshot() != nullptr,
-      environment().is<CallObject>() &&
-          environment().as<CallObject>().callee().isGeneratorOrAsync());
+      CallObject::find(&environment())->callee().isGeneratorOrAsync());
   setReservedSlot(SNAPSHOT_SLOT, ObjectValue(o));
 }