Insert null checks for pointer dereferences when debug assertions are enabled

[1c3t3a]

Similar to how the alignment is already checked, this adds a check
for null pointer dereferences in debug mode. It is implemented similarly
to the alignment check as a MirPass.

This inserts checks in the same places as the CheckAlignment pass and additionally
also inserts checks for Borrows, so code like

let ptr: *const u32 = std::ptr::null();
let val: &u32 = unsafe { &*ptr };

will have a check inserted on dereference. This is done because null references
are UB. The alignment check doesn't cover these places, because in &(*ptr).field,
the exact requirement is that the final reference must be aligned. This is something to
consider further enhancements of the alignment check.

For now this is implemented as a separate MirPass, to make it easy to disable
this check if necessary.

This is related to a 2025H1 project goal for better UB checks in debug
mode: rust-lang/rust-project-goals#177.

r? @saethlin