[v16.x] deps: V8: Fix incorrect from space committed size

Backports commits that fix the issue where V8 reports incorrect new space size: https://bugs.chromium.org/p/v8/issues/detail?id=12657.

deps: V8: backport bbd800c6e359

Original commit message:

[heap] Fix incorrect from space committed size

NewSpace page operations like RemovePage, PrependPage, and
EnsureCurrentCapacity should account for committed page size.

This may happen when a page was promoted from the new space to
old space on mark-compact.

Also, add DCHECKs on Commit and Uncommit to ensure the final
committed page size is the same as the current state.

Bug: v8:12657
Change-Id: I7aebc1fd3f51f177ae2ef6420f757f0c573e126b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3504766
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Cr-Commit-Position: refs/heads/main@{#79426}

Refs: https://github.com/v8/v8/commit/bbd800c6e3598a3756733a9c7eba00d7de168226

deps: V8: cherry-pick b95354290941

Original commit message:

[extensions] Fix dcheck failures in getV8Statistics

HeapObjectIterator creates a SafepointScope which requires the heap to
allow garbage collection. This collides with the outer
DisallowGarbageCollection scope. HeapObjectIterator already ensures
there is no allocation during its lifetime, so there is no need to
create an outer DisallowGarbageCollection scope.

Code::source_position_table requires their kind not equals to
CodeKind::BASELINE.

This also exposes the statistics extension through flag
--expose-statistics.

Bug: v8:12657
Change-Id: I1bf11cf499285a742dd99ec8c228ebc36152b597
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3496552
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Cr-Commit-Position: refs/heads/main@{#79425}

Refs: https://github.com/v8/v8/commit/b953542909416a5be11220d9adf6da1aff1f009c