deps: V8: backport 6a0a25abaed3

Original commit message:

    [riscv] Fix sp handling in MacroAssembler::LeaveFrame

    Keep sp <= fp to ensure that data right above fp doesn't get clobbered
    by an inopportune signal and its handler.

    Such clobbering can happen in e.g. Node.js when JIT-compiled code is
    interrupted by a SIGCHLD handler.

    Bug: None
    Change-Id: Ief0836032ada7942e89f081f7605f61632c4d414
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7540554
    Reviewed-by: Ji Qiu <qiuji@iscas.ac.cn>
    Commit-Queue: Yahan Lu (LuYahan) <yahan@iscas.ac.cn>
    Reviewed-by: Rezvan Mahdavi Hezaveh <rezvan@chromium.org>
    Cr-Commit-Position: refs/heads/main@{#105069}

Refs: v8/v8@6a0a25a
Co-authored-by: kxxt <rsworktech@outlook.com>

Author: dramforever

common.gypi

@@ -38,7 +38,7 @@
 
     # Reset this number to 0 on major V8 upgrades.
     # Increment by one for each non-official patch applied to deps/v8.
-    'v8_embedder_string': '-node.34',
+    'v8_embedder_string': '-node.35',
 
     ##### V8 defaults for Node.js #####
 

deps/v8/AUTHORS

@@ -282,6 +282,7 @@ Vadim Gorbachev <bmsdave@gmail.com>
 Varun Varada <varuncvarada@gmail.com>
 Victor Costan <costan@gmail.com>
 Victor Polevoy <fx@thefx.co>
+Vivian Wang <wangruikang@iscas.ac.cn>
 Vlad Burlik <vladbph@gmail.com>
 Vladimir Krivosheev <develar@gmail.com>
 Vladimir Shutoff <vovan@shutoff.ru>

deps/v8/src/codegen/riscv/macro-assembler-riscv.cc

@@ -6036,9 +6036,10 @@ void MacroAssembler::EnterFrame(StackFrame::Type type) {
 
 void MacroAssembler::LeaveFrame(StackFrame::Type type) {
   ASM_CODE_COMMENT(this);
-  addi(sp, fp, 2 * kSystemPointerSize);
+  Move(sp, fp);
   LoadWord(ra, MemOperand(fp, 1 * kSystemPointerSize));
   LoadWord(fp, MemOperand(fp, 0 * kSystemPointerSize));
+  AddWord(sp, sp, 2 * kSystemPointerSize);
 }
 
 void MacroAssembler::EnterExitFrame(int stack_space,