Summary:
When modifying data structures in shared memory from PG, it is necessary to avoid compiler
reordering around stores, since PG may crash at any point, and compiler reordering may
complicate crash recovery or make it impossible.

Additionally, since many constructs like condition variables are not available, PG may sometimes
only be allowed to do a subset of operations. Issues around this are generally difficult to check
from normal testing since they only become problematic when postgres crashes at very specific points of code.

This diff adds some annotations to avoid compiler reording around stores to shared memory and to
make clear (and enforce) what fields code from PG is and is not allowed to read or modify.

- `DCHECK_PARENT_PROCESS()` will add a debug-only check that ensures the code is not being called
  from PG.

The following annotate fields and enforce debug-only checks on reads and writes from PG:
- `ChildProcessForbidden<T>` marks a field as being inaccessible (both read and write) from PG. This
  is meant for cases such as pointers to private TServer memory.
- `ChildProcessReadOnly<T>` marks a field as being readonly from PG.
- `ChildProcessReadWrite<T>` marks a field as being read/write from PG.

The following annotate individual stores/loads and are meant for use in code called from PG:
- `SHARED_MEMORY_STORE(dest, value)` sets `dest` to `value`, where `dest` is one of the
  `ChildProcess...<T>` annotated fields above. This macro prevents any compiler reordering around
  the store.
- `SHARED_MEMORY_LOAD(value)` does nothing special, since we don't need special handling for loads,
  but is provided for symmetry, and to hide the use of `operator*()` and cast to const required for annotated fields.
Jira: DB-15605

Test Plan: Added test: `./yb_build.sh --cxx-test util_annotations-test`

Reviewers: sergei

Reviewed By: sergei

Subscribers: ybase

Differential Revision: https://phorge.dev.yugabyte.com/D42223