Put the type feedback vector in the unoptimized JavaScript frame.

src/ia32/full-codegen-ia32.cc

Index: src/ia32/full-codegen-ia32.cc
diff --git a/src/ia32/full-codegen-ia32.cc b/src/ia32/full-codegen-ia32.cc
index b76592238d732a643d98f0cd32649feb6f875891..d050926078380416439e0cc4fc9907e56e641763 100644
--- a/src/ia32/full-codegen-ia32.cc
+++ b/src/ia32/full-codegen-ia32.cc
@@ -138,6 +138,7 @@ void FullCodeGenerator::Generate() {
 
   info->set_prologue_offset(masm_->pc_offset());
   __ Prologue(info->IsCodePreAgingActive());
+  __ push(Immediate(FeedbackVector()));
   info->AddNoFrameRange(0, masm_->pc_offset());
 
   { Comment cmnt(masm_, "[ Allocate locals");
@@ -2068,7 +2069,7 @@ void FullCodeGenerator::VisitYield(Yield* expr) {
       __ mov(ecx, esi);
       __ RecordWriteField(eax, JSGeneratorObject::kContextOffset, ecx, edx,
                           kDontSaveFPRegs);
-      __ lea(ebx, Operand(ebp, StandardFrameConstants::kExpressionsOffset));
+      __ lea(ebx, Operand(ebp, JavaScriptFrameConstants::kLocal0Offset));
       __ cmp(esp, ebx);
       __ j(equal, &post_runtime);
       __ push(eax);  // generator object
@@ -2250,6 +2251,11 @@ void FullCodeGenerator::EmitGeneratorResume(Expression *generator,
   __ push(esi);  // Callee's context.
   __ push(edi);  // Callee's JS Function.
 
+  // Callee's type feedback vector.
+  __ mov(edx, FieldOperand(edi, JSFunction::kSharedFunctionInfoOffset));
+  __ mov(edx, FieldOperand(edx, SharedFunctionInfo::kFeedbackVectorOffset));
+  __ push(edx);
+
   // Load the operand stack size.
   __ mov(edx, FieldOperand(ebx, JSGeneratorObject::kOperandStackOffset));
   __ mov(edx, FieldOperand(edx, FixedArray::kLengthOffset));