Heap::gc_count_, last_gc_count, and kGCsBetweenCleanup should be unsigned...

Heap::gc_count_, last_gc_count, and kGCsBetweenCleanup should be unsigned
in order to not be vulnerable to overflow issues. 

Patch by Mark Lam of Hewlett-Packard Development Company, LP

Committed: http://code.google.com/p/v8/source/detail?r=6870

[marklam, 2010-12-17 08:33:47]

Vyacheslav, can you take a look at this please?  It's a trivial change. 
Previously, when the gc_count is using a signed int type, the (gc_count_ <
last_gc_count + kGCsBetweenCleanup) expression will not behave as we would
expect it to when the value of gc_count_ is near the point of overflow.

For example, consider when the value of gc_count_ is 2147483646 (0x7ffffffe),
and last_gc_count is 2147483646 (0x7ffffffe):

Previously with signed numbers:
LHS: 2147483646
RHS: 2147483646 (0x7ffffffe) + 4 => -2147483646 (0x80000002)
LHS < RHS ==> 2147483646 < -2147483646 ==> false

With this patch using unsigned numbers:

LHS: 0x7ffffffe - 0x7ffffffe =>0
RHS: 4
LHS < RHS ==> 0 < 4 ==> true

But in this case, gc_count_ and last_gc_count both have the same value.  We
would expect the difference to be less than kGCsBetweenCleanup, but it turns out
to not be in the signed int case.

[Vyacheslav Egorov (Chromium), 2011-02-21 15:35:14]

LGTM with the comment addressed.

http://codereview.chromium.org/5966001/diff/1/src/heap.cc
File src/heap.cc (right):

http://codereview.chromium.org/5966001/diff/1/src/heap.cc#newcode3763
src/heap.cc:3763: static unsigned int last_gc_count = gc_count_;
There is a bug here: last_gc_count will be initialized once (on the first
invocation of IdleNotification) with gc_count_ value and will not be
reinitialized again so it will always remain the same.

Please split this into declaration and assignment.

And thanks for making me notice this place.