New API fuzzer

This merge request implements a new API fuzzer which, in the first iteration, tests ~200 core API functions directly. The fuzzer implements a simple virtual machine with a fixed number of registers for basic types like integers or strings as well as xmlNode objects. An opcode typically results in a call to an API function using the freshest registers for each argument type and storing the result in the stalest register. This design allows to simulate complex chains of API calls each of which can receive most possible combinations of arguments, often resulting in 100% line coverage.

The fuzzer currently covers functions in

• tree.h
• valid.h
• entities.h
• HTMLtree.h

The other 75 commits fix issues discovered with the new fuzzer.

• The majority of issues are related to handling of malloc failures. Like the other fuzzers, we inject malloc failures and execute many code paths which were never tested before. For example, operations that modify a whole subtree like xmlSetTreeDoc or xmlReconciliateNs must not abort halfway and leave the tree in an inconsistent state.
• The fuzzer tries to make as few assumptions about the behavior of API functions as possible. This is helped by making some argument checks more thorough.
• Some parts in tree.c were refactored to remove duplicate code, simplify other changes and make the code more maintainable.
• A few genuine bugs were found and fixed in the process.