Shared: add in/out barriers with flow state

[asgerf]

Adds overloads of isBarrierIn and isBarrierOut that take a FlowState.

predicate isBarrierIn(Node node, FlowState state)
predicate isBarrierOut(Node node, FlowState state)

The most immediate use-case for these is to be able to implement these as calls to isSource or isSink, without losing the flow state:

predicate isBarrierIn(Node node, FlowState state) { isSource(node, state) }
predicate isBarrierOut(Node node, FlowState state) { isSink(node, state) }

This is needed for the JS data flow migration. Since this isn't merged yet, I haven't added the use sites in this PR, though I have verified that it works in the JS queries where I have used it.

To get a bit more validation, I also ran a C++ experiment with this commit resulting in this evaluation which seems to look fine.

[hvitved]

Looks reasonable to me.

[aschackmull]

This only checks the new barriers on the state-transitioning steps. It also needs to be checked for a lot of other case (state-preserving local steps, jump steps, read steps, store steps, and call edges).

[asgerf]

Thanks for catching this @aschackmull.

As discussed offline, I've put check at the PathNode level since these barriers are unlikely to affect pruning and so aren't that important to check in MkStage. However, the checks weren't quite as simple as initially discussed because subpaths and PartialPathNode needed to be updated as well.

[aschackmull]

s/out/in/, right? no never mind. outBarrier is right.

[aschackmull]

LGTM

[asgerf]

DCA runs look peaceful so I'll go ahead and merge