After commit ddaa145, the following set of commands now
causes ksh to crash:

$ unalias history; unalias r
Memory fault

When ksh is compiled with -D_std_malloc, the crash always
occurs when the 'r' alias is removed with 'unalias r',
although with vmalloc 'unalias history' must be run first
for the crash to occur. With the native malloc, the crash
message is also different:

$ unalias history; unalias r
free(): invalid pointer
Abort

This crash happens because when an alias is unset, _nv_unset
removes the NV_NOFREE flag which results in an invalid use
of free(3) as nv_isattr no longer detects NV_NOFREE afterward.
The history and r aliases shouldn't be freed from memory by
nv_delete because those aliases are given the NV_NOFREE attribute.

src/cmd/ksh93/bltins/typeset.c:
- Save the state of NV_NOFREE for aliases to fix the crash
  caused by 'unalias r'. Also of note, using the return
  value from nv_isattr is incorrect since it's just a
  boolean value. The actual flag passed must be NV_NOFREE
  to prevent bugs (like the crash).

src/cmd/ksh93/tests/alias.sh:
- Use unalias on both history and r to check for the crash.
  'unalias -a' can't be used to replicate the crash.

Since aliases don't have virtual subshell tables, no need to
_nv_unset() them first.

Actually, never mind. My version introduces a memory leak.
Apparently, we must _nv_unset() before calling nv_delete(). Which
makes sense because nv_delete() only frees the node itself,
_nv_unset() is what frees the value.

This reverts commit f6ddacf.