I don't think I've seen that documentation before. Interesting.
It's talking about active/backup transmit link selection (e.g, set bonding group 0 mode active-backup). This topology can't be achieved with LACP. The switches should not be aware of the link aggregation. As far as they are concerned, the ports leading to the firewalls are plain access or tagged ports.
While that would be functional, it has some complicated availability implications. Active/backup bonds receive on all members, but only transmit on one. Only loss of layer 2 link would cause the firewall to switch to the alternate interface. If something failed past the immediately-connected switches causing traffic through only one to work, the firewalls are unlikely to be able to tell. It might be possible for ClusterXL to tell as long as fw1 was using switch 4 primarily and fw2 was using switch 5 primarily. Then, if a link between the switches failed, the cluster heartbeats on that interface would fail, which could cause a failover of the firewall cluster. To maintain this pathing, you would need to specify a primary link for the bond (e.g, set bonding group 0 primary eth2).
I would test this extensively before depending on it.
Edit: No, wait. If each switch is operating correctly in isolation, but one of them has no access to the broader network, the cluster heartbeats wouldn't fail. fw1 would transmit to switch 4, which is still able to get to fw2. fw2 would transmit to switch 5, which is still able to get to fw1.
I'm not sure there's a good way to get this topology to tolerate failures which cut one of the switches off from the broader network.
