Summary:
D42223 / 3e32b08b0eed540851b3030923c8334c2da4728b added annotations for enforcing
restrictions on access to fields and functions involving shared memory for the child process. These
restrictions were done only at runtime in debug mode.

This diff uses thread safety analysis capabilities to help enforce these restrictions at compile
time, leaving just a single runtime debug check (the creation of the scope object). Functions can be
marked as `PARENT_PROCESS_ONLY` to ensure they are only called by `PARENT_PROCESS_ONLY` marked code
or under a `ParentProcessGuard`, and violations trigger a compile error like:
```
src/yb/tserver/tablet_server.cc:1107:22: error: calling function 'Get' requires holding parent process 'capability' [-Werror,-Wthread-safety-analysis]
```

Also replaces `operator*` and `operator->` with a more explicit `Get()` method and marks PG
processes as child processes.
Jira: DB-16362

Test Plan:
annotations-test.cc was updated accordingly. Also tested a violation locally to check for
compile error.

Reviewers: sergei

Reviewed By: sergei

Subscribers: ybase, yql

Differential Revision: https://phorge.dev.yugabyte.com/D43424