Introduce the -fsanitize=alloc-token command-line option, hooking up
the AllocToken pass -- it provides allocation tokens to compatible
runtime allocators, enabling different heap organization strategies,
e.g. hardening schemes based on heap partitioning.

The instrumentation rewrites standard allocation calls into variants
that accept an additional uint64_t token_id argument. For example,
calls to malloc(size) become __alloc_token_malloc(size, token_id),
and a C++ new MyType expression will call __alloc_token_Znwm(size, token_id).

Currently untyped allocation calls do not yet have !alloc_token_hint
metadata, and therefore receive the fallback token only. This will be
fixed in subsequent changes through best-effort type-inference.

One benefit of the instrumentation approach is that it can be applied
transparently to large codebases, and scales in deployment as other
sanitizers.

Similarly to other sanitizers, instrumentation can selectively be
controlled using __attribute__((no_sanitize("alloc-token"))). Support
for sanitizer ignorelists to disable instrumentation for specific
functions or source files is implemented.

See clang/docs/AllocToken.rst for more usage instructions.

Link: https://discourse.llvm.org/t/rfc-a-framework-for-allocator-partitioning-hints/87434

This change is part of the following series:

1. [AllocToken] Introduce AllocToken instrumentation pass #156838
2. [Clang] Introduce -fsanitize=alloc-token #156839
3. [AllocToken, Clang] Implement TypeHashPointerSplit mode #156840
4. [AllocToken, Clang] Infer type hints from sizeof expressions and casts #156841
5. [AllocToken, Clang] Implement __builtin_alloc_token_infer() and llvm.alloc.token.id #156842