AlgoScan

The fallback arm (runtime first arg, constant `end` > MAX_BYTES_LENGTH) needs its own test since neither of the constant-bytes substring3 cases in the existing test exceeds 4096.

Each op has a fixed arg shape so matching them separately means the pattern itself encodes the shape — no `*rest` unpacking, no post-hoc `is not None` guards, and the `_extract_start_length` helper becomes dead and is removed.

Adds runtime-argument calls for getbit/setbit/getbyte/setbyte with constant indices large enough to be statically impossible, restoring 100% line coverage after the generic-index branches were added.

Drop specific constant values from the reason strings so they describe the class of failure rather than the specific bad inputs, e.g.

  +: 18446744073709551615 + 1 overflows uint64; will fail at runtime if reached

becomes

  uint64 addition of constants overflows; will fail at runtime if reached

Specific values were useful while the validator was being bootstrapped but add noise for end users who can see the literal values at the source location anyway. Also drops the leading `{op.code}:` prefix since the op name is now folded into the reason text.

Same treatment as extract/extract3: each op has a fixed arg shape, so matching them separately lets the pattern encode the shape. Removes `_substring_start_end` and `_replace_start_and_bytes` helpers and their `*rest` unpacking plumbing.

Revealed a missing OP test case, so added coverage.

Post-destructuring IR pass that emits a compile-time warning when an AVM op is statically known to fail at runtime given its constant arguments. Mirrors the guard conditions that `intrinsic_simplification` uses to bail out of folding.

Covers:
- arithmetic: +, -, *, /, %, exp (overflow / underflow / div-by-zero / 0**0)
- shifts: shl, shr (amount >= 64)
- conversion: btoi (len > 8), bzero (len > 4096)
- extract / extract3 / extract_uint{16,32,64}
- substring / substring3
- replace2 / replace3
- getbit / setbit (uint64 and bytes variants)
- getbyte / setbyte

Handles both immediate-form and stack-arg form where the AVM op has both (e.g. extract vs extract3).

Exercises every warning-emitting branch in statically_failing_op.py (both the top-level `_check` match arms and the three helpers' immediate-form / stack-form / None-fallthrough paths). Hits 100% line coverage of the validator via a single test case:

  coverage run -m pytest tests/test_compile.py -k statically_failing_ops -o addopts=""
  coverage report -m --include="src/puya/ir/validation/statically_failing_op.py"

Overlaps deliberately with a handful of the existing regression_tests cases since this is targeted at coverage completeness rather than regression pinning.