deps: backport 8d6a228 from the v8's upstream

[indutny]

Original commit message:

[heap] fix crash during the scavenge of ArrayBuffer
Scavenger should not attempt to visit ArrayBuffer's storage, it is a
user-supplied pointer that may have any alignment. Visiting it, may
result in a crash.

BUG=
R=jochen

Review URL: https://codereview.chromium.org/1406133003

Cr-Commit-Position: refs/heads/master@{#31611}

PR-URL: #3549
Reviewed-By: Trevor Norris trev.norris@gmail.com

cc @nodejs/v8

[ofrobots]

LGTM. CI: https://ci.nodejs.org/job/node-test-pull-request/986/

[zcbenz]

The upstream patch included a condition for BytecodeArray, should it also be backported?

+      } else if (target->IsBytecodeArray()) {
+        IterateAndMarkPointersToFromSpace(
+            target, obj_address + BytecodeArray::kConstantPoolOffset,
+            obj_address + BytecodeArray::kHeaderSize, record_slots, callback);

[indutny]

@zcbenz you are absolutely right. Thanks for catching this!

[indutny]

Force pushed, PTAL

[indutny]

New CI: https://ci.nodejs.org/job/node-test-pull-request/989/

[indutny]

Seems to be just one unrelated failure on fedora, otherwise CI is green. @ofrobots does this PR still look good to you?

[ofrobots]

I get gateway timeouts on the tap results page for the CI so I cannot verify that the failure is unrelated . LGTM, otherwise.

[jasnell]

Rubber stamp LGTM. @indutny ... should this go into LTS?

[indutny]

@jasnell I don't think so, we just forgot to cherry-pick it when upgrading V8 somewhere after LTS (AFAIK)

[indutny]

Landed in 36ac3d6, thank you!

[ofrobots]

@jasnell: I missed this commit when upgrading from V8 4.6 to V8 4.7 😰. This is not needed in stable or LTS.

[MylesBorins]

@ofrobots I've added dont-land-on-v4.x please let me know if this should be changed