Put the type feedback vector in the unoptimized JavaScript frame.

src/arm/full-codegen-arm.cc

Index: src/arm/full-codegen-arm.cc
diff --git a/src/arm/full-codegen-arm.cc b/src/arm/full-codegen-arm.cc
index 15958ccf54561149055489f32188e1530473fb81..5cd2d21bfc8eb3c97eed4d84969a2ef052031911 100644
--- a/src/arm/full-codegen-arm.cc
+++ b/src/arm/full-codegen-arm.cc
@@ -148,6 +148,7 @@ void FullCodeGenerator::Generate() {
 
   info->set_prologue_offset(masm_->pc_offset());
   __ Prologue(info->IsCodePreAgingActive());
+  __ Push(FeedbackVector());
   info->AddNoFrameRange(0, masm_->pc_offset());
 
   { Comment cmnt(masm_, "[ Allocate locals");
@@ -2145,7 +2146,7 @@ void FullCodeGenerator::VisitYield(Yield* expr) {
       __ mov(r1, cp);
       __ RecordWriteField(r0, JSGeneratorObject::kContextOffset, r1, r2,
                           kLRHasBeenSaved, kDontSaveFPRegs);
-      __ add(r1, fp, Operand(StandardFrameConstants::kExpressionsOffset));
+      __ add(r1, fp, Operand(JavaScriptFrameConstants::kLocal0Offset));
       __ cmp(sp, r1);
       __ b(eq, &post_runtime);
       __ push(r0);  // generator object
@@ -2325,8 +2326,15 @@ void FullCodeGenerator::EmitGeneratorResume(Expression *generator,
   // cp = callee's context,
   // r4 = callee's JS function.
   __ PushFixedFrame(r4);
+
+  // Callee's type feedback vector.
+  __ ldr(r3, FieldMemOperand(r4, JSFunction::kSharedFunctionInfoOffset));
+  __ ldr(r3, FieldMemOperand(r3, SharedFunctionInfo::kFeedbackVectorOffset));
+  __ push(r3);
+
   // Adjust FP to point to saved FP.
-  __ add(fp, sp, Operand(StandardFrameConstants::kFixedFrameSizeFromFp));
+  __ add(fp, sp,
+         Operand(JavaScriptFrameConstants::kUnoptimizedFixedFrameSizeFromFp));
 
   // Load the operand stack size.
   __ ldr(r3, FieldMemOperand(r1, JSGeneratorObject::kOperandStackOffset));