UPRV_UNREACHABLE called in code that is easily reachable, crashes production code

UPRV_UNREACHABLE, which now unconditionally calls abort(), is called in u_UCharsToChars() if that function is passed a non-invariant character:

This used to call U_ASSERT which is a no-op in production code:

This UPRV_UNREACHABLE can easily be reached not only by direct calls to u_UCharsToChars (in which case there is at least API documentation that says that it is not intended for non-invariant chars) but indirectly, e.g. via a call to ucal_getTimeZoneIDForWindowsID() that is passed a (presumably malformed) Windows zoneID containing non-invariant chars.

This is rather bad.