some cleanup; tested by sthen@ on a ports build

which results in an internal double free when internal functions are not
in use.
ok otto@

ok tb@ tedu@

definite value in the size == 0 case

is not initialized. Problem spotted by Carlin Bingham; ok phessler@ tedu@

src/lib/libc/gen/tree.c is a copy of src/sys/kern/subr_tree.c, but with
annotations for symbol visibility. changes to one should be reflected
in the other.
the malloc debug code that uses RB code is ported to RBT.
because libc provides the RBT code, procmap doesn't have to reach into
the kernel and build subr_tree.c itself now.
mild enthusiasm from many
ok guenther@

- document posix_memalign() does not play nice with reacallocarray(3) and
freezero(3)

size if canaries are enabled. In that case we have the exact requested
size of the allocation.  But we can at least check the given size
against the chunk size if C is not enabled. Plus add some braces
so my brain doesn't have to scan for dangling else problems when I
see this code.

and ok jeremy@

no longer has access to the content of a memmory object. It does
this by either clearing (if the object memory remains cached) or
by calling munmap(2). ok millert@, deraadt@, guenther@

detected wrt recallocarray()

from David CARLIER

- use internal meta-data to do more consistency checking (especially with
option C)
- use cheap free if possible
ok deraadt@

free() error path.
ok otto@

half a page and a page. ok jmatthew@ tb@

allocation to the size of the new allocation (instead of the requested size).
2. Previously realloc takes the easy way and always reallocates if C is
active. This commit fixes by carefully updating the recorded requested
size in all cases, and writing the canary bytes in the proper location
after reallocating.
3. Introduce defines to test if MALLOC_MOVE should be done and to
compute the new value.

been the default for ages, and I see no valid reason to be able to
disable it. ok natano@

quickly. In both cases it does not make sense to set hints on them.
So remove that option, which is just a remainder of old times when
malloc used to hold on to pages. ok stefan@

- redundant cast is redundant

prodded by otto@
ok kettenis@ otto@

recomputing it all the time

instead of chunk itself; does not change actual allocated size; ok tedu@

or prototypes.  Ditto for some of the char* and void* casts too.
verified no change to instructions on ILP32 (i386) and LP64 (amd64)
ok natano@ abluhm@ deraadt@ millert@

ok tedu@

tested by many (thanks!) ok tedu, guenther@

with a little help from jmc@ for the man page bits
ok jca@  and a reluctant tedu@

chunk rnd), rm P: is default

double unmap and I experienced a much more unstable firefox.
discussed with otto on icb

expensive syscall, and we don't want to tie up other threads. there's no
need to hold the lock, so defer it to afterwards.
from Michael McConville
ok deraadt