Evaluate removal of malloc_usable_size for FORTIFY_SOURCE=3

[dvzrv]

While working on the TODO for preparing packages for the move to FORTIFY_SOURCE=3 on Arch Linux (https://archlinux.org/todo/prepare-packages-for-d_fortify_source3/) it was noted, that upstreams using malloc_usable_size can not be switched.

This ticket is here as a reminder/ source for evaluation to remove the use of malloc_usable_size, as it is likely that further distributions will want to switch to FORTIFY_SOURCE=3 in the future.

[dromer]

Downside being that Cardinal is the consumer of upstream sources that use this function.

Namely QuickJS and SurgeXT.

[falkTX]

QuickJS we already use a fork I believe, not sure if the author merged our changes, has been a while... But the usage of this function seems important there, as it is what decides when to trigger the JS garbage collector. Replacing it with something else is not a minor task.

For Surge it is used by the sqlite3 vendored dep, likely easier to remove its usage.