Sema: lower local variable references returned from functions as `undefined`

[andrewrk]

#25312 describes a plan for detecting trivial local variable references returned from functions, but it leaves a lot of cases that cannot be detected, for example due to generic code, or by adding statements that are opaque to ast-check:

fn returnStackPointer() *i32 {
    var stack_allocation: i32 = 1234;
    const x = &stack_allocation;
    return x;
}

#23528 describes a plan for catching the illegal dereference of dangling stack pointers, but the mechanism is more expensive than necessary for simpler cases such as the one above.

This enhancement addresses those simpler cases that are discovered after type-checking. In such case, the AIR emitted should be equivalent to return undefined rather than the pointer to local. This will cause the problem to be detected at runtime in safe build modes due to the pointer address 0xaaaaaaaaaaaaaaaa being unmappable, while incurring almost no runtime cost (a single instruction to load the 0xaa value into the return register, rather than leaving it undefined).

#25286 was an attempt to do something similar, but it emitted a compile error rather than a safety check. However, this cannot be a compile error, because returning an invalid pointer is equivalent to returning undefined, which is legal, and dereferencing an undefined pointer is unreachable, which is only illegal if it is reached. Think about it: otherwise you wouldn't be able to assert(true).

This is not a proposal, nor a language change, it is only a compiler enhancement to turn some instances of unchecked illegal behavior into checked illegal behavior.