Fix segfaults found when running inkscape, when trying to make test nodes use userhosts.

Also fixes segfaults when running ls, discoverd while debugging the former problem, when ls is linked against libselinux.

Cons: an extra if in regular codepath. Expected to have negligible overhead compared to the I/Os happening during/after open (we are fetching a pointer just a bit earlier than before), and a potential branch misprediction (which should be trivial for branch predictor to get right anyway).

Pros: we do not depend on gcc anymore !

Possible refinements:

• Maybe adding some branch prediction hints, but I doubt this is worth the code complexity, CPU architecture and compiler dependencies.
• Maybe macro-ing the ifs. Does not look too bad the current way, so I don't think it would gain much.

Also, accidentally re-debugging the issue which led @kazuhiko to replace -fPIE by -fPIC, I came to the conclusion that it is not wise to rely on FILE *stderr to begin with, because we can be called very early in process initialisation and stderr is a global initialised by the libc. So it seems better to only rely on low-level file descriptors instead, and AFAIK fprintf was only used out of habit and not as a specific choice. Anyway, I am not putting the -fPIE-to--fPIC change into question, as I do not understand clearly now the implications of one vs the other (gcc manpage say -fPIE is like -fPIC but code cano only linked into an executable... whatever that means. Other places mention the ability to intercept library calls in PIC but not in PIE, but again it's not clear what looses the ability: an extra preloaded library or our own code ?).

/cc @jerome (bug reporter), @jm for review