mem: fix real_used stats for realloc

A realloc that shrank an allocation accounted twice for the
fragment overhead. Basically each shrinking realloc would
introduce an error in the real_used mem stats, between 8 bytes
(f_malloc, no debugging, 32 bits) and up to 96 bytes (q_malloc
with debugging, 64 bits).
This bug concerns only the accounting part. It does not cause any
memory leak or any real runtime problem. It was introduced
in commit fb9d6e50 (2005).
(cherry picked from commit 75c1e9a735c693a6985a7a1786116b5fe4044fd9)

mem/f_malloc.c

@@ -491,7 +491,9 @@ void* fm_realloc(struct fm_block* qm, void* p, unsigned long size)
 		fm_split_frag(qm, f, size);
 #endif
 #if defined(DBG_F_MALLOC) || defined(MALLOC_STATS)
-		qm->real_used-=(orig_size-f->size-FRAG_OVERHEAD);
+		/* fm_split frag already adds FRAG_OVERHEAD for the newly created
+		   free frag, so here we only need orig_size-f->size for real used */
+		qm->real_used-=(orig_size-f->size);
 		qm->used-=(orig_size-f->size);
 #endif
 	}else if (f->size<size){

mem/q_malloc.c

@@ -562,8 +562,11 @@ void* qm_realloc(struct qm_block* qm, void* p, unsigned long size)
 #else
 		if(split_frag(qm, f, size)!=0){
 #endif
-			/* update used sizes: freed the spitted frag */
-			qm->real_used-=(orig_size-f->size-FRAG_OVERHEAD);
+			/* update used sizes: freed the splited frag */
+			/* split frag already adds FRAG_OVERHEAD for the newly created
+			   free frag, so here we only need orig_size-f->size for real used
+			 */
+			qm->real_used-=(orig_size-f->size);
 			qm->used-=(orig_size-f->size);
 		}