C++: Rewrite cpp/unbounded-write away from DefaultTaintTracking

[MathiasVP]

This PR rewrites the cpp/unbounded-write query away from DefaultTaintTracking. MRVA does report some result changes (both new results and disappearing results). The new results all look genuine, and were hidden by the bad default barriers in DefaultTaintTracking, and all of the disappearing results have been FPs being removed because we now realise that a variable is being overwritten along the path (which we didn't do before because DefaultTaintTracking conflated x and glval<x>).

CI is unhappy because of internal test changes. I've accepted these in the internal repo.

[MathiasVP]

As expected, DCA shows lots of changes (similar to what we saw on MRVA). Other than looking through most of the MRVA ones, I've verified that the kamailio__kamailio ones and the vim__vim ones are good changes. So I think the DCA run LGTM!

[jketema]

Can you summarise what you observed in MRVA?

[MathiasVP]

Can you summarise what you observed in MRVA?

Sure.

• The biggest difference is from simh/simh. On main we have 76 results, and after this rewrite there are 211 new results, and 35 lost results. All of the lost results here seem to be due to us now realizing that a variable is reassigned, and the new results seem genuine.
• The second biggest difference is from joncampbell123/dosbox-x which has 306 results on main and loses 203 results after the rewrite. All of these appear to be DefaultTaintTracking FPs that are now removed.

Then there are various projects that lose or gain 1 result. I'm not super concerned about these since the many of these projects have >50 alerts on the query already.

After you noticed the problems with global variables (that are now fixed in #14736) I found a couple of instances of this as well, I think. I expect these to disappear once #14736 goes in. I don't think we need to wait for that PR to be merged before merging this, though