GC needs to be refactored for safety

[liquidev]

Currently the GC is not fully memory safe. In specific, the Gc<T> type may outlive the GC, and the GC will sweep any GcRaw<T> references that may be stored in it on Drop. Additionally the GC doesn't consider Gc<T> references as roots, which is also quite problematic.

Thus, a few things need to be done:

• Value gets a lifetime 'e so that it cannot outlive the engine
• Gc<T> is only permitted for types that implement unsafe trait GcSafe {}, which asserts that you've thoroughly inspected the type for lack of GC references.
  • In the future this may become an auto trait, but user-defined auto traits and negative trait impls are not stable yet.