Exclude a few lines from lcov coverage stats:

- "fail" branches in selftests
- "should never happen" errors in SSL
- cipher_xxx() failures in SSL
- some things that fail only if malloc() fails
- some things that fail only if fread/fwrite()/ftell() fails
  (after fopen() succeeded)
- some things that fail only if a parameter is invalid, but the parameter was
  actually validated earlier
- generated code in library/error.c
diff --git a/library/xtea.c b/library/xtea.c
index fe0a350..3b718ce 100644
--- a/library/xtea.c
+++ b/library/xtea.c
@@ -255,13 +255,13 @@
         mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf );
 
         if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 )
-        {
+        { // LCOV_EXCL_START
             if( verbose != 0 )
                 mbedtls_printf( "failed\n" );
 
             ret = 1;
             goto exit;
-        }
+        } // LCOV_EXCL_STOP
 
         if( verbose != 0 )
             mbedtls_printf( "passed\n" );