Safe mode

We should have a "safe mode" (perhaps on by default in Debug mode) where a Fortran code cannot segfault at runtime no matter how it is written. To do so, we have to implement the following runtime checks:

• Array bounds checking (#367)
• Accessing unallocated variable (#370)
• Dangling pointers checks (#366)
• Infinite recursion checks (#368)
• Numerical errors / exceptions checks (#371)
• Out of memory (#372)
• Accessing an OPTIONAL argument that is not PRESENT
• Opening a file for reading that does not exist
• Reading a variable from a line of a file that has data of the wrong type
• Reading N elements of an array from a character string that contains fewer than N values
• An invalid format string (for example with missing parenthesis) or a format string that does not match the data read or written. When the data consists of scalars, maybe the compatibility of the data and format string can be checked at compile time.
• Allocating an array that is already allocated, or deallocating an array that is not allocated

If there is any other way a Fortran code could segfault, we should add it to the above list and check it at runtime.