GLib: add bounds-checked unsigned int arithmetic

Add some helpers for builds-checked unsigned integer arithmetic to GLib.
These will be based on compiler intrinsics where they are available,
falling back to standard manual checks otherwise.

The fallback case needs to be implemented as a function (which we do
inline) because we cannot rely on statement expressions.  We also
implement the intrinsics case as an inline in order to avoid people
accidentally writing non-portable code which depends on static
evaluation of the builtin.

For now there is only support for addition and multiplication for guint,
guint64 and gsize.  It may make sense to add support for subtraction or
for the signed equivalents of those types in the future if we find a use
for that.

https://bugzilla.gnome.org/show_bug.cgi?id=503096

docs/reference/glib/glib-docs.xml

@@ -41,6 +41,7 @@
     <xi:include href="xml/macros.xml" />
     <xi:include href="xml/type_conversion.xml" />
     <xi:include href="xml/byte_order.xml" />
+    <xi:include href="xml/checkedmath.xml" />
     <xi:include href="xml/numerical.xml" />
     <xi:include href="xml/macros_misc.xml" />
     <xi:include href="xml/atomic_operations.xml" />

docs/reference/glib/glib-sections.txt

@@ -346,6 +346,17 @@ GUINT64_SWAP_LE_BE_X86_64
 
 </SECTION>
 
+<SECTION>
+<TITLE>Bounds-checked integer arithmetic</TITLE>
+<FILE>checkedmath</FILE>
+g_uint_checked_add
+g_uint_checked_mul
+g_uint64_checked_add
+g_uint64_checked_mul
+g_size_checked_add
+g_size_checked_mul
+</SECTION>
+
 <SECTION>
 <TITLE>Numerical Definitions</TITLE>
 <FILE>numerical</FILE>