Maint: coccinelle: start tracking "semantic patches" under new hierarchy

To observe the effect of these meta-patches, run "make cocci",
to have them effectively applied, run "make cocci-inplace".

Indeed, at times, like for instance with the very first semantic
patch included in this commit, things cannot be made perfect fully
automatically, so further active deliberation is needed.

The plan is to follow-up with the actual resolution so that no
occurrences are found anymore, which will consequently make it
suitable for periodic re-checks in whatever CI will be preferred.

This very first style assurance meant to be enforced like this is
to alleviate Ken's worries regarding one particular CVE[1] he provided
as a justification for more thorough self-assurances in the code
(see https://github.com/ClusterLabs/pacemaker/pull/1603 for the
context; note that immediate consumption of uninitialized values
incl. pass-by-value is trivial and unambiguous to spot for the
compilers so merely pass-by-indirection could cause problems
and that's exactly why this -- overapproximating, in line with
suggested overapproximation paranoia -- check is helpful).

Also for extra assurance, a (supervised by hand for the time being)
testsuite is accompanied.

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6113