bugfix: backport fixes for CVE-2024-24989 and CVE-2024-24990.

tests: fixed failed test introduced by commit ad33f56e91.
changes: remove the pcre2 disable config.
2024-05-01 10:11:04 +08:00 · 2024-01-13 10:16:10 +08:00 · 2024-01-12 22:13:21 +08:00 · 2024-01-09 22:59:56 -08:00 · 2024-01-04 11:43:38 +08:00 · 2024-01-04 10:57:01 +08:00
765 changed files with 88231 additions and 5170 deletions
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@ -0,0 +1,26 @@
+This place is for bug reports and development discussions only. For general questions and
+discussions, please join the openresty-en mailing list instead: https://groups.google.com/group/openresty-en.
+If you want to use Chinese, please join the openresty (Chinese) mailing list instead: https://groups.google.com/group/openresty.
+Do not use Chinese in this place.
+
+Before you open a new issue, please search the internet and make sure it is not duplicate.
+
+Ensure you have provided the following details while reporting a problem:
+
+- [ ] The exact version of the related software, including but not limited to the OpenResty version
+(if any), the NGINX core version, the `ngx_lua` module version(via `openresty -V` or `nginx -V`),
+and your operating system version(via `uname -a`).
+- [ ] **A minimal and standalone test case** that others can easily run on their side and
+reproduce the issue you are seeing.
+- [ ] Do not simply say "something is broken" or "something does not work". Always provide
+as much details as possible. Always describe **the symptoms and your expected results**.
+
+You can (temporarily) enable the nginx debugging logs to see the internal workings
+of NGINX in your nginx''s `error.log` file. See http://nginx.org/en/docs/debugging_log.html
+The same instructions apply equally well to OpenResty.
+
+If you are seeing crashes, please provide the full backtrace for the crash. See
+https://www.nginx.com/resources/wiki/start/topics/tutorials/debugging/#core-dump
+for more details.
+
+Thanks for your cooperation.
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@ -0,0 +1,2 @@
+I hereby granted the copyright of the changes in this pull request
+to the authors of this openresty project.
--- a/.github/actions/spelling/README.md
+++ b/.github/actions/spelling/README.md
@ -0,0 +1,16 @@
+# check-spelling/check-spelling configuration
+
+File | Purpose | Format | Info
+-|-|-|-
+[dictionary.txt](dictionary.txt) | Replacement dictionary (creating this file will override the default dictionary) | one word per line | [dictionary](https://github.com/check-spelling/check-spelling/wiki/Configuration#dictionary)
+[allow.txt](allow.txt) | Add words to the dictionary | one word per line (only letters and `'`s allowed) | [allow](https://github.com/check-spelling/check-spelling/wiki/Configuration#allow)
+[reject.txt](reject.txt) | Remove words from the dictionary (after allow) | grep pattern matching whole dictionary words | [reject](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-reject)
+[excludes.txt](excludes.txt) | Files to ignore entirely | perl regular expression | [excludes](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-excludes)
+[only.txt](only.txt) | Only check matching files (applied after excludes) | perl regular expression | [only](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-only)
+[patterns.txt](patterns.txt) | Patterns to ignore from checked lines | perl regular expression (order matters, first match wins) | [patterns](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-patterns)
+[line_forbidden.patterns](line_forbidden.patterns) | Patterns to flag in checked lines | perl regular expression (order matters, first match wins) | [patterns](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-patterns)
+[expect.txt](expect.txt) | Expected words that aren't in the dictionary | one word per line (sorted, alphabetically) | [expect](https://github.com/check-spelling/check-spelling/wiki/Configuration#expect)
+[advice.md](advice.md) | Supplement for GitHub comment when unrecognized words are found | GitHub Markdown | [advice](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-advice)
+
+Note: you can replace any of these files with a directory by the same name (minus the suffix)
+and then include multiple files inside that directory (with that suffix) to merge multiple files together.
--- a/.github/actions/spelling/advice.md
+++ b/.github/actions/spelling/advice.md
@ -0,0 +1,25 @@
+<!-- See https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-advice --> <!-- markdownlint-disable MD033 MD041 -->
+<details><summary>If the flagged items are false positives</summary>
+
+If items relate to a ...
+* binary file (or some other file you wouldn't want to check at all).
+
+  Please add a file path to the `excludes.txt` file matching the containing file.
+
+  File paths are Perl 5 Regular Expressions - you can [test](
+https://www.regexplanet.com/advanced/perl/) yours before committing to verify it will match your files.
+
+  `^` refers to the file's path from the root of the repository, so `^README\.md$` would exclude [README.md](
+../tree/HEAD/README.md) (on whichever branch you're using).
+
+* well-formed pattern.
+
+  If you can write a [pattern](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-patterns) that would match it,
+  try adding it to the `patterns.txt` file.
+
+  Patterns are Perl 5 Regular Expressions - you can [test](
+https://www.regexplanet.com/advanced/perl/) yours before committing to verify it will match your lines.
+
+  Note that patterns can't match multiline strings.
+
+</details>
--- a/.github/actions/spelling/allow.txt
+++ b/.github/actions/spelling/allow.txt
@ -0,0 +1,4 @@
+github
+https
+ssh
+ubuntu
--- a/.github/actions/spelling/candidate.patterns
+++ b/.github/actions/spelling/candidate.patterns
@ -0,0 +1,458 @@
+# marker to ignore all code on line
+^.*/\* #no-spell-check-line \*/.*$
+# marker for ignoring a comment to the end of the line
+// #no-spell-check.*$
+
+# patch hunk comments
+^\@\@ -\d+(?:,\d+|) \+\d+(?:,\d+|) \@\@ .*
+# git index header
+index [0-9a-z]{7,40}\.\.[0-9a-z]{7,40}
+
+# cid urls
+(['"])cid:.*?\g{-1}
+
+# data url in parens
+\(data:[^)]*?(?:[A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})[^)]*\)
+# data url in quotes
+([`'"])data:.*?(?:[A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,}).*\g{-1}
+# data url
+data:[-a-zA-Z=;:/0-9+]*,\S*
+
+# mailto urls
+mailto:[-a-zA-Z=;:/?%&0-9+@.]{3,}
+
+# magnet urls
+magnet:[?=:\w]+
+
+# obs:
+"obs:[^"]*"
+
+# The `\b` here means a break, it's the fancy way to handle urls, but it makes things harder to read
+# In this examples content, I'm using a number of different ways to match things to show various approaches
+# asciinema
+\basciinema\.org/a/[0-9a-zA-Z]+
+
+# apple
+\bdeveloper\.apple\.com/[-\w?=/]+
+# Apple music
+\bembed\.music\.apple\.com/fr/playlist/usr-share/[-\w.]+
+
+# appveyor api
+\bci\.appveyor\.com/api/projects/status/[0-9a-z]+
+# appveyor project
+\bci\.appveyor\.com/project/(?:[^/\s"]*/){2}builds?/\d+/job/[0-9a-z]+
+
+# Amazon
+
+# Amazon
+\bamazon\.com/[-\w]+/(?:dp/[0-9A-Z]+|)
+# AWS S3
+\b\w*\.s3[^.]*\.amazonaws\.com/[-\w/&#%_?:=]*
+# AWS execute-api
+\b[0-9a-z]{10}\.execute-api\.[-0-9a-z]+\.amazonaws\.com\b
+# AWS ELB
+\b\w+\.[-0-9a-z]+\.elb\.amazonaws\.com\b
+# AWS SNS
+\bsns\.[-0-9a-z]+.amazonaws\.com/[-\w/&#%_?:=]*
+
+# While you could try to match `http://` and `https://` by using `s?` in `https?://`, sometimes there
+# YouTube url
+\b(?:(?:www\.|)youtube\.com|youtu.be)/(?:channel/|embed/|user/|playlist\?list=|watch\?v=|v/|)[-a-zA-Z0-9?&=_%]*
+# YouTube music
+\bmusic\.youtube\.com/youtubei/v1/browse(?:[?&]\w+=[-a-zA-Z0-9?&=_]*)
+# YouTube tag
+<\s*youtube\s+id=['"][-a-zA-Z0-9?_]*['"]
+# YouTube image
+\bimg\.youtube\.com/vi/[-a-zA-Z0-9?&=_]*
+# Google Accounts
+\baccounts.google.com/[-_/?=.:;+%&0-9a-zA-Z]*
+# Google Analytics
+\bgoogle-analytics\.com/collect.[-0-9a-zA-Z?%=&_.~]*
+# Google APIs
+\bgoogleapis\.(?:com|dev)/[a-z]+/(?:v\d+/|)[a-z]+/[-@:./?=\w]+
+# Google Storage
+\b[-a-zA-Z0-9.]*\bstorage\d*\.googleapis\.com(?:/\S*|)
+# Google Calendar
+\bcalendar\.google\.com/calendar(?:/u/\d+|)/embed\?src=[@./?=\w&%]+
+\w+\@group\.calendar\.google\.com\b
+# Google DataStudio
+\bdatastudio\.google\.com/(?:(?:c/|)u/\d+/|)(?:embed/|)(?:open|reporting|datasources|s)/[-0-9a-zA-Z]+(?:/page/[-0-9a-zA-Z]+|)
+# The leading `/` here is as opposed to the `\b` above
+# ... a short way to match `https://` or `http://` since most urls have one of those prefixes
+# Google Docs
+/docs\.google\.com/[a-z]+/(?:ccc\?key=\w+|(?:u/\d+|d/(?:e/|)[0-9a-zA-Z_-]+/)?(?:edit\?[-\w=#.]*|/\?[\w=&]*|))
+# Google Drive
+\bdrive\.google\.com/(?:file/d/|open)[-0-9a-zA-Z_?=]*
+# Google Groups
+\bgroups\.google\.com/(?:(?:forum/#!|d/)(?:msg|topics?|searchin)|a)/[^/\s"]+/[-a-zA-Z0-9$]+(?:/[-a-zA-Z0-9]+)*
+# Google Maps
+\bmaps\.google\.com/maps\?[\w&;=]*
+# Google themes
+themes\.googleusercontent\.com/static/fonts/[^/\s"]+/v\d+/[^.]+.
+# Google CDN
+\bclients2\.google(?:usercontent|)\.com[-0-9a-zA-Z/.]*
+# Goo.gl
+/goo\.gl/[a-zA-Z0-9]+
+# Google Chrome Store
+\bchrome\.google\.com/webstore/detail/[-\w]*(?:/\w*|)
+# Google Books
+\bgoogle\.(?:\w{2,4})/books(?:/\w+)*\?[-\w\d=&#.]*
+# Google Fonts
+\bfonts\.(?:googleapis|gstatic)\.com/[-/?=:;+&0-9a-zA-Z]*
+# Google Forms
+\bforms\.gle/\w+
+# Google Scholar
+\bscholar\.google\.com/citations\?user=[A-Za-z0-9_]+
+# Google Colab Research Drive
+\bcolab\.research\.google\.com/drive/[-0-9a-zA-Z_?=]*
+
+# GitHub SHAs (api)
+\bapi.github\.com/repos(?:/[^/\s"]+){3}/[0-9a-f]+\b
+# GitHub SHAs (markdown)
+(?:\[`?[0-9a-f]+`?\]\(https:/|)/(?:www\.|)github\.com(?:/[^/\s"]+){2,}(?:/[^/\s")]+)(?:[0-9a-f]+(?:[-0-9a-zA-Z/#.]*|)\b|)
+# GitHub SHAs
+\bgithub\.com(?:/[^/\s"]+){2}[@#][0-9a-f]+\b
+# GitHub wiki
+\bgithub\.com/(?:[^/]+/){2}wiki/(?:(?:[^/]+/|)_history|[^/]+(?:/_compare|)/[0-9a-f.]{40,})\b
+# githubusercontent
+/[-a-z0-9]+\.githubusercontent\.com/[-a-zA-Z0-9?&=_\/.]*
+# githubassets
+\bgithubassets.com/[0-9a-f]+(?:[-/\w.]+)
+# gist github
+\bgist\.github\.com/[^/\s"]+/[0-9a-f]+
+# git.io
+\bgit\.io/[0-9a-zA-Z]+
+# GitHub JSON
+"node_id": "[-a-zA-Z=;:/0-9+]*"
+# Contributor
+\[[^\]]+\]\(https://github\.com/[^/\s"]+\)
+# GHSA
+GHSA(?:-[0-9a-z]{4}){3}
+
+# GitLab commit
+\bgitlab\.[^/\s"]*/\S+/\S+/commit/[0-9a-f]{7,16}#[0-9a-f]{40}\b
+# GitLab merge requests
+\bgitlab\.[^/\s"]*/\S+/\S+/-/merge_requests/\d+/diffs#[0-9a-f]{40}\b
+# GitLab uploads
+\bgitlab\.[^/\s"]*/uploads/[-a-zA-Z=;:/0-9+]*
+# GitLab commits
+\bgitlab\.[^/\s"]*/(?:[^/\s"]+/){2}commits?/[0-9a-f]+\b
+
+# binanace
+accounts.binance.com/[a-z/]*oauth/authorize\?[-0-9a-zA-Z&%]*
+
+# bitbucket diff
+\bapi\.bitbucket\.org/\d+\.\d+/repositories/(?:[^/\s"]+/){2}diff(?:stat|)(?:/[^/\s"]+){2}:[0-9a-f]+
+# bitbucket repositories commits
+\bapi\.bitbucket\.org/\d+\.\d+/repositories/(?:[^/\s"]+/){2}commits?/[0-9a-f]+
+# bitbucket commits
+\bbitbucket\.org/(?:[^/\s"]+/){2}commits?/[0-9a-f]+
+
+# bit.ly
+\bbit\.ly/\w+
+
+# bitrise
+\bapp\.bitrise\.io/app/[0-9a-f]*/[\w.?=&]*
+
+# bootstrapcdn.com
+\bbootstrapcdn\.com/[-./\w]+
+
+# cdn.cloudflare.com
+\bcdnjs\.cloudflare\.com/[./\w]+
+
+# circleci
+\bcircleci\.com/gh(?:/[^/\s"]+){1,5}.[a-z]+\?[-0-9a-zA-Z=&]+
+
+# gitter
+\bgitter\.im(?:/[^/\s"]+){2}\?at=[0-9a-f]+
+
+# gravatar
+\bgravatar\.com/avatar/[0-9a-f]+
+
+# ibm
+[a-z.]*ibm\.com/[-_#=:%!?~.\\/\d\w]*
+
+# imgur
+\bimgur\.com/[^.]+
+
+# Internet Archive
+\barchive\.org/web/\d+/(?:[-\w.?,'/\\+&%$#_:]*)
+
+# discord
+/discord(?:app\.com|\.gg)/(?:invite/)?[a-zA-Z0-9]{7,}
+
+# Disqus
+\bdisqus\.com/[-\w/%.()!?&=_]*
+
+# medium link
+\blink\.medium\.com/[a-zA-Z0-9]+
+# medium
+\bmedium\.com/\@?[^/\s"]+/[-\w]+
+
+# microsoft
+\b(?:https?://|)(?:(?:download\.visualstudio|docs|msdn2?|research)\.microsoft|blogs\.msdn)\.com/[-_a-zA-Z0-9()=./%]*
+# powerbi
+\bapp\.powerbi\.com/reportEmbed/[^"' ]*
+# vs devops
+\bvisualstudio.com(?::443|)/[-\w/?=%&.]*
+
+# mvnrepository.com
+\bmvnrepository\.com/[-0-9a-z./]+
+
+# now.sh
+/[0-9a-z-.]+\.now\.sh\b
+
+# oracle
+\bdocs\.oracle\.com/[-0-9a-zA-Z./_?#&=]*
+
+# chromatic.com
+/\S+.chromatic.com\S*[")]
+
+# codacy
+\bapi\.codacy\.com/project/badge/Grade/[0-9a-f]+
+
+# compai
+\bcompai\.pub/v1/png/[0-9a-f]+
+
+# mailgun api
+\.api\.mailgun\.net/v3/domains/[0-9a-z]+\.mailgun.org/messages/[0-9a-zA-Z=@]*
+# mailgun
+\b[0-9a-z]+.mailgun.org
+
+# /message-id/
+/message-id/[-\w@./%]+
+
+# Reddit
+\breddit\.com/r/[/\w_]*
+
+# requestb.in
+\brequestb\.in/[0-9a-z]+
+
+# sched
+\b[a-z0-9]+\.sched\.com\b
+
+# Slack url
+slack://[a-zA-Z0-9?&=]+
+# Slack
+\bslack\.com/[-0-9a-zA-Z/_~?&=.]*
+# Slack edge
+\bslack-edge\.com/[-a-zA-Z0-9?&=%./]+
+# Slack images
+\bslack-imgs\.com/[-a-zA-Z0-9?&=%.]+
+
+# shields.io
+\bshields\.io/[-\w/%?=&.:+;,]*
+
+# stackexchange -- https://stackexchange.com/feeds/sites
+\b(?:askubuntu|serverfault|stack(?:exchange|overflow)|superuser).com/(?:questions/\w+/[-\w]+|a/)
+
+# Sentry
+[0-9a-f]{32}\@o\d+\.ingest\.sentry\.io\b
+
+# Twitter markdown
+\[\@[^[/\]:]*?\]\(https://twitter.com/[^/\s"')]*(?:/status/\d+(?:\?[-_0-9a-zA-Z&=]*|)|)\)
+# Twitter hashtag
+\btwitter\.com/hashtag/[\w?_=&]*
+# Twitter status
+\btwitter\.com/[^/\s"')]*(?:/status/\d+(?:\?[-_0-9a-zA-Z&=]*|)|)
+# Twitter profile images
+\btwimg\.com/profile_images/[_\w./]*
+# Twitter media
+\btwimg\.com/media/[-_\w./?=]*
+# Twitter link shortened
+\bt\.co/\w+
+
+# facebook
+\bfburl\.com/[0-9a-z_]+
+# facebook CDN
+\bfbcdn\.net/[\w/.,]*
+# facebook watch
+\bfb\.watch/[0-9A-Za-z]+
+
+# dropbox
+\bdropbox\.com/s/[^/\s"]+/[-0-9A-Za-z_.%]+
+
+# ipfs protocol
+ipfs://[0-9a-z]*
+# ipfs url
+/ipfs/[0-9a-z]*
+
+# w3
+\bw3\.org/[-0-9a-zA-Z/#.]+
+
+# loom
+\bloom\.com/embed/[0-9a-f]+
+
+# regex101
+\bregex101\.com/r/[^/\s"]+/\d+
+
+# figma
+\bfigma\.com/file(?:/[0-9a-zA-Z]+/)+
+
+# freecodecamp.org
+\bfreecodecamp\.org/[-\w/.]+
+
+# image.tmdb.org
+\bimage\.tmdb\.org/[/\w.]+
+
+# mermaid
+\bmermaid\.ink/img/[-\w]+|\bmermaid-js\.github\.io/mermaid-live-editor/#/edit/[-\w]+
+
+# gitweb
+[^"\s]+/gitweb/\S+;h=[0-9a-f]+
+
+# HyperKitty lists
+/archives/list/[^@/]+\@[^/\s"]*/message/[^/\s"]*/
+
+# lists
+/thread\.html/[^"\s]+
+
+# list-management
+\blist-manage\.com/subscribe(?:[?&](?:u|id)=[0-9a-f]+)+
+
+# kubectl.kubernetes.io/last-applied-configuration
+"kubectl.kubernetes.io/last-applied-configuration": ".*"
+
+# pgp
+\bgnupg\.net/pks/lookup[?&=0-9a-zA-Z]*
+
+# Spotify
+\bopen\.spotify\.com/embed/playlist/\w+
+
+# mastodon.social
+\bmastodon\.social/(?:media/|\@)[?&=0-9a-zA-Z]*
+
+# scastie
+\bscastie\.scala-lang\.org/[^/]+/\w+
+
+# images.unsplash.com
+\bimages\.unsplash\.com/(?:(?:flagged|reserve)/|)[-\w./%?=%&.;]+
+
+# pastebin
+\bpastebin\.com/[\w/]+
+
+# ANSI color codes
+(?:\\(?:u00|x)1b|\x1b)\[\d+(?:;\d+|)m
+
+# URL escaped characters
+\%[0-9A-F][A-F]
+# IPv6
+\b(?:[0-9a-fA-F]{0,4}:){3,7}[0-9a-fA-F]{0,4}\b
+# c99 hex digits (not the full format, just one I've seen)
+0x[0-9a-fA-F](?:\.[0-9a-fA-F]*|)[pP]
+# Punycode
+\bxn--[-0-9a-z]+
+# sha
+sha\d+:[0-9]*[a-f]{3,}[0-9a-f]*
+# sha-... -- uses a fancy capture
+(['"]|&quot;)[0-9a-f]{40,}\g{-1}
+# hex runs
+\b[0-9a-fA-F]{16,}\b
+# hex in url queries
+=[0-9a-fA-F]*?(?:[A-F]{3,}|[a-f]{3,})[0-9a-fA-F]*?&
+# ssh
+(?:ssh-\S+|-nistp256) [-a-zA-Z=;:/0-9+]{12,}
+# PGP
+\b(?:[0-9A-F]{4} ){9}[0-9A-F]{4}\b
+# uuid:
+\b[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}\b
+# hex digits including css/html color classes:
+(?:[\\0][xX]|\\u|[uU]\+|#x?|\%23)[0-9_]*[a-fA-FgGrR]{2,}[0-9_a-fA-FgGrR]*(?:[uUlL]{0,3}|u\d+)\b
+# integrity
+integrity="sha\d+-[-a-zA-Z=;:/0-9+]{40,}"
+
+# https://www.gnu.org/software/groff/manual/groff.html
+# man troff content
+\\f[BCIPR]
+# '
+\\\(aq
+
+# .desktop mime types
+^MimeTypes?=.*$
+# .desktop localized entries
+^[A-Z][a-z]+\[[a-z]+\]=.*$
+
+# IServiceProvider
+\bI(?=(?:[A-Z][a-z]{2,})+\b)
+
+# crypt
+"\$2[ayb]\$.{56}"
+
+# Input to GitHub JSON
+content: "[-a-zA-Z=;:/0-9+]*="
+
+# Python stringprefix / binaryprefix
+# Note that there's a high false positive rate, remove the `?=` and search for the regex to see if the matches seem like reasonable strings
+(?<!')\b(?:B|BR|Br|F|FR|Fr|R|RB|RF|Rb|Rf|U|UR|Ur|b|bR|br|f|fR|fr|r|rB|rF|rb|rf|u|uR|ur)'(?:[A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})
+
+# Regular expressions for (P|p)assword
+\([A-Z]\|[a-z]\)[a-z]+
+
+# JavaScript regular expressions
+/.*/[gim]*\.test\(
+\.replace\(/[^/\s"]*/[gim]*\s*,
+
+# Go regular expressions
+regexp?\.MustCompile\(`[^`]*`\)
+
+# sed regular expressions
+sed 's/(?:[^/]*?[a-zA-Z]{3,}[^/]*?/){2}
+
+# kubernetes pod status lists
+# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase
+\w+(?:-\w+)+\s+\d+/\d+\s+(?:Running|Pending|Succeeded|Failed|Unknown)\s+
+
+# kubectl - pods in CrashLoopBackOff
+\w+-[0-9a-f]+-\w+\s+\d+/\d+\s+CrashLoopBackOff\s+
+
+# kubernetes object suffix
+-[0-9a-f]{10}-\w{5}\s
+
+# posthog secrets
+posthog\.init\((['"])phc_[^"',]+\g{-1},
+
+# Update Lorem based on your content (requires `ge` and `w` from https://github.com/jsoref/spelling; and `review` from https://github.com/check-spelling/check-spelling/wiki/Looking-for-items-locally )
+# grep '^[^#].*lorem' .github/actions/spelling/patterns.txt|perl -pne 's/.*i..\?://;s/\).*//' |tr '|' "\n"|sort -f |xargs -n1 ge|perl -pne 's/^[^:]*://'|sort -u|w|sed -e 's/ .*//'|w|review -
+# Warning, while `(?i)` is very neat and fancy, if you have some binary files that aren't proper unicode, you might run into:
+## Operation "substitution (s///)" returns its argument for non-Unicode code point 0x1C19AE (the code point will vary).
+## You could manually change `(?i)X...` to use `[Xx]...`
+## or you could add the files to your `excludes` file (a version after 0.0.19 should identify the file path)
+# Lorem
+(?:\w|\s|[,.])*\b(?i)(?:amet|consectetur|cursus|dolor|eros|ipsum|lacus|libero|ligula|lorem|magna|neque|nulla|suscipit|tempus)\b(?:\w|\s|[,.])*
+
+# Non-English
+[a-zA-Z]*[ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź][a-zA-Z]{3}[a-zA-ZÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź]*
+
+# French
+# This corpus only had capital letters, but you probably want lowercase ones as well.
+\b[LN]'+[a-z]+\b
+
+# latex
+\\(?:n(?:ew|ormal)|r(?:enew)|t(?:able(?:of|)|he|itle))(?=[a-z]+)
+
+# the negative lookahead here is to allow catching 'templatesz' as a misspelling
+# but to otherwise recognize a Windows path with \templates\foo.template or similar:
+\\(?:necessary|r(?:eport|esolve[dr]?|esult)|t(?:arget|emplates?))(?![a-z])
+# ignore long runs of a single character:
+\b([A-Za-z])\g{-1}{3,}\b
+# Note that the next example is no longer necessary if you are using
+# to match a string starting with a `#`, use a character-class:
+[#]backwards
+# version suffix <word>v#
+(?:(?<=[A-Z]{2})V|(?<=[a-z]{2}|[A-Z]{2})v)\d+(?:\b|(?=[a-zA-Z_]))
+# Compiler flags (Scala)
+(?:^|[\t ,>"'`=(])-J-[DPWXY](?=[A-Z]{2,}|[A-Z][a-z]|[a-z]{2,})
+# Compiler flags
+(?:^|[\t ,"'`=(])-[DPWXYLlf](?=[A-Z]{2,}|[A-Z][a-z]|[a-z]{2,})
+# Compiler flags (linker)
+,-B
+# curl arguments
+\b(?:\\n|)curl(?:\s+-[a-zA-Z]{1,2}\b)*(?:\s+-[a-zA-Z]{3,})(?:\s+-[a-zA-Z]+)*
+# set arguments
+\bset(?:\s+-[abefimouxE]{1,2})*\s+-[abefimouxE]{3,}(?:\s+-[abefimouxE]+)*
+# tar arguments
+\b(?:\\n|)g?tar(?:\.exe|)(?:(?:\s+--[-a-zA-Z]+|\s+-[a-zA-Z]+|\s[ABGJMOPRSUWZacdfh-pr-xz]+\b)(?:=[^ ]*|))+
+# tput arguments -- https://man7.org/linux/man-pages/man5/terminfo.5.html -- technically they can be more than 5 chars long...
+\btput\s+(?:(?:-[SV]|-T\s*\w+)\s+)*\w{3,5}\b
+# macOS temp folders
+/var/folders/\w\w/[+\w]+/(?:T|-Caches-)/
--- a/.github/actions/spelling/excludes.txt
+++ b/.github/actions/spelling/excludes.txt
@ -0,0 +1,59 @@
+# See https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-excludes
+(?:^|/)(?i)COPYRIGHT
+(?:^|/)(?i)LICEN[CS]E
+(?:^|/)go\.sum$
+(?:^|/)package(?:-lock|)\.json$
+(?:^|/)vendor/
+ignore$
+\.a$
+\.ai$
+\.avi$
+\.bmp$
+\.bz2$
+\.crt$
+\.dll$
+\.docx?$
+\.drawio$
+\.DS_Store$
+\.eot$
+\.exe$
+\.gif$
+\.gitattributes$
+\.graffle$
+\.gz$
+\.html$
+\.icns$
+\.ico$
+\.jar$
+\.jks$
+\.jpe?g$
+\.js$
+\.key$
+\.lib$
+\.lock$
+\.map$
+\.min\..
+\.mod$
+\.mp[34]$
+\.nav$
+\.o$
+\.ocf$
+\.otf$
+\.pdf$
+\.pem$
+\.png$
+\.styl$
+\.psd$
+\.s$
+\.svg$
+\.tar$
+\.tiff?$
+\.ttf$
+\.uve$
+\.wav$
+\.webm$
+\.webp$
+\.woff2?$
+\.zip$
+^\.github/
+^\Q.github/workflows/spelling.yml\E$
--- a/.github/actions/spelling/expect.txt
+++ b/.github/actions/spelling/expect.txt
@ -0,0 +1,51 @@
+agentzh
+COMPAT
+csv
+dav
+dll
+DLUAJIT
+exe
+flv
+gcc
+gmail
+gunzip
+gzip
+html
+http
+imagename
+imap
+IOCP
+ipv
+jit
+json
+Linux
+lua
+luajit
+Microsoft
+mkdir
+MSYS
+nginx
+ngx
+NUMMODE
+objs
+openresty
+openssl
+pcre
+perl
+pid
+preread
+rds
+README
+realip
+sbin
+SETSIZE
+smtp
+ssl
+tarballs
+taskkill
+tasklist
+todo
+toolchain
+xcflags
+Yichun
+zlib
--- a/.github/actions/spelling/line_forbidden.patterns
+++ b/.github/actions/spelling/line_forbidden.patterns
@ -0,0 +1,56 @@
+# reject `m_data` as there's a certain OS which has evil defines that break things if it's used elsewhere
+# \bm_data\b
+
+# If you have a framework that uses `it()` for testing and `fit()` for debugging a specific test,
+# you might not want to check in code where you were debugging w/ `fit()`, in which case, you might want
+# to use this:
+#\bfit\(
+
+# s.b. GitHub
+\bGithub\b
+
+# s.b. GitLab
+\bGitlab\b
+
+# s.b. JavaScript
+\bJavascript\b
+
+# s.b. Microsoft
+\bMicroSoft\b
+
+# s.b. another
+\ban[- ]other\b
+
+# s.b. greater than
+\bgreater then\b
+
+# s.b. into
+\bin to\b
+
+# s.b. less than
+\bless then\b
+
+# s.b. otherwise
+\bother[- ]wise\b
+
+# s.b. nonexistent
+\bnon existing\b
+\b[Nn]o[nt][- ]existent\b
+
+# s.b. preexisting
+[Pp]re-existing
+
+# s.b. preempt
+[Pp]re-empt\b
+
+# s.b. preemptively
+[Pp]re-emptively
+
+# s.b. reentrancy
+[Rr]e-entrancy
+
+# s.b. reentrant
+[Rr]e-entrant
+
+# Reject duplicate words
+\s([A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})\s\g{-1}\s
--- a/.github/actions/spelling/only.txt
+++ b/.github/actions/spelling/only.txt
@ -0,0 +1,2 @@
+# See https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-excludes
+\.md$
--- a/.github/actions/spelling/patterns.txt
+++ b/.github/actions/spelling/patterns.txt
@ -0,0 +1,18 @@
+# See https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-patterns
+
+# acceptable duplicates
+# ls directory listings
+[-bcdlpsw](?:[-r][-w][-sx]){3}\s+\d+\s+(\S+)\s+\g{-1}\s+\d+\s+
+# C types
+\s(long|LONG) \g{-1}\s
+# javadoc / .net
+(?:[\\@](?:groupname|param)|(?:public|private)(?:\s+static|\s+readonly)*)\s+(\w+)\s+\g{-1}\s
+
+# Commit message -- Signed-off-by and friends
+^\s*(?:(?:Based-on-patch|Co-authored|Helped|Mentored|Reported|Reviewed|Signed-off)-by|Thanks-to): (?:[^<]*<[^>]*>|[^<]*)\s*$
+
+# Autogenerated revert commit message
+^This reverts commit [0-9a-f]{40}\.$
+
+# ignore long runs of a single character:
+\b([A-Za-z])\g{-1}{3,}\b
--- a/.github/actions/spelling/reject.txt
+++ b/.github/actions/spelling/reject.txt
@ -0,0 +1,10 @@
+^attache$
+benefitting
+occurences?
+^dependan.*
+^oer$
+Sorce
+^[Ss]pae.*
+^untill$
+^untilling$
+^wether.*
--- a/.github/workflows/markdownlint.yml
+++ b/.github/workflows/markdownlint.yml
@ -0,0 +1,18 @@
+name: Linting on markdown files
+on:
+  pull_request_target:
+  push:
+
+jobs:
+  lint-content:
+    name: Lint content markdown files
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v2
+
+    - name: Lint markdown files
+      uses: avto-dev/markdown-lint@v1
+      with:
+        config: './.markdownlint.jsonc'
+        args: './content/**/*.md'
--- a/.github/workflows/semantic-pull-request.yml
+++ b/.github/workflows/semantic-pull-request.yml
@ -0,0 +1,30 @@
+name: "Lint PR"
+
+on:
+  pull_request_target:
+    types:
+      - opened
+      - edited
+      - synchronize
+
+jobs:
+  main:
+    name: Validate PR title
+    runs-on: ubuntu-latest
+    steps:
+      - uses: amannn/action-semantic-pull-request@v4
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          # Configure which types are allowed.
+          # Default: https://github.com/commitizen/conventional-commit-types
+          types: |
+            bugfix # bug fixes
+            change # backward incompatible changes
+            doc # documentation changes including code comments
+            editor # code editor related configurations
+            feature # implementing a new feature
+            optimize # performance optimizations
+            refactor # code refactoring and other code rearrangement
+            style # coding style changes
+            tests # test suite changes
--- a/.github/workflows/spelling.yml
+++ b/.github/workflows/spelling.yml
@ -0,0 +1,96 @@
+name: Spell checking
+
+# Updating pull request branches is managed via comment handling.
+# For details, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-expect-list
+#
+# These elements work together to make it happen:
+#
+# `on.issue_comment`
+#   This event listens to comments by users asking to update the metadata.
+#
+# `jobs.update`
+#   This job runs in response to an issue_comment and will push a new commit
+#   to update the spelling metadata.
+#
+# `with.experimental_apply_changes_via_bot`
+#   Tells the action to support and generate messages that enable it
+#   to make a commit to update the spelling metadata.
+#
+# `with.ssh_key`
+#   In order to trigger workflows when the commit is made, you can provide a
+#   secret (typically, a write-enabled github deploy key).
+#
+#   For background, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-with-deploy-key
+
+on:
+  push:
+    branches: ["**"]
+    tags-ignore: ["**"]
+  pull_request_target:
+  issue_comment:
+    types: [created]
+
+jobs:
+  spelling:
+    name: Spell checking
+    permissions:
+      contents: read
+      pull-requests: read
+      actions: read
+    outputs:
+      followup: ${{ steps.spelling.outputs.followup }}
+    runs-on: ubuntu-latest
+    if: "contains(github.event_name, 'pull_request') || github.event_name == 'push'"
+    concurrency:
+      group: spelling-${{ github.event.pull_request.number || github.ref }}
+      # note: If you use only_check_changed_files, you do not want cancel-in-progress
+      cancel-in-progress: true
+    steps:
+    - name: check-spelling
+      id: spelling
+      uses: check-spelling/check-spelling@main
+      with:
+        suppress_push_for_open_pull_request: 1
+        checkout: true
+        post_comment: 0
+        experimental_apply_changes_via_bot: 1
+        extra_dictionaries:
+          cspell:filetypes/filetypes.txt
+
+  comment:
+    name: Report
+    runs-on: ubuntu-latest
+    needs: spelling
+    permissions:
+      contents: write
+      pull-requests: write
+    if: (success() || failure()) && needs.spelling.outputs.followup
+    steps:
+    - name: comment
+      uses: check-spelling/check-spelling@main
+      with:
+        checkout: true
+        task: ${{ needs.spelling.outputs.followup }}
+        experimental_apply_changes_via_bot: 1
+
+  update:
+    name: Update PR
+    permissions:
+      contents: write
+      pull-requests: write
+    runs-on: ubuntu-latest
+    if: ${{
+        github.event_name == 'issue_comment' &&
+        github.event.issue.pull_request &&
+        contains(github.event.comment.body, '@check-spelling-bot apply')
+      }}
+    concurrency:
+      group: spelling-update-${{ github.event.issue.number }}
+      cancel-in-progress: false
+    steps:
+    - name: apply spelling updates
+      uses: check-spelling/check-spelling@main
+      with:
+        experimental_apply_changes_via_bot: 1
+        checkout: true
+        ssh_key: "${{ secrets.CHECK_SPELLING }}"
--- a/.gitignore
+++ b/.gitignore
@ -74,3 +74,5 @@ upload
 upload-win32
 html_out/
 TODO
+doc/LuaJIT-2.1/changes.pod
+t/servroot
--- a/.travis.yml
+++ b/.travis.yml
@ -0,0 +1,154 @@
+dist: bionic
+
+branches:
+  only:
+    - "master"
+
+os: linux
+
+language: c
+
+compiler:
+  - gcc
+
+addons:
+  apt:
+    packages:
+    - axel
+    - dos2unix
+    - libgd-dev
+
+_linux-s390x: &linux-s390x
+  os: linux
+  arch: s390x
+  dist: bionic
+  compiler: gcc
+  addons:
+      apt:
+          update: true
+          packages:
+            - axel
+            - dos2unix
+            - libgd-dev
+            - libpcre3
+            - libpcre3-dev
+            - mercurial
+            - libpq-dev
+  before_install:
+    - sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
+  install:
+    - cpanm --sudo --notest Test::Nginx IPC::Run3 > build.log 2>&1 || (cat build.log && exit 1)
+    - if [ ! -f download-cache/openssl-$OPENSSL_VER.tar.gz ]; then wget -P download-cache https://www.openssl.org/source/openssl-$OPENSSL_VER.tar.gz || wget -P download-cache https://www.openssl.org/source/old/${OPENSSL_VER//[a-z]/}/openssl-$OPENSSL_VER.tar.gz; fi
+    - tar zxf download-cache/openssl-$OPENSSL_VER.tar.gz
+    - cd openssl-$OPENSSL_VER/
+    - patch -p1 < ../patches/openssl-$OPENSSL_PATCH_VER-sess_set_get_cb_yield.patch
+    - ./config no-threads shared enable-ssl3 enable-ssl3-method -g --prefix=$OPENSSL_PREFIX -DPURIFY > build.log 2>&1 || (cat build.log && exit 1)
+    - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1)
+    - sudo make PATH=$PATH install_sw > build.log 2>&1 || (cat build.log && exit 1)
+    - cd ..
+    - sudo ln -s /usr/bin/make /usr/bin/gmake
+  script:
+    - util/mirror-tarballs > build.log 2>&1 || (cat build.log && exit 1)
+    - cd "openresty-$(./util/ver)"
+    - ./configure $ENABLE_HTTP3_OPTION --prefix=$OPENRESTY_PREFIX --with-cc-opt="-I$PCRE_INC -I$OPENSSL_INC" --with-ld-opt="-L$PCRE_LIB -L$OPENSSL_LIB -Wl,-rpath,$PCRE_LIB:$OPENSSL_LIB" --with-pcre-jit --with-http_ssl_module --with-debug -j$JOBS > build.log 2>&1 || (cat build.log && exit 1)
+    - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1)
+    - sudo make install > build.log 2>&1 || (cat build.log && exit 1)
+    - cd ..
+    - export PATH=$OPENRESTY_PREFIX/bin:$OPENRESTY_PREFIX/nginx/sbin:$PATH
+    - nginx -V
+    - ldd `which nginx`|grep -E 'luajit|ssl|pcre'
+    - prove -I. -r t/
+
+_linux-ppc64le: &linux-ppc64le
+  os: linux
+  arch: ppc64le
+  dist: bionic
+  compiler: gcc
+  addons:
+      apt:
+          update: true
+          packages:
+            - axel
+            - dos2unix
+            - libgd-dev
+            - libpcre3
+            - libpcre3-dev
+            - mercurial
+            - libpq-dev
+  install:
+    - cpanm --sudo --notest Test::Nginx IPC::Run3 > build.log 2>&1 || (cat build.log && exit 1)
+    - if [ ! -f download-cache/openssl-$OPENSSL_VER.tar.gz ]; then wget -P download-cache https://www.openssl.org/source/openssl-$OPENSSL_VER.tar.gz || wget -P download-cache https://www.openssl.org/source/old/${OPENSSL_VER//[a-z]/}/openssl-$OPENSSL_VER.tar.gz; fi
+    - tar zxf download-cache/openssl-$OPENSSL_VER.tar.gz
+    - cd openssl-$OPENSSL_VER/
+    - patch -p1 < ../patches/openssl-$OPENSSL_PATCH_VER-sess_set_get_cb_yield.patch
+    - ./config no-threads shared enable-ssl3 enable-ssl3-method -g --prefix=$OPENSSL_PREFIX -DPURIFY > build.log 2>&1 || (cat build.log && exit 1)
+    - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1)
+    - sudo make PATH=$PATH install_sw > build.log 2>&1 || (cat build.log && exit 1)
+    - cd ..
+    - sudo ln -s /usr/bin/make /usr/bin/gmake
+  script:
+    - util/mirror-tarballs > build.log 2>&1 || (cat build.log && exit 1)
+    - cd "openresty-$(./util/ver)"
+    - ./configure $ENABLE_HTTP3_OPTION --prefix=$OPENRESTY_PREFIX --with-cc-opt="-I$PCRE_INC -I$OPENSSL_INC" --with-ld-opt="-L$PCRE_LIB -L$OPENSSL_LIB -Wl,-rpath,$PCRE_LIB:$OPENSSL_LIB" --with-pcre-jit --with-http_ssl_module --with-debug -j$JOBS > build.log 2>&1 || (cat build.log && exit 1)
+    - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1)
+    - sudo make install > build.log 2>&1 || (cat build.log && exit 1)
+    - cd ..
+    - export PATH=$OPENRESTY_PREFIX/bin:$OPENRESTY_PREFIX/nginx/sbin:$PATH
+    - nginx -V
+    - ldd `which nginx`|grep -E 'luajit|ssl|pcre'
+
+cache:
+  directories:
+  - download-cache
+
+env:
+  global:
+    - JOBS=3
+    - PCRE_VER=8.44
+    - PCRE_PREFIX=/opt/pcre
+    - PCRE_LIB=$PCRE_PREFIX/lib
+    - PCRE_INC=$PCRE_PREFIX/include
+    - OPENSSL_PREFIX=/opt/ssl
+    - OPENSSL_LIB=$OPENSSL_PREFIX/lib
+    - OPENSSL_INC=$OPENSSL_PREFIX/include
+    - OPENRESTY_PREFIX=/opt/openresty
+  jobs:
+    - OPENSSL_VER=1.1.1w OPENSSL_PATCH_VER=1.1.1f ENABLE_HTTP3_OPTION=--with-http_v3_module
+
+jobs:
+    include:
+        - <<: *linux-s390x
+          env: OPENSSL_VER=1.1.1w OPENSSL_PATCH_VER=1.1.1f ENABLE_HTTP3_OPTION=--with-http_v3_module
+        - <<: *linux-ppc64le
+          env: OPENSSL_VER=1.1.1w OPENSSL_PATCH_VER=1.1.1f ENABLE_HTTP3_OPTION=--with-http_v3_module
+
+install:
+  - cpanm --sudo --notest Test::Nginx IPC::Run3 > build.log 2>&1 || (cat build.log && exit 1)
+  - if [ ! -f download-cache/pcre-$PCRE_VER.tar.gz ]; then wget -P download-cache https://downloads.sourceforge.net/project/pcre/pcre/${PCRE_VER}/pcre-${PCRE_VER}.tar.gz; fi
+  - if [ ! -f download-cache/openssl-$OPENSSL_VER.tar.gz ]; then wget -P download-cache https://www.openssl.org/source/openssl-$OPENSSL_VER.tar.gz || wget -P download-cache https://www.openssl.org/source/old/${OPENSSL_VER//[a-z]/}/openssl-$OPENSSL_VER.tar.gz; fi
+  - tar zxf download-cache/pcre-$PCRE_VER.tar.gz
+  - cd pcre-$PCRE_VER/
+  - ./configure --prefix=$PCRE_PREFIX --enable-jit --enable-utf --enable-unicode-properties > build.log 2>&1 || (cat build.log && exit 1)
+  - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1)
+  - sudo PATH=$PATH make install > build.log 2>&1 || (cat build.log && exit 1)
+  - cd ..
+  - tar zxf download-cache/openssl-$OPENSSL_VER.tar.gz
+  - cd openssl-$OPENSSL_VER/
+  - patch -p1 < ../patches/openssl-$OPENSSL_PATCH_VER-sess_set_get_cb_yield.patch
+  - ./config no-threads shared enable-ssl3 enable-ssl3-method -g --prefix=$OPENSSL_PREFIX -DPURIFY > build.log 2>&1 || (cat build.log && exit 1)
+  - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1)
+  - sudo make PATH=$PATH install_sw > build.log 2>&1 || (cat build.log && exit 1)
+  - cd ..
+  - sudo ln -s /usr/bin/make /usr/bin/gmake
+
+script:
+  - util/mirror-tarballs > build.log 2>&1 || (cat build.log && exit 1)
+  - cd "openresty-$(./util/ver)"
+  - ./configure $ENABLE_HTTP3_OPTION --prefix=$OPENRESTY_PREFIX --with-cc-opt="-I$PCRE_INC -I$OPENSSL_INC" --with-ld-opt="-L$PCRE_LIB -L$OPENSSL_LIB -Wl,-rpath,$PCRE_LIB:$OPENSSL_LIB" --with-pcre-jit --with-http_ssl_module --with-debug -j$JOBS > build.log 2>&1 || (cat build.log && exit 1)
+  - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1)
+  - sudo make install > build.log 2>&1 || (cat build.log && exit 1)
+  - cd ..
+  - export PATH=$OPENRESTY_PREFIX/bin:$OPENRESTY_PREFIX/nginx/sbin:$PATH
+  - nginx -V
+  - ldd `which nginx`|grep -E 'luajit|ssl|pcre'
+  - prove -I. -r t/
--- a/325
+++ b/325
@ -1,6 +1,7 @@
-Copyright (C) 2009-2015, by Yichun "agentzh" Zhang, CloudFlare Inc.
+Copyright (C) 2009-2015, by Yichun "agentzh" Zhang, OpenResty Inc.

-Copyright (C) 2009-2014, by Xiaozhe Wang (chaoslawful) <chaoslawful@gmail.com>.
+Copyright (C) 2009-2014, by Xiaozhe Wang (chaoslawful) <chaoslawful@gmail.
+com>.

 Copyright (C) 2010-2014, by FRiCKLE Piotr Sikora <info@frickle.com>.

@ -12,19 +13,34 @@ Copyright (C) Guanlan Dai

 All rights reserved.

-Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:

-* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+* Redistributions of source code must retain the above copyright notice,
+this list of conditions and the following disclaimer.

-* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
+* Redistributions in binary form must reproduce the above copyright notice,
+this list of conditions and the following disclaimer in the documentation
+and/or other materials provided with the distribution.

-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS
+BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.

 Copyright (c) 2010, Marcus Clyne, Simpl (simpl.it)
 All rights reserved.

 Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
+modification, are permitted provided that the following conditions are
+met:

    * Redistributions of source code must retain the above copyright
      notice, this list of conditions and the following disclaimer.
@ -35,15 +51,18 @@ modification, are permitted provided that the following conditions are met:
      names of its contributors may be used to endorse or promote products
      derived from this software without specific prior written permission.

-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND
 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 DISCLAIMED. IN NO EVENT SHALL MARCUS CLYNE OR SIMPL BE LIABLE FOR ANY
 DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+AND
 ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+THIS
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 -----------------------------------------------------------------------------
@ -107,22 +126,29 @@ LuaJIT -- a Just-In-Time Compiler for Lua. http://luajit.org/

 Copyright (C) 2005-2015 Mike Pall. All rights reserved.

-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
+Permission is hereby granted, free of charge, to any person obtaining a
+copy
+of this software and associated documentation files (the "Software"), to
+deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:

-The above copyright notice and this permission notice shall be included in
+The above copyright notice and this permission notice shall be included
+in
 all copies or substantial portions of the Software.

-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL
+THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+IN
 THE SOFTWARE.

 [ MIT license: http://www.opensource.org/licenses/mit-license.php ]
@ -133,22 +159,29 @@ Lua License

 Copyright (C) 1994-2012 Lua.org, PUC-Rio.

-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
+Permission is hereby granted, free of charge, to any person obtaining a
+copy
+of this software and associated documentation files (the "Software"), to
+deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:

-The above copyright notice and this permission notice shall be included in
+The above copyright notice and this permission notice shall be included
+in
 all copies or substantial portions of the Software.

-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL
+THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+IN
 THE SOFTWARE.

 -----------------------------------------------------------------------------
@ -232,6 +265,250 @@ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 SUCH DAMAGE.

+The licence and distribution terms for any publically available version
+or
+derivative of this code cannot be changed.  i.e. this code cannot simply
+be
+copied and put under another distribution licence
+
+-----------------------------------------------------------------------------
+
+OpenSSL
+
+Copyright (c) 1998-2016 The OpenSSL Project.  All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in
+   the documentation and/or other materials provided with the
+   distribution.
+
+3. All advertising materials mentioning features or use of this
+   software must display the following acknowledgment:
+   "This product includes software developed by the OpenSSL Project
+   for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+
+4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+   endorse or promote products derived from this software without
+   prior written permission. For written permission, please contact
+   openssl-core@openssl.org.
+
+5. Products derived from this software may not be called "OpenSSL"
+   nor may "OpenSSL" appear in their names without prior written
+   permission of the OpenSSL Project.
+
+6. Redistributions of any form whatsoever must retain the following
+   acknowledgment:
+   "This product includes software developed by the OpenSSL Project
+   for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+
+THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+OF THE POSSIBILITY OF SUCH DAMAGE.
+
+This product includes cryptographic software written by Eric Young
+(eay@cryptsoft.com).  This product includes software written by Tim
+Hudson (tjh@cryptsoft.com).
+
+Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+All rights reserved.
+
+This package is an SSL implementation written
+by Eric Young (eay@cryptsoft.com).
+The implementation was written so as to conform with Netscapes SSL.
+
+This library is free for commercial and non-commercial use as long as
+the following conditions are aheared to.  The following conditions
+apply to all code found in this distribution, be it the RC4, RSA,
+lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+included with this distribution is covered by the same copyright terms
+except that the holder is Tim Hudson (tjh@cryptsoft.com).
+
+Copyright remains Eric Young's, and as such any Copyright notices in
+the code are not to be removed.
+If this package is used in a product, Eric Young should be given attribution
+as the author of the parts of the library used.
+This can be in the form of a textual message at program startup or
+in documentation (online or textual) provided with the package.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the copyright
+   notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+
+3. All advertising materials mentioning features or use of this software
+   must display the following acknowledgement:
+   "This product includes cryptographic software written by
+    Eric Young (eay@cryptsoft.com)"
+   The word 'cryptographic' can be left out if the rouines from the library
+   being used are not cryptographic related :-).
+
+4. If you include any Windows specific code (or a derivative thereof) from
+   the apps directory (application code) you must include an acknowledgement:
+   "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
 The licence and distribution terms for any publically available version or
 derivative of this code cannot be changed.  i.e. this code cannot simply be
 copied and put under another distribution licence
+[including the GNU Public Licence.]
+
+-----------------------------------------------------------------------------
+
+PCRE LICENCE
+------------
+
+PCRE is a library of functions to support regular expressions whose syntax
+and semantics are as close as possible to those of the Perl 5 language.
+
+Release 8 of PCRE is distributed under the terms of the "BSD" licence, as
+specified below. The documentation for PCRE, supplied in the "doc"
+directory, is distributed under the same terms as the software itself. The data
+in the testdata directory is not copyrighted and is in the public domain.
+
+The basic library functions are written in C and are freestanding. Also
+included in the distribution is a set of C++ wrapper functions, and a
+just-in-time compiler that can be used to optimize pattern matching. These
+are both optional features that can be omitted when the library is built.
+
+
+THE BASIC LIBRARY FUNCTIONS
+---------------------------
+
+Written by:       Philip Hazel
+Email local part: ph10
+Email domain:     cam.ac.uk
+
+University of Cambridge Computing Service,
+Cambridge, England.
+
+Copyright (c) 1997-2017 University of Cambridge
+All rights reserved.
+
+
+PCRE JUST-IN-TIME COMPILATION SUPPORT
+-------------------------------------
+
+Written by:       Zoltan Herczeg
+Email local part: hzmester
+Emain domain:     freemail.hu
+
+Copyright(c) 2010-2017 Zoltan Herczeg
+All rights reserved.
+
+
+STACK-LESS JUST-IN-TIME COMPILER
+--------------------------------
+
+Written by:       Zoltan Herczeg
+Email local part: hzmester
+Emain domain:     freemail.hu
+
+Copyright(c) 2009-2017 Zoltan Herczeg
+All rights reserved.
+
+
+THE C++ WRAPPER FUNCTIONS
+-------------------------
+
+Contributed by:   Google Inc.
+
+Copyright (c) 2007-2012, Google Inc.
+All rights reserved.
+
+
+THE "BSD" LICENCE
+-----------------
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+
+    * Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+
+    * Neither the name of the University of Cambridge nor the name of Google
+      Inc. nor the names of their contributors may be used to endorse or
+      promote products derived from this software without specific prior
+      written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGE.
+
+-----------------------------------------------------------------------------
+
+zlib
+
+ (C) 1995-2013 Jean-loup Gailly and Mark Adler
+
+  This software is provided 'as-is', without any express or implied
+  warranty.  In no event will the authors be held liable for any damages
+  arising from the use of this software.
+
+  Permission is granted to anyone to use this software for any purpose,
+  including commercial applications, and to alter it and redistribute it
+  freely, subject to the following restrictions:
+
+  1. The origin of this software must not be misrepresented; you must not
+     claim that you wrote the original software. If you use this software
+     in a product, an acknowledgment in the product documentation would be
+     appreciated but is not required.
+  2. Altered source versions must be plainly marked as such, and must not be
+     misrepresented as being the original software.
+  3. This notice may not be removed or altered from any source distribution.
+
+  Jean-loup Gailly        Mark Adler
+  jloup@gzip.org          madler@alumni.caltech.edu
+
+If you use the zlib library in a product, we would appreciate *not* receiving
+lengthy legal documents to sign.  The sources are provided for free but without
+warranty of any kind.  The library has been entirely written by Jean-loup
+Gailly and Mark Adler; it does not include third-party code.
+
+If you redistribute modified sources, we would appreciate that you include in
+the file ChangeLog history information documenting your changes.  Please read
+the FAQ for more information on the distribution of modified source versions.
--- a/8
+++ b/8
@ -1,10 +1,10 @@
-.PHONY: all test try-luajit try-lua
+.PHONY: all test try-luajit try-lua clean

 all:
 	./util/mirror-tarballs

-test: all
-	prove -r t
+test:
+	prove -I../test-nginx/lib -r t

 try-luajit: all
 	cd openresty-`./util/ver` && ./configure --with-luajit
@ -12,3 +12,5 @@ try-luajit: all
 try-lua: all
 	cd openresty-`./util/ver` && ./configure && $(MAKE)

+clean:
+	rm -rf openresty-*
--- a/README.markdown
+++ b/README.markdown
@ -10,6 +10,8 @@ Table of Contents
 * [Description](#description)
    * [For Users](#for-users)
    * [For Bundle Maintainers](#for-bundle-maintainers)
+* [Additional Features](#additional-features)
+    * [resolv.conf parsing](#resolvconf-parsing)
 * [Mailing List](#mailing-list)
 * [Report Bugs](#report-bugs)
 * [Copyright & License](#copyright--license)
@ -20,20 +22,21 @@ Description
 OpenResty is a full-fledged web application server by bundling the standard nginx core,
 lots of 3rd-party nginx modules, as well as most of their external dependencies.

-This bundle is maintained Yichun Zhang (agentzh).
+This bundle is maintained by Yichun Zhang (agentzh).

 Because most of the nginx modules are developed by the bundle maintainers, it can ensure
 that all these modules are played well together.

 The bundled software components are copyrighted by the respective copyright holders.

-The homepage for this project is http://openresty.org.
+The homepage for this project is on [openresty.org](https://openresty.org/).

 For Users
 ---------

-Visit http://openresty.org/#Download to download the latest bundle tarball, and
-follow the installation instructions in the page http://openresty.org/#Installation.
+Visit the [download page](https://openresty.org/en/download.html) on the `openresty.org` web site
+to download the latest bundle tarball, and
+follow the installation instructions in the [installation page](https://openresty.org/en/installation.html).

 For Bundle Maintainers
 ----------------------
@ -50,17 +53,45 @@ make

 at the top of the bundle source tree.

-Please note that you may need to install some extra dependencies, like `perl`, `dos2unix` and
-the Perl CPAN mdoule `Markdown::Pod`. On Fedora 22, for example, installing the dependencies
+Please note that you may need to install some extra dependencies, like `perl`, `dos2unix`, and `mercurial`.
+On Fedora 22, for example, installing the dependencies
 is as simple as running the following commands:

 ```bash
-sudo dnf install perl dos2unix
-sudo cpan Markdown::Pod
+sudo dnf install perl dos2unix mercurial
 ```

 [Back to TOC](#table-of-contents)

+Additional Features
+===================
+
+In additional to the standard nginx core features, this bundle also supports the following:
+
+[Back to TOC](#table-of-contents)
+
+resolv.conf parsing
+--------------------
+
+**syntax:** *resolver address ... [valid=time] [ipv6=on|off] [local=on|off|path]*
+
+**default:** *-*
+
+**context:** *http, stream, server, location*
+
+Similar to the [`resolver` directive](https://nginx.org/en/docs/http/ngx_http_core_module.html#resolver)
+in standard nginx core with additional support for parsing additional resolvers from the `resolv.conf` file
+format.
+
+When `local=on`, the standard path of `/etc/resolv.conf` will be used. You may also specify arbitrary
+path to be used for parsing, for example: `local=/tmp/test.conf`.
+
+When `local=off`, parsing will be disabled (this is the default).
+
+This feature is not available on Windows platforms.
+
+[Back to TOC](#table-of-contents)
+
 Mailing List
 ============

@ -88,7 +119,7 @@ Copyright & License

 The bundle itself is licensed under the 2-clause BSD license.

-Copyright (c) 2011-2016, Yichun "agentzh" Zhang (章亦春) <agentzh@gmail.com>, CloudFlare Inc.
+Copyright (c) 2011-2019, Yichun "agentzh" Zhang (章亦春) <agentzh@gmail.com>, OpenResty Inc.

 This module is licensed under the terms of the BSD license.

--- a/clients/js/openresty.js
+++ b/clients/js/openresty.js
@ -142,10 +142,10 @@ $ClientP._post_by_form = function (url, content, args) {
        reqId: reqId
    };
    _post_forms[reqId] = obj;
-    var submited = false;
+    var submitted = false;
    // var onloadCount = 0;
    obj.onload = function() {
-        if (!submited) return;
+        if (!submitted) return;
        
        // alert('contentLoad ' + (++onloadCount) + ' times\n' + this);
        
@ -237,7 +237,7 @@ $ClientP._post_by_form = function (url, content, args) {
    _ipt = null;
    
    _form.submit();
-    submited = true;
+    submitted = true;
 };

 $ClientP.post = function (url) {
--- a/doc/LuaJIT-2.1/README.pod
+++ b/doc/LuaJIT-2.1/README.pod
@ -0,0 +1,201 @@
+=pod
+
+LuaJIT
+
+=head1 LuaJIT
+
+=over
+
+=item * LuaJIT
+
+=over
+
+=item * Download E<rchevron>
+
+=item * Installation
+
+=item * Running
+
+=back
+
+=item * Extensions
+
+=over
+
+=item * FFI Library
+
+=over
+
+=item * FFI Tutorial
+
+=item * ffi.* API
+
+=item * FFI Semantics
+
+=back
+
+=item * jit.* Library
+
+=item * Lua/C API
+
+=item * Profiler
+
+=back
+
+=item * Status
+
+=over
+
+=item * Changes
+
+=back
+
+=item * FAQ
+
+=item * Performance E<rchevron>
+
+=item * Wiki E<rchevron>
+
+=item * Mailing List E<rchevron>
+
+=back
+
+LuaJIT is a B<Just-In-Time Compiler> (JIT) for the E<rchevron> Lua
+programming language. Lua is a powerful, dynamic and light-weight
+programming language. It may be embedded or used as a general-purpose,
+stand-alone language.
+
+LuaJIT is Copyright E<copy> 2005-2017 Mike Pall, released under the
+E<rchevron> MIT open source license.
+
+=head2 Compatibility
+
+Windows
+
+Linux
+
+BSD
+
+OSX
+
+POSIX
+
+Embedded
+
+Android
+
+iOS
+
+PS3
+
+PS4
+
+PS Vita
+
+Xbox 360
+
+Xbox One
+
+GCC
+
+Clang
+
+LLVM
+
+MSVC
+
+x86
+
+x64
+
+ARM
+
+ARM64
+
+PPC
+
+MIPS32
+
+MIPS64
+
+Lua 5.1
+
+API+ABI
+
+ JIT
+
+ BitOp
+
+ FFI
+
+Drop-in
+
+DLL/.so
+
+=head2 Overview
+
+3x
+
+- 100x
+
+115 KB
+
+VM
+
+90 KB
+
+JIT
+
+63 KLOC
+
+C
+
+24 KLOC
+
+ASM
+
+11 KLOC
+
+Lua
+
+LuaJIT has been successfully used as a B<scripting middleware> in
+games, appliances, network and graphics apps, numerical simulations,
+trading platforms and many other specialty applications. It scales from
+embedded devices, smartphones, desktops up to server farms. It combines
+high flexibility with E<rchevron> high performance and an unmatched
+B<low memory footprint>.
+
+LuaJIT has been in continuous development since 2005. It's widely
+considered to be B<one of the fastest dynamic language
+implementations>. It has outperformed other dynamic languages on many
+cross-language benchmarks since its first release E<mdash> often by a
+substantial margin.
+
+For B<LuaJIT 2.0>, the whole VM has been rewritten from the ground up
+and relentlessly optimized for performance. It combines a B<high-speed
+interpreter>, written in assembler, with a B<state-of-the-art JIT
+compiler>.
+
+An innovative B<trace compiler> is integrated with advanced, SSA-based
+optimizations and highly tuned code generation backends. A substantial
+reduction of the overhead associated with dynamic languages allows it
+to break into the performance range traditionally reserved for offline,
+static language compilers.
+
+=head2 More ...
+
+Please select a sub-topic in the navigation bar to learn more about
+LuaJIT.
+
+----
+
+Copyright E<copy> 2005-2017 Mike Pall E<middot> Contact
+
+=cut
+
+#Pod::HTML2Pod conversion notes:
+#From file luajit.html
+# 8082 bytes of input
+#Mon May 14 13:19:16 2018 agentzh
+# No a_name switch not specified, so will not try to render <a name='...'>
+# No a_href switch not specified, so will not try to render <a href='...'>
--- a/doc/LuaJIT-2.1/contact.pod
+++ b/doc/LuaJIT-2.1/contact.pod
@ -0,0 +1,87 @@
+=pod
+
+LuaJIT
+
+=head1 Contact
+
+=over
+
+=item * LuaJIT
+
+=over
+
+=item * Download E<rchevron>
+
+=item * Installation
+
+=item * Running
+
+=back
+
+=item * Extensions
+
+=over
+
+=item * FFI Library
+
+=over
+
+=item * FFI Tutorial
+
+=item * ffi.* API
+
+=item * FFI Semantics
+
+=back
+
+=item * jit.* Library
+
+=item * Lua/C API
+
+=item * Profiler
+
+=back
+
+=item * Status
+
+=over
+
+=item * Changes
+
+=back
+
+=item * FAQ
+
+=item * Performance E<rchevron>
+
+=item * Wiki E<rchevron>
+
+=item * Mailing List E<rchevron>
+
+=back
+
+If you want to report bugs, propose fixes or suggest enhancements,
+please use the GitHub issue tracker.
+
+Please send general questions to the E<rchevron> LuaJIT mailing list.
+
+You can also send any questions you have directly to me:
+
+Contact info in image
+
+=head2 Copyright
+
+All documentation is Copyright E<copy> 2005-2017 Mike Pall.
+
+----
+
+Copyright E<copy> 2005-2017 Mike Pall E<middot> Contact
+
+=cut
+
+#Pod::HTML2Pod conversion notes:
+#From file contact.html
+# 2989 bytes of input
+#Mon May 14 13:19:15 2018 agentzh
+# No a_name switch not specified, so will not try to render <a name='...'>
+# No a_href switch not specified, so will not try to render <a href='...'>
--- a/doc/LuaJIT-2.1/ext_c_api.pod
+++ b/doc/LuaJIT-2.1/ext_c_api.pod
@ -0,0 +1,176 @@
+=pod
+
+LuaJIT
+
+=head1 Lua/C API Extensions
+
+=over
+
+=item * LuaJIT
+
+=over
+
+=item * Download E<rchevron>
+
+=item * Installation
+
+=item * Running
+
+=back
+
+=item * Extensions
+
+=over
+
+=item * FFI Library
+
+=over
+
+=item * FFI Tutorial
+
+=item * ffi.* API
+
+=item * FFI Semantics
+
+=back
+
+=item * jit.* Library
+
+=item * Lua/C API
+
+=item * Profiler
+
+=back
+
+=item * Status
+
+=over
+
+=item * Changes
+
+=back
+
+=item * FAQ
+
+=item * Performance E<rchevron>
+
+=item * Wiki E<rchevron>
+
+=item * Mailing List E<rchevron>
+
+=back
+
+LuaJIT adds some extensions to the standard Lua/C API. The LuaJIT
+include directory must be in the compiler search path (C<-II<path>>) to
+be able to include the required header for C code:
+
+ #include "luajit.h"
+
+Or for C++ code:
+
+ #include "lua.hpp"
+
+=head2 C<luaJIT_setmode(L, idx, mode)> E<mdash> Control VM
+
+This is a C API extension to allow control of the VM from C code. The
+full prototype of C<LuaJIT_setmode> is:
+
+ LUA_API int luaJIT_setmode(lua_State *L, int idx, int mode);
+
+The returned status is either success (C<1>) or failure (C<0>). The
+second argument is either C<0> or a stack index (similar to the other
+Lua/C API functions).
+
+The third argument specifies the mode, which is 'or'ed with a flag. The
+flag can be C<LUAJIT_MODE_OFF> to turn a feature off, C<LUAJIT_MODE_ON>
+to turn a feature on, or C<LUAJIT_MODE_FLUSH> to flush cached code.
+
+The following modes are defined:
+
+=head2 C<luaJIT_setmode(L, 0, LUAJIT_MODE_ENGINE|flag)>
+
+Turn the whole JIT compiler on or off or flush the whole cache of
+compiled code.
+
+=head2 C<luaJIT_setmode(L, idx, LUAJIT_MODE_FUNC|flag)>
+
+C<luaJIT_setmode(L, idx, LUAJIT_MODE_ALLFUNC|flag)>
+
+C<luaJIT_setmode(L, idx, LUAJIT_MODE_ALLSUBFUNC|flag)>
+
+This sets the mode for the function at the stack index C<idx> or the
+parent of the calling function (C<idx = 0>). It either enables JIT
+compilation for a function, disables it and flushes any already
+compiled code or only flushes already compiled code. This applies
+recursively to all sub-functions of the function with
+C<LUAJIT_MODE_ALLFUNC> or only to the sub-functions with
+C<LUAJIT_MODE_ALLSUBFUNC>.
+
+=head2 luaJIT_setmode(L, trace,
+
+LUAJIT_MODE_TRACE|LUAJIT_MODE_FLUSH)
+
+Flushes the specified root trace and all of its side traces from the
+cache. The code for the trace will be retained as long as there are any
+other traces which link to it.
+
+=head2 C<luaJIT_setmode(L, idx, LUAJIT_MODE_WRAPCFUNC|flag)>
+
+This mode defines a wrapper function for calls to C functions. If
+called with C<LUAJIT_MODE_ON>, the stack index at C<idx> must be a
+C<lightuserdata> object holding a pointer to the wrapper function. From
+now on all C functions are called through the wrapper function. If
+called with C<LUAJIT_MODE_OFF> this mode is turned off and all C
+functions are directly called.
+
+The wrapper function can be used for debugging purposes or to catch and
+convert foreign exceptions. But please read the section on C++
+exception interoperability first. Recommended usage can be seen in this
+C++ code excerpt:
+
+ #include <exception>
+ #include "lua.hpp"
+ 
+ // Catch C++ exceptions and convert them to Lua error messages.
+ // Customize as needed for your own exception classes.
+ static int wrap_exceptions(lua_State *L, lua_CFunction f)
+ {
+   try {
+     return f(L);  // Call wrapped function and return result.
+   } catch (const char *s) {  // Catch and convert exceptions.
+     lua_pushstring(L, s);
+   } catch (std::exception& e) {
+     lua_pushstring(L, e.what());
+   } catch (...) {
+     lua_pushliteral(L, "caught (...)");
+   }
+   return lua_error(L);  // Rethrow as a Lua error.
+ }
+ 
+ static int myinit(lua_State *L)
+ {
+   ...
+   // Define wrapper function and enable it.
+   lua_pushlightuserdata(L, (void *)wrap_exceptions);
+   luaJIT_setmode(L, -1, LUAJIT_MODE_WRAPCFUNC|LUAJIT_MODE_ON);
+   lua_pop(L, 1);
+   ...
+ }
+
+Note that you can only define B<a single global wrapper function>, so
+be careful when using this mechanism from multiple C++ modules. Also
+note that this mechanism is not without overhead.
+
+----
+
+Copyright E<copy> 2005-2017 Mike Pall E<middot> Contact
+
+=cut
+
+#Pod::HTML2Pod conversion notes:
+#From file ext_c_api.html
+# 6042 bytes of input
+#Mon May 14 13:19:15 2018 agentzh
+# No a_name switch not specified, so will not try to render <a name='...'>
+# No a_href switch not specified, so will not try to render <a href='...'>
+# Deleting phrasal "code" element (`tt_18) because it has super-phrasal elements (`br_3) as children.
--- a/doc/LuaJIT-2.1/ext_ffi.pod
+++ b/doc/LuaJIT-2.1/ext_ffi.pod
@ -0,0 +1,285 @@
+=pod
+
+LuaJIT
+
+=head1 FFI Library
+
+=over
+
+=item * LuaJIT
+
+=over
+
+=item * Download E<rchevron>
+
+=item * Installation
+
+=item * Running
+
+=back
+
+=item * Extensions
+
+=over
+
+=item * FFI Library
+
+=over
+
+=item * FFI Tutorial
+
+=item * ffi.* API
+
+=item * FFI Semantics
+
+=back
+
+=item * jit.* Library
+
+=item * Lua/C API
+
+=item * Profiler
+
+=back
+
+=item * Status
+
+=over
+
+=item * Changes
+
+=back
+
+=item * FAQ
+
+=item * Performance E<rchevron>
+
+=item * Wiki E<rchevron>
+
+=item * Mailing List E<rchevron>
+
+=back
+
+The FFI library allows B<calling external C functions> and B<using C
+data structures> from pure Lua code.
+
+The FFI library largely obviates the need to write tedious manual Lua/C
+bindings in C. No need to learn a separate binding language E<mdash>
+B<it parses plain C declarations!> These can be cut-n-pasted from C
+header files or reference manuals. It's up to the task of binding large
+libraries without the need for dealing with fragile binding generators.
+
+The FFI library is tightly integrated into LuaJIT (it's not available
+as a separate module). The code generated by the JIT-compiler for
+accesses to C data structures from Lua code is on par with the code a C
+compiler would generate. Calls to C functions can be inlined in
+JIT-compiled code, unlike calls to functions bound via the classic
+Lua/C API.
+
+This page gives a short introduction to the usage of the FFI library.
+I<Please use the FFI sub-topics in the navigation bar to learn more.>
+
+=head2 Motivating Example: Calling External C Functions
+
+It's really easy to call an external C library function:
+
+ â 
+ â¡
+ 
+ 
+ â¢local ffi = require("ffi")
+ ffi.cdef[[
+ int printf(const char *fmt, ...);
+ ]]
+ ffi.C.printf("Hello %s!", "world")
+
+So, let's pick that apart:
+
+Load the FFI library.
+
+Add a C declaration for the function. The part inside the
+double-brackets (in green) is just standard C syntax.
+
+Call the named C function E<mdash> Yes, it's that simple!
+
+Actually, what goes on behind the scenes is far from simple: makes use
+of the standard C library namespace C<ffi.C>. Indexing this namespace
+with a symbol name (C<"printf">) automatically binds it to the standard
+C library. The result is a special kind of object which, when called,
+runs the C<printf> function. The arguments passed to this function are
+automatically converted from Lua objects to the corresponding C types.
+
+Ok, so maybe the use of C<printf()> wasn't such a spectacular example.
+You could have done that with C<io.write()> and C<string.format()>,
+too. But you get the idea ...
+
+So here's something to pop up a message box on Windows:
+
+ local ffi = require("ffi")
+ ffi.cdef[[
+ int MessageBoxA(void *w, const char *txt, const char *cap, int type);
+ ]]
+ ffi.C.MessageBoxA(nil, "Hello world!", "Test", 0)
+
+Bing! Again, that was far too easy, no?
+
+Compare this with the effort required to bind that function using the
+classic Lua/C API: create an extra C file, add a C function that
+retrieves and checks the argument types passed from Lua and calls the
+actual C function, add a list of module functions and their names, add
+a C<luaopen_*> function and register all module functions, compile and
+link it into a shared library (DLL), move it to the proper path, add
+Lua code that loads the module aaaand ... finally call the binding
+function. Phew!
+
+=head2 Motivating Example: Using C Data Structures
+
+The FFI library allows you to create and access C data structures. Of
+course the main use for this is for interfacing with C functions. But
+they can be used stand-alone, too.
+
+Lua is built upon high-level data types. They are flexible, extensible
+and dynamic. That's why we all love Lua so much. Alas, this can be
+inefficient for certain tasks, where you'd really want a low-level data
+type. E.g. a large array of a fixed structure needs to be implemented
+with a big table holding lots of tiny tables. This imposes both a
+substantial memory overhead as well as a performance overhead.
+
+Here's a sketch of a library that operates on color images plus a
+simple benchmark. First, the plain Lua version:
+
+ local floor = math.floor
+ 
+ local function image_ramp_green(n)
+   local img = {}
+   local f = 255/(n-1)
+   for i=1,n do
+     img[i] = { red = 0, green = floor((i-1)*f), blue = 0, alpha = 255 }
+   end
+   return img
+ end
+ 
+ local function image_to_grey(img, n)
+   for i=1,n do
+     local y = floor(0.3*img[i].red + 0.59*img[i].green + 0.11*img[i].blue)
+     img[i].red = y; img[i].green = y; img[i].blue = y
+   end
+ end
+ 
+ local N = 400*400
+ local img = image_ramp_green(N)
+ for i=1,1000 do
+   image_to_grey(img, N)
+ end
+
+This creates a table with 160.000 pixels, each of which is a table
+holding four number values in the range of 0-255. First an image with a
+green ramp is created (1D for simplicity), then the image is converted
+to greyscale 1000 times. Yes, that's silly, but I was in need of a
+simple example ...
+
+And here's the FFI version. The modified parts have been marked in
+bold:
+
+ â 
+ 
+ 
+ 
+ 
+ 
+ â¡
+ 
+ â¢
+ â£
+ 
+ 
+ 
+ 
+ 
+ 
+ â¢
+ â¤local ffi = require("ffi")
+ ffi.cdef[[
+ typedef struct { uint8_t red, green, blue, alpha; } rgba_pixel;
+ ]]
+ 
+ local function image_ramp_green(n)
+   local img = ffi.new("rgba_pixel[?]", n)
+   local f = 255/(n-1)
+   for i=0,n-1 do
+     img[i].green = i*f
+     img[i].alpha = 255
+   end
+   return img
+ end
+ 
+ local function image_to_grey(img, n)
+   for i=0,n-1 do
+     local y = 0.3*img[i].red + 0.59*img[i].green + 0.11*img[i].blue
+     img[i].red = y; img[i].green = y; img[i].blue = y
+   end
+ end
+ 
+ local N = 400*400
+ local img = image_ramp_green(N)
+ for i=1,1000 do
+   image_to_grey(img, N)
+ end
+
+Ok, so that wasn't too difficult:
+
+First, load the FFI library and declare the low-level data type. Here
+we choose a C<struct> which holds four byte fields, one for each
+component of a 4x8 bit RGBA pixel.
+
+Creating the data structure with C<ffi.new()> is straightforward
+E<mdash> the C<'?'> is a placeholder for the number of elements of a
+variable-length array.
+
+C arrays are zero-based, so the indexes have to run from C<0> to
+C<n-1>. One might want to allocate one more element instead to simplify
+converting legacy code.
+
+Since C<ffi.new()> zero-fills the array by default, we only need to set
+the green and the alpha fields.
+
+The calls to C<math.floor()> can be omitted here, because
+floating-point numbers are already truncated towards zero when
+converting them to an integer. This happens implicitly when the number
+is stored in the fields of each pixel.
+
+Now let's have a look at the impact of the changes: first, memory
+consumption for the image is down from 22 Megabytes to 640 Kilobytes
+(400*400*4 bytes). That's a factor of 35x less! So, yes, tables do have
+a noticeable overhead. BTW: The original program would consume 40
+Megabytes in plain Lua (on x64).
+
+Next, performance: the pure Lua version runs in 9.57 seconds (52.9
+seconds with the Lua interpreter) and the FFI version runs in 0.48
+seconds on my machine (YMMV). That's a factor of 20x faster (110x
+faster than the Lua interpreter).
+
+The avid reader may notice that converting the pure Lua version over to
+use array indexes for the colors (C<[1]> instead of C<.red>, C<[2]>
+instead of C<.green> etc.) ought to be more compact and faster. This is
+certainly true (by a factor of ~1.7x). Switching to a struct-of-arrays
+would help, too.
+
+However the resulting code would be less idiomatic and rather
+error-prone. And it still doesn't get even close to the performance of
+the FFI version of the code. Also, high-level data structures cannot be
+easily passed to other C functions, especially I/O functions, without
+undue conversion penalties.
+
+----
+
+Copyright E<copy> 2005-2017 Mike Pall E<middot> Contact
+
+=cut
+
+#Pod::HTML2Pod conversion notes:
+#From file ext_ffi.html
+# 10336 bytes of input
+#Mon May 14 13:19:16 2018 agentzh
+# No a_name switch not specified, so will not try to render <a name='...'>
+# No a_href switch not specified, so will not try to render <a href='...'>
--- a/doc/LuaJIT-2.1/ext_ffi_api.pod
+++ b/doc/LuaJIT-2.1/ext_ffi_api.pod
@ -0,0 +1,503 @@
+=pod
+
+LuaJIT
+
+=head1 C<ffi.*> API Functions
+
+=over
+
+=item * LuaJIT
+
+=over
+
+=item * Download E<rchevron>
+
+=item * Installation
+
+=item * Running
+
+=back
+
+=item * Extensions
+
+=over
+
+=item * FFI Library
+
+=over
+
+=item * FFI Tutorial
+
+=item * ffi.* API
+
+=item * FFI Semantics
+
+=back
+
+=item * jit.* Library
+
+=item * Lua/C API
+
+=item * Profiler
+
+=back
+
+=item * Status
+
+=over
+
+=item * Changes
+
+=back
+
+=item * FAQ
+
+=item * Performance E<rchevron>
+
+=item * Wiki E<rchevron>
+
+=item * Mailing List E<rchevron>
+
+=back
+
+This page describes the API functions provided by the FFI library in
+detail. It's recommended to read through the introduction and the FFI
+tutorial first.
+
+=head2 Glossary
+
+=over
+
+=item * B<cdecl> E<mdash> An abstract C type declaration (a Lua
+string).
+
+=item * B<ctype> E<mdash> A C type object. This is a special kind of
+B<cdata> returned by C<ffi.typeof()>. It serves as a B<cdata>
+constructor when called.
+
+=item * B<cdata> E<mdash> A C data object. It holds a value of the
+corresponding B<ctype>.
+
+=item * B<ct> E<mdash> A C type specification which can be used for
+most of the API functions. Either a B<cdecl>, a B<ctype> or a B<cdata>
+serving as a template type.
+
+=item * B<cb> E<mdash> A callback object. This is a C data object
+holding a special function pointer. Calling this function from C code
+runs an associated Lua function.
+
+=item * B<VLA> E<mdash> A variable-length array is declared with a C<?>
+instead of the number of elements, e.g. C<"int[?]">. The number of
+elements (C<nelem>) must be given when it's created.
+
+=item * B<VLS> E<mdash> A variable-length struct is a C<struct> C type
+where the last element is a B<VLA>. The same rules for declaration and
+creation apply.
+
+=back
+
+=head2 Declaring and Accessing External Symbols
+
+External symbols must be declared first and can then be accessed by
+indexing a C library namespace, which automatically binds the symbol to
+a specific library.
+
+=head2 C<ffi.cdef(def)>
+
+Adds multiple C declarations for types or external symbols (named
+variables or functions). C<def> must be a Lua string. It's recommended
+to use the syntactic sugar for string arguments as follows:
+
+ ffi.cdef[[
+ typedef struct foo { int a, b; } foo_t;  // Declare a struct and typedef.
+ int dofoo(foo_t *f, int n);  /* Declare an external C function. */
+ ]]
+
+The contents of the string (the part in green above) must be a sequence
+of C declarations, separated by semicolons. The trailing semicolon for
+a single declaration may be omitted.
+
+Please note that external symbols are only I<declared>, but they are
+I<not bound> to any specific address, yet. Binding is achieved with C
+library namespaces (see below).
+
+C declarations are not passed through a C pre-processor, yet. No
+pre-processor tokens are allowed, except for C<#pragma pack>. Replace
+C<#define> in existing C header files with C<enum>, C<static const> or
+C<typedef> and/or pass the files through an external C pre-processor
+(once). Be careful not to include unneeded or redundant declarations
+from unrelated header files.
+
+=head2 C<ffi.C>
+
+This is the default C library namespace E<mdash> note the uppercase
+C<'C'>. It binds to the default set of symbols or libraries on the
+target system. These are more or less the same as a C compiler would
+offer by default, without specifying extra link libraries.
+
+On POSIX systems, this binds to symbols in the default or global
+namespace. This includes all exported symbols from the executable and
+any libraries loaded into the global namespace. This includes at least
+C<libc>, C<libm>, C<libdl> (on Linux), C<libgcc> (if compiled with
+GCC), as well as any exported symbols from the Lua/C API provided by
+LuaJIT itself.
+
+On Windows systems, this binds to symbols exported from the C<*.exe>,
+the C<lua51.dll> (i.e. the Lua/C API provided by LuaJIT itself), the C
+runtime library LuaJIT was linked with (C<msvcrt*.dll>),
+C<kernel32.dll>, C<user32.dll> and C<gdi32.dll>.
+
+=head2 C<clib = ffi.load(name [,global])>
+
+This loads the dynamic library given by C<name> and returns a new C
+library namespace which binds to its symbols. On POSIX systems, if
+C<global> is C<true>, the library symbols are loaded into the global
+namespace, too.
+
+If C<name> is a path, the library is loaded from this path. Otherwise
+C<name> is canonicalized in a system-dependent way and searched in the
+default search path for dynamic libraries:
+
+On POSIX systems, if the name contains no dot, the extension C<.so> is
+appended. Also, the C<lib> prefix is prepended if necessary. So
+C<ffi.load("z")> looks for C<"libz.so"> in the default shared library
+search path.
+
+On Windows systems, if the name contains no dot, the extension C<.dll>
+is appended. So C<ffi.load("ws2_32")> looks for C<"ws2_32.dll"> in the
+default DLL search path.
+
+=head2 Creating cdata Objects
+
+The following API functions create cdata objects (C<type()> returns
+C<"cdata">). All created cdata objects are garbage collected.
+
+=head2 cdata = ffi.new(ct [,nelem] [,init...])
+
+cdata = I<ctype>([nelem,] [init...])
+
+Creates a cdata object for the given C<ct>. VLA/VLS types require the
+C<nelem> argument. The second syntax uses a ctype as a constructor and
+is otherwise fully equivalent.
+
+The cdata object is initialized according to the rules for
+initializers, using the optional C<init> arguments. Excess initializers
+cause an error.
+
+Performance notice: if you want to create many objects of one kind,
+parse the cdecl only once and get its ctype with C<ffi.typeof()>. Then
+use the ctype as a constructor repeatedly.
+
+Please note that an anonymous C<struct> declaration implicitly creates
+a new and distinguished ctype every time you use it for C<ffi.new()>.
+This is probably B<not> what you want, especially if you create more
+than one cdata object. Different anonymous C<structs> are not
+considered assignment-compatible by the C standard, even though they
+may have the same fields! Also, they are considered different types by
+the JIT-compiler, which may cause an excessive number of traces. It's
+strongly suggested to either declare a named C<struct> or C<typedef>
+with C<ffi.cdef()> or to create a single ctype object for an anonymous
+C<struct> with C<ffi.typeof()>.
+
+=head2 C<ctype = ffi.typeof(ct)>
+
+Creates a ctype object for the given C<ct>.
+
+This function is especially useful to parse a cdecl only once and then
+use the resulting ctype object as a constructor.
+
+=head2 C<cdata = ffi.cast(ct, init)>
+
+Creates a scalar cdata object for the given C<ct>. The cdata object is
+initialized with C<init> using the "cast" variant of the C type
+conversion rules.
+
+This functions is mainly useful to override the pointer compatibility
+checks or to convert pointers to addresses or vice versa.
+
+=head2 C<ctype = ffi.metatype(ct, metatable)>
+
+Creates a ctype object for the given C<ct> and associates it with a
+metatable. Only C<struct>/C<union> types, complex numbers and vectors
+are allowed. Other types may be wrapped in a C<struct>, if needed.
+
+The association with a metatable is permanent and cannot be changed
+afterwards. Neither the contents of the C<metatable> nor the contents
+of an C<__index> table (if any) may be modified afterwards. The
+associated metatable automatically applies to all uses of this type, no
+matter how the objects are created or where they originate from. Note
+that pre-defined operations on types have precedence (e.g. declared
+field names cannot be overridden).
+
+All standard Lua metamethods are implemented. These are called
+directly, without shortcuts and on any mix of types. For binary
+operations, the left operand is checked first for a valid ctype
+metamethod. The C<__gc> metamethod only applies to C<struct>/C<union>
+types and performs an implicit C<ffi.gc()> call during creation of an
+instance.
+
+=head2 C<cdata = ffi.gc(cdata, finalizer)>
+
+Associates a finalizer with a pointer or aggregate cdata object. The
+cdata object is returned unchanged.
+
+This function allows safe integration of unmanaged resources into the
+automatic memory management of the LuaJIT garbage collector. Typical
+usage:
+
+ local p = ffi.gc(ffi.C.malloc(n), ffi.C.free)
+ ...
+ p = nil -- Last reference to p is gone.
+ -- GC will eventually run finalizer: ffi.C.free(p)
+
+A cdata finalizer works like the C<__gc> metamethod for userdata
+objects: when the last reference to a cdata object is gone, the
+associated finalizer is called with the cdata object as an argument.
+The finalizer can be a Lua function or a cdata function or cdata
+function pointer. An existing finalizer can be removed by setting a
+C<nil> finalizer, e.g. right before explicitly deleting a resource:
+
+ ffi.C.free(ffi.gc(p, nil)) -- Manually free the memory.
+
+=head2 C Type Information
+
+The following API functions return information about C types. They are
+most useful for inspecting cdata objects.
+
+=head2 C<size = ffi.sizeof(ct [,nelem])>
+
+Returns the size of C<ct> in bytes. Returns C<nil> if the size is not
+known (e.g. for C<"void"> or function types). Requires C<nelem> for
+VLA/VLS types, except for cdata objects.
+
+=head2 C<align = ffi.alignof(ct)>
+
+Returns the minimum required alignment for C<ct> in bytes.
+
+=head2 C<ofs [,bpos,bsize] = ffi.offsetof(ct, field)>
+
+Returns the offset (in bytes) of C<field> relative to the start of
+C<ct>, which must be a C<struct>. Additionally returns the position and
+the field size (in bits) for bit fields.
+
+=head2 C<status = ffi.istype(ct, obj)>
+
+Returns C<true> if C<obj> has the C type given by C<ct>. Returns
+C<false> otherwise.
+
+C type qualifiers (C<const> etc.) are ignored. Pointers are checked
+with the standard pointer compatibility rules, but without any special
+treatment for C<void *>. If C<ct> specifies a C<struct>/C<union>, then
+a pointer to this type is accepted, too. Otherwise the types must match
+exactly.
+
+Note: this function accepts all kinds of Lua objects for the C<obj>
+argument, but always returns C<false> for non-cdata objects.
+
+=head2 Utility Functions
+
+=head2 C<err = ffi.errno([newerr])>
+
+Returns the error number set by the last C function call which
+indicated an error condition. If the optional C<newerr> argument is
+present, the error number is set to the new value and the previous
+value is returned.
+
+This function offers a portable and OS-independent way to get and set
+the error number. Note that only I<some> C functions set the error
+number. And it's only significant if the function actually indicated an
+error condition (e.g. with a return value of C<-1> or C<NULL>).
+Otherwise, it may or may not contain any previously set value.
+
+You're advised to call this function only when needed and as close as
+possible after the return of the related C function. The C<errno> value
+is preserved across hooks, memory allocations, invocations of the JIT
+compiler and other internal VM activity. The same applies to the value
+returned by C<GetLastError()> on Windows, but you need to declare and
+call it yourself.
+
+=head2 C<str = ffi.string(ptr [,len])>
+
+Creates an interned Lua string from the data pointed to by C<ptr>.
+
+If the optional argument C<len> is missing, C<ptr> is converted to a
+C<"char *"> and the data is assumed to be zero-terminated. The length
+of the string is computed with C<strlen()>.
+
+Otherwise C<ptr> is converted to a C<"void *"> and C<len> gives the
+length of the data. The data may contain embedded zeros and need not be
+byte-oriented (though this may cause endianness issues).
+
+This function is mainly useful to convert (temporary) C<"const char *">
+pointers returned by C functions to Lua strings and store them or pass
+them to other functions expecting a Lua string. The Lua string is an
+(interned) copy of the data and bears no relation to the original data
+area anymore. Lua strings are 8 bit clean and may be used to hold
+arbitrary, non-character data.
+
+Performance notice: it's faster to pass the length of the string, if
+it's known. E.g. when the length is returned by a C call like
+C<sprintf()>.
+
+=head2 ffi.copy(dst, src, len)
+
+ffi.copy(dst, str)
+
+Copies the data pointed to by C<src> to C<dst>. C<dst> is converted to
+a C<"void *"> and C<src> is converted to a C<"const void *">.
+
+In the first syntax, C<len> gives the number of bytes to copy. Caveat:
+if C<src> is a Lua string, then C<len> must not exceed C<#src+1>.
+
+In the second syntax, the source of the copy must be a Lua string. All
+bytes of the string I<plus a zero-terminator> are copied to C<dst>
+(i.e. C<#src+1> bytes).
+
+Performance notice: C<ffi.copy()> may be used as a faster (inlinable)
+replacement for the C library functions C<memcpy()>, C<strcpy()> and
+C<strncpy()>.
+
+=head2 C<ffi.fill(dst, len [,c])>
+
+Fills the data pointed to by C<dst> with C<len> constant bytes, given
+by C<c>. If C<c> is omitted, the data is zero-filled.
+
+Performance notice: C<ffi.fill()> may be used as a faster (inlinable)
+replacement for the C library function C<memset(dst, c, len)>. Please
+note the different order of arguments!
+
+=head2 Target-specific Information
+
+=head2 C<status = ffi.abi(param)>
+
+Returns C<true> if C<param> (a Lua string) applies for the target ABI
+(Application Binary Interface). Returns C<false> otherwise. The
+following parameters are currently defined:
+
+Parameter
+
+Description
+
+32bit
+
+32 bit architecture
+
+64bit
+
+64 bit architecture
+
+le
+
+Little-endian architecture
+
+be
+
+Big-endian architecture
+
+fpu
+
+Target has a hardware FPU
+
+softfp
+
+softfp calling conventions
+
+hardfp
+
+hardfp calling conventions
+
+eabi
+
+EABI variant of the standard ABI
+
+win
+
+Windows variant of the standard ABI
+
+gc64
+
+64 bit GC references
+
+=head2 C<ffi.os>
+
+Contains the target OS name. Same contents as C<jit.os>.
+
+=head2 C<ffi.arch>
+
+Contains the target architecture name. Same contents as C<jit.arch>.
+
+=head2 Methods for Callbacks
+
+The C types for callbacks have some extra methods:
+
+=head2 C<cb:free()>
+
+Free the resources associated with a callback. The associated Lua
+function is unanchored and may be garbage collected. The callback
+function pointer is no longer valid and must not be called anymore (it
+may be reused by a subsequently created callback).
+
+=head2 C<cb:set(func)>
+
+Associate a new Lua function with a callback. The C type of the
+callback and the callback function pointer are unchanged.
+
+This method is useful to dynamically switch the receiver of callbacks
+without creating a new callback each time and registering it again
+(e.g. with a GUI library).
+
+=head2 Extended Standard Library Functions
+
+The following standard library functions have been extended to work
+with cdata objects:
+
+=head2 C<n = tonumber(cdata)>
+
+Converts a number cdata object to a C<double> and returns it as a Lua
+number. This is particularly useful for boxed 64 bit integer values.
+Caveat: this conversion may incur a precision loss.
+
+=head2 C<s = tostring(cdata)>
+
+Returns a string representation of the value of 64 bit integers
+(C<B<">nnnB<LL">> or C<B<">nnnB<ULL">>) or complex numbers
+(C<B<">reE<plusmn>imB<i">>). Otherwise returns a string representation
+of the C type of a ctype object (C<B<"ctypeE<lt>>typeB<E<gt>">>) or a
+cdata object (C<B<"cdataE<lt>>typeB<E<gt>: >address">), unless you
+override it with a C<__tostring> metamethod (see C<ffi.metatype()>).
+
+=head2 iter, obj, start = pairs(cdata)
+
+iter, obj, start = ipairs(cdata)
+
+Calls the C<__pairs> or C<__ipairs> metamethod of the corresponding
+ctype.
+
+=head2 Extensions to the Lua Parser
+
+The parser for Lua source code treats numeric literals with the
+suffixes C<LL> or C<ULL> as signed or unsigned 64 bit integers. Case
+doesn't matter, but uppercase is recommended for readability. It
+handles decimal (C<42LL>), hexadecimal (C<0x2aLL>) and binary
+(C<0b101010LL>) literals.
+
+The imaginary part of complex numbers can be specified by suffixing
+number literals with C<i> or C<I>, e.g. C<12.5i>. Caveat: you'll need
+to use C<1i> to get an imaginary part with the value one, since C<i>
+itself still refers to a variable named C<i>.
+
+----
+
+Copyright E<copy> 2005-2017 Mike Pall E<middot> Contact
+
+=cut
+
+#Pod::HTML2Pod conversion notes:
+#From file ext_ffi_api.html
+# 21471 bytes of input
+#Mon May 14 13:19:16 2018 agentzh
+# No a_name switch not specified, so will not try to render <a name='...'>
+# No a_href switch not specified, so will not try to render <a href='...'>
+# Deleting phrasal "code" element (`tt_157) because it has super-phrasal elements (`br_3, `br_4) as children.
+# Deleting phrasal "code" element (`tt_113) because it has super-phrasal elements (`br_2) as children.
+# Deleting phrasal "code" element (`tt_41) because it has super-phrasal elements (`br_1) as children.
--- a/doc/LuaJIT-2.1/ext_ffi_semantics.pod
+++ b/doc/LuaJIT-2.1/ext_ffi_semantics.pod
--- a/doc/LuaJIT-2.1/ext_ffi_tutorial.pod
+++ b/doc/LuaJIT-2.1/ext_ffi_tutorial.pod
@ -0,0 +1,640 @@
+=pod
+
+LuaJIT
+
+=head1 FFI Tutorial
+
+=over
+
+=item * LuaJIT
+
+=over
+
+=item * Download E<rchevron>
+
+=item * Installation
+
+=item * Running
+
+=back
+
+=item * Extensions
+
+=over
+
+=item * FFI Library
+
+=over
+
+=item * FFI Tutorial
+
+=item * ffi.* API
+
+=item * FFI Semantics
+
+=back
+
+=item * jit.* Library
+
+=item * Lua/C API
+
+=item * Profiler
+
+=back
+
+=item * Status
+
+=over
+
+=item * Changes
+
+=back
+
+=item * FAQ
+
+=item * Performance E<rchevron>
+
+=item * Wiki E<rchevron>
+
+=item * Mailing List E<rchevron>
+
+=back
+
+This page is intended to give you an overview of the features of the
+FFI library by presenting a few use cases and guidelines.
+
+This page makes no attempt to explain all of the FFI library, though.
+You'll want to have a look at the ffi.* API function reference and the
+FFI semantics to learn more.
+
+=head2 Loading the FFI Library
+
+The FFI library is built into LuaJIT by default, but it's not loaded
+and initialized by default. The suggested way to use the FFI library is
+to add the following to the start of every Lua file that needs one of
+its functions:
+
+ local ffi = require("ffi")
+
+Please note this doesn't define an C<ffi> variable in the table of
+globals E<mdash> you really need to use the local variable. The
+C<require> function ensures the library is only loaded once.
+
+Note: If you want to experiment with the FFI from the interactive
+prompt of the command line executable, omit the C<local>, as it doesn't
+preserve local variables across lines.
+
+=head2 Accessing Standard System Functions
+
+The following code explains how to access standard system functions. We
+slowly print two lines of dots by sleeping for 10 milliseconds after
+each dot:
+
+ Â 
+ â 
+ 
+ 
+ 
+ 
+ 
+ â¡
+ â¢
+ â£
+ 
+ 
+ 
+ â¤
+ 
+ 
+ 
+ 
+ 
+ â¥local ffi = require("ffi")
+ ffi.cdef[[
+ void Sleep(int ms);
+ int poll(struct pollfd *fds, unsigned long nfds, int timeout);
+ ]]
+ 
+ local sleep
+ if ffi.os == "Windows" then
+   function sleep(s)
+     ffi.C.Sleep(s*1000)
+   end
+ else
+   function sleep(s)
+     ffi.C.poll(nil, 0, s*1000)
+   end
+ end
+ 
+ for i=1,160 do
+   io.write("."); io.flush()
+   sleep(0.01)
+ end
+ io.write("\n")
+
+Here's the step-by-step explanation:
+
+This defines the C library functions we're going to use. The part
+inside the double-brackets (in green) is just standard C syntax. You
+can usually get this info from the C header files or the documentation
+provided by each C library or C compiler.
+
+The difficulty we're facing here, is that there are different standards
+to choose from. Windows has a simple C<Sleep()> function. On other
+systems there are a variety of functions available to achieve
+sub-second sleeps, but with no clear consensus. Thankfully C<poll()>
+can be used for this task, too, and it's present on most non-Windows
+systems. The check for C<ffi.os> makes sure we use the Windows-specific
+function only on Windows systems.
+
+Here we're wrapping the call to the C function in a Lua function. This
+isn't strictly necessary, but it's helpful to deal with system-specific
+issues only in one part of the code. The way we're wrapping it ensures
+the check for the OS is only done during initialization and not for
+every call.
+
+A more subtle point is that we defined our C<sleep()> function (for the
+sake of this example) as taking the number of seconds, but accepting
+fractional seconds. Multiplying this by 1000 gets us milliseconds, but
+that still leaves it a Lua number, which is a floating-point value.
+Alas, the C<Sleep()> function only accepts an integer value. Luckily
+for us, the FFI library automatically performs the conversion when
+calling the function (truncating the FP value towards zero, like in C).
+
+Some readers will notice that C<Sleep()> is part of C<KERNEL32.DLL> and
+is also a C<stdcall> function. So how can this possibly work? The FFI
+library provides the C<ffi.C> default C library namespace, which allows
+calling functions from the default set of libraries, like a C compiler
+would. Also, the FFI library automatically detects C<stdcall>
+functions, so you don't need to declare them as such.
+
+The C<poll()> function takes a couple more arguments we're not going to
+use. You can simply use C<nil> to pass a C<NULL> pointer and C<0> for
+the C<nfds> parameter. Please note that the number C<0> I<does not
+convert to a pointer value>, unlike in C++. You really have to pass
+pointers to pointer arguments and numbers to number arguments.
+
+The page on FFI semantics has all of the gory details about conversions
+between Lua objects and C types. For the most part you don't have to
+deal with this, as it's performed automatically and it's carefully
+designed to bridge the semantic differences between Lua and C.
+
+Now that we have defined our own C<sleep()> function, we can just call
+it from plain Lua code. That wasn't so bad, huh? Turning these boring
+animated dots into a fascinating best-selling game is left as an
+exercise for the reader. :-)
+
+=head2 Accessing the zlib Compression Library
+
+The following code shows how to access the zlib compression library
+from Lua code. We'll define two convenience wrapper functions that take
+a string and compress or uncompress it to another string:
+
+ Â 
+ â 
+ 
+ 
+ 
+ 
+ 
+ 
+ â¡
+ 
+ 
+ â¢
+ 
+ â£
+ 
+ 
+ â¤
+ 
+ 
+ â¥
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ â¦local ffi = require("ffi")
+ ffi.cdef[[
+ unsigned long compressBound(unsigned long sourceLen);
+ int compress2(uint8_t *dest, unsigned long *destLen,
+ 	      const uint8_t *source, unsigned long sourceLen, int level);
+ int uncompress(uint8_t *dest, unsigned long *destLen,
+ 	       const uint8_t *source, unsigned long sourceLen);
+ ]]
+ local zlib = ffi.load(ffi.os == "Windows" and "zlib1" or "z")
+ 
+ local function compress(txt)
+   local n = zlib.compressBound(#txt)
+   local buf = ffi.new("uint8_t[?]", n)
+   local buflen = ffi.new("unsigned long[1]", n)
+   local res = zlib.compress2(buf, buflen, txt, #txt, 9)
+   assert(res == 0)
+   return ffi.string(buf, buflen[0])
+ end
+ 
+ local function uncompress(comp, n)
+   local buf = ffi.new("uint8_t[?]", n)
+   local buflen = ffi.new("unsigned long[1]", n)
+   local res = zlib.uncompress(buf, buflen, comp, #comp)
+   assert(res == 0)
+   return ffi.string(buf, buflen[0])
+ end
+ 
+ -- Simple test code.
+ local txt = string.rep("abcd", 1000)
+ print("Uncompressed size: ", #txt)
+ local c = compress(txt)
+ print("Compressed size: ", #c)
+ local txt2 = uncompress(c, #txt)
+ assert(txt2 == txt)
+
+Here's the step-by-step explanation:
+
+This defines some of the C functions provided by zlib. For the sake of
+this example, some type indirections have been reduced and it uses the
+pre-defined fixed-size integer types, while still adhering to the zlib
+API/ABI.
+
+This loads the zlib shared library. On POSIX systems it's named
+C<libz.so> and usually comes pre-installed. Since C<ffi.load()>
+automatically adds any missing standard prefixes/suffixes, we can
+simply load the C<"z"> library. On Windows it's named C<zlib1.dll> and
+you'll have to download it first from the E<rchevron> zlib site. The
+check for C<ffi.os> makes sure we pass the right name to C<ffi.load()>.
+
+First, the maximum size of the compression buffer is obtained by
+calling the C<zlib.compressBound> function with the length of the
+uncompressed string. The next line allocates a byte buffer of this
+size. The C<[?]> in the type specification indicates a variable-length
+array (VLA). The actual number of elements of this array is given as
+the 2nd argument to C<ffi.new()>.
+
+This may look strange at first, but have a look at the declaration of
+the C<compress2> function from zlib: the destination length is defined
+as a pointer! This is because you pass in the maximum buffer size and
+get back the actual length that was used.
+
+In C you'd pass in the address of a local variable (C<&buflen>). But
+since there's no address-of operator in Lua, we'll just pass in a
+one-element array. Conveniently it can be initialized with the maximum
+buffer size in one step. Calling the actual C<zlib.compress2> function
+is then straightforward.
+
+We want to return the compressed data as a Lua string, so we'll use
+C<ffi.string()>. It needs a pointer to the start of the data and the
+actual length. The length has been returned in the C<buflen> array, so
+we'll just get it from there.
+
+Note that since the function returns now, the C<buf> and C<buflen>
+variables will eventually be garbage collected. This is fine, because
+C<ffi.string()> has copied the contents to a newly created (interned)
+Lua string. If you plan to call this function lots of times, consider
+reusing the buffers and/or handing back the results in buffers instead
+of strings. This will reduce the overhead for garbage collection and
+string interning.
+
+The C<uncompress> functions does the exact opposite of the C<compress>
+function. The compressed data doesn't include the size of the original
+string, so this needs to be passed in. Otherwise no surprises here.
+
+The code, that makes use of the functions we just defined, is just
+plain Lua code. It doesn't need to know anything about the LuaJIT FFI
+E<mdash> the convenience wrapper functions completely hide it.
+
+One major advantage of the LuaJIT FFI is that you are now able to write
+those wrappers I<in Lua>. And at a fraction of the time it would cost
+you to create an extra C module using the Lua/C API. Many of the
+simpler C functions can probably be used directly from your Lua code,
+without any wrappers.
+
+Side note: the zlib API uses the C<long> type for passing lengths and
+sizes around. But all those zlib functions actually only deal with 32
+bit values. This is an unfortunate choice for a public API, but may be
+explained by zlib's history E<mdash> we'll just have to deal with it.
+
+First, you should know that a C<long> is a 64 bit type e.g. on
+POSIX/x64 systems, but a 32 bit type on Windows/x64 and on 32 bit
+systems. Thus a C<long> result can be either a plain Lua number or a
+boxed 64 bit integer cdata object, depending on the target system.
+
+Ok, so the C<ffi.*> functions generally accept cdata objects wherever
+you'd want to use a number. That's why we get a away with passing C<n>
+to C<ffi.string()> above. But other Lua library functions or modules
+don't know how to deal with this. So for maximum portability one needs
+to use C<tonumber()> on returned C<long> results before passing them
+on. Otherwise the application might work on some systems, but would
+fail in a POSIX/x64 environment.
+
+=head2 Defining Metamethods for a C Type
+
+The following code explains how to define metamethods for a C type. We
+define a simple point type and add some operations to it:
+
+ Â 
+ â 
+ 
+ 
+ 
+ â¡
+ 
+ â¢
+ 
+ â£
+ 
+ 
+ 
+ â¤
+ 
+ â¥local ffi = require("ffi")
+ ffi.cdef[[
+ typedef struct { double x, y; } point_t;
+ ]]
+ 
+ local point
+ local mt = {
+   __add = function(a, b) return point(a.x+b.x, a.y+b.y) end,
+   __len = function(a) return math.sqrt(a.x*a.x + a.y*a.y) end,
+   __index = {
+     area = function(a) return a.x*a.x + a.y*a.y end,
+   },
+ }
+ point = ffi.metatype("point_t", mt)
+ 
+ local a = point(3, 4)
+ print(a.x, a.y)  --> 3  4
+ print(#a)        --> 5
+ print(a:area())  --> 25
+ local b = a + point(0.5, 8)
+ print(#b)        --> 12.5
+
+Here's the step-by-step explanation:
+
+This defines the C type for a two-dimensional point object.
+
+We have to declare the variable holding the point constructor first,
+because it's used inside of a metamethod.
+
+Let's define an C<__add> metamethod which adds the coordinates of two
+points and creates a new point object. For simplicity, this function
+assumes that both arguments are points. But it could be any mix of
+objects, if at least one operand is of the required type (e.g. adding a
+point plus a number or vice versa). Our C<__len> metamethod returns the
+distance of a point to the origin.
+
+If we run out of operators, we can define named methods, too. Here the
+C<__index> table defines an C<area> function. For custom indexing
+needs, one might want to define C<__index> and C<__newindex>
+I<functions> instead.
+
+This associates the metamethods with our C type. This only needs to be
+done once. For convenience, a constructor is returned by
+C<ffi.metatype()>. We're not required to use it, though. The original C
+type can still be used e.g. to create an array of points. The
+metamethods automatically apply to any and all uses of this type.
+
+Please note that the association with a metatable is permanent and
+B<the metatable must not be modified afterwards!> Ditto for the
+C<__index> table.
+
+Here are some simple usage examples for the point type and their
+expected results. The pre-defined operations (such as C<a.x>) can be
+freely mixed with the newly defined metamethods. Note that C<area> is a
+method and must be called with the Lua syntax for methods: C<a:area()>,
+not C<a.area()>.
+
+The C type metamethod mechanism is most useful when used in conjunction
+with C libraries that are written in an object-oriented style. Creators
+return a pointer to a new instance and methods take an instance pointer
+as the first argument. Sometimes you can just point C<__index> to the
+library namespace and C<__gc> to the destructor and you're done. But
+often enough you'll want to add convenience wrappers, e.g. to return
+actual Lua strings or when returning multiple values.
+
+Some C libraries only declare instance pointers as an opaque C<void *>
+type. In this case you can use a fake type for all declarations, e.g. a
+pointer to a named (incomplete) struct will do: C<typedef struct
+foo_type *foo_handle>. The C side doesn't know what you declare with
+the LuaJIT FFI, but as long as the underlying types are compatible,
+everything still works.
+
+=head2 Translating C Idioms
+
+Here's a list of common C idioms and their translation to the LuaJIT
+FFI:
+
+Idiom
+
+C code
+
+Lua code
+
+Pointer dereference
+
+C<int *p;>
+
+x = *p;
+
+*p = y;
+
+x = B<p[0]>
+
+B<p[0]> = y
+
+Pointer indexing
+
+C<int i, *p;>
+
+x = p[i];
+
+p[i+1] = y;
+
+x = p[i]
+
+p[i+1] = y
+
+Array indexing
+
+C<int i, a[];>
+
+x = a[i];
+
+a[i+1] = y;
+
+x = a[i]
+
+a[i+1] = y
+
+C<struct>/C<union> dereference
+
+C<struct foo s;>
+
+x = s.field;
+
+s.field = y;
+
+x = s.field
+
+s.field = y
+
+C<struct>/C<union> pointer deref.
+
+C<struct foo *sp;>
+
+x = sp-E<gt>field;
+
+sp-E<gt>field = y;
+
+x = B<s.field>
+
+B<s.field> = y
+
+Pointer arithmetic
+
+C<int i, *p;>
+
+x = p + i;
+
+y = p - i;
+
+x = p + i
+
+y = p - i
+
+Pointer difference
+
+C<int *p1, *p2;>
+
+C<x = p1 - p2;>
+
+C<x = p1 - p2>
+
+Array element pointer
+
+C<int i, a[];>
+
+C<x = &a[i];>
+
+C<x = B<a+i>>
+
+Cast pointer to address
+
+C<int *p;>
+
+C<x = (intptr_t)p;>
+
+x = tonumber(
+
+ffi.cast("intptr_t",
+
+p))
+
+Functions with outargs
+
+C<void foo(int *inoutlen);>
+
+int len = x;
+
+foo(&len);
+
+y = len;
+
+local len =
+
+ffi.new("int[1]", x)
+
+foo(len)
+
+y = len[0]
+
+Vararg conversions
+
+C<int printf(char *fmt, ...);>
+
+printf("%g", 1.0);
+
+printf("%d", 1);
+
+printf("%g", 1);
+
+printf("%d",
+
+B<ffi.new("int", 1)>)
+
+=head2 To Cache or Not to Cache
+
+It's a common Lua idiom to cache library functions in local variables
+or upvalues, e.g.:
+
+ local byte, char = string.byte, string.char
+ local function foo(x)
+   return char(byte(x)+1)
+ end
+
+This replaces several hash-table lookups with a (faster) direct use of
+a local or an upvalue. This is less important with LuaJIT, since the
+JIT compiler optimizes hash-table lookups a lot and is even able to
+hoist most of them out of the inner loops. It can't eliminate I<all> of
+them, though, and it saves some typing for often-used functions. So
+there's still a place for this, even with LuaJIT.
+
+The situation is a bit different with C function calls via the FFI
+library. The JIT compiler has special logic to eliminate I<all of the
+lookup overhead> for functions resolved from a C library namespace!
+Thus it's not helpful and actually counter-productive to cache
+individual C functions like this:
+
+ local funca, funcb = ffi.C.funca, ffi.C.funcb -- Not helpful!
+ local function foo(x, n)
+   for i=1,n do funcb(funca(x, i), 1) end
+ end
+
+This turns them into indirect calls and generates bigger and slower
+machine code. Instead you'll want to cache the namespace itself and
+rely on the JIT compiler to eliminate the lookups:
+
+ local C = ffi.C          -- Instead use this!
+ local function foo(x, n)
+   for i=1,n do C.funcb(C.funca(x, i), 1) end
+ end
+
+This generates both shorter and faster code. So B<don't cache C
+functions>, but B<do> cache namespaces! Most often the namespace is
+already in a local variable at an outer scope, e.g. from C<local lib =
+ffi.load(...)>. Note that copying it to a local variable in the
+function scope is unnecessary.
+
+----
+
+Copyright E<copy> 2005-2017 Mike Pall E<middot> Contact
+
+=cut
+
+#Pod::HTML2Pod conversion notes:
+#From file ext_ffi_tutorial.html
+# 22557 bytes of input
+#Mon May 14 13:19:16 2018 agentzh
+# No a_name switch not specified, so will not try to render <a name='...'>
+# No a_href switch not specified, so will not try to render <a href='...'>
+# Deleting phrasal "code" element (`tt_100) because it has super-phrasal elements (`br_33, `br_34) as children.
+# Deleting phrasal "code" element (`tt_99) because it has super-phrasal elements (`br_31, `br_32) as children.
+# Deleting phrasal "b" element (`b_8) because it has super-phrasal elements (`br_27, `br_28, `br_29) as children.
+# Deleting phrasal "code" element (`tt_97) because it has super-phrasal elements (`br_27, `br_28, `br_29) as children.
+# Deleting phrasal "code" element (`tt_96) because it has super-phrasal elements (`br_25, `br_26) as children.
+# Deleting phrasal "b" element (`b_7) because it has super-phrasal elements (`br_22, `br_23) as children.
+# Deleting phrasal "code" element (`tt_94) because it has super-phrasal elements (`br_22, `br_23) as children.
+# Deleting phrasal "code" element (`tt_85) because it has super-phrasal elements (`br_18) as children.
+# Deleting phrasal "code" element (`tt_84) because it has super-phrasal elements (`br_17) as children.
+# Deleting phrasal "code" element (`tt_82) because it has super-phrasal elements (`br_15) as children.
+# Deleting phrasal "code" element (`tt_81) because it has super-phrasal elements (`br_14) as children.
+# Deleting phrasal "code" element (`tt_77) because it has super-phrasal elements (`br_12) as children.
+# Deleting phrasal "code" element (`tt_76) because it has super-phrasal elements (`br_11) as children.
+# Deleting phrasal "code" element (`tt_72) because it has super-phrasal elements (`br_9) as children.
+# Deleting phrasal "code" element (`tt_71) because it has super-phrasal elements (`br_8) as children.
+# Deleting phrasal "code" element (`tt_69) because it has super-phrasal elements (`br_6) as children.
+# Deleting phrasal "code" element (`tt_68) because it has super-phrasal elements (`br_5) as children.
+# Deleting phrasal "code" element (`tt_66) because it has super-phrasal elements (`br_3) as children.
+# Deleting phrasal "code" element (`tt_65) because it has super-phrasal elements (`br_2) as children.
--- a/doc/LuaJIT-2.1/ext_jit.pod
+++ b/doc/LuaJIT-2.1/ext_jit.pod
@ -0,0 +1,182 @@
+=pod
+
+LuaJIT
+
+=head1 C<jit.*> Library
+
+=over
+
+=item * LuaJIT
+
+=over
+
+=item * Download E<rchevron>
+
+=item * Installation
+
+=item * Running
+
+=back
+
+=item * Extensions
+
+=over
+
+=item * FFI Library
+
+=over
+
+=item * FFI Tutorial
+
+=item * ffi.* API
+
+=item * FFI Semantics
+
+=back
+
+=item * jit.* Library
+
+=item * Lua/C API
+
+=item * Profiler
+
+=back
+
+=item * Status
+
+=over
+
+=item * Changes
+
+=back
+
+=item * FAQ
+
+=item * Performance E<rchevron>
+
+=item * Wiki E<rchevron>
+
+=item * Mailing List E<rchevron>
+
+=back
+
+The functions in this built-in module control the behavior of the JIT
+compiler engine. Note that JIT-compilation is fully automatic E<mdash>
+you probably won't need to use any of the following functions unless
+you have special needs.
+
+=head2 jit.on()
+
+jit.off()
+
+Turns the whole JIT compiler on (default) or off.
+
+These functions are typically used with the command line options C<-j
+on> or C<-j off>.
+
+=head2 C<jit.flush()>
+
+Flushes the whole cache of compiled code.
+
+=head2 jit.on(func|true [,true|false])
+
+jit.off(func|true [,true|false])
+
+jit.flush(func|true [,true|false])
+
+C<jit.on> enables JIT compilation for a Lua function (this is the
+default).
+
+C<jit.off> disables JIT compilation for a Lua function and flushes any
+already compiled code from the code cache.
+
+C<jit.flush> flushes the code, but doesn't affect the enable/disable
+status.
+
+The current function, i.e. the Lua function calling this library
+function, can also be specified by passing C<true> as the first
+argument.
+
+If the second argument is C<true>, JIT compilation is also enabled,
+disabled or flushed recursively for all sub-functions of a function.
+With C<false> only the sub-functions are affected.
+
+The C<jit.on> and C<jit.off> functions only set a flag which is checked
+when the function is about to be compiled. They do not trigger
+immediate compilation.
+
+Typical usage is C<jit.off(true, true)> in the main chunk of a module
+to turn off JIT compilation for the whole module for debugging
+purposes.
+
+=head2 C<jit.flush(tr)>
+
+Flushes the root trace, specified by its number, and all of its side
+traces from the cache. The code for the trace will be retained as long
+as there are any other traces which link to it.
+
+=head2 C<status, ... = jit.status()>
+
+Returns the current status of the JIT compiler. The first result is
+either C<true> or C<false> if the JIT compiler is turned on or off. The
+remaining results are strings for CPU-specific features and enabled
+optimizations.
+
+=head2 C<jit.version>
+
+Contains the LuaJIT version string.
+
+=head2 C<jit.version_num>
+
+Contains the version number of the LuaJIT core. Version xx.yy.zz is
+represented by the decimal number xxyyzz.
+
+=head2 C<jit.os>
+
+Contains the target OS name: "Windows", "Linux", "OSX", "BSD", "POSIX"
+or "Other".
+
+=head2 C<jit.arch>
+
+Contains the target architecture name: "x86", "x64", "arm", "arm64",
+"ppc", "mips" or "mips64".
+
+=head2 C<jit.opt.*> E<mdash> JIT compiler optimization control
+
+This sub-module provides the backend for the C<-O> command line option.
+
+You can also use it programmatically, e.g.:
+
+ jit.opt.start(2) -- same as -O2
+ jit.opt.start("-dce")
+ jit.opt.start("hotloop=10", "hotexit=2")
+
+Unlike in LuaJIT 1.x, the module is built-in and B<optimization is
+turned on by default!> It's no longer necessary to run
+C<require("jit.opt").start()>, which was one of the ways to enable
+optimization.
+
+=head2 C<jit.util.*> E<mdash> JIT compiler introspection
+
+This sub-module holds functions to introspect the bytecode, generated
+traces, the IR and the generated machine code. The functionality
+provided by this module is still in flux and therefore undocumented.
+
+The debug modules C<-jbc>, C<-jv> and C<-jdump> make extensive use of
+these functions. Please check out their source code, if you want to
+know more.
+
+----
+
+Copyright E<copy> 2005-2017 Mike Pall E<middot> Contact
+
+=cut
+
+#Pod::HTML2Pod conversion notes:
+#From file ext_jit.html
+# 5903 bytes of input
+#Mon May 14 13:19:16 2018 agentzh
+# No a_name switch not specified, so will not try to render <a name='...'>
+# No a_href switch not specified, so will not try to render <a href='...'>
+# Deleting phrasal "code" element (`tt_6) because it has super-phrasal elements (`br_2, `br_3) as children.
+# Deleting phrasal "code" element (`tt_2) because it has super-phrasal elements (`br_1) as children.
--- a/doc/LuaJIT-2.1/ext_profiler.pod
+++ b/doc/LuaJIT-2.1/ext_profiler.pod
@ -0,0 +1,358 @@
+=pod
+
+LuaJIT
+
+=head1 Profiler
+
+=over
+
+=item * LuaJIT
+
+=over
+
+=item * Download E<rchevron>
+
+=item * Installation
+
+=item * Running
+
+=back
+
+=item * Extensions
+
+=over
+
+=item * FFI Library
+
+=over
+
+=item * FFI Tutorial
+
+=item * ffi.* API
+
+=item * FFI Semantics
+
+=back
+
+=item * jit.* Library
+
+=item * Lua/C API
+
+=item * Profiler
+
+=back
+
+=item * Status
+
+=over
+
+=item * Changes
+
+=back
+
+=item * FAQ
+
+=item * Performance E<rchevron>
+
+=item * Wiki E<rchevron>
+
+=item * Mailing List E<rchevron>
+
+=back
+
+LuaJIT has an integrated statistical profiler with very low overhead.
+It allows sampling the currently executing stack and other parameters
+in regular intervals.
+
+The integrated profiler can be accessed from three levels:
+
+=over
+
+=item * The bundled high-level profiler, invoked by the C<-jp> command
+line option.
+
+=item * A low-level Lua API to control the profiler.
+
+=item * A low-level C API to control the profiler.
+
+=back
+
+=head2 High-Level Profiler
+
+The bundled high-level profiler offers basic profiling functionality.
+It generates simple textual summaries or source code annotations. It
+can be accessed with the C<-jp> command line option or from Lua code by
+loading the underlying C<jit.p> module.
+
+To cut to the chase E<mdash> run this to get a CPU usage profile by
+function name:
+
+ luajit -jp myapp.lua
+
+It's I<not> a stated goal of the bundled profiler to add every possible
+option or to cater for special profiling needs. The low-level profiler
+APIs are documented below. They may be used by third-party authors to
+implement advanced functionality, e.g. IDE integration or graphical
+profilers.
+
+Note: Sampling works for both interpreted and JIT-compiled code. The
+results for JIT-compiled code may sometimes be surprising. LuaJIT
+heavily optimizes and inlines Lua code E<mdash> there's no simple
+one-to-one correspondence between source code lines and the sampled
+machine code.
+
+=head2 C<-jp=[options[,output]]>
+
+The C<-jp> command line option starts the high-level profiler. When the
+application run by the command line terminates, the profiler stops and
+writes the results to C<stdout> or to the specified C<output> file.
+
+The C<options> argument specifies how the profiling is to be performed:
+
+=over
+
+=item * C<f> E<mdash> Stack dump: function name, otherwise module:line.
+This is the default mode.
+
+=item * C<F> E<mdash> Stack dump: ditto, but dump module:name.
+
+=item * C<l> E<mdash> Stack dump: module:line.
+
+=item * C<E<lt>numberE<gt>> E<mdash> stack dump depth (callee E<larr>
+caller). Default: 1.
+
+=item * C<-E<lt>numberE<gt>> E<mdash> Inverse stack dump depth (caller
+E<rarr> callee).
+
+=item * C<s> E<mdash> Split stack dump after first stack level. Implies
+depth E<ge> 2 or depth E<le> -2.
+
+=item * C<p> E<mdash> Show full path for module names.
+
+=item * C<v> E<mdash> Show VM states.
+
+=item * C<z> E<mdash> Show zones.
+
+=item * C<r> E<mdash> Show raw sample counts. Default: show
+percentages.
+
+=item * C<a> E<mdash> Annotate excerpts from source code files.
+
+=item * C<A> E<mdash> Annotate complete source code files.
+
+=item * C<G> E<mdash> Produce raw output suitable for graphical tools.
+
+=item * C<mE<lt>numberE<gt>> E<mdash> Minimum sample percentage to be
+shown. Default: 3%.
+
+=item * C<iE<lt>numberE<gt>> E<mdash> Sampling interval in
+milliseconds. Default: 10ms.
+
+Note: The actual sampling precision is OS-dependent.
+
+=back
+
+The default output for C<-jp> is a list of the most CPU consuming spots
+in the application. Increasing the stack dump depth with (say) C<-jp=2>
+may help to point out the main callers or callees of hotspots. But
+sample aggregation is still flat per unique stack dump.
+
+To get a two-level view (split view) of callers/callees, use C<-jp=s>
+or C<-jp=-s>. The percentages shown for the second level are relative
+to the first level.
+
+To see how much time is spent in each line relative to a function, use
+C<-jp=fl>.
+
+To see how much time is spent in different VM states or zones, use
+C<-jp=v> or C<-jp=z>.
+
+Combinations of C<v/z> with C<f/F/l> produce two-level views, e.g.
+C<-jp=vf> or C<-jp=fv>. This shows the time spent in a VM state or zone
+vs. hotspots. This can be used to answer questions like "Which time
+consuming functions are only interpreted?" or "What's the garbage
+collector overhead for a specific function?".
+
+Multiple options can be combined E<mdash> but not all combinations make
+sense, see above. E.g. C<-jp=3si4m1> samples three stack levels deep in
+4ms intervals and shows a split view of the CPU consuming functions and
+their callers with a 1% threshold.
+
+Source code annotations produced by C<-jp=a> or C<-jp=A> are always
+flat and at the line level. Obviously, the source code files need to be
+readable by the profiler script.
+
+The high-level profiler can also be started and stopped from Lua code
+with:
+
+ require("jit.p").start(options, output)
+ ...
+ require("jit.p").stop()
+
+=head2 C<jit.zone> E<mdash> Zones
+
+Zones can be used to provide information about different parts of an
+application to the high-level profiler. E.g. a game could make use of
+an C<"AI"> zone, a C<"PHYS"> zone, etc. Zones are hierarchical,
+organized as a stack.
+
+The C<jit.zone> module needs to be loaded explicitly:
+
+ local zone = require("jit.zone")
+
+=over
+
+=item * C<zone("name")> pushes a named zone to the zone stack.
+
+=item * C<zone()> pops the current zone from the zone stack and returns
+its name.
+
+=item * C<zone:get()> returns the current zone name or C<nil>.
+
+=item * C<zone:flush()> flushes the zone stack.
+
+=back
+
+To show the time spent in each zone use C<-jp=z>. To show the time
+spent relative to hotspots use e.g. C<-jp=zf> or C<-jp=fz>.
+
+=head2 Low-level Lua API
+
+The C<jit.profile> module gives access to the low-level API of the
+profiler from Lua code. This module needs to be loaded explicitly:
+
+ local profile = require("jit.profile")
+
+This module can be used to implement your own higher-level profiler. A
+typical profiling run starts the profiler, captures stack dumps in the
+profiler callback, adds them to a hash table to aggregate the number of
+samples, stops the profiler and then analyzes all of the captured stack
+dumps. Other parameters can be sampled in the profiler callback, too.
+But it's important not to spend too much time in the callback, since
+this may skew the statistics.
+
+=head2 C<profile.start(mode, cb)> E<mdash> Start profiler
+
+This function starts the profiler. The C<mode> argument is a string
+holding options:
+
+=over
+
+=item * C<f> E<mdash> Profile with precision down to the function
+level.
+
+=item * C<l> E<mdash> Profile with precision down to the line level.
+
+=item * C<iE<lt>numberE<gt>> E<mdash> Sampling interval in milliseconds
+(default 10ms). Note: The actual sampling precision is OS-dependent.
+
+=back
+
+The C<cb> argument is a callback function which is called with three
+arguments: C<(thread, samples, vmstate)>. The callback is called on a
+separate coroutine, the C<thread> argument is the state that holds the
+stack to sample for profiling. Note: do I<not> modify the stack of that
+state or call functions on it.
+
+C<samples> gives the number of accumulated samples since the last
+callback (usually 1).
+
+C<vmstate> holds the VM state at the time the profiling timer
+triggered. This may or may not correspond to the state of the VM when
+the profiling callback is called. The state is either C<'N'> native
+(compiled) code, C<'I'> interpreted code, C<'C'> C code, C<'G'> the
+garbage collector, or C<'J'> the JIT compiler.
+
+=head2 C<profile.stop()> E<mdash> Stop profiler
+
+This function stops the profiler.
+
+=head2 C<dump = profile.dumpstack([thread,] fmt, depth)> E<mdash> Dump
+stack
+
+This function allows taking stack dumps in an efficient manner. It
+returns a string with a stack dump for the C<thread> (coroutine),
+formatted according to the C<fmt> argument:
+
+=over
+
+=item * C<p> E<mdash> Preserve the full path for module names.
+Otherwise only the file name is used.
+
+=item * C<f> E<mdash> Dump the function name if it can be derived.
+Otherwise use module:line.
+
+=item * C<F> E<mdash> Ditto, but dump module:name.
+
+=item * C<l> E<mdash> Dump module:line.
+
+=item * C<Z> E<mdash> Zap the following characters for the last dumped
+frame.
+
+=item * All other characters are added verbatim to the output string.
+
+=back
+
+The C<depth> argument gives the number of frames to dump, starting at
+the topmost frame of the thread. A negative number dumps the frames in
+inverse order.
+
+The first example prints a list of the current module names and line
+numbers of up to 10 frames in separate lines. The second example prints
+semicolon-separated function names for all frames (up to 100) in
+inverse order:
+
+ print(profile.dumpstack(thread, "l\n", 10))
+ print(profile.dumpstack(thread, "lZ;", -100))
+
+=head2 Low-level C API
+
+The profiler can be controlled directly from C code, e.g. for use by
+IDEs. The declarations are in C<"luajit.h"> (see Lua/C API extensions).
+
+=head2 C<luaJIT_profile_start(L, mode, cb, data)> E<mdash> Start
+profiler
+
+This function starts the profiler. See above for a description of the
+C<mode> argument.
+
+The C<cb> argument is a callback function with the following
+declaration:
+
+ typedef void (*luaJIT_profile_callback)(void *data, lua_State *L,
+                                         int samples, int vmstate);
+
+C<data> is available for use by the callback. C<L> is the state that
+holds the stack to sample for profiling. Note: do I<not> modify this
+stack or call functions on this stack E<mdash> use a separate coroutine
+for this purpose. See above for a description of C<samples> and
+C<vmstate>.
+
+=head2 C<luaJIT_profile_stop(L)> E<mdash> Stop profiler
+
+This function stops the profiler.
+
+=head2 C<p = luaJIT_profile_dumpstack(L, fmt, depth, len)> E<mdash>
+Dump stack
+
+This function allows taking stack dumps in an efficient manner. See
+above for a description of C<fmt> and C<depth>.
+
+This function returns a C<const char *> pointing to a private string
+buffer of the profiler. The C<int *len> argument returns the length of
+the output string. The buffer is overwritten on the next call and
+deallocated when the profiler stops. You either need to consume the
+content immediately or copy it for later use.
+
+----
+
+Copyright E<copy> 2005-2017 Mike Pall E<middot> Contact
+
+=cut
+
+#Pod::HTML2Pod conversion notes:
+#From file ext_profiler.html
+# 13135 bytes of input
+#Mon May 14 13:19:16 2018 agentzh
+# No a_name switch not specified, so will not try to render <a name='...'>
+# No a_href switch not specified, so will not try to render <a href='...'>
--- a/doc/LuaJIT-2.1/extensions.pod
+++ b/doc/LuaJIT-2.1/extensions.pod
@ -0,0 +1,477 @@
+=pod
+
+LuaJIT
+
+=head1 Extensions
+
+=over
+
+=item * LuaJIT
+
+=over
+
+=item * Download E<rchevron>
+
+=item * Installation
+
+=item * Running
+
+=back
+
+=item * Extensions
+
+=over
+
+=item * FFI Library
+
+=over
+
+=item * FFI Tutorial
+
+=item * ffi.* API
+
+=item * FFI Semantics
+
+=back
+
+=item * jit.* Library
+
+=item * Lua/C API
+
+=item * Profiler
+
+=back
+
+=item * Status
+
+=over
+
+=item * Changes
+
+=back
+
+=item * FAQ
+
+=item * Performance E<rchevron>
+
+=item * Wiki E<rchevron>
+
+=item * Mailing List E<rchevron>
+
+=back
+
+LuaJIT is fully upwards-compatible with Lua 5.1. It supports all
+E<rchevron> standard Lua library functions and the full set of
+E<rchevron> Lua/C API functions.
+
+LuaJIT is also fully ABI-compatible to Lua 5.1 at the linker/dynamic
+loader level. This means you can compile a C module against the
+standard Lua headers and load the same shared library from either Lua
+or LuaJIT.
+
+LuaJIT extends the standard Lua VM with new functionality and adds
+several extension modules. Please note this page is only about
+I<functional> enhancements and not about performance enhancements, such
+as the optimized VM, the faster interpreter or the JIT compiler.
+
+=head2 Extensions Modules
+
+LuaJIT comes with several built-in extension modules:
+
+=head2 C<bit.*> E<mdash> Bitwise operations
+
+LuaJIT supports all bitwise operations as defined by E<rchevron> Lua
+BitOp:
+
+ bit.tobit  bit.tohex  bit.bnot    bit.band bit.bor  bit.bxor
+ bit.lshift bit.rshift bit.arshift bit.rol  bit.ror  bit.bswap
+
+This module is a LuaJIT built-in E<mdash> you don't need to download or
+install Lua BitOp. The Lua BitOp site has full documentation for all
+E<rchevron> Lua BitOp API functions. The FFI adds support for 64 bit
+bitwise operations, using the same API functions.
+
+Please make sure to C<require> the module before using any of its
+functions:
+
+ local bit = require("bit")
+
+An already installed Lua BitOp module is ignored by LuaJIT. This way
+you can use bit operations from both Lua and LuaJIT on a shared
+installation.
+
+=head2 C<ffi.*> E<mdash> FFI library
+
+The FFI library allows calling external C functions and the use of C
+data structures from pure Lua code.
+
+=head2 C<jit.*> E<mdash> JIT compiler control
+
+The functions in this module control the behavior of the JIT compiler
+engine.
+
+=head2 C API extensions
+
+LuaJIT adds some extra functions to the Lua/C API.
+
+=head2 Profiler
+
+LuaJIT has an integrated profiler.
+
+=head2 Enhanced Standard Library Functions
+
+=head2 C<xpcall(f, err [,args...])> passes arguments
+
+Unlike the standard implementation in Lua 5.1, C<xpcall()> passes any
+arguments after the error function to the function which is called in a
+protected context.
+
+=head2 C<loadfile()> etc. handle UTF-8 source code
+
+Non-ASCII characters are handled transparently by the Lua source code
+parser. This allows the use of UTF-8 characters in identifiers and
+strings. A UTF-8 BOM is skipped at the start of the source code.
+
+=head2 C<tostring()> etc. canonicalize NaN and E<plusmn>Inf
+
+All number-to-string conversions consistently convert non-finite
+numbers to the same strings on all platforms. NaN results in C<"nan">,
+positive infinity results in C<"inf"> and negative infinity results in
+C<"-inf">.
+
+=head2 C<tonumber()> etc. use builtin string to number conversion
+
+All string-to-number conversions consistently convert integer and
+floating-point inputs in decimal, hexadecimal and binary on all
+platforms. C<strtod()> is I<not> used anymore, which avoids numerous
+problems with poor C library implementations. The builtin conversion
+function provides full precision according to the IEEE-754 standard, it
+works independently of the current locale and it supports hex
+floating-point numbers (e.g. C<0x1.5p-3>).
+
+=head2 C<string.dump(f [,strip])> generates portable bytecode
+
+An extra argument has been added to C<string.dump()>. If set to
+C<true>, 'stripped' bytecode without debug information is generated.
+This speeds up later bytecode loading and reduces memory usage. See
+also the C<-b> command line option.
+
+The generated bytecode is portable and can be loaded on any
+architecture that LuaJIT supports, independent of word size or
+endianness. However the bytecode compatibility versions must match.
+Bytecode stays compatible for dot releases (x.y.0 E<rarr> x.y.1), but
+may change with major or minor releases (2.0 E<rarr> 2.1) or between
+any beta release. Foreign bytecode (e.g. from Lua 5.1) is incompatible
+and cannot be loaded.
+
+Note: C<LJ_GC64> mode requires a different frame layout, which implies
+a different, incompatible bytecode format for ports that use this mode
+(e.g. ARM64 or MIPS64) or when explicitly enabled for x64. This may be
+rectified in the future.
+
+=head2 C<table.new(narray, nhash)> allocates a pre-sized table
+
+An extra library function C<table.new()> can be made available via
+C<require("table.new")>. This creates a pre-sized table, just like the
+C API equivalent C<lua_createtable()>. This is useful for big tables if
+the final table size is known and automatic table resizing is too
+expensive.
+
+=head2 C<table.clear(tab)> clears a table
+
+An extra library function C<table.clear()> can be made available via
+C<require("table.clear")>. This clears all keys and values from a
+table, but preserves the allocated array/hash sizes. This is useful
+when a table, which is linked from multiple places, needs to be cleared
+and/or when recycling a table for use by the same context. This avoids
+managing backlinks, saves an allocation and the overhead of incremental
+array/hash part growth.
+
+Please note this function is meant for very specific situations. In
+most cases it's better to replace the (usually single) link with a new
+table and let the GC do its work.
+
+=head2 Enhanced PRNG for C<math.random()>
+
+LuaJIT uses a Tausworthe PRNG with period 2^223 to implement
+C<math.random()> and C<math.randomseed()>. The quality of the PRNG
+results is much superior compared to the standard Lua implementation
+which uses the platform-specific ANSI rand().
+
+The PRNG generates the same sequences from the same seeds on all
+platforms and makes use of all bits in the seed argument.
+C<math.random()> without arguments generates 52 pseudo-random bits for
+every call. The result is uniformly distributed between 0.0 and 1.0.
+It's correctly scaled up and rounded for C<math.random(n [,m])> to
+preserve uniformity.
+
+=head2 C<io.*> functions handle 64 bit file offsets
+
+The file I/O functions in the standard C<io.*> library handle 64 bit
+file offsets. In particular this means it's possible to open files
+larger than 2 Gigabytes and to reposition or obtain the current file
+position for offsets beyond 2 GB (C<fp:seek()> method).
+
+=head2 C<debug.*> functions identify metamethods
+
+C<debug.getinfo()> and C<lua_getinfo()> also return information about
+invoked metamethods. The C<namewhat> field is set to C<"metamethod">
+and the C<name> field has the name of the corresponding metamethod
+(e.g. C<"__index">).
+
+=head2 Fully Resumable VM
+
+The LuaJIT VM is fully resumable. This means you can yield from a
+coroutine even across contexts, where this would not possible with the
+standard Lua 5.1 VM: e.g. you can yield across C<pcall()> and
+C<xpcall()>, across iterators and across metamethods.
+
+=head2 Extensions from Lua 5.2
+
+LuaJIT supports some language and library extensions from Lua 5.2.
+Features that are unlikely to break existing code are unconditionally
+enabled:
+
+=over
+
+=item * C<goto> and C<::labels::>.
+
+=item * Hex escapes C<'\x3F'> and C<'\*'> escape in strings.
+
+=item * C<load(string|reader [, chunkname [,mode [,env]]])>.
+
+=item * C<loadstring()> is an alias for C<load()>.
+
+=item * C<loadfile(filename [,mode [,env]])>.
+
+=item * C<math.log(x [,base])>.
+
+=item * C<string.rep(s, n [,sep])>.
+
+=item * C<string.format()>: C<%q> reversible. C<%s> checks
+C<__tostring>. C<%a> and C<"%A> added.
+
+=item * String matching pattern C<%g> added.
+
+=item * C<io.read("*L")>.
+
+=item * C<io.lines()> and C<file:lines()> process C<io.read()> options.
+
+=item * C<os.exit(status|true|false [,close])>.
+
+=item * C<package.searchpath(name, path [, sep [, rep]])>.
+
+=item * C<package.loadlib(name, "*")>.
+
+=item * C<debug.getinfo()> returns C<nparams> and C<isvararg> for
+option C<"u">.
+
+=item * C<debug.getlocal()> accepts function instead of level.
+
+=item * C<debug.getlocal()> and C<debug.setlocal()> accept negative
+indexes for varargs.
+
+=item * C<debug.getupvalue()> and C<debug.setupvalue()> handle C
+functions.
+
+=item * C<debug.upvalueid()> and C<debug.upvaluejoin()>.
+
+=item * Lua/C API extensions: C<lua_version()> C<lua_upvalueid()>
+C<lua_upvaluejoin()> C<lua_loadx()> C<lua_copy()> C<lua_tonumberx()>
+C<lua_tointegerx()> C<luaL_fileresult()> C<luaL_execresult()>
+C<luaL_loadfilex()> C<luaL_loadbufferx()> C<luaL_traceback()>
+C<luaL_setfuncs()> C<luaL_pushmodule()> C<luaL_newlibtable()>
+C<luaL_newlib()> C<luaL_testudata()> C<luaL_setmetatable()>
+
+=item * Command line option C<-E>.
+
+=item * Command line checks C<__tostring> for errors.
+
+=back
+
+Other features are only enabled, if LuaJIT is built with
+C<-DLUAJIT_ENABLE_LUA52COMPAT>:
+
+=over
+
+=item * C<goto> is a keyword and not a valid variable name anymore.
+
+=item * C<break> can be placed anywhere. Empty statements (C<;;>) are
+allowed.
+
+=item * C<__lt>, C<__le> are invoked for mixed types.
+
+=item * C<__len> for tables. C<rawlen()> library function.
+
+=item * C<pairs()> and C<ipairs()> check for C<__pairs> and
+C<__ipairs>.
+
+=item * C<coroutine.running()> returns two results.
+
+=item * C<table.pack()> and C<table.unpack()> (same as C<unpack()>).
+
+=item * C<io.write()> and C<file:write()> return file handle instead of
+C<true>.
+
+=item * C<os.execute()> and C<pipe:close()> return detailed exit
+status.
+
+=item * C<debug.setmetatable()> returns object.
+
+=item * C<debug.getuservalue()> and C<debug.setuservalue()>.
+
+=item * Remove C<math.mod()>, C<string.gfind()>.
+
+=item * C<package.searchers>.
+
+=item * C<module()> returns the module table.
+
+=back
+
+Note: this provides only partial compatibility with Lua 5.2 at the
+language and Lua library level. LuaJIT is API+ABI-compatible with Lua
+5.1, which prevents implementing features that would otherwise break
+the Lua/C API and ABI (e.g. C<_ENV>).
+
+=head2 Extensions from Lua 5.3
+
+LuaJIT supports some extensions from Lua 5.3:
+
+=over
+
+=item * Unicode escape C<'\u{XX...}'> embeds the UTF-8 encoding in
+string literals.
+
+=item * The argument table C<arg> can be read (and modified) by
+C<LUA_INIT> and C<-e> chunks.
+
+=item * C<io.read()> and C<file:read()> accept formats with or without
+a leading C<*>.
+
+=item * C<table.move(a1, f, e, t [,a2])>.
+
+=item * C<coroutine.isyieldable()>.
+
+=item * Lua/C API extensions: C<lua_isyieldable()>
+
+=back
+
+=head2 C++ Exception Interoperability
+
+LuaJIT has built-in support for interoperating with C++ exceptions. The
+available range of features depends on the target platform and the
+toolchain used to compile LuaJIT:
+
+Platform
+
+Compiler
+
+Interoperability
+
+POSIX/x64, DWARF2 unwinding
+
+GCC 4.3+, Clang
+
+B<Full>
+
+ARM C<-DLUAJIT_UNWIND_EXTERNAL>
+
+GCC, Clang
+
+B<Full>
+
+Other platforms, DWARF2 unwinding
+
+GCC, Clang
+
+B<Limited>
+
+Windows/x64
+
+MSVC or WinSDK
+
+B<Full>
+
+Windows/x86
+
+Any
+
+B<Full>
+
+Other platforms
+
+Other compilers
+
+B<No>
+
+B<Full interoperability> means:
+
+=over
+
+=item * C++ exceptions can be caught on the Lua side with C<pcall()>,
+C<lua_pcall()> etc.
+
+=item * C++ exceptions will be converted to the generic Lua error
+C<"C++ exception">, unless you use the C call wrapper feature.
+
+=item * It's safe to throw C++ exceptions across non-protected Lua
+frames on the C stack. The contents of the C++ exception object pass
+through unmodified.
+
+=item * Lua errors can be caught on the C++ side with C<catch(...)>.
+The corresponding Lua error message can be retrieved from the Lua
+stack.
+
+=item * Throwing Lua errors across C++ frames is safe. C++ destructors
+will be called.
+
+=back
+
+B<Limited interoperability> means:
+
+=over
+
+=item * C++ exceptions can be caught on the Lua side with C<pcall()>,
+C<lua_pcall()> etc.
+
+=item * C++ exceptions will be converted to the generic Lua error
+C<"C++ exception">, unless you use the C call wrapper feature.
+
+=item * C++ exceptions will be caught by non-protected Lua frames and
+are rethrown as a generic Lua error. The C++ exception object will be
+destroyed.
+
+=item * Lua errors B<cannot> be caught on the C++ side.
+
+=item * Throwing Lua errors across C++ frames will B<not> call C++
+destructors.
+
+=back
+
+B<No interoperability> means:
+
+=over
+
+=item * It's B<not> safe to throw C++ exceptions across Lua frames.
+
+=item * C++ exceptions B<cannot> be caught on the Lua side.
+
+=item * Lua errors B<cannot> be caught on the C++ side.
+
+=item * Throwing Lua errors across C++ frames will B<not> call C++
+destructors.
+
+=back
+
+----
+
+Copyright E<copy> 2005-2017 Mike Pall E<middot> Contact
+
+=cut
+
+#Pod::HTML2Pod conversion notes:
+#From file extensions.html
+# 17733 bytes of input
+#Mon May 14 13:19:16 2018 agentzh
+# No a_name switch not specified, so will not try to render <a name='...'>
+# No a_href switch not specified, so will not try to render <a href='...'>
--- a/doc/LuaJIT-2.1/faq.pod
+++ b/doc/LuaJIT-2.1/faq.pod
@ -0,0 +1,224 @@
+=pod
+
+LuaJIT
+
+=head1 Frequently Asked Questions (FAQ)
+
+=over
+
+=item * LuaJIT
+
+=over
+
+=item * Download E<rchevron>
+
+=item * Installation
+
+=item * Running
+
+=back
+
+=item * Extensions
+
+=over
+
+=item * FFI Library
+
+=over
+
+=item * FFI Tutorial
+
+=item * ffi.* API
+
+=item * FFI Semantics
+
+=back
+
+=item * jit.* Library
+
+=item * Lua/C API
+
+=item * Profiler
+
+=back
+
+=item * Status
+
+=over
+
+=item * Changes
+
+=back
+
+=item * FAQ
+
+=item * Performance E<rchevron>
+
+=item * Wiki E<rchevron>
+
+=item * Mailing List E<rchevron>
+
+=back
+
+=over
+
+=item Q: Where can I learn more about LuaJIT and Lua?
+
+=over
+
+=item * The E<rchevron> LuaJIT mailing list focuses on topics related
+to LuaJIT.
+
+=item * The E<rchevron> LuaJIT wiki gathers community resources about
+LuaJIT.
+
+=item * News about Lua itself can be found at the E<rchevron> Lua
+mailing list. The mailing list archives are worth checking out for
+older postings about LuaJIT.
+
+=item * The E<rchevron> main Lua.org site has complete E<rchevron>
+documentation of the language and links to books and papers about Lua.
+
+=item * The community-managed E<rchevron> Lua Wiki has information
+about diverse topics.
+
+=back
+
+=back
+
+=over
+
+=item Q: Where can I learn more about the compiler technology used by
+LuaJIT?
+
+I'm planning to write more documentation about the internals of LuaJIT.
+In the meantime, please use the following Google Scholar searches to
+find relevant papers:
+
+Search for: E<rchevron> Trace Compiler
+
+Search for: E<rchevron> JIT Compiler
+
+Search for: E<rchevron> Dynamic Language Optimizations
+
+Search for: E<rchevron> SSA Form
+
+Search for: E<rchevron> Linear Scan Register Allocation
+
+Here is a list of the E<rchevron> innovative features in LuaJIT.
+
+And, you know, reading the source is of course the only way to
+enlightenment. :-)
+
+=back
+
+=over
+
+=item Q: Why do I get this error: "attempt to index global 'arg' (a nil
+value)"?
+
+Q: My vararg functions fail after switching to LuaJIT!
+
+LuaJIT is compatible to the Lua 5.1 language standard. It doesn't
+support the implicit C<arg> parameter for old-style vararg functions
+from Lua 5.0.
+
+Please convert your code to the E<rchevron> Lua 5.1 vararg syntax.
+
+=back
+
+=over
+
+=item Q: Why do I get this error: "bad FPU precision"?
+
+=item Q: I get weird behavior after initializing Direct3D.
+
+=item Q: Some FPU operations crash after I load a Delphi DLL.
+
+DirectX/Direct3D (up to version 9) sets the x87 FPU to single-precision
+mode by default. This violates the Windows ABI and interferes with the
+operation of many programs E<mdash> LuaJIT is affected, too. Please
+make sure you always use the C<D3DCREATE_FPU_PRESERVE> flag when
+initializing Direct3D.
+
+Direct3D version 10 or higher do not show this behavior anymore.
+Consider testing your application with older versions, too.
+
+Similarly, the Borland/Delphi runtime modifies the FPU control word and
+enables FP exceptions. Of course this violates the Windows ABI, too.
+Please check the Delphi docs for the Set8087CW method.
+
+=back
+
+=over
+
+=item Q: Sometimes Ctrl-C fails to stop my Lua program. Why?
+
+The interrupt signal handler sets a Lua debug hook. But this is
+currently ignored by compiled code (this will eventually be fixed). If
+your program is running in a tight loop and never falls back to the
+interpreter, the debug hook never runs and can't throw the
+"interrupted!" error.
+
+In the meantime you have to press Ctrl-C twice to get stop your
+program. That's similar to when it's stuck running inside a C function
+under the Lua interpreter.
+
+=back
+
+=over
+
+=item Q: Why doesn't my favorite power-patch for Lua apply against
+LuaJIT?
+
+Because it's a completely redesigned VM and has very little code in
+common with Lua anymore. Also, if the patch introduces changes to the
+Lua semantics, these would need to be reflected everywhere in the VM,
+from the interpreter up to all stages of the compiler.
+
+Please use only standard Lua language constructs. For many common needs
+you can use source transformations or use wrapper or proxy functions.
+The compiler will happily optimize away such indirections.
+
+=back
+
+=over
+
+=item Q: Lua runs everywhere. Why doesn't LuaJIT support my CPU?
+
+Because it's a compiler E<mdash> it needs to generate native machine
+code. This means the code generator must be ported to each
+architecture. And the fast interpreter is written in assembler and must
+be ported, too. This is quite an undertaking.
+
+The install documentation shows the supported architectures. Other
+architectures will follow based on sufficient user demand and/or
+sponsoring.
+
+=back
+
+=over
+
+=item Q: When will feature X be added? When will the next version be
+released?
+
+When it's ready.
+
+C'mon, it's open source E<mdash> I'm doing it on my own time and you're
+getting it for free. You can either contribute a patch or sponsor the
+development of certain features, if they are important to you.
+
+=back
+
+----
+
+Copyright E<copy> 2005-2017 Mike Pall E<middot> Contact
+
+=cut
+
+#Pod::HTML2Pod conversion notes:
+#From file faq.html
+# 7685 bytes of input
+#Mon May 14 13:19:16 2018 agentzh
+# No a_name switch not specified, so will not try to render <a name='...'>
+# No a_href switch not specified, so will not try to render <a href='...'>
--- a/doc/LuaJIT-2.1/install.pod
+++ b/doc/LuaJIT-2.1/install.pod
@ -0,0 +1,700 @@
+=pod
+
+LuaJIT
+
+=head1 Installation
+
+=over
+
+=item * LuaJIT
+
+=over
+
+=item * Download E<rchevron>
+
+=item * Installation
+
+=item * Running
+
+=back
+
+=item * Extensions
+
+=over
+
+=item * FFI Library
+
+=over
+
+=item * FFI Tutorial
+
+=item * ffi.* API
+
+=item * FFI Semantics
+
+=back
+
+=item * jit.* Library
+
+=item * Lua/C API
+
+=item * Profiler
+
+=back
+
+=item * Status
+
+=over
+
+=item * Changes
+
+=back
+
+=item * FAQ
+
+=item * Performance E<rchevron>
+
+=item * Wiki E<rchevron>
+
+=item * Mailing List E<rchevron>
+
+=back
+
+LuaJIT is only distributed as a source package. This page explains how
+to build and install LuaJIT with different operating systems and C
+compilers.
+
+For the impatient (on POSIX systems):
+
+ make && sudo make install
+
+LuaJIT currently builds out-of-the box on most systems. Here's the
+compatibility matrix for the supported combinations of operating
+systems, CPUs and compilers:
+
+CPU / OS
+
+Linux or
+
+Android
+
+*BSD, Other
+
+OSX 10.4+ or
+
+iOS 3.0+
+
+Windows
+
+XP/Vista/7
+
+x86 (32 bit)
+
+GCC 4.2+
+
+GCC 4.2+
+
+XCode 5.0+
+
+Clang
+
+MSVC, MSVC/EE
+
+WinSDK
+
+MinGW, Cygwin
+
+x64 (64 bit)
+
+GCC 4.2+
+
+GCC 4.2+
+
+ORBIS (PS4)
+
+XCode 5.0+
+
+Clang
+
+MSVC + SDK v7.0
+
+WinSDK v7.0
+
+Durango (Xbox One)
+
+ARMv5+
+
+ARM9E+
+
+GCC 4.2+
+
+GCC 4.2+
+
+PSP2 (PS VITA)
+
+XCode 5.0+
+
+Clang
+
+ARM64
+
+GCC 4.8+
+
+XCode 6.0+
+
+Clang 3.5+
+
+PPC
+
+GCC 4.3+
+
+GCC 4.3+
+
+GCC 4.1 (PS3)
+
+XEDK (Xbox 360)
+
+MIPS32
+
+MIPS64
+
+GCC 4.3+
+
+GCC 4.3+
+
+=head2 Configuring LuaJIT
+
+The standard configuration should work fine for most installations.
+Usually there is no need to tweak the settings. The following files
+hold all user-configurable settings:
+
+=over
+
+=item * C<src/luaconf.h> sets some configuration variables.
+
+=item * C<Makefile> has settings for B<installing> LuaJIT (POSIX only).
+
+=item * C<src/Makefile> has settings for B<compiling> LuaJIT under
+POSIX, MinGW or Cygwin.
+
+=item * C<src/msvcbuild.bat> has settings for compiling LuaJIT with
+MSVC or WinSDK.
+
+=back
+
+Please read the instructions given in these files, before changing any
+settings.
+
+LuaJIT on x64 currently uses 32 bit GC objects by default. C<LJ_GC64>
+mode may be explicitly enabled: add C<XCFLAGS=-DLUAJIT_ENABLE_GC64> to
+the make command or run C<msvcbuild gc64> for MSVC/WinSDK. Please check
+the note about the bytecode format differences, too.
+
+=head2 POSIX Systems (Linux, OSX, *BSD etc.)
+
+=head2 Prerequisites
+
+Depending on your distribution, you may need to install a package for
+GCC, the development headers and/or a complete SDK. E.g. on a current
+Debian/Ubuntu, install C<libc6-dev> with the package manager.
+
+Download the current source package of LuaJIT (pick the .tar.gz), if
+you haven't already done so. Move it to a directory of your choice,
+open a terminal window and change to this directory. Now unpack the
+archive and change to the newly created directory:
+
+ tar zxf LuaJIT-2.0.5.tar.gz
+ cd LuaJIT-2.0.5
+
+=head2 Building LuaJIT
+
+The supplied Makefiles try to auto-detect the settings needed for your
+operating system and your compiler. They need to be run with GNU Make,
+which is probably the default on your system, anyway. Simply run:
+
+ make
+
+This always builds a native binary, depending on the host OS you're
+running this command on. Check the section on cross-compilation for
+more options.
+
+By default, modules are only searched under the prefix C</usr/local>.
+You can add an extra prefix to the search paths by appending the
+C<PREFIX> option, e.g.:
+
+ make PREFIX=/home/myself/lj2
+
+Note for OSX: if the C<MACOSX_DEPLOYMENT_TARGET> environment variable
+is not set, then it's forced to C<10.4>.
+
+=head2 Installing LuaJIT
+
+The top-level Makefile installs LuaJIT by default under C</usr/local>,
+i.e. the executable ends up in C</usr/local/bin> and so on. You need
+root privileges to write to this path. So, assuming sudo is installed
+on your system, run the following command and enter your sudo password:
+
+ sudo make install
+
+Otherwise specify the directory prefix as an absolute path, e.g.:
+
+ make install PREFIX=/home/myself/lj2
+
+Obviously the prefixes given during build and installation need to be
+the same.
+
+=head2 Windows Systems
+
+=head2 Prerequisites
+
+Either install one of the open source SDKs (E<rchevron> MinGW or
+E<rchevron> Cygwin), which come with a modified GCC plus the required
+development headers.
+
+Or install Microsoft's Visual C++ (MSVC). The freely downloadable
+E<rchevron> Express Edition works just fine, but only contains an x86
+compiler.
+
+The freely downloadable E<rchevron> Windows SDK only comes with command
+line tools, but this is all you need to build LuaJIT. It contains x86
+and x64 compilers.
+
+Next, download the source package and unpack it using an archive
+manager (e.g. the Windows Explorer) to a directory of your choice.
+
+=head2 Building with MSVC
+
+Open a "Visual Studio .NET Command Prompt", C<cd> to the directory
+where you've unpacked the sources and run these commands:
+
+ cd src
+ msvcbuild
+
+Then follow the installation instructions below.
+
+=head2 Building with the Windows SDK
+
+Open a "Windows SDK Command Shell" and select the x86 compiler:
+
+ setenv /release /x86
+
+Or select the x64 compiler:
+
+ setenv /release /x64
+
+Then C<cd> to the directory where you've unpacked the sources and run
+these commands:
+
+ cd src
+ msvcbuild
+
+Then follow the installation instructions below.
+
+=head2 Building with MinGW or Cygwin
+
+Open a command prompt window and make sure the MinGW or Cygwin programs
+are in your path. Then C<cd> to the directory where you've unpacked the
+sources and run this command for MinGW:
+
+ mingw32-make
+
+Or this command for Cygwin:
+
+ make
+
+Then follow the installation instructions below.
+
+=head2 Installing LuaJIT
+
+Copy C<luajit.exe> and C<lua51.dll> (built in the C<src> directory) to
+a newly created directory (any location is ok). Add C<lua> and
+C<lua\jit> directories below it and copy all Lua files from the
+C<src\jit> directory of the distribution to the latter directory.
+
+There are no hardcoded absolute path names E<mdash> all modules are
+loaded relative to the directory where C<luajit.exe> is installed (see
+C<src/luaconf.h>).
+
+=head2 Cross-compiling LuaJIT
+
+First, let's clear up some terminology:
+
+=over
+
+=item * Host: This is your development system, usually based on a x64
+or x86 CPU.
+
+=item * Target: This is the target system you want LuaJIT to run on,
+e.g. Android/ARM.
+
+=item * Toolchain: This comprises a C compiler, linker, assembler and a
+matching C library.
+
+=item * Host (or system) toolchain: This is the toolchain used to build
+native binaries for your host system.
+
+=item * Cross-compile toolchain: This is the toolchain used to build
+binaries for the target system. They can only be run on the target
+system.
+
+=back
+
+The GNU Makefile-based build system allows cross-compiling on any host
+for any supported target:
+
+=over
+
+=item * Yes, you need a toolchain for both your host I<and> your
+target!
+
+=item * Both host and target architectures must have the same pointer
+size.
+
+=item * E.g. if you want to cross-compile to a 32 bit target on a 64
+bit host, you need to install the multilib development package (e.g.
+C<libc6-dev-i386> on Debian/Ubuntu) and build a 32 bit host part
+(C<HOST_CC="gcc -m32">).
+
+=item * 64 bit targets always require compilation on a 64 bit host.
+
+=back
+
+You need to specify C<TARGET_SYS> whenever the host OS and the target
+OS differ, or you'll get assembler or linker errors:
+
+=over
+
+=item * E.g. if you're compiling on a Windows or OSX host for embedded
+Linux or Android, you need to add C<TARGET_SYS=Linux> to the examples
+below.
+
+=item * For a minimal target OS, you may need to disable the built-in
+allocator in C<src/Makefile> and use C<TARGET_SYS=Other>.
+
+=item * Don't forget to specify the same C<TARGET_SYS> for the install
+step, too.
+
+=back
+
+Here are some examples where host and target have the same CPU:
+
+ # Cross-compile to a 32 bit binary on a multilib x64 OS
+ make CC="gcc -m32"
+ 
+ # Cross-compile on Debian/Ubuntu for Windows (mingw32 package)
+ make HOST_CC="gcc -m32" CROSS=i586-mingw32msvc- TARGET_SYS=Windows
+
+The C<CROSS> prefix allows specifying a standard GNU cross-compile
+toolchain (Binutils, GCC and a matching libc). The prefix may vary
+depending on the C<--target> the toolchain was built for (note the
+C<CROSS> prefix has a trailing C<"-">). The examples below use the
+canonical toolchain triplets for Linux.
+
+Since there's often no easy way to detect CPU features at runtime, it's
+important to compile with the proper CPU or architecture settings:
+
+=over
+
+=item * The best way to get consistent results is to specify the
+correct settings when building the toolchain yourself.
+
+=item * For a pre-built, generic toolchain add C<-mcpu=...> or
+C<-march=...> and other necessary flags to C<TARGET_CFLAGS>.
+
+=item * For ARM it's important to have the correct C<-mfloat-abi=...>
+setting, too. Otherwise LuaJIT may not run at the full performance of
+your target CPU.
+
+=item * For MIPS it's important to select a supported ABI (o32 on
+MIPS32, n64 on MIPS64) and consistently compile your project either
+with hard-float or soft-float compiler settings.
+
+=back
+
+Here are some examples for targets with a different CPU than the host:
+
+ # ARM soft-float
+ make HOST_CC="gcc -m32" CROSS=arm-linux-gnueabi- \
+      TARGET_CFLAGS="-mfloat-abi=soft"
+ 
+ # ARM soft-float ABI with VFP (example for Cortex-A9)
+ make HOST_CC="gcc -m32" CROSS=arm-linux-gnueabi- \
+      TARGET_CFLAGS="-mcpu=cortex-a9 -mfloat-abi=softfp"
+ 
+ # ARM hard-float ABI with VFP (armhf, most modern toolchains)
+ make HOST_CC="gcc -m32" CROSS=arm-linux-gnueabihf-
+ 
+ # ARM64
+ make CROSS=aarch64-linux-
+ 
+ # PPC
+ make HOST_CC="gcc -m32" CROSS=powerpc-linux-gnu-
+ 
+ # MIPS32 big-endian
+ make HOST_CC="gcc -m32" CROSS=mips-linux-
+ # MIPS32 little-endian
+ make HOST_CC="gcc -m32" CROSS=mipsel-linux-
+ 
+ # MIPS64 big-endian
+ make CROSS=mips-linux- TARGET_CFLAGS="-mips64r2 -mabi=64"
+ # MIPS64 little-endian
+ make CROSS=mipsel-linux- TARGET_CFLAGS="-mips64r2 -mabi=64"
+
+You can cross-compile for B<Android> using the Android NDK. The
+environment variables need to match the install locations and the
+desired target platform. E.g. Android 4.0 corresponds to ABI level 14.
+For details check the folder C<docs> in the NDK directory.
+
+Only a few common variations for the different CPUs, ABIs and platforms
+are listed. Please use your own judgement for which combination you
+want to build/deploy or which lowest common denominator you want to
+pick:
+
+ # Android/ARM, armeabi (ARMv5TE soft-float), Android 2.2+ (Froyo)
+ NDK=/opt/android/ndk
+ NDKABI=8
+ NDKVER=$NDK/toolchains/arm-linux-androideabi-4.9
+ NDKP=$NDKVER/prebuilt/linux-x86/bin/arm-linux-androideabi-
+ NDKF="--sysroot $NDK/platforms/android-$NDKABI/arch-arm"
+ make HOST_CC="gcc -m32" CROSS=$NDKP TARGET_FLAGS="$NDKF"
+ 
+ # Android/ARM, armeabi-v7a (ARMv7 VFP), Android 4.0+ (ICS)
+ NDK=/opt/android/ndk
+ NDKABI=14
+ NDKVER=$NDK/toolchains/arm-linux-androideabi-4.9
+ NDKP=$NDKVER/prebuilt/linux-x86/bin/arm-linux-androideabi-
+ NDKF="--sysroot $NDK/platforms/android-$NDKABI/arch-arm"
+ NDKARCH="-march=armv7-a -mfloat-abi=softfp -Wl,--fix-cortex-a8"
+ make HOST_CC="gcc -m32" CROSS=$NDKP TARGET_FLAGS="$NDKF $NDKARCH"
+ 
+ # Android/MIPS, mipsel (MIPS32R1 hard-float), Android 4.0+ (ICS)
+ NDK=/opt/android/ndk
+ NDKABI=14
+ NDKVER=$NDK/toolchains/mipsel-linux-android-4.9
+ NDKP=$NDKVER/prebuilt/linux-x86/bin/mipsel-linux-android-
+ NDKF="--sysroot $NDK/platforms/android-$NDKABI/arch-mips"
+ make HOST_CC="gcc -m32" CROSS=$NDKP TARGET_FLAGS="$NDKF"
+ 
+ # Android/x86, x86 (i686 SSE3), Android 4.0+ (ICS)
+ NDK=/opt/android/ndk
+ NDKABI=14
+ NDKVER=$NDK/toolchains/x86-4.9
+ NDKP=$NDKVER/prebuilt/linux-x86/bin/i686-linux-android-
+ NDKF="--sysroot $NDK/platforms/android-$NDKABI/arch-x86"
+ make HOST_CC="gcc -m32" CROSS=$NDKP TARGET_FLAGS="$NDKF"
+
+You can cross-compile for B<iOS 3.0+> (iPhone/iPad) using the
+E<rchevron> iOS SDK:
+
+Note: B<the JIT compiler is disabled for iOS>, because regular iOS Apps
+are not allowed to generate code at runtime. You'll only get the
+performance of the LuaJIT interpreter on iOS. This is still faster than
+plain Lua, but much slower than the JIT compiler. Please complain to
+Apple, not me. Or use Android. :-p
+
+ # iOS/ARM (32 bit)
+ ISDKP=$(xcrun --sdk iphoneos --show-sdk-path)
+ ICC=$(xcrun --sdk iphoneos --find clang)
+ ISDKF="-arch armv7 -isysroot $ISDKP"
+ make DEFAULT_CC=clang HOST_CC="clang -m32 -arch i386" \
+      CROSS="$(dirname $ICC)/" TARGET_FLAGS="$ISDKF" TARGET_SYS=iOS
+ 
+ # iOS/ARM64
+ ISDKP=$(xcrun --sdk iphoneos --show-sdk-path)
+ ICC=$(xcrun --sdk iphoneos --find clang)
+ ISDKF="-arch arm64 -isysroot $ISDKP"
+ make DEFAULT_CC=clang CROSS="$(dirname $ICC)/" \
+      TARGET_FLAGS="$ISDKF" TARGET_SYS=iOS
+
+=head2 Cross-compiling for consoles
+
+Building LuaJIT for consoles requires both a supported host compiler
+(x86 or x64) and a cross-compiler (to PPC or ARM) from the official
+console SDK.
+
+Due to restrictions on consoles, the JIT compiler is disabled and only
+the fast interpreter is built. This is still faster than plain Lua, but
+much slower than the JIT compiler. The FFI is disabled, too, since it's
+not very useful in such an environment.
+
+The following commands build a static library C<libluajit.a>, which can
+be linked against your game, just like the Lua library.
+
+To cross-compile for B<PS3> from a Linux host (requires 32 bit GCC,
+i.e. multilib Linux/x64) or a Windows host (requires 32 bit MinGW), run
+this command:
+
+ make HOST_CC="gcc -m32" CROSS=ppu-lv2-
+
+To cross-compile for B<PS4> from a Windows host, open a "Visual Studio
+.NET Command Prompt" (64 bit host compiler), C<cd> to the directory
+where you've unpacked the sources and run the following commands:
+
+ cd src
+ ps4build
+
+To cross-compile for B<PS Vita> from a Windows host, open a "Visual
+Studio .NET Command Prompt" (32 bit host compiler), C<cd> to the
+directory where you've unpacked the sources and run the following
+commands:
+
+ cd src
+ psvitabuild
+
+To cross-compile for B<Xbox 360> from a Windows host, open a "Visual
+Studio .NET Command Prompt" (32 bit host compiler), C<cd> to the
+directory where you've unpacked the sources and run the following
+commands:
+
+ cd src
+ xedkbuild
+
+To cross-compile for B<Xbox One> from a Windows host, open a "Visual
+Studio .NET Command Prompt" (64 bit host compiler), C<cd> to the
+directory where you've unpacked the sources and run the following
+commands:
+
+ cd src
+ xb1build
+
+=head2 Embedding LuaJIT
+
+LuaJIT is API-compatible with Lua 5.1. If you've already embedded Lua
+into your application, you probably don't need to do anything to switch
+to LuaJIT, except link with a different library:
+
+=over
+
+=item * It's strongly suggested to build LuaJIT separately using the
+supplied build system. Please do I<not> attempt to integrate the
+individual source files into your build tree. You'll most likely get
+the internal build dependencies wrong or mess up the compiler flags.
+Treat LuaJIT like any other external library and link your application
+with either the dynamic or static library, depending on your needs.
+
+=item * If you want to load C modules compiled for plain Lua with
+C<require()>, you need to make sure the public symbols (e.g.
+C<lua_pushnumber>) are exported, too:
+
+=over
+
+=item * On POSIX systems you can either link to the shared library or
+link the static library into your application. In the latter case
+you'll need to export all public symbols from your main executable
+(e.g. C<-Wl,-E> on Linux) and add the external dependencies (e.g. C<-lm
+-ldl> on Linux).
+
+=item * Since Windows symbols are bound to a specific DLL name, you
+need to link to the C<lua51.dll> created by the LuaJIT build (do not
+rename the DLL). You may link LuaJIT statically on Windows only if you
+don't intend to load Lua/C modules at runtime.
+
+=back
+
+=item * If you're building a 64 bit application on OSX which links
+directly or indirectly against LuaJIT which is not built for C<LJ_GC64>
+mode, you need to link your main executable with these flags:
+
+ -pagezero_size 10000 -image_base 100000000
+
+=back
+
+Additional hints for initializing LuaJIT using the C API functions:
+
+=over
+
+=item * Here's a E<rchevron> simple example for embedding Lua or LuaJIT
+into your application.
+
+=item * Make sure you use C<luaL_newstate>. Avoid using
+C<lua_newstate>, since this uses the (slower) default memory allocator
+from your system (no support for this on x64).
+
+=item * Make sure you use C<luaL_openlibs> and not the old Lua 5.0
+style of calling C<luaopen_base> etc. directly.
+
+=item * To change or extend the list of standard libraries to load,
+copy C<src/lib_init.c> to your project and modify it accordingly. Make
+sure the C<jit> library is loaded or the JIT compiler will not be
+activated.
+
+=item * The C<bit.*> module for bitwise operations is already built-in.
+There's no need to statically link E<rchevron> Lua BitOp to your
+application.
+
+=back
+
+=head2 Hints for Distribution Maintainers
+
+The LuaJIT build system has extra provisions for the needs of most
+POSIX-based distributions. If you're a package maintainer for a
+distribution, I<please> make use of these features and avoid patching,
+subverting, autotoolizing or messing up the build system in unspeakable
+ways.
+
+There should be absolutely no need to patch C<luaconf.h> or any of the
+Makefiles. And please do not hand-pick files for your packages E<mdash>
+simply use whatever C<make install> creates. There's a reason for all
+of the files I<and> directories it creates.
+
+The build system uses GNU make and auto-detects most settings based on
+the host you're building it on. This should work fine for native
+builds, even when sandboxed. You may need to pass some of the following
+flags to I<both> the C<make> and the C<make install> command lines for
+a regular distribution build:
+
+=over
+
+=item * C<PREFIX> overrides the installation path and should usually be
+set to C</usr>. Setting this also changes the module paths and the
+paths needed to locate the shared library.
+
+=item * C<DESTDIR> is an absolute path which allows you to install to a
+shadow tree instead of the root tree of the build system.
+
+=item * C<MULTILIB> sets the architecture-specific library path
+component for multilib systems. The default is C<lib>.
+
+=item * Have a look at the top-level C<Makefile> and C<src/Makefile>
+for additional variables to tweak. The following variables I<may> be
+overridden, but it's I<not> recommended, except for special needs like
+cross-builds: C<BUILDMODE, CC, HOST_CC, STATIC_CC, DYNAMIC_CC, CFLAGS,
+HOST_CFLAGS, TARGET_CFLAGS, LDFLAGS, HOST_LDFLAGS, TARGET_LDFLAGS,
+TARGET_SHLDFLAGS, TARGET_FLAGS, LIBS, HOST_LIBS, TARGET_LIBS, CROSS,
+HOST_SYS, TARGET_SYS>
+
+=back
+
+The build system has a special target for an amalgamated build, i.e.
+C<make amalg>. This compiles the LuaJIT core as one huge C file and
+allows GCC to generate faster and shorter code. Alas, this requires
+lots of memory during the build. This may be a problem for some users,
+that's why it's not enabled by default. But it shouldn't be a problem
+for most build farms. It's recommended that binary distributions use
+this target for their LuaJIT builds.
+
+The tl;dr version of the above:
+
+ make amalg PREFIX=/usr && \
+ make install PREFIX=/usr DESTDIR=/tmp/buildroot
+
+Finally, if you encounter any difficulties, please contact me first,
+instead of releasing a broken package onto unsuspecting users. Because
+they'll usually gonna complain to me (the upstream) and not you (the
+package maintainer), anyway.
+
+----
+
+Copyright E<copy> 2005-2017 Mike Pall E<middot> Contact
+
+=cut
+
+#Pod::HTML2Pod conversion notes:
+#From file install.html
+# 25250 bytes of input
+#Mon May 14 13:19:16 2018 agentzh
+# No a_name switch not specified, so will not try to render <a name='...'>
+# No a_href switch not specified, so will not try to render <a href='...'>
+# Deleting phrasal "a" element (`a_34) because it has super-phrasal elements (`br_16) as children.
+# Deleting phrasal "a" element (`a_28) because it has super-phrasal elements (`br_11) as children.
+# Deleting phrasal "a" element (`a_25) because it has super-phrasal elements (`br_3) as children.
--- a/doc/LuaJIT-2.1/running.pod
+++ b/doc/LuaJIT-2.1/running.pod
@ -0,0 +1,421 @@
+=pod
+
+LuaJIT
+
+=head1 Running LuaJIT
+
+=over
+
+=item * LuaJIT
+
+=over
+
+=item * Download E<rchevron>
+
+=item * Installation
+
+=item * Running
+
+=back
+
+=item * Extensions
+
+=over
+
+=item * FFI Library
+
+=over
+
+=item * FFI Tutorial
+
+=item * ffi.* API
+
+=item * FFI Semantics
+
+=back
+
+=item * jit.* Library
+
+=item * Lua/C API
+
+=item * Profiler
+
+=back
+
+=item * Status
+
+=over
+
+=item * Changes
+
+=back
+
+=item * FAQ
+
+=item * Performance E<rchevron>
+
+=item * Wiki E<rchevron>
+
+=item * Mailing List E<rchevron>
+
+=back
+
+LuaJIT has only a single stand-alone executable, called C<luajit> on
+POSIX systems or C<luajit.exe> on Windows. It can be used to run simple
+Lua statements or whole Lua applications from the command line. It has
+an interactive mode, too.
+
+=head2 Command Line Options
+
+The C<luajit> stand-alone executable is just a slightly modified
+version of the regular C<lua> stand-alone executable. It supports the
+same basic options, too. C<luajit -h> prints a short list of the
+available options. Please have a look at the E<rchevron> Lua manual for
+details.
+
+LuaJIT has some additional options:
+
+=head2 C<-b[options] input output>
+
+This option saves or lists bytecode. The following additional options
+are accepted:
+
+=over
+
+=item * C<-l> E<mdash> Only list bytecode.
+
+=item * C<-s> E<mdash> Strip debug info (this is the default).
+
+=item * C<-g> E<mdash> Keep debug info.
+
+=item * C<-n name> E<mdash> Set module name (default: auto-detect from
+input name)
+
+=item * C<-t type> E<mdash> Set output file type (default: auto-detect
+from output name).
+
+=item * C<-a arch> E<mdash> Override architecture for object files
+(default: native).
+
+=item * C<-o os> E<mdash> Override OS for object files (default:
+native).
+
+=item * C<-e chunk> E<mdash> Use chunk string as input.
+
+=item * C<-> (a single minus sign) E<mdash> Use stdin as input and/or
+stdout as output.
+
+=back
+
+The output file type is auto-detected from the extension of the output
+file name:
+
+=over
+
+=item * C<c> E<mdash> C source file, exported bytecode data.
+
+=item * C<h> E<mdash> C header file, static bytecode data.
+
+=item * C<obj> or C<o> E<mdash> Object file, exported bytecode data
+(OS- and architecture-specific).
+
+=item * C<raw> or any other extension E<mdash> Raw bytecode file
+(portable).
+
+=back
+
+Notes:
+
+=over
+
+=item * See also string.dump() for information on bytecode portability
+and compatibility.
+
+=item * A file in raw bytecode format is auto-detected and can be
+loaded like any Lua source file. E.g. directly from the command line or
+with C<loadfile()>, C<dofile()> etc.
+
+=item * To statically embed the bytecode of a module in your
+application, generate an object file and just link it with your
+application.
+
+=item * On most ELF-based systems (e.g. Linux) you need to explicitly
+export the global symbols when linking your application, e.g. with:
+C<-Wl,-E>
+
+=item * C<require()> tries to load embedded bytecode data from exported
+symbols (in C<*.exe> or C<lua51.dll> on Windows) and from shared
+libraries in C<package.cpath>.
+
+=back
+
+Typical usage examples:
+
+ luajit -b test.lua test.out                 # Save bytecode to test.out
+ luajit -bg test.lua test.out                # Keep debug info
+ luajit -be "print('hello world')" test.out  # Save cmdline script
+ 
+ luajit -bl test.lua                         # List to stdout
+ luajit -bl test.lua test.txt                # List to test.txt
+ luajit -ble "print('hello world')"          # List cmdline script
+ 
+ luajit -b test.lua test.obj                 # Generate object file
+ # Link test.obj with your application and load it with require("test")
+
+=head2 C<-j cmd[=arg[,arg...]]>
+
+This option performs a LuaJIT control command or activates one of the
+loadable extension modules. The command is first looked up in the
+C<jit.*> library. If no matching function is found, a module named
+C<jit.E<lt>cmdE<gt>> is loaded and the C<start()> function of the
+module is called with the specified arguments (if any). The space
+between C<-j> and C<cmd> is optional.
+
+Here are the available LuaJIT control commands:
+
+=over
+
+=item * C<-jon> E<mdash> Turns the JIT compiler on (default).
+
+=item * C<-joff> E<mdash> Turns the JIT compiler off (only use the
+interpreter).
+
+=item * C<-jflush> E<mdash> Flushes the whole cache of compiled code.
+
+=item * C<-jv> E<mdash> Shows verbose information about the progress of
+the JIT compiler.
+
+=item * C<-jdump> E<mdash> Dumps the code and structures used in
+various compiler stages.
+
+=item * C<-jp> E<mdash> Start the integrated profiler.
+
+=back
+
+The C<-jv> and C<-jdump> commands are extension modules written in Lua.
+They are mainly used for debugging the JIT compiler itself. For a
+description of their options and output format, please read the comment
+block at the start of their source. They can be found in the C<lib>
+directory of the source distribution or installed under the C<jit>
+directory. By default this is C</usr/local/share/luajit-2.0.5/jit> on
+POSIX systems.
+
+=head2 C<-O[level]>
+
+C<-O[+]flag> C<-O-flag>
+
+C<-Oparam=value>
+
+This options allows fine-tuned control of the optimizations used by the
+JIT compiler. This is mainly intended for debugging LuaJIT itself.
+Please note that the JIT compiler is extremely fast (we are talking
+about the microsecond to millisecond range). Disabling optimizations
+doesn't have any visible impact on its overhead, but usually generates
+code that runs slower.
+
+The first form sets an optimization level E<mdash> this enables a
+specific mix of optimization flags. C<-O0> turns off all optimizations
+and higher numbers enable more optimizations. Omitting the level (i.e.
+just C<-O>) sets the default optimization level, which is C<-O3> in the
+current version.
+
+The second form adds or removes individual optimization flags. The
+third form sets a parameter for the VM or the JIT compiler to a
+specific value.
+
+You can either use this option multiple times (like C<-Ocse -O-dce
+-Ohotloop=10>) or separate several settings with a comma (like
+C<-O+cse,-dce,hotloop=10>). The settings are applied from left to right
+and later settings override earlier ones. You can freely mix the three
+forms, but note that setting an optimization level overrides all
+earlier flags.
+
+Here are the available flags and at what optimization levels they are
+enabled:
+
+Flag
+
+-O1
+
+-O2
+
+-O3
+
+fold
+
+E<bull>
+
+E<bull>
+
+E<bull>
+
+Constant Folding, Simplifications and Reassociation
+
+cse
+
+E<bull>
+
+E<bull>
+
+E<bull>
+
+Common-Subexpression Elimination
+
+dce
+
+E<bull>
+
+E<bull>
+
+E<bull>
+
+Dead-Code Elimination
+
+narrow
+
+E<bull>
+
+E<bull>
+
+Narrowing of numbers to integers
+
+loop
+
+E<bull>
+
+E<bull>
+
+Loop Optimizations (code hoisting)
+
+fwd
+
+E<bull>
+
+Load Forwarding (L2L) and Store Forwarding (S2L)
+
+dse
+
+E<bull>
+
+Dead-Store Elimination
+
+abc
+
+E<bull>
+
+Array Bounds Check Elimination
+
+sink
+
+E<bull>
+
+Allocation/Store Sinking
+
+fuse
+
+E<bull>
+
+Fusion of operands into instructions
+
+Here are the parameters and their default settings:
+
+Parameter
+
+Default
+
+maxtrace
+
+1000
+
+Max. number of traces in the cache
+
+maxrecord
+
+4000
+
+Max. number of recorded IR instructions
+
+maxirconst
+
+500
+
+Max. number of IR constants of a trace
+
+maxside
+
+100
+
+Max. number of side traces of a root trace
+
+maxsnap
+
+500
+
+Max. number of snapshots for a trace
+
+hotloop
+
+56
+
+Number of iterations to detect a hot loop or hot call
+
+hotexit
+
+10
+
+Number of taken exits to start a side trace
+
+tryside
+
+4
+
+Number of attempts to compile a side trace
+
+instunroll
+
+4
+
+Max. unroll factor for instable loops
+
+loopunroll
+
+15
+
+Max. unroll factor for loop ops in side traces
+
+callunroll
+
+3
+
+Max. unroll factor for pseudo-recursive calls
+
+recunroll
+
+2
+
+Min. unroll factor for true recursion
+
+sizemcode
+
+32
+
+Size of each machine code area in KBytes (Windows: 64K)
+
+maxmcode
+
+512
+
+Max. total size of all machine code areas in KBytes
+
+----
+
+Copyright E<copy> 2005-2017 Mike Pall E<middot> Contact
+
+=cut
+
+#Pod::HTML2Pod conversion notes:
+#From file running.html
+# 13720 bytes of input
+#Mon May 14 13:19:16 2018 agentzh
+# No a_name switch not specified, so will not try to render <a name='...'>
+# No a_href switch not specified, so will not try to render <a href='...'>
--- a/doc/LuaJIT-2.1/status.pod
+++ b/doc/LuaJIT-2.1/status.pod
@ -0,0 +1,113 @@
+=pod
+
+LuaJIT
+
+=head1 Status
+
+=over
+
+=item * LuaJIT
+
+=over
+
+=item * Download E<rchevron>
+
+=item * Installation
+
+=item * Running
+
+=back
+
+=item * Extensions
+
+=over
+
+=item * FFI Library
+
+=over
+
+=item * FFI Tutorial
+
+=item * ffi.* API
+
+=item * FFI Semantics
+
+=back
+
+=item * jit.* Library
+
+=item * Lua/C API
+
+=item * Profiler
+
+=back
+
+=item * Status
+
+=over
+
+=item * Changes
+
+=back
+
+=item * FAQ
+
+=item * Performance E<rchevron>
+
+=item * Wiki E<rchevron>
+
+=item * Mailing List E<rchevron>
+
+=back
+
+LuaJIT 2.0 is the current stable branch. This branch is in
+feature-freeze E<mdash> new features will only be added to LuaJIT 2.1.
+
+=head2 Current Status
+
+LuaJIT ought to run all Lua 5.1-compatible source code just fine. It's
+considered a serious bug if the VM crashes or produces unexpected
+results E<mdash> please report this.
+
+Known incompatibilities and issues in LuaJIT 2.0:
+
+=over
+
+=item * There are some differences in B<implementation-defined>
+behavior. These either have a good reason, are arbitrary design choices
+or are due to quirks in the VM. The latter cases may get fixed if a
+demonstrable need is shown.
+
+=item * The Lua B<debug API> is missing a couple of features (return
+hooks for non-Lua functions) and shows slightly different behavior in
+LuaJIT (no per-coroutine hooks, no tail call counting).
+
+=item * Currently some B<out-of-memory> errors from B<on-trace code>
+are not handled correctly. The error may fall through an on-trace
+C<pcall> or it may be passed on to the function set with C<lua_atpanic>
+on x64. This issue will be fixed with the new garbage collector.
+
+=item * LuaJIT on 64 bit systems provides a B<limited range> of 47 bits
+for the B<legacy C<lightuserdata>> data type. This is only relevant on
+x64 systems which use the negative part of the virtual address space in
+user mode, e.g. Solaris/x64, and on ARM64 systems configured with a 48
+bit or 52 bit VA. Avoid using C<lightuserdata> to hold pointers that
+may point outside of that range, e.g. variables on the stack. In
+general, avoid this data type for new code and replace it with (much
+more performant) FFI bindings. FFI cdata pointers can address the full
+64 bit range.
+
+=back
+
+----
+
+Copyright E<copy> 2005-2017 Mike Pall E<middot> Contact
+
+=cut
+
+#Pod::HTML2Pod conversion notes:
+#From file status.html
+# 3931 bytes of input
+#Mon May 14 13:19:16 2018 agentzh
+# No a_name switch not specified, so will not try to render <a name='...'>
+# No a_href switch not specified, so will not try to render <a href='...'>
--- a/doc/README-win32.md
+++ b/doc/README-win32.md
@ -1,182 +1 @@
-Name
-====
-
-README-win32 - README for the Windows 32-bit build of OpenResty
-
-Description
-===========
-
-The binary distributions of OpenResty can be downloaded from the following web page:
-
-https://openresty.org/#Download
-
-To start the NGINX server of the nginx server of the Win32 binary distribution of OpenResty:
-
-```bash
-start nginx
-```
-
-You can also specify the `-p PATH/` option to override the default server prefix, as in
-
-```bash
-cd /path/to/my/openresty/app/
-start nginx -p $PWD
-```
-
-Then you can use the `tasklist` command to check the nginx processes running in the background:
-
-```console
-C:\> tasklist /fi "imagename eq nginx.exe"
-
-Image Name                     PID Session Name        Session#    Mem Usage
-========================= ======== ================ =========== ============
-nginx.exe                     4616 Console                    1      7,412 K
-nginx.exe                     5836 Console                    1      7,800 K
-
-```
-
-One of the two processes is the master process while the other is the worker.
-
-If you are using the MSYS bash instead of the `cmd.exe` console, then you should replace the `/fi` option
-with `-fi` in the command above instead.
-
-You can quickly shut down the server like this:
-
-```bash
-nginx -s stop
-```
-
-or gracefully shut it down like this:
-
-```bash
-nginx -s quit
-```
-
-You can also forcibly kill the nginx processes via their PIDs with `taskkill`, as in
-
-```console
-C:\> taskkill /pid 5488 /F
-```
-
-where the PID (5488 in this example) can be found via the aforementioned `tasklist` command.
-
-Again, you should use the form `-pid` and `-F` for the options if you are in an MSYS bash
-session.
-
-Similarly, you can use the `nginx -s reload` command to reload nginx configurations without
-stopping the server. And you can use `nginx -s reopen` to instruct nginx to re-open
-all the log files.
-
-You can run the `resty` script like this:
-
-```console
-C:\> resty -e "ngx.say('Hello, OpenResty!')"
-Hello, OpenResty!
-```
-
-The `resty` command-line utility requires a Perl interpreter installed in your
-system and visible to your PATH environment. Any perl distributions should
-work, including StrawberryPerl, ActivePerl, and MSYS perl (the former two are
-recommended though).
-
-Debugging
-=========
-
-Debug symbosl are enabled even in release builds. So that when things go very wrong,
-one can still debug things with tools like MSYS GDB.
-
-Inclusion of debug symbols make the binary files (`.exe` and `.dll` files) much larger,
-but it generally will not load into memory during normal execution on a modern operating
-system.
-
-Caveats
-=======
-
-The Win32 port of the NGINX core supports the good old `select` IO multiplexing mechanism
-only.
-The I/O Completion Ports (IOCP) feature is *not* supported (yet). So do not use this build
-for production environments with very high concurrency levels.
-
-This Win32 build of OpenResty is mainly for developers who want to develop their applications
-in native Windows environment (though they eventually push the finished work onto a Linux or *BSD box, most of the time).
-
-TODO
-====
-
-* Add support for more than one NGINX worker processes.
-* Add support for concurrent connections more than 1024.
-* Switch to the Microsoft Visual Studio compiler toolchain for better performance and easier binary
-package redistribution.
-* Bundle StrawberryPerl to make command-line utilities like `resty` work out of the box (without
-manually installing a Perl).
-* Deliver an alternative Win32 binary package built with best debuggin capabilities (like enabling
-NGINX debugging logs, disabling C compiler optimizations, and enabling all the assertions and checks).
-* Deliver binary packages for 64-bit Windows (Win64).
-
-Details About The Building Process
-==================================
-
-Usually you do not need to worry about how the Win32 binaries were built on the maintainers''
-side. But if you do, please read on.
-
-The Win32 build of OpenResty is currently built via the MinGW/MSYS toolchain, including
-MinGW gcc 4.8.1, MSYS perl, MSYS bash, MSYS make, and etc. Basically, it is currently built via
- the following cmmands:
-
-```bash
-mkdir -p objs/lib || exit 1
-cd objs/lib || exit 1
-ls ../../..
-tar -xf ../../../openssl-1.0.2d.tar.gz
-tar -xf ../../../zlib-1.2.8.tar.gz
-tar -xf ../../../pcre-8.37.tar.gz
-cd ../..
-./configure --with-cc=gcc \
-    --prefix= \
-    --with-cc-opt='-DFD_SETSIZE=1024' \
-    --with-select_module \
-    --with-ipv6 \
-    --sbin-path=nginx.exe \
-    --with-pcre-jit \
-    --with-luajit-xcflags="-DLUAJIT_NUMMODE=2 -DLUAJIT_ENABLE_LUA52COMPAT" \
-    --with-pcre=objs/lib/pcre-8.37 \
-    --with-zlib=objs/lib/zlib-1.2.8 \
-    --with-openssl=objs/lib/openssl-1.0.2d \
-    -j5
-make
-make install
-```
-
-where the dependency library source tarballs for OpenSSL, Zlib, and PCRE are downloaded
-from their official sites, respectively.
-
-We automate these commands in a dedicated shell script named [build-win32.sh](https://github.com/openresty/openresty/blob/master/util/build-win32.sh).
-
-Furthermore, we automate the packaging process of the resulting binaries and supporting files
-with this [package-win32.sh](https://github.com/openresty/openresty/blob/master/util/package-win32.sh)
-script.
-
-Usually you can just download and use the binary distribution of OpenResty without
-installing the build toolchain.
-
-Author
-======
-
-Yichun "agentzh" Zhang <agentzh@gmail.com>, CloudFlare Inc.
-
-Copyright & License
-===================
-
-This module is licensed under the BSD license.
-
-Copyright (C) 2015, by Yichun "agentzh" Zhang (章亦春) <agentzh@gmail.com>, CloudFlare Inc.
-
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
-
-* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
-
-* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+See [README-windows](./README-windows.md).
--- a/doc/README-windows.md
+++ b/doc/README-windows.md
@ -0,0 +1,238 @@
+Name
+====
+
+README-windows - README for the official 32-bit and 64-bit Windows builds of OpenResty
+
+Table of Contents
+=================
+
+* [Name](#name)
+* [Description](#description)
+* [Debugging](#debugging)
+* [Caveats](#caveats)
+* [TODO](#todo)
+* [Details About The Building Process](#details-about-the-building-process)
+* [Author](#author)
+* [Copyright & License](#copyright--license)
+
+Description
+===========
+
+The official binary Win32 and Win64 distributions of OpenResty can be downloaded from the following web page:
+
+https://openresty.org/en/download.html
+
+To start the NGINX server of the nginx server of the Win32 binary distribution of OpenResty:
+
+```bash
+start nginx
+```
+
+You can also specify the `-p PATH/` option to override the default server prefix, as in
+
+```bash
+cd /path/to/my/openresty/app/
+start nginx -p $PWD
+```
+
+Then you can use the `tasklist` command to check the nginx processes running in the background:
+
+```console
+C:\> tasklist /fi "imagename eq nginx.exe"
+
+Image Name                     PID Session Name        Session#    Mem Usage
+========================= ======== ================ =========== ============
+nginx.exe                     4616 Console                    1      7,412 K
+nginx.exe                     5836 Console                    1      7,800 K
+
+```
+
+One of the two processes is the master process while the other is the worker.
+
+If you are using the MSYS2 bash instead of the `cmd.exe` console, then you should replace the `/fi` option
+with `-fi` in the command above instead.
+
+You can quickly shut down the server like this:
+
+```bash
+nginx -s stop
+```
+
+or gracefully shut it down like this:
+
+```bash
+nginx -s quit
+```
+
+You can also forcibly kill the nginx processes via their PIDs with `taskkill`, as in
+
+```console
+C:\> taskkill /pid 5488 /F
+```
+
+where the PID (5488 in this example) can be found via the aforementioned `tasklist` command.
+
+Again, you should use the form `-pid` and `-F` for the options if you are in an MSYS2 bash
+session.
+
+Similarly, you can use the `nginx -s reload` command to reload nginx configurations without
+stopping the server. And you can use `nginx -s reopen` to instruct nginx to re-open
+all the log files.
+
+You can run the `resty` script like this:
+
+```console
+C:\> resty -e "ngx.say('Hello, OpenResty!')"
+Hello, OpenResty!
+```
+
+The `resty` command-line utility requires a Perl interpreter installed in your
+system and visible to your PATH environment. Any perl distributions should
+work, including StrawberryPerl, ActivePerl, and MSYS2 perl.
+recommended though).
+
+Debugging
+=========
+
+Debug symbols are enabled even in release builds. So that when things go very wrong,
+one can still debug things with tools like MSYS2 GDB.
+
+Inclusion of debug symbols make the binary files (`.exe` and `.dll` files) much larger,
+but it generally will not load into memory during normal execution on a modern operating
+system.
+
+Caveats
+=======
+
+The Win32/Win64 port of the NGINX core supports the good old `select` IO multiplexing mechanism
+only.
+The I/O Completion Ports (IOCP) feature is *not* supported (yet). So do not use this build
+for production environments with very high concurrency levels.
+
+This Win32/Win64 build of OpenResty is mainly for developers who want to develop their applications
+in native Windows environment (though they eventually push the finished work onto a Linux or *BSD box, most of the time).
+
+[Back to TOC](#table-of-contents)
+
+TODO
+====
+
+* Add support for more than one NGINX worker processes.
+* Add support for concurrent connections more than 1024.
+* Switch to the Microsoft Visual Studio compiler toolchain for better performance and easier binary
+package redistribution.
+* Bundle StrawberryPerl to make command-line utilities like `resty` work out of the box (without
+manually installing a Perl).
+* Deliver an alternative Win32/Win64 binary package built with best debugging capabilities (like enabling
+NGINX debugging logs, disabling C compiler optimizations, and enabling all the assertions and checks).
+
+[Back to TOC](#table-of-contents)
+
+Details About The Building Process
+==================================
+
+Usually you do not need to worry about how the Win32/Win64 binaries were built on the maintainers''
+side. But if you do, please read on.
+
+The Win32/Win64 build of OpenResty is currently built via the MSYS2/MinGW toolchain, including
+MinGW gcc 7.2.3, MSYS2 perl 5.24.4, MSYS2 bash, MSYS2 make, and etc. Basically, it is currently built via
+ the following commands:
+
+```bash
+PCRE=pcre-8.42
+ZLIB=zlib-1.2.11
+OPENSSL=openssl-1.1.0h
+
+mkdir -p objs/lib || exit 1
+cd objs/lib || exit 1
+ls ../../..
+tar -xf ../../../$OPENSSL.tar.gz || exit 1
+tar -xf ../../../$ZLIB.tar.gz || exit 1
+tar -xf ../../../$PCRE.tar.gz || exit 1
+cd ../..
+
+cd objs/lib/$OPENSSL || exit 1
+patch -p1 < ../../../patches/openssl-1.1.0d-sess_set_get_cb_yield.patch || exit 1
+cd ../../..
+
+./configure \
+    --with-cc=gcc \
+    --with-ipv6 \
+    --prefix= \
+    --with-cc-opt='-DFD_SETSIZE=1024' \
+    --sbin-path=nginx.exe \
+    --with-pcre-jit \
+    --without-http_rds_json_module \
+    --without-http_rds_csv_module \
+    --without-lua_rds_parser \
+    --with-ipv6 \
+    --with-stream \
+    --with-stream_ssl_module \
+    --with-stream_ssl_preread_module \
+    --with-http_v2_module \
+    --without-mail_pop3_module \
+    --without-mail_imap_module \
+    --without-mail_smtp_module \
+    --with-http_stub_status_module \
+    --with-http_realip_module \
+    --with-http_addition_module \
+    --with-http_auth_request_module \
+    --with-http_secure_link_module \
+    --with-http_random_index_module \
+    --with-http_gzip_static_module \
+    --with-http_sub_module \
+    --with-http_dav_module \
+    --with-http_flv_module \
+    --with-http_mp4_module \
+    --with-http_gunzip_module \
+    --with-select_module \
+    --with-luajit-xcflags="-DLUAJIT_NUMMODE=2 -DLUAJIT_ENABLE_LUA52COMPAT" \
+    --with-pcre=objs/lib/$PCRE \
+    --with-zlib=objs/lib/$ZLIB \
+    --with-openssl=objs/lib/$OPENSSL \
+    -j9 || exit 1
+
+make -j9
+make install
+```
+
+where the dependency library source tarballs for OpenSSL, Zlib, and PCRE are downloaded
+from their official sites, respectively.
+
+We automate these commands in a dedicated shell script named [build-win32.sh](https://github.com/openresty/openresty/blob/master/util/build-win32.sh).
+
+Furthermore, we automate the packaging process of the resulting binaries and supporting files
+with this [package-win32.sh](https://github.com/openresty/openresty/blob/master/util/package-win32.sh)
+script.
+
+Usually you can just download and use the binary distribution of OpenResty without
+installing the build toolchain.
+
+[Back to TOC](#table-of-contents)
+
+Author
+======
+
+Yichun "agentzh" Zhang <agentzh@gmail.com>, OpenResty Inc.
+
+[Back to TOC](#table-of-contents)
+
+Copyright & License
+===================
+
+This module is licensed under the BSD license.
+
+Copyright (C) 2015-2019, by Yichun "agentzh" Zhang (章亦春) <agentzh@gmail.com>, OpenResty Inc.
+
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+[Back to TOC](#table-of-contents)
+
--- a/doc/lua-5.1.5/README.pod
+++ b/doc/lua-5.1.5/README.pod
--- a/html/50x.html
+++ b/html/50x.html
--- a/html/index.html
+++ b/html/index.html
--- a/misc/unwind-generic.h
+++ b/misc/unwind-generic.h
@ -1,241 +0,0 @@
-/* Exception handling and frame unwind runtime interface routines.
-   Copyright (C) 2001, 2003, 2004, 2006 Free Software Foundation, Inc.
-
-   This file is part of GCC.
-
-   GCC is free software; you can redistribute it and/or modify it
-   under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 2, or (at your option)
-   any later version.
-
-   GCC is distributed in the hope that it will be useful, but WITHOUT
-   ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-   or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
-   License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with GCC; see the file COPYING.  If not, write to the Free
-   Software Foundation, 51 Franklin Street, Fifth Floor, Boston, MA
-   02110-1301, USA.  */
-
-/* As a special exception, if you include this header file into source
-   files compiled by GCC, this header file does not by itself cause
-   the resulting executable to be covered by the GNU General Public
-   License.  This exception does not however invalidate any other
-   reasons why the executable file might be covered by the GNU General
-   Public License.  */
-
-/* This is derived from the C++ ABI for IA-64.  Where we diverge
-   for cross-architecture compatibility are noted with "@@@".  */
-
-#ifndef _UNWIND_H
-#define _UNWIND_H
-
-#ifndef HIDE_EXPORTS
-#pragma GCC visibility push(default)
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Level 1: Base ABI  */
-
-/* @@@ The IA-64 ABI uses uint64 throughout.  Most places this is
-   inefficient for 32-bit and smaller machines.  */
-typedef unsigned _Unwind_Word __attribute__((__mode__(__word__)));
-typedef signed _Unwind_Sword __attribute__((__mode__(__word__)));
-#if defined(__ia64__) && defined(__hpux__)
-typedef unsigned _Unwind_Ptr __attribute__((__mode__(__word__)));
-#else
-typedef unsigned _Unwind_Ptr __attribute__((__mode__(__pointer__)));
-#endif
-typedef unsigned _Unwind_Internal_Ptr __attribute__((__mode__(__pointer__)));
-
-/* @@@ The IA-64 ABI uses a 64-bit word to identify the producer and
-   consumer of an exception.  We'll go along with this for now even on
-   32-bit machines.  We'll need to provide some other option for
-   16-bit machines and for machines with > 8 bits per byte.  */
-typedef unsigned _Unwind_Exception_Class __attribute__((__mode__(__DI__)));
-
-/* The unwind interface uses reason codes in several contexts to
-   identify the reasons for failures or other actions.  */
-typedef enum
-{
-  _URC_NO_REASON = 0,
-  _URC_FOREIGN_EXCEPTION_CAUGHT = 1,
-  _URC_FATAL_PHASE2_ERROR = 2,
-  _URC_FATAL_PHASE1_ERROR = 3,
-  _URC_NORMAL_STOP = 4,
-  _URC_END_OF_STACK = 5,
-  _URC_HANDLER_FOUND = 6,
-  _URC_INSTALL_CONTEXT = 7,
-  _URC_CONTINUE_UNWIND = 8
-} _Unwind_Reason_Code;
-
-
-/* The unwind interface uses a pointer to an exception header object
-   as its representation of an exception being thrown. In general, the
-   full representation of an exception object is language- and
-   implementation-specific, but it will be prefixed by a header
-   understood by the unwind interface.  */
-
-struct _Unwind_Exception;
-
-typedef void (*_Unwind_Exception_Cleanup_Fn) (_Unwind_Reason_Code,
-					      struct _Unwind_Exception *);
-
-struct _Unwind_Exception
-{
-  _Unwind_Exception_Class exception_class;
-  _Unwind_Exception_Cleanup_Fn exception_cleanup;
-  _Unwind_Word private_1;
-  _Unwind_Word private_2;
-
-  /* @@@ The IA-64 ABI says that this structure must be double-word aligned.
-     Taking that literally does not make much sense generically.  Instead we
-     provide the maximum alignment required by any type for the machine.  */
-} __attribute__((__aligned__));
-
-
-/* The ACTIONS argument to the personality routine is a bitwise OR of one
-   or more of the following constants.  */
-typedef int _Unwind_Action;
-
-#define _UA_SEARCH_PHASE	1
-#define _UA_CLEANUP_PHASE	2
-#define _UA_HANDLER_FRAME	4
-#define _UA_FORCE_UNWIND	8
-#define _UA_END_OF_STACK	16
-
-/* This is an opaque type used to refer to a system-specific data
-   structure used by the system unwinder. This context is created and
-   destroyed by the system, and passed to the personality routine
-   during unwinding.  */
-struct _Unwind_Context;
-
-/* Raise an exception, passing along the given exception object.  */
-extern _Unwind_Reason_Code _Unwind_RaiseException (struct _Unwind_Exception *);
-
-/* Raise an exception for forced unwinding.  */
-
-typedef _Unwind_Reason_Code (*_Unwind_Stop_Fn)
-     (int, _Unwind_Action, _Unwind_Exception_Class,
-      struct _Unwind_Exception *, struct _Unwind_Context *, void *);
-
-extern _Unwind_Reason_Code _Unwind_ForcedUnwind (struct _Unwind_Exception *,
-						 _Unwind_Stop_Fn,
-						 void *);
-
-/* Helper to invoke the exception_cleanup routine.  */
-extern void _Unwind_DeleteException (struct _Unwind_Exception *);
-
-/* Resume propagation of an existing exception.  This is used after
-   e.g. executing cleanup code, and not to implement rethrowing.  */
-extern void _Unwind_Resume (struct _Unwind_Exception *);
-
-/* @@@ Resume propagation of an FORCE_UNWIND exception, or to rethrow
-   a normal exception that was handled.  */
-extern _Unwind_Reason_Code _Unwind_Resume_or_Rethrow (struct _Unwind_Exception *);
-
-/* @@@ Use unwind data to perform a stack backtrace.  The trace callback
-   is called for every stack frame in the call chain, but no cleanup
-   actions are performed.  */
-typedef _Unwind_Reason_Code (*_Unwind_Trace_Fn)
-     (struct _Unwind_Context *, void *);
-
-extern _Unwind_Reason_Code _Unwind_Backtrace (_Unwind_Trace_Fn, void *);
-
-/* These functions are used for communicating information about the unwind
-   context (i.e. the unwind descriptors and the user register state) between
-   the unwind library and the personality routine and landing pad.  Only
-   selected registers maybe manipulated.  */
-
-extern _Unwind_Word _Unwind_GetGR (struct _Unwind_Context *, int);
-extern void _Unwind_SetGR (struct _Unwind_Context *, int, _Unwind_Word);
-
-extern _Unwind_Ptr _Unwind_GetIP (struct _Unwind_Context *);
-extern _Unwind_Ptr _Unwind_GetIPInfo (struct _Unwind_Context *, int *);
-extern void _Unwind_SetIP (struct _Unwind_Context *, _Unwind_Ptr);
-
-/* @@@ Retrieve the CFA of the given context.  */
-extern _Unwind_Word _Unwind_GetCFA (struct _Unwind_Context *);
-
-extern void *_Unwind_GetLanguageSpecificData (struct _Unwind_Context *);
-
-extern _Unwind_Ptr _Unwind_GetRegionStart (struct _Unwind_Context *);
-
-
-/* The personality routine is the function in the C++ (or other language)
-   runtime library which serves as an interface between the system unwind
-   library and language-specific exception handling semantics.  It is
-   specific to the code fragment described by an unwind info block, and
-   it is always referenced via the pointer in the unwind info block, and
-   hence it has no ABI-specified name.
-
-   Note that this implies that two different C++ implementations can
-   use different names, and have different contents in the language
-   specific data area.  Moreover, that the language specific data
-   area contains no version info because name of the function invoked
-   provides more effective versioning by detecting at link time the
-   lack of code to handle the different data format.  */
-
-typedef _Unwind_Reason_Code (*_Unwind_Personality_Fn)
-     (int, _Unwind_Action, _Unwind_Exception_Class,
-      struct _Unwind_Exception *, struct _Unwind_Context *);
-
-/* @@@ The following alternate entry points are for setjmp/longjmp
-   based unwinding.  */
-
-struct SjLj_Function_Context;
-extern void _Unwind_SjLj_Register (struct SjLj_Function_Context *);
-extern void _Unwind_SjLj_Unregister (struct SjLj_Function_Context *);
-
-extern _Unwind_Reason_Code _Unwind_SjLj_RaiseException
-     (struct _Unwind_Exception *);
-extern _Unwind_Reason_Code _Unwind_SjLj_ForcedUnwind
-     (struct _Unwind_Exception *, _Unwind_Stop_Fn, void *);
-extern void _Unwind_SjLj_Resume (struct _Unwind_Exception *);
-extern _Unwind_Reason_Code _Unwind_SjLj_Resume_or_Rethrow (struct _Unwind_Exception *);
-
-/* @@@ The following provide access to the base addresses for text
-   and data-relative addressing in the LDSA.  In order to stay link
-   compatible with the standard ABI for IA-64, we inline these.  */
-
-#ifdef __ia64__
-#include <stdlib.h>
-
-static inline _Unwind_Ptr
-_Unwind_GetDataRelBase (struct _Unwind_Context *_C)
-{
-  /* The GP is stored in R1.  */
-  return _Unwind_GetGR (_C, 1);
-}
-
-static inline _Unwind_Ptr
-_Unwind_GetTextRelBase (struct _Unwind_Context *_C __attribute__ ((__unused__)))
-{
-  abort ();
-  return 0;
-}
-
-/* @@@ Retrieve the Backing Store Pointer of the given context.  */
-extern _Unwind_Word _Unwind_GetBSP (struct _Unwind_Context *);
-#else
-extern _Unwind_Ptr _Unwind_GetDataRelBase (struct _Unwind_Context *);
-extern _Unwind_Ptr _Unwind_GetTextRelBase (struct _Unwind_Context *);
-#endif
-
-/* @@@ Given an address, return the entry point of the function that
-   contains it.  */
-extern void * _Unwind_FindEnclosingFunction (void *pc);
-
-#ifdef __cplusplus
-}
-#endif
-
-#ifndef HIDE_EXPORTS
-#pragma GCC visibility pop
-#endif
-
-#endif /* unwind.h */
--- a/patches/nginx-1.11.2-always_enable_cc_feature_tests.patch
+++ b/patches/nginx-1.11.2-always_enable_cc_feature_tests.patch
@ -0,0 +1,11 @@
+--- nginx-1.11.2/auto/cc/conf	2015-10-30 22:47:50.000000000 +0800
+++ nginx-1.11.2-patched/auto/cc/conf	2015-11-02 12:23:05.385156987 +0800
+@@ -136,7 +136,7 @@ fi
+ CFLAGS="$CFLAGS $NGX_CC_OPT"
+ NGX_TEST_LD_OPT="$NGX_LD_OPT"
+ 
+-if [ "$NGX_PLATFORM" != win32 ]; then
+if [ 1 ]; then
+ 
+     if test -n "$NGX_LD_OPT"; then
+         ngx_feature=--with-ld-opt=\"$NGX_LD_OPT\"
--- a/patches/nginx-1.11.2-balancer_status_code.patch
+++ b/patches/nginx-1.11.2-balancer_status_code.patch
@ -0,0 +1,27 @@
+diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c
+index 0f6b3ae..56d44fc 100644
+--- a/src/http/ngx_http_upstream.c
+++ b/src/http/ngx_http_upstream.c
+@@ -1368,6 +1368,11 @@ ngx_http_upstream_connect(ngx_http_request_t *r, ngx_http_upstream_t *u)
+         return;
+     }
+ 
+    if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
+        ngx_http_upstream_finalize_request(r, u, rc);
+        return;
+    }
+
+     u->state->peer = u->peer.name;
+ 
+     if (rc == NGX_BUSY) {
+diff --git a/src/http/ngx_http_upstream.h b/src/http/ngx_http_upstream.h
+index b288f28..9b60e12 100644
+--- a/src/http/ngx_http_upstream.h
+++ b/src/http/ngx_http_upstream.h
+@@ -418,5 +418,6 @@ extern ngx_module_t        ngx_http_upstream_module;
+ extern ngx_conf_bitmask_t  ngx_http_upstream_cache_method_mask[];
+ extern ngx_conf_bitmask_t  ngx_http_upstream_ignore_headers_masks[];
+ 
+#define HAVE_BALANCER_STATUS_CODE_PATCH
+ 
+ #endif /* _NGX_HTTP_UPSTREAM_H_INCLUDED_ */
--- a/patches/nginx-1.11.2-builtin_error_page_footer.patch
+++ b/patches/nginx-1.11.2-builtin_error_page_footer.patch
@ -0,0 +1,13 @@
+diff --git a/src/http/ngx_http_special_response.c b/src/http/ngx_http_special_response.c
+index 64e5acd..f5374f6 100644
+--- a/src/http/ngx_http_special_response.c
+++ b/src/http/ngx_http_special_response.c
+@@ -26,7 +26,7 @@ static u_char ngx_http_error_full_tail[] =
+ 
+ 
+ static u_char ngx_http_error_tail[] =
+-"<hr><center>nginx</center>" CRLF
+"<hr><center>openresty</center>" CRLF
+ "</body>" CRLF
+ "</html>" CRLF
+ ;
--- a/patches/nginx-1.11.2-cache_manager_exit.patch
+++ b/patches/nginx-1.11.2-cache_manager_exit.patch
@ -0,0 +1,19 @@
+# HG changeset patch
+# User Yichun Zhang <agentzh@gmail.com>
+# Date 1383598130 28800
+# Node ID f64218e1ac963337d84092536f588b8e0d99bbaa
+# Parent  dea321e5c0216efccbb23e84bbce7cf3e28f130c
+Cache: gracefully exit the cache manager process.
+
+diff -r dea321e5c021 -r f64218e1ac96 src/os/unix/ngx_process_cycle.c
+--- a/src/os/unix/ngx_process_cycle.c	Thu Oct 31 18:23:49 2013 +0400
+++ b/src/os/unix/ngx_process_cycle.c	Mon Nov 04 12:48:50 2013 -0800
+@@ -1335,7 +1335,7 @@
+ 
+         if (ngx_terminate || ngx_quit) {
+             ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "exiting");
+-            exit(0);
+            ngx_worker_process_exit(cycle);
+         }
+ 
+         if (ngx_reopen) {
--- a/patches/nginx-1.11.2-delayed_posted_events.patch
+++ b/patches/nginx-1.11.2-delayed_posted_events.patch
@ -0,0 +1,98 @@
+diff --git a/src/event/ngx_event.c b/src/event/ngx_event.c
+index 57af8132..4853945f 100644
+--- a/src/event/ngx_event.c
+++ b/src/event/ngx_event.c
+@@ -196,6 +196,9 @@ ngx_process_events_and_timers(ngx_cycle_t *cycle)
+     ngx_uint_t  flags;
+     ngx_msec_t  timer, delta;
+ 
+    ngx_queue_t     *q;
+    ngx_event_t     *ev;
+
+     if (ngx_timer_resolution) {
+         timer = NGX_TIMER_INFINITE;
+         flags = 0;
+@@ -215,6 +218,13 @@ ngx_process_events_and_timers(ngx_cycle_t *cycle)
+ #endif
+     }
+ 
+    if (!ngx_queue_empty(&ngx_posted_delayed_events)) {
+        ngx_log_debug0(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
+                       "posted delayed event queue not empty"
+                       " making poll timeout 0");
+        timer = 0;
+    }
+
+     if (ngx_use_accept_mutex) {
+         if (ngx_accept_disabled > 0) {
+             ngx_accept_disabled--;
+@@ -257,6 +267,35 @@ ngx_process_events_and_timers(ngx_cycle_t *cycle)
+     }
+ 
+     ngx_event_process_posted(cycle, &ngx_posted_events);
+
+    while (!ngx_queue_empty(&ngx_posted_delayed_events)) {
+        q = ngx_queue_head(&ngx_posted_delayed_events);
+
+        ev = ngx_queue_data(q, ngx_event_t, queue);
+        if (ev->delayed) {
+            /* start of newly inserted nodes */
+            for (/* void */;
+                 q != ngx_queue_sentinel(&ngx_posted_delayed_events);
+                 q = ngx_queue_next(q))
+            {
+                ev = ngx_queue_data(q, ngx_event_t, queue);
+                ev->delayed = 0;
+
+                ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
+                               "skipping delayed posted event %p,"
+                               " till next iteration", ev);
+            }
+
+            break;
+        }
+
+        ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
+                       "delayed posted event %p", ev);
+
+        ngx_delete_posted_event(ev);
+
+        ev->handler(ev);
+    }
+ }
+ 
+ 
+@@ -600,6 +639,7 @@ ngx_event_process_init(ngx_cycle_t *cycle)
+ 
+     ngx_queue_init(&ngx_posted_accept_events);
+     ngx_queue_init(&ngx_posted_events);
+    ngx_queue_init(&ngx_posted_delayed_events);
+ 
+     if (ngx_event_timer_init(cycle->log) == NGX_ERROR) {
+         return NGX_ERROR;
+diff --git a/src/event/ngx_event_posted.c b/src/event/ngx_event_posted.c
+index d851f3d1..b6cea009 100644
+--- a/src/event/ngx_event_posted.c
+++ b/src/event/ngx_event_posted.c
+@@ -12,6 +12,7 @@
+ 
+ ngx_queue_t  ngx_posted_accept_events;
+ ngx_queue_t  ngx_posted_events;
+ngx_queue_t  ngx_posted_delayed_events;
+ 
+ 
+ void
+diff --git a/src/event/ngx_event_posted.h b/src/event/ngx_event_posted.h
+index 145d30fe..6c388553 100644
+--- a/src/event/ngx_event_posted.h
+++ b/src/event/ngx_event_posted.h
+@@ -43,6 +43,9 @@ void ngx_event_process_posted(ngx_cycle_t *cycle, ngx_queue_t *posted);
+ 
+ extern ngx_queue_t  ngx_posted_accept_events;
+ extern ngx_queue_t  ngx_posted_events;
+extern ngx_queue_t  ngx_posted_delayed_events;
+
+#define HAVE_POSTED_DELAYED_EVENTS_PATCH
+ 
+ 
+ #endif /* _NGX_EVENT_POSTED_H_INCLUDED_ */
--- a/patches/nginx-1.11.2-dtrace.patch
+++ b/patches/nginx-1.11.2-dtrace.patch
--- a/patches/nginx-1.11.2-gcc-maybe-uninitialized-warning.patch
+++ b/patches/nginx-1.11.2-gcc-maybe-uninitialized-warning.patch
@ -0,0 +1,11 @@
+--- nginx-1.11.2/src/http/ngx_http_request.c	2013-05-06 03:26:50.000000000 -0700
+++ nginx-1.11.2-patched/src/http/ngx_http_request.c	2013-06-11 12:59:48.008321688 -0700
+@@ -1951,7 +1951,7 @@
+     ngx_int_t                  rc;
+     ngx_http_connection_t     *hc;
+     ngx_http_core_loc_conf_t  *clcf;
+-    ngx_http_core_srv_conf_t  *cscf;
+    ngx_http_core_srv_conf_t  *cscf = NULL;
+ 
+     hc = r->http_connection;
+ 
--- a/patches/nginx-1.11.2-hash_overflow.patch
+++ b/patches/nginx-1.11.2-hash_overflow.patch
@ -0,0 +1,20 @@
+# HG changeset patch
+# User Yichun Zhang <agentzh@gmail.com>
+# Date 1412276417 25200
+#      Thu Oct 02 12:00:17 2014 -0700
+# Node ID 4032b992f23b054c1a2cfb0be879330d2c6708e5
+# Parent  1ff0f68d9376e3d184d65814a6372856bf65cfcd
+Hash: buffer overflow might happen when exceeding the pre-configured limits.
+
+diff -r 1ff0f68d9376 -r 4032b992f23b src/core/ngx_hash.c
+--- a/src/core/ngx_hash.c	Tue Sep 30 15:50:28 2014 -0700
+++ b/src/core/ngx_hash.c	Thu Oct 02 12:00:17 2014 -0700
+@@ -312,6 +312,8 @@ ngx_hash_init(ngx_hash_init_t *hinit, ng
+         continue;
+     }
+ 
+    size--;
+
+     ngx_log_error(NGX_LOG_WARN, hinit->pool->log, 0,
+                   "could not build optimal %s, you should increase "
+                   "either %s_max_size: %i or %s_bucket_size: %i; "
--- a/patches/nginx-1.11.2-intercept_error_log.patch
+++ b/patches/nginx-1.11.2-intercept_error_log.patch
@ -0,0 +1,60 @@
+diff --git a/src/core/ngx_cycle.h b/src/core/ngx_cycle.h
+index c51b7ff..4c335b9 100644
+--- a/src/core/ngx_cycle.h
+++ b/src/core/ngx_cycle.h
+@@ -22,9 +22,14 @@
+ #define NGX_DEBUG_POINTS_ABORT  2
+ 
+ 
+#define HAVE_INTERCEPT_ERROR_LOG_PATCH
+
+
+ typedef struct ngx_shm_zone_s  ngx_shm_zone_t;
+ 
+ typedef ngx_int_t (*ngx_shm_zone_init_pt) (ngx_shm_zone_t *zone, void *data);
+typedef ngx_int_t (*ngx_log_intercept_pt) (ngx_log_t *log, ngx_uint_t level,
+    u_char *buf, size_t len);
+ 
+ struct ngx_shm_zone_s {
+     void                     *data;
+@@ -75,6 +80,10 @@ struct ngx_cycle_s {
+     ngx_str_t                 prefix;
+     ngx_str_t                 lock_file;
+     ngx_str_t                 hostname;
+
+    ngx_log_intercept_pt      intercept_error_log_handler;
+    void                     *intercept_error_log_data;
+    unsigned                  entered_logger;    /* :1 */
+ };
+ 
+ 
+diff --git a/src/core/ngx_log.c b/src/core/ngx_log.c
+index 8e9408d..ed9b11b 100644
+--- a/src/core/ngx_log.c
+++ b/src/core/ngx_log.c
+@@ -112,6 +112,8 @@ ngx_log_error_core(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
+     ngx_uint_t   wrote_stderr, debug_connection;
+     u_char       errstr[NGX_MAX_ERROR_STR];
+ 
+    ngx_log_intercept_pt    log_intercept = NULL;
+
+     last = errstr + NGX_MAX_ERROR_STR;
+ 
+     p = ngx_cpymem(errstr, ngx_cached_err_log_time.data,
+@@ -153,6 +155,16 @@ ngx_log_error_core(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
+         p = last - NGX_LINEFEED_SIZE;
+     }
+ 
+    if (ngx_cycle) {
+        log_intercept = ngx_cycle->intercept_error_log_handler;
+    }
+
+    if (log_intercept && !ngx_cycle->entered_logger) {
+        ngx_cycle->entered_logger = 1;
+        log_intercept(log, level, errstr, p - errstr);
+        ngx_cycle->entered_logger = 0;
+    }
+
+     ngx_linefeed(p);
+ 
+     wrote_stderr = 0;
--- a/patches/nginx-1.11.2-larger_max_error_str.patch
+++ b/patches/nginx-1.11.2-larger_max_error_str.patch
@ -0,0 +1,13 @@
+--- nginx-1.11.2/src/core/ngx_log.h	2013-10-08 05:07:14.000000000 -0700
+++ nginx-1.11.2-patched/src/core/ngx_log.h	2013-12-05 20:35:35.996236720 -0800
+@@ -64,7 +64,9 @@ struct ngx_log_s {
+ };
+ 
+ 
+-#define NGX_MAX_ERROR_STR   2048
+#ifndef NGX_MAX_ERROR_STR
+#define NGX_MAX_ERROR_STR   4096
+#endif
+ 
+ 
+ /*********************************/
--- a/patches/nginx-1.11.2-log_escape_non_ascii.patch
+++ b/patches/nginx-1.11.2-log_escape_non_ascii.patch
@ -0,0 +1,115 @@
+--- nginx-1.11.2/src/http/modules/ngx_http_log_module.c	2011-11-01 21:24:50.000000000 +0800
+++ nginx-1.11.2-patched/src/http/modules/ngx_http_log_module.c	2011-11-10 16:17:29.599039534 +0800
+@@ -61,6 +61,8 @@
+     time_t                      open_file_cache_valid;
+     ngx_uint_t                  open_file_cache_min_uses;
+ 
+    ngx_flag_t                  escape_non_ascii;
+
+     ngx_uint_t                  off;        /* unsigned  off:1 */
+ } ngx_http_log_loc_conf_t;
+ 
+@@ -104,7 +106,8 @@
+     uintptr_t data);
+ static u_char *ngx_http_log_variable(ngx_http_request_t *r, u_char *buf,
+     ngx_http_log_op_t *op);
+-static uintptr_t ngx_http_log_escape(u_char *dst, u_char *src, size_t size);
+static uintptr_t ngx_http_log_escape(ngx_http_log_loc_conf_t *lcf, u_char *dst,
+    u_char *src, size_t size);
+ 
+ 
+ static void *ngx_http_log_create_main_conf(ngx_conf_t *cf);
+@@ -146,6 +149,13 @@
+       0,
+       NULL },
+ 
+    { ngx_string("log_escape_non_ascii"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_flag_slot,
+      NGX_HTTP_LOC_CONF_OFFSET,
+      offsetof(ngx_http_log_loc_conf_t, escape_non_ascii),
+      NULL },
+
+       ngx_null_command
+ };
+ 
+@@ -637,6 +647,7 @@
+ ngx_http_log_variable_getlen(ngx_http_request_t *r, uintptr_t data)
+ {
+     uintptr_t                   len;
+    ngx_http_log_loc_conf_t    *lcf;
+     ngx_http_variable_value_t  *value;
+ 
+     value = ngx_http_get_indexed_variable(r, data);
+@@ -645,7 +656,9 @@
+         return 1;
+     }
+ 
+-    len = ngx_http_log_escape(NULL, value->data, value->len);
+    lcf = ngx_http_get_module_loc_conf(r, ngx_http_log_module);
+
+    len = ngx_http_log_escape(lcf, NULL, value->data, value->len);
+ 
+     value->escape = len ? 1 : 0;
+ 
+@@ -656,6 +669,7 @@
+ static u_char *
+ ngx_http_log_variable(ngx_http_request_t *r, u_char *buf, ngx_http_log_op_t *op)
+ {
+    ngx_http_log_loc_conf_t    *lcf;
+     ngx_http_variable_value_t  *value;
+ 
+     value = ngx_http_get_indexed_variable(r, op->data);
+@@ -669,16 +683,18 @@
+         return ngx_cpymem(buf, value->data, value->len);
+ 
+     } else {
+-        return (u_char *) ngx_http_log_escape(buf, value->data, value->len);
+        lcf = ngx_http_get_module_loc_conf(r, ngx_http_log_module);
+        return (u_char *) ngx_http_log_escape(lcf, buf, value->data, value->len);
+     }
+ }
+ 
+ 
+ static uintptr_t
+-ngx_http_log_escape(u_char *dst, u_char *src, size_t size)
+ngx_http_log_escape(ngx_http_log_loc_conf_t *lcf, u_char *dst, u_char *src,
+    size_t size)
+ {
+-    ngx_uint_t      n;
+-    static u_char   hex[] = "0123456789ABCDEF";
+    ngx_uint_t                   n;
+    static u_char                hex[] = "0123456789ABCDEF";
+ 
+     static uint32_t   escape[] = {
+         0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
+@@ -698,6 +714,12 @@
+         0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
+     };
+ 
+    if (lcf->escape_non_ascii) {
+        ngx_memset(&escape[4], 0xff, sizeof(uint32_t) * 4);
+
+    } else {
+        ngx_memzero(&escape[4], sizeof(uint32_t) * 4);
+    }
+ 
+     if (dst == NULL) {
+ 
+@@ -781,6 +803,7 @@
+     }
+ 
+     conf->open_file_cache = NGX_CONF_UNSET_PTR;
+    conf->escape_non_ascii = NGX_CONF_UNSET;
+ 
+     return conf;
+ }
+@@ -796,6 +819,8 @@
+     ngx_http_log_fmt_t        *fmt;
+     ngx_http_log_main_conf_t  *lmcf;
+ 
+    ngx_conf_merge_value(conf->escape_non_ascii, prev->escape_non_ascii, 1);
+
+     if (conf->open_file_cache == NGX_CONF_UNSET_PTR) {
+ 
+         conf->open_file_cache = prev->open_file_cache;
--- a/patches/nginx-1.11.2-no_Werror.patch
+++ b/patches/nginx-1.11.2-no_Werror.patch
@ -0,0 +1,36 @@
+diff -urp nginx-1.11.2/auto/cc/clang nginx-1.11.2-patched/auto/cc/clang
+--- nginx-1.11.2/auto/cc/clang	2014-03-04 03:39:24.000000000 -0800
+++ nginx-1.11.2-patched/auto/cc/clang	2014-03-13 20:54:26.241413360 -0700
+@@ -89,7 +89,7 @@ CFLAGS="$CFLAGS -Wconditional-uninitiali
+ CFLAGS="$CFLAGS -Wno-unused-parameter"
+ 
+ # stop on warning
+-CFLAGS="$CFLAGS -Werror"
+#CFLAGS="$CFLAGS -Werror"
+ 
+ # debug
+ CFLAGS="$CFLAGS -g"
+diff -urp nginx-1.11.2/auto/cc/gcc nginx-1.11.2-patched/auto/cc/gcc
+--- nginx-1.11.2/auto/cc/gcc	2014-03-04 03:39:24.000000000 -0800
+++ nginx-1.11.2-patched/auto/cc/gcc	2014-03-13 20:54:13.301355329 -0700
+@@ -168,7 +168,7 @@ esac
+ 
+ 
+ # stop on warning
+-CFLAGS="$CFLAGS -Werror"
+#CFLAGS="$CFLAGS -Werror"
+ 
+ # debug
+ CFLAGS="$CFLAGS -g"
+diff -urp nginx-1.11.2/auto/cc/icc nginx-1.11.2-patched/auto/cc/icc
+--- nginx-1.11.2/auto/cc/icc	2014-03-04 03:39:24.000000000 -0800
+++ nginx-1.11.2-patched/auto/cc/icc	2014-03-13 20:54:13.301355329 -0700
+@@ -115,7 +115,7 @@ case "$NGX_ICC_VER" in
+ esac
+ 
+ # stop on warning
+-CFLAGS="$CFLAGS -Werror"
+#CFLAGS="$CFLAGS -Werror"
+ 
+ # debug
+ CFLAGS="$CFLAGS -g"
--- a/patches/nginx-1.11.2-no_error_pages.patch
+++ b/patches/nginx-1.11.2-no_error_pages.patch
@ -0,0 +1,90 @@
+--- nginx-1.11.2/src/http/ngx_http_core_module.c	2010-12-14 18:38:42.000000000 +0800
+++ nginx-1.11.2-patched/src/http/ngx_http_core_module.c	2011-01-30 19:24:34.956354518 +0800
+@@ -57,6 +57,8 @@
+     void *conf);
+ static char *ngx_http_core_error_page(ngx_conf_t *cf, ngx_command_t *cmd,
+     void *conf);
+static char *ngx_http_core_no_error_pages(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf);
+ static char *ngx_http_core_try_files(ngx_conf_t *cf, ngx_command_t *cmd,
+     void *conf);
+ static char *ngx_http_core_open_file_cache(ngx_conf_t *cf, ngx_command_t *cmd,
+@@ -614,6 +616,14 @@
+       0,
+       NULL },
+ 
+    { ngx_string("no_error_pages"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF
+                        |NGX_CONF_NOARGS,
+      ngx_http_core_no_error_pages,
+      NGX_HTTP_LOC_CONF_OFFSET,
+      0,
+      NULL },
+
+     { ngx_string("try_files"),
+       NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_2MORE,
+       ngx_http_core_try_files,
+@@ -3052,7 +3062,6 @@
+      *     clcf->types = NULL;
+      *     clcf->default_type = { 0, NULL };
+      *     clcf->error_log = NULL;
+-     *     clcf->error_pages = NULL;
+      *     clcf->try_files = NULL;
+      *     clcf->client_body_path = NULL;
+      *     clcf->regex = NULL;
+@@ -3062,6 +3071,7 @@
+      *     clcf->gzip_proxied = 0;
+      */
+ 
+    clcf->error_pages = NGX_CONF_UNSET_PTR;
+     clcf->client_max_body_size = NGX_CONF_UNSET;
+     clcf->client_body_buffer_size = NGX_CONF_UNSET_SIZE;
+     clcf->client_body_timeout = NGX_CONF_UNSET_MSEC;
+@@ -3250,9 +3260,7 @@
+         }
+     }
+ 
+-    if (conf->error_pages == NULL && prev->error_pages) {
+-        conf->error_pages = prev->error_pages;
+-    }
+    ngx_conf_merge_ptr_value(conf->error_pages, prev->error_pages, NULL);
+ 
+     ngx_conf_merge_str_value(conf->default_type,
+                               prev->default_type, "text/plain");
+@@ -3988,6 +3996,10 @@
+     ngx_http_compile_complex_value_t   ccv;
+ 
+     if (clcf->error_pages == NULL) {
+        return "conflicts with \"no_error_pages\"";
+    }
+
+    if (clcf->error_pages == NGX_CONF_UNSET_PTR) {
+         clcf->error_pages = ngx_array_create(cf->pool, 4,
+                                              sizeof(ngx_http_err_page_t));
+         if (clcf->error_pages == NULL) {
+@@ -4095,6 +4107,25 @@
+ 
+ 
+ static char *
+ngx_http_core_no_error_pages(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+    ngx_http_core_loc_conf_t *clcf = conf;
+
+    if (clcf->error_pages == NULL) {
+        return "is duplicate";
+    }
+
+    if (clcf->error_pages != NGX_CONF_UNSET_PTR) {
+        return "conflicts with \"error_page\"";
+    }
+
+    clcf->error_pages = NULL;
+
+    return NGX_CONF_OK;
+}
+
+
+static char *
+ ngx_http_core_try_files(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+ {
+     ngx_http_core_loc_conf_t *clcf = conf;
--- a/patches/nginx-1.11.2-no_pool.patch
+++ b/patches/nginx-1.11.2-no_pool.patch
@ -0,0 +1,587 @@
+diff --minimal '--exclude=*.swp' '--exclude=*~' -up nginx-1.11.2/src/core/nginx.h nginx-1.11.2-patched/src/core/nginx.h
+--- nginx-1.11.2/src/core/nginx.h	2016-04-19 09:02:38.000000000 -0700
+++ nginx-1.11.2-patched/src/core/nginx.h	2016-04-21 16:25:07.452944624 -0700
+@@ -10,7 +10,7 @@
+ 
+ 
+ #define nginx_version      1011002
+ #define NGINX_VERSION      "1.11.2"
+-#define NGINX_VER          "openresty/" NGINX_VERSION ".unknown"
+#define NGINX_VER          "openresty/" NGINX_VERSION ".unknown (no pool)"
+ 
+ #ifdef NGX_BUILD
+diff --minimal '--exclude=*.swp' '--exclude=*~' -up nginx-1.11.2/src/core/ngx_array.c nginx-1.11.2-patched/src/core/ngx_array.c
+--- nginx-1.11.2/src/core/ngx_array.c	2016-04-19 09:02:38.000000000 -0700
+++ nginx-1.11.2-patched/src/core/ngx_array.c	2016-04-21 16:25:07.453947190 -0700
+@@ -30,26 +30,30 @@ ngx_array_create(ngx_pool_t *p, ngx_uint
+ void
+ ngx_array_destroy(ngx_array_t *a)
+ {
+-    ngx_pool_t  *p;
+    ngx_pool_t          *p;
+    ngx_array_link_t    *link;
+ 
+     p = a->pool;
+ 
+-    if ((u_char *) a->elts + a->size * a->nalloc == p->d.last) {
+-        p->d.last -= a->size * a->nalloc;
+    if (a->elts) {
+        ngx_pfree(p, a->elts);
+     }
+ 
+-    if ((u_char *) a + sizeof(ngx_array_t) == p->d.last) {
+-        p->d.last = (u_char *) a;
+    for (link = a->old_elts; link; link = link->next) {
+        ngx_pfree(p, link->elts);
+     }
+
+    ngx_pfree(p, a);
+ }
+ 
+ 
+ void *
+ ngx_array_push(ngx_array_t *a)
+ {
+-    void        *elt, *new;
+-    size_t       size;
+-    ngx_pool_t  *p;
+    void                *elt, *new;
+    size_t               size;
+    ngx_pool_t          *p;
+    ngx_array_link_t    *link;
+ 
+     if (a->nelts == a->nalloc) {
+ 
+@@ -59,29 +63,27 @@ ngx_array_push(ngx_array_t *a)
+ 
+         p = a->pool;
+ 
+-        if ((u_char *) a->elts + size == p->d.last
+-            && p->d.last + a->size <= p->d.end)
+-        {
+-            /*
+-             * the array allocation is the last in the pool
+-             * and there is space for new allocation
+-             */
+-
+-            p->d.last += a->size;
+-            a->nalloc++;
+        /* allocate a new array */
+ 
+-        } else {
+-            /* allocate a new array */
+        new = ngx_palloc(p, 2 * size);
+        if (new == NULL) {
+            return NULL;
+        }
+ 
+-            new = ngx_palloc(p, 2 * size);
+-            if (new == NULL) {
+-                return NULL;
+-            }
+        ngx_memcpy(new, a->elts, size);
+ 
+-            ngx_memcpy(new, a->elts, size);
+-            a->elts = new;
+-            a->nalloc *= 2;
+        link = ngx_palloc(p, sizeof(ngx_array_link_t));
+        if (link == NULL) {
+            ngx_pfree(p, new);
+            return NULL;
+         }
+
+        link->next = a->old_elts;
+        link->elts = a->elts;
+        a->old_elts = link;
+
+        a->elts = new;
+        a->nalloc *= 2;
+     }
+ 
+     elt = (u_char *) a->elts + a->size * a->nelts;
+@@ -95,11 +97,10 @@ void *
+ ngx_array_push_n(ngx_array_t *a, ngx_uint_t n)
+ {
+     void        *elt, *new;
+-    size_t       size;
+     ngx_uint_t   nalloc;
+     ngx_pool_t  *p;
+ 
+-    size = n * a->size;
+    ngx_array_link_t    *link;
+ 
+     if (a->nelts + n > a->nalloc) {
+ 
+@@ -107,31 +108,27 @@ ngx_array_push_n(ngx_array_t *a, ngx_uin
+ 
+         p = a->pool;
+ 
+-        if ((u_char *) a->elts + a->size * a->nalloc == p->d.last
+-            && p->d.last + size <= p->d.end)
+-        {
+-            /*
+-             * the array allocation is the last in the pool
+-             * and there is space for new allocation
+-             */
+        nalloc = 2 * ((n >= a->nalloc) ? n : a->nalloc);
+ 
+-            p->d.last += size;
+-            a->nalloc += n;
+        new = ngx_palloc(p, nalloc * a->size);
+        if (new == NULL) {
+            return NULL;
+        }
+ 
+-        } else {
+-            /* allocate a new array */
+        ngx_memcpy(new, a->elts, a->nelts * a->size);
+ 
+-            nalloc = 2 * ((n >= a->nalloc) ? n : a->nalloc);
+        link = ngx_palloc(p, sizeof(ngx_array_link_t));
+        if (link == NULL) {
+            ngx_pfree(p, new);
+            return NULL;
+        }
+ 
+-            new = ngx_palloc(p, nalloc * a->size);
+-            if (new == NULL) {
+-                return NULL;
+-            }
+        link->next = a->old_elts;
+        link->elts = a->elts;
+        a->old_elts = link;
+ 
+-            ngx_memcpy(new, a->elts, a->nelts * a->size);
+-            a->elts = new;
+-            a->nalloc = nalloc;
+-        }
+        a->elts = new;
+        a->nalloc = nalloc;
+     }
+ 
+     elt = (u_char *) a->elts + a->size * a->nelts;
+diff --minimal '--exclude=*.swp' '--exclude=*~' -up nginx-1.11.2/src/core/ngx_array.h nginx-1.11.2-patched/src/core/ngx_array.h
+--- nginx-1.11.2/src/core/ngx_array.h	2016-04-19 09:02:38.000000000 -0700
+++ nginx-1.11.2-patched/src/core/ngx_array.h	2016-04-21 16:25:07.453947190 -0700
+@@ -13,12 +13,23 @@
+ #include <ngx_core.h>
+ 
+ 
+typedef struct ngx_array_link_s ngx_array_link_t;
+
+
+struct ngx_array_link_s {
+    void                    *elts;
+    ngx_array_link_t        *next;
+};
+
+
+ typedef struct {
+     void        *elts;
+     ngx_uint_t   nelts;
+     size_t       size;
+     ngx_uint_t   nalloc;
+     ngx_pool_t  *pool;
+
+    ngx_array_link_t *old_elts;
+ } ngx_array_t;
+ 
+ 
+@@ -40,6 +51,7 @@ ngx_array_init(ngx_array_t *array, ngx_p
+     array->size = size;
+     array->nalloc = n;
+     array->pool = pool;
+    array->old_elts = NULL;
+ 
+     array->elts = ngx_palloc(pool, n * size);
+     if (array->elts == NULL) {
+diff --minimal '--exclude=*.swp' '--exclude=*~' -up nginx-1.11.2/src/core/ngx_palloc.c nginx-1.11.2-patched/src/core/ngx_palloc.c
+--- nginx-1.11.2/src/core/ngx_palloc.c	2016-04-19 09:02:38.000000000 -0700
+++ nginx-1.11.2-patched/src/core/ngx_palloc.c	2016-04-21 16:25:45.912282685 -0700
+@@ -9,34 +9,26 @@
+ #include <ngx_core.h>
+ 
+ 
+-static ngx_inline void *ngx_palloc_small(ngx_pool_t *pool, size_t size,
+-    ngx_uint_t align);
+-static void *ngx_palloc_block(ngx_pool_t *pool, size_t size);
+-static void *ngx_palloc_large(ngx_pool_t *pool, size_t size);
+static void * ngx_malloc(ngx_pool_t *pool, size_t size);
+ 
+ 
+ ngx_pool_t *
+ ngx_create_pool(size_t size, ngx_log_t *log)
+ {
+-    ngx_pool_t  *p;
+    ngx_pool_t        *p;
+ 
+-    p = ngx_memalign(NGX_POOL_ALIGNMENT, size, log);
+    size = sizeof(ngx_pool_t);
+    p = ngx_alloc(size, log);
+     if (p == NULL) {
+         return NULL;
+     }
+ 
+-    p->d.last = (u_char *) p + sizeof(ngx_pool_t);
+-    p->d.end = (u_char *) p + size;
+-    p->d.next = NULL;
+-    p->d.failed = 0;
+    ngx_memzero(p, size);
+ 
+     size = size - sizeof(ngx_pool_t);
+     p->max = (size < NGX_MAX_ALLOC_FROM_POOL) ? size : NGX_MAX_ALLOC_FROM_POOL;
+ 
+     p->current = p;
+-    p->chain = NULL;
+-    p->large = NULL;
+-    p->cleanup = NULL;
+     p->log = log;
+ 
+     return p;
+@@ -46,8 +38,7 @@ ngx_create_pool(size_t size, ngx_log_t *
+ void
+ ngx_destroy_pool(ngx_pool_t *pool)
+ {
+-    ngx_pool_t          *p, *n;
+-    ngx_pool_large_t    *l;
+    ngx_pool_data_t     *d, *n;
+     ngx_pool_cleanup_t  *c;
+ 
+     for (c = pool->cleanup; c; c = c->next) {
+@@ -58,6 +49,11 @@ ngx_destroy_pool(ngx_pool_t *pool)
+         }
+     }
+ 
+    if (pool->d == NULL) {
+        ngx_free(pool);
+        return;
+    }
+
+ #if (NGX_DEBUG)
+ 
+     /*
+@@ -65,13 +61,9 @@ ngx_destroy_pool(ngx_pool_t *pool)
+      * so we cannot use this log while free()ing the pool
+      */
+ 
+-    for (l = pool->large; l; l = l->next) {
+-        ngx_log_debug1(NGX_LOG_DEBUG_ALLOC, pool->log, 0, "free: %p", l->alloc);
+-    }
+-
+-    for (p = pool, n = pool->d.next; /* void */; p = n, n = n->d.next) {
+    for (d = pool->d, n = d->next; ; d = n, n = n->next) {
+         ngx_log_debug2(NGX_LOG_DEBUG_ALLOC, pool->log, 0,
+-                       "free: %p, unused: %uz", p, p->d.end - p->d.last);
+                       "free: %p, unused: %d", d, 0);
+ 
+         if (n == NULL) {
+             break;
+@@ -80,171 +72,82 @@ ngx_destroy_pool(ngx_pool_t *pool)
+ 
+ #endif
+ 
+-    for (l = pool->large; l; l = l->next) {
+-        if (l->alloc) {
+-            ngx_free(l->alloc);
+-        }
+-    }
+-
+-    for (p = pool, n = pool->d.next; /* void */; p = n, n = n->d.next) {
+-        ngx_free(p);
+    for (d = pool->d, n = d->next; ; d = n, n = n->next) {
+        ngx_free(d->alloc);
+        ngx_free(d);
+ 
+         if (n == NULL) {
+             break;
+         }
+     }
+
+    pool->d = NULL;
+    ngx_free(pool);
+ }
+ 
+ 
+ void
+ ngx_reset_pool(ngx_pool_t *pool)
+ {
+-    ngx_pool_t        *p;
+-    ngx_pool_large_t  *l;
+    ngx_pool_data_t     *d, *n;
+    ngx_pool_data_t     *saved = NULL;
+ 
+-    for (l = pool->large; l; l = l->next) {
+-        if (l->alloc) {
+-            ngx_free(l->alloc);
+    if (pool->d) {
+        for (d = pool->d, n = d->next; ; d = n, n = n->next) {
+            if (d->alloc == pool->log) {
+                saved = d;
+                continue;
+            }
+
+            ngx_free(d->alloc);
+            ngx_free(d);
+
+            if (n == NULL) {
+                break;
+            }
+         }
+-    }
+ 
+-    for (p = pool; p; p = p->d.next) {
+-        p->d.last = (u_char *) p + sizeof(ngx_pool_t);
+-        p->d.failed = 0;
+        pool->d = saved;
+        pool->current = pool;
+        pool->chain = NULL;
+     }
+-
+-    pool->current = pool;
+-    pool->chain = NULL;
+-    pool->large = NULL;
+ }
+ 
+ 
+ void *
+ ngx_palloc(ngx_pool_t *pool, size_t size)
+ {
+-#if !(NGX_DEBUG_PALLOC)
+-    if (size <= pool->max) {
+-        return ngx_palloc_small(pool, size, 1);
+-    }
+-#endif
+-
+-    return ngx_palloc_large(pool, size);
+    return ngx_malloc(pool, size);
+ }
+ 
+ 
+ void *
+ ngx_pnalloc(ngx_pool_t *pool, size_t size)
+ {
+-#if !(NGX_DEBUG_PALLOC)
+-    if (size <= pool->max) {
+-        return ngx_palloc_small(pool, size, 0);
+-    }
+-#endif
+-
+-    return ngx_palloc_large(pool, size);
+-}
+-
+-
+-static ngx_inline void *
+-ngx_palloc_small(ngx_pool_t *pool, size_t size, ngx_uint_t align)
+-{
+-    u_char      *m;
+-    ngx_pool_t  *p;
+-
+-    p = pool->current;
+-
+-    do {
+-        m = p->d.last;
+-
+-        if (align) {
+-            m = ngx_align_ptr(m, NGX_ALIGNMENT);
+-        }
+-
+-        if ((size_t) (p->d.end - m) >= size) {
+-            p->d.last = m + size;
+-
+-            return m;
+-        }
+-
+-        p = p->d.next;
+-
+-    } while (p);
+-
+-    return ngx_palloc_block(pool, size);
+-}
+-
+-
+-static void *
+-ngx_palloc_block(ngx_pool_t *pool, size_t size)
+-{
+-    u_char      *m;
+-    size_t       psize;
+-    ngx_pool_t  *p, *new;
+-
+-    psize = (size_t) (pool->d.end - (u_char *) pool);
+-
+-    m = ngx_memalign(NGX_POOL_ALIGNMENT, psize, pool->log);
+-    if (m == NULL) {
+-        return NULL;
+-    }
+-
+-    new = (ngx_pool_t *) m;
+-
+-    new->d.end = m + psize;
+-    new->d.next = NULL;
+-    new->d.failed = 0;
+-
+-    m += sizeof(ngx_pool_data_t);
+-    m = ngx_align_ptr(m, NGX_ALIGNMENT);
+-    new->d.last = m + size;
+-
+-    for (p = pool->current; p->d.next; p = p->d.next) {
+-        if (p->d.failed++ > 4) {
+-            pool->current = p->d.next;
+-        }
+-    }
+-
+-    p->d.next = new;
+-
+-    return m;
+    return ngx_malloc(pool, size);
+ }
+ 
+ 
+ static void *
+-ngx_palloc_large(ngx_pool_t *pool, size_t size)
+ngx_malloc(ngx_pool_t *pool, size_t size)
+ {
+-    void              *p;
+-    ngx_uint_t         n;
+-    ngx_pool_large_t  *large;
+    void                *p;
+    ngx_pool_data_t     *d;
+ 
+     p = ngx_alloc(size, pool->log);
+     if (p == NULL) {
+         return NULL;
+     }
+ 
+-    n = 0;
+-
+-    for (large = pool->large; large; large = large->next) {
+-        if (large->alloc == NULL) {
+-            large->alloc = p;
+-            return p;
+-        }
+-
+-        if (n++ > 3) {
+-            break;
+-        }
+-    }
+-
+-    large = ngx_palloc_small(pool, sizeof(ngx_pool_large_t), 1);
+-    if (large == NULL) {
+    d = ngx_alloc(sizeof(ngx_pool_data_t), pool->log);
+    if (d == NULL){
+         ngx_free(p);
+         return NULL;
+     }
+ 
+-    large->alloc = p;
+-    large->next = pool->large;
+-    pool->large = large;
+-
+    d->alloc = p;
+    d->next = pool->d;
+    pool->d = d;
+     return p;
+ }
+ 
+@@ -253,38 +156,48 @@ void *
+ ngx_pmemalign(ngx_pool_t *pool, size_t size, size_t alignment)
+ {
+     void              *p;
+-    ngx_pool_large_t  *large;
+    ngx_pool_data_t   *d;
+ 
+     p = ngx_memalign(alignment, size, pool->log);
+     if (p == NULL) {
+         return NULL;
+     }
+ 
+-    large = ngx_palloc_small(pool, sizeof(ngx_pool_large_t), 1);
+-    if (large == NULL) {
+    d = ngx_alloc(sizeof(ngx_pool_data_t), pool->log);
+    if (d == NULL){
+         ngx_free(p);
+         return NULL;
+     }
+ 
+-    large->alloc = p;
+-    large->next = pool->large;
+-    pool->large = large;
+-
+    d->alloc = p;
+    d->next = pool->d;
+    pool->d = d;
+     return p;
+ }
+ 
+ 
+ ngx_int_t
+-ngx_pfree(ngx_pool_t *pool, void *p)
+ngx_pfree(ngx_pool_t *pool, void *data)
+ {
+-    ngx_pool_large_t  *l;
+    ngx_pool_data_t     *p, *d;
+ 
+-    for (l = pool->large; l; l = l->next) {
+-        if (p == l->alloc) {
+-            ngx_log_debug1(NGX_LOG_DEBUG_ALLOC, pool->log, 0,
+-                           "free: %p", l->alloc);
+-            ngx_free(l->alloc);
+-            l->alloc = NULL;
+    p = NULL;
+    for (d = pool->d; d; p = d, d = d->next) {
+        if (data == d->alloc) {
+
+            ngx_log_debug1(NGX_LOG_DEBUG_ALLOC, pool->log, 0, "free: %p", d->alloc);
+
+            ngx_free(d->alloc);
+            d->alloc = NULL;
+
+            if (p) {
+                p->next = d->next;
+
+            } else {
+                pool->d = d->next;
+            }
+
+            ngx_free(d);
+ 
+             return NGX_OK;
+         }
+diff --minimal '--exclude=*.swp' '--exclude=*~' -up nginx-1.11.2/src/core/ngx_palloc.h nginx-1.11.2-patched/src/core/ngx_palloc.h
+--- nginx-1.11.2/src/core/ngx_palloc.h	2016-04-19 09:02:38.000000000 -0700
+++ nginx-1.11.2-patched/src/core/ngx_palloc.h	2016-04-21 16:25:07.454949755 -0700
+@@ -38,28 +38,21 @@ struct ngx_pool_cleanup_s {
+ };
+ 
+ 
+-typedef struct ngx_pool_large_s  ngx_pool_large_t;
+-
+-struct ngx_pool_large_s {
+-    ngx_pool_large_t     *next;
+-    void                 *alloc;
+-};
+typedef struct ngx_pool_data_s   ngx_pool_large_t;
+typedef struct ngx_pool_data_s   ngx_pool_data_t;
+ 
+ 
+-typedef struct {
+-    u_char               *last;
+-    u_char               *end;
+-    ngx_pool_t           *next;
+-    ngx_uint_t            failed;
+-} ngx_pool_data_t;
+struct ngx_pool_data_s {
+    ngx_pool_data_t        *next;
+    void                   *alloc;
+};
+ 
+ 
+ struct ngx_pool_s {
+-    ngx_pool_data_t       d;
+    ngx_pool_data_t      *d;
+     size_t                max;
+     ngx_pool_t           *current;
+     ngx_chain_t          *chain;
+-    ngx_pool_large_t     *large;
+     ngx_pool_cleanup_t   *cleanup;
+     ngx_log_t            *log;
+ };
--- a/patches/nginx-1.11.2-pcre_conf_opt.patch
+++ b/patches/nginx-1.11.2-pcre_conf_opt.patch
@ -0,0 +1,26 @@
+# HG changeset patch
+# User Yichun Zhang <agentzh@gmail.com>
+# Date 1386694955 28800
+# Node ID 9ba6b149669f1f02eeb4cdc0ebd364a949b5c469
+# Parent  30e806b8636af5fd3f03ec17df24801f390f7511
+Configure: added new option --with-pcre-conf-opt=OPTIONS.
+
+diff -r 30e806b8636a -r 9ba6b149669f auto/options
+--- a/auto/options	Mon Dec 09 10:16:44 2013 +0400
+++ b/auto/options	Tue Dec 10 09:02:35 2013 -0800
+@@ -286,6 +286,7 @@
+         --with-pcre)                     USE_PCRE=YES               ;;
+         --with-pcre=*)                   PCRE="$value"              ;;
+         --with-pcre-opt=*)               PCRE_OPT="$value"          ;;
+        --with-pcre-conf-opt=*)          PCRE_CONF_OPT="$value"     ;;
+         --with-pcre-jit)                 PCRE_JIT=YES               ;;
+ 
+         --with-openssl=*)                OPENSSL="$value"           ;;
+@@ -441,6 +442,7 @@
+   --with-pcre                        force PCRE library usage
+   --with-pcre=DIR                    set path to PCRE library sources
+   --with-pcre-opt=OPTIONS            set additional build options for PCRE
+  --with-pcre-conf-opt=OPTIONS       set additional configure options for PCRE
+   --with-pcre-jit                    build PCRE with JIT compilation support
+ 
+   --with-md5=DIR                     set path to md5 library sources
--- a/patches/nginx-1.11.2-privileged_agent_process.patch
+++ b/patches/nginx-1.11.2-privileged_agent_process.patch
@ -0,0 +1,211 @@
+diff --git a/src/core/nginx.c b/src/core/nginx.c
+index 60f8fe7..4bd244b 100644
+--- a/src/core/nginx.c
+++ b/src/core/nginx.c
+@@ -981,6 +981,7 @@ ngx_core_module_create_conf(ngx_cycle_t *cycle)
+ 
+     ccf->daemon = NGX_CONF_UNSET;
+     ccf->master = NGX_CONF_UNSET;
+    ccf->privileged_agent = NGX_CONF_UNSET;
+     ccf->timer_resolution = NGX_CONF_UNSET_MSEC;
+ 
+     ccf->worker_processes = NGX_CONF_UNSET;
+@@ -1009,6 +1010,7 @@ ngx_core_module_init_conf(ngx_cycle_t *cycle, void *conf)
+ 
+     ngx_conf_init_value(ccf->daemon, 1);
+     ngx_conf_init_value(ccf->master, 1);
+    ngx_conf_init_value(ccf->privileged_agent, 0);
+     ngx_conf_init_msec_value(ccf->timer_resolution, 0);
+ 
+     ngx_conf_init_value(ccf->worker_processes, 1);
+diff --git a/src/core/ngx_cycle.h b/src/core/ngx_cycle.h
+index c51b7ff..3261f90 100644
+--- a/src/core/ngx_cycle.h
+++ b/src/core/ngx_cycle.h
+@@ -22,6 +22,9 @@
+ #define NGX_DEBUG_POINTS_ABORT  2
+ 
+ 
+#define HAVE_PRIVILEGED_PROCESS_PATCH   1
+
+
+ typedef struct ngx_shm_zone_s  ngx_shm_zone_t;
+ 
+ typedef ngx_int_t (*ngx_shm_zone_init_pt) (ngx_shm_zone_t *zone, void *data);
+@@ -81,6 +84,7 @@ struct ngx_cycle_s {
+ typedef struct {
+     ngx_flag_t                daemon;
+     ngx_flag_t                master;
+    ngx_flag_t                privileged_agent;
+ 
+     ngx_msec_t                timer_resolution;
+ 
+diff --git a/src/os/unix/ngx_process_cycle.c b/src/os/unix/ngx_process_cycle.c
+index 7cee1c5..c4f70d6 100644
+--- a/src/os/unix/ngx_process_cycle.c
+++ b/src/os/unix/ngx_process_cycle.c
+@@ -15,6 +15,8 @@ static void ngx_start_worker_processes(ngx_cycle_t *cycle, ngx_int_t n,
+     ngx_int_t type);
+ static void ngx_start_cache_manager_processes(ngx_cycle_t *cycle,
+     ngx_uint_t respawn);
+static void ngx_start_privileged_agent_processes(ngx_cycle_t *cycle,
+    ngx_uint_t respawn);
+ static void ngx_pass_open_channel(ngx_cycle_t *cycle, ngx_channel_t *ch);
+ static void ngx_signal_worker_processes(ngx_cycle_t *cycle, int signo);
+ static ngx_uint_t ngx_reap_children(ngx_cycle_t *cycle);
+@@ -24,6 +26,7 @@ static void ngx_worker_process_init(ngx_cycle_t *cycle, ngx_int_t worker);
+ static void ngx_worker_process_exit(ngx_cycle_t *cycle);
+ static void ngx_channel_handler(ngx_event_t *ev);
+ static void ngx_cache_manager_process_cycle(ngx_cycle_t *cycle, void *data);
+static void ngx_privileged_agent_process_cycle(ngx_cycle_t *cycle, void *data);
+ static void ngx_cache_manager_process_handler(ngx_event_t *ev);
+ static void ngx_cache_loader_process_handler(ngx_event_t *ev);
+ 
+@@ -51,6 +54,8 @@ sig_atomic_t  ngx_noaccept;
+ ngx_uint_t    ngx_noaccepting;
+ ngx_uint_t    ngx_restart;
+ 
+ngx_uint_t    ngx_is_privileged_agent;
+
+ 
+ static u_char  master_process[] = "master process";
+ 
+@@ -130,6 +135,7 @@ ngx_master_process_cycle(ngx_cycle_t *cycle)
+     ngx_start_worker_processes(cycle, ccf->worker_processes,
+                                NGX_PROCESS_RESPAWN);
+     ngx_start_cache_manager_processes(cycle, 0);
+    ngx_start_privileged_agent_processes(cycle, 0);
+ 
+     ngx_new_binary = 0;
+     delay = 0;
+@@ -224,6 +230,7 @@ ngx_master_process_cycle(ngx_cycle_t *cycle)
+                 ngx_start_worker_processes(cycle, ccf->worker_processes,
+                                            NGX_PROCESS_RESPAWN);
+                 ngx_start_cache_manager_processes(cycle, 0);
+                ngx_start_privileged_agent_processes(cycle, 0);
+                 ngx_noaccepting = 0;
+ 
+                 continue;
+@@ -243,6 +250,7 @@ ngx_master_process_cycle(ngx_cycle_t *cycle)
+             ngx_start_worker_processes(cycle, ccf->worker_processes,
+                                        NGX_PROCESS_JUST_RESPAWN);
+             ngx_start_cache_manager_processes(cycle, 1);
+            ngx_start_privileged_agent_processes(cycle, 1);
+ 
+             /* allow new processes to start */
+             ngx_msleep(100);
+@@ -257,6 +265,7 @@ ngx_master_process_cycle(ngx_cycle_t *cycle)
+             ngx_start_worker_processes(cycle, ccf->worker_processes,
+                                        NGX_PROCESS_RESPAWN);
+             ngx_start_cache_manager_processes(cycle, 0);
+            ngx_start_privileged_agent_processes(cycle, 0);
+             live = 1;
+         }
+ 
+@@ -424,6 +433,34 @@ ngx_start_cache_manager_processes(ngx_cycle_t *cycle, ngx_uint_t respawn)
+ 
+ 
+ static void
+ngx_start_privileged_agent_processes(ngx_cycle_t *cycle, ngx_uint_t respawn)
+{
+    ngx_channel_t          ch;
+    ngx_core_conf_t       *ccf;
+
+    ccf = (ngx_core_conf_t *) ngx_get_conf(cycle->conf_ctx,
+                                           ngx_core_module);
+
+    if (!ccf->privileged_agent) {
+        return;
+    }
+
+    ngx_spawn_process(cycle, ngx_privileged_agent_process_cycle,
+                      "privileged agent process", "privileged agent process",
+                      respawn ? NGX_PROCESS_JUST_RESPAWN : NGX_PROCESS_RESPAWN);
+
+    ngx_memzero(&ch, sizeof(ngx_channel_t));
+
+    ch.command = NGX_CMD_OPEN_CHANNEL;
+    ch.pid = ngx_processes[ngx_process_slot].pid;
+    ch.slot = ngx_process_slot;
+    ch.fd = ngx_processes[ngx_process_slot].channel[0];
+
+    ngx_pass_open_channel(cycle, &ch);
+}
+
+
+static void
+ ngx_pass_open_channel(ngx_cycle_t *cycle, ngx_channel_t *ch)
+ {
+     ngx_int_t  i;
+@@ -827,7 +864,10 @@ ngx_worker_process_init(ngx_cycle_t *cycle, ngx_int_t worker)
+         }
+     }
+ 
+-    if (geteuid() == 0) {
+    /*
+     * privileged agent process has the same permission as master process
+     */
+    if (!ngx_is_privileged_agent && geteuid() == 0) {
+         if (setgid(ccf->group) == -1) {
+             ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno,
+                           "setgid(%d) failed", ccf->group);
+@@ -1144,6 +1184,47 @@ ngx_cache_manager_process_cycle(ngx_cycle_t *cycle, void *data)
+ 
+ 
+ static void
+ngx_privileged_agent_process_cycle(ngx_cycle_t *cycle, void *data)
+{
+    char   *name = data;
+
+    /*
+     * Set correct process type since closing listening Unix domain socket
+     * in a master process also removes the Unix domain socket file.
+     */
+    ngx_process = NGX_PROCESS_HELPER;
+    ngx_is_privileged_agent = 1;
+
+    ngx_close_listening_sockets(cycle);
+
+    /* Set a moderate number of connections for a helper process. */
+    cycle->connection_n = 512;
+
+    ngx_worker_process_init(cycle, -1);
+
+    ngx_use_accept_mutex = 0;
+
+    ngx_setproctitle(name);
+
+    for ( ;; ) {
+
+        if (ngx_terminate || ngx_quit) {
+            ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "exiting");
+            ngx_worker_process_exit(cycle);
+        }
+
+        if (ngx_reopen) {
+            ngx_reopen = 0;
+            ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "reopening logs");
+            ngx_reopen_files(cycle, -1);
+        }
+
+        ngx_process_events_and_timers(cycle);
+    }
+}
+
+
+static void
+ ngx_cache_manager_process_handler(ngx_event_t *ev)
+ {
+     time_t        next, n;
+diff --git a/src/os/unix/ngx_process_cycle.h b/src/os/unix/ngx_process_cycle.h
+index 69495d5..5149396 100644
+--- a/src/os/unix/ngx_process_cycle.h
+++ b/src/os/unix/ngx_process_cycle.h
+@@ -45,6 +45,7 @@ extern ngx_pid_t       ngx_new_binary;
+ extern ngx_uint_t      ngx_inherited;
+ extern ngx_uint_t      ngx_daemonized;
+ extern ngx_uint_t      ngx_exiting;
+extern ngx_uint_t      ngx_is_privileged_agent;
+ 
+ extern sig_atomic_t    ngx_reap;
+ extern sig_atomic_t    ngx_sigio;
--- a/patches/nginx-1.11.2-proxy_host_port_vars.patch
+++ b/patches/nginx-1.11.2-proxy_host_port_vars.patch
@ -0,0 +1,19 @@
+--- nginx-1.11.2/src/http/modules/ngx_http_proxy_module.c	2017-07-16 14:02:51.000000000 +0800
+++ nginx-1.11.2-patched/src/http/modules/ngx_http_proxy_module.c	2017-07-16 14:02:51.000000000 +0800
+@@ -793,13 +793,13 @@ static ngx_keyval_t  ngx_http_proxy_cach
+ static ngx_http_variable_t  ngx_http_proxy_vars[] = {
+ 
+     { ngx_string("proxy_host"), NULL, ngx_http_proxy_host_variable, 0,
+-      NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE|NGX_HTTP_VAR_NOHASH, 0 },
+      NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE, 0 },
+ 
+     { ngx_string("proxy_port"), NULL, ngx_http_proxy_port_variable, 0,
+-      NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE|NGX_HTTP_VAR_NOHASH, 0 },
+      NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE, 0 },
+ 
+     { ngx_string("proxy_add_x_forwarded_for"), NULL,
+-      ngx_http_proxy_add_x_forwarded_for_variable, 0, NGX_HTTP_VAR_NOHASH, 0 },
+      ngx_http_proxy_add_x_forwarded_for_variable, 0, 0, 0 },
+ 
+ #if 0
+     { ngx_string("proxy_add_via"), NULL, NULL, 0, NGX_HTTP_VAR_NOHASH, 0 },
--- a/patches/nginx-1.11.2-safe_resolver_ipv6_option.patch
+++ b/patches/nginx-1.11.2-safe_resolver_ipv6_option.patch
@ -0,0 +1,55 @@
+# HG changeset patch
+# User Thibault Charbonnier <thibaultcha@fastmail.com>
+# Date 1481847421 28800
+#      Thu Dec 15 16:17:01 2016 -0800
+# Node ID 8bf038fe006fd8ae253d6b41fc6cf109a8912d3e
+# Parent  a3dc657f4e9530623683e6b85bd7492662e4dc47
+Resolver: ignore ipv6=off resolver option when no ipv6 support
+
+Makes the resolver directive more robust: we only error out when ipv6
+resolution is desired but not supported (ipv6=on).
+
+use case 1: some configurations are sometimes re-used between builds with and
+without ipv6 support. This patch avoids the need to remove the "ipv6=off" flag.
+
+use case 2: currently, some tools rely on the --with-ipv6 configure option from
+"nginx -V" to determine if ipv6 resolution should be disabled in some cases.
+With this option disappearing in Nginx 1.11.5, this patch would allow such tools
+to assume "ipv6=off" to be safe regardless of ipv6 support in the current
+build.
+
+diff -r a3dc657f4e95 -r 8bf038fe006f src/core/ngx_resolver.c
+--- a/src/core/ngx_resolver.c	Thu Dec 15 21:44:34 2016 +0300
+++ b/src/core/ngx_resolver.c	Thu Dec 15 16:17:01 2016 -0800
+@@ -224,14 +224,22 @@
+             continue;
+         }
+ 
+-#if (NGX_HAVE_INET6)
+         if (ngx_strncmp(names[i].data, "ipv6=", 5) == 0) {
+ 
+             if (ngx_strcmp(&names[i].data[5], "on") == 0) {
+#if (NGX_HAVE_INET6)
+                 r->ipv6 = 1;
+#else
+                ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                                   "no ipv6 support but \"%V\" in resolver",
+                                   &names[i]);
+                return NULL;
+#endif
+ 
+             } else if (ngx_strcmp(&names[i].data[5], "off") == 0) {
+#if (NGX_HAVE_INET6)
+                 r->ipv6 = 0;
+#endif
+ 
+             } else {
+                 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+@@ -241,7 +249,6 @@
+ 
+             continue;
+         }
+-#endif
+ 
+         ngx_memzero(&u, sizeof(ngx_url_t));
+ 
--- a/patches/nginx-1.11.2-server_header.patch
+++ b/patches/nginx-1.11.2-server_header.patch
@ -0,0 +1,39 @@
+diff --git a/src/core/nginx.h b/src/core/nginx.h
+index 75a4a40..ed4f104 100644
+--- a/src/core/nginx.h
+++ b/src/core/nginx.h
+@@ -11,7 +11,7 @@
+ 
+ #define nginx_version      1011002
+ #define NGINX_VERSION      "1.11.2"
+-#define NGINX_VER          "nginx/" NGINX_VERSION
+#define NGINX_VER          "openresty/" NGINX_VERSION ".unknown"
+ 
+ #ifdef NGX_BUILD
+ #define NGINX_VER_BUILD    NGINX_VER " (" NGX_BUILD ")"
+diff --git a/src/http/ngx_http_header_filter_module.c b/src/http/ngx_http_header_filter_module.c
+index f000b2e..5882a66 100644
+--- a/src/http/ngx_http_header_filter_module.c
+++ b/src/http/ngx_http_header_filter_module.c
+@@ -46,7 +46,7 @@ ngx_module_t  ngx_http_header_filter_module = {
+ };
+ 
+ 
+-static char ngx_http_server_string[] = "Server: nginx" CRLF;
+static char ngx_http_server_string[] = "Server: openresty" CRLF;
+ static char ngx_http_server_full_string[] = "Server: " NGINX_VER CRLF;
+ 
+ 
+diff --git a/src/http/v2/ngx_http_v2_filter_module.c b/src/http/v2/ngx_http_v2_filter_module.c
+index 39ff103..0dc3924 100644
+--- a/src/http/v2/ngx_http_v2_filter_module.c
+++ b/src/http/v2/ngx_http_v2_filter_module.c
+@@ -139,7 +139,7 @@ ngx_http_v2_header_filter(ngx_http_request_t *r)
+     ngx_http_core_srv_conf_t  *cscf;
+     u_char                     addr[NGX_SOCKADDR_STRLEN];
+ 
+-    static const u_char nginx[5] = "\x84\xaa\x63\x55\xe7";
+    static const u_char nginx[8] = "\x87\x3d\x65\xaa\xc2\xa1\x3e\xbf";
+ #if (NGX_HTTP_GZIP)
+     static const u_char accept_encoding[12] =
+         "\x8b\x84\x84\x2d\x69\x5b\x05\x44\x3c\x86\xaa\x6f";
--- a/patches/nginx-1.11.2-setting_args_invalidates_uri.patch
+++ b/patches/nginx-1.11.2-setting_args_invalidates_uri.patch
@ -0,0 +1,44 @@
+# HG changeset patch
+# User Yichun Zhang <agentzh@gmail.com>
+# Date 1390506359 28800
+# Node ID 17186b98c235c07e94c64e5853689f790f173756
+# Parent  4b50d1f299d8a69f3e3f7975132e1490352642fe
+Variable: setting $args should invalidate unparsed uri.
+
+diff -r 4b50d1f299d8 -r 17186b98c235 src/http/ngx_http_variables.c
+--- a/src/http/ngx_http_variables.c	Fri Jan 10 11:22:14 2014 -0800
+++ b/src/http/ngx_http_variables.c	Thu Jan 23 11:45:59 2014 -0800
+@@ -15,6 +15,8 @@
+     ngx_http_variable_value_t *v, uintptr_t data);
+ static void ngx_http_variable_request_set(ngx_http_request_t *r,
+     ngx_http_variable_value_t *v, uintptr_t data);
+static void ngx_http_variable_request_args_set(ngx_http_request_t *r,
+    ngx_http_variable_value_t *v, uintptr_t data);
+ static ngx_int_t ngx_http_variable_request_get_size(ngx_http_request_t *r,
+     ngx_http_variable_value_t *v, uintptr_t data);
+ static void ngx_http_variable_request_set_size(ngx_http_request_t *r,
+@@ -218,7 +220,7 @@
+       NGX_HTTP_VAR_NOCACHEABLE, 0 },
+ 
+     { ngx_string("args"),
+-      ngx_http_variable_request_set,
+      ngx_http_variable_request_args_set,
+       ngx_http_variable_request,
+       offsetof(ngx_http_request_t, args),
+       NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE, 0 },
+@@ -647,6 +649,15 @@
+ 
+ 
+ static void
+ngx_http_variable_request_args_set(ngx_http_request_t *r,
+    ngx_http_variable_value_t *v, uintptr_t data)
+{
+    r->valid_unparsed_uri = 0;
+    ngx_http_variable_request_set(r, v, data);
+}
+
+
+static void
+ ngx_http_variable_request_set(ngx_http_request_t *r,
+     ngx_http_variable_value_t *v, uintptr_t data)
+ {
--- a/patches/nginx-1.11.2-single_process_graceful_exit.patch
+++ b/patches/nginx-1.11.2-single_process_graceful_exit.patch
@ -0,0 +1,53 @@
+--- nginx-1.11.2/src/os/unix/ngx_process_cycle.c	2016-07-05 08:56:16.000000000 -0700
+++ nginx-1.11.2-patched/src/os/unix/ngx_process_cycle.c	2017-05-14 09:59:52.301108274 -0700
+@@ -304,11 +304,29 @@ ngx_single_process_cycle(ngx_cycle_t *cy
+     }
+ 
+     for ( ;; ) {
+        if (ngx_exiting) {
+            ngx_event_cancel_timers();
+
+            if (ngx_event_timer_rbtree.root == ngx_event_timer_rbtree.sentinel)
+            {
+                ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "exiting");
+
+                for (i = 0; cycle->modules[i]; i++) {
+                    if (cycle->modules[i]->exit_process) {
+                        cycle->modules[i]->exit_process(cycle);
+                    }
+                }
+
+                ngx_master_process_exit(cycle);
+            }
+        }
+
+         ngx_log_debug0(NGX_LOG_DEBUG_EVENT, cycle->log, 0, "worker cycle");
+ 
+         ngx_process_events_and_timers(cycle);
+ 
+-        if (ngx_terminate || ngx_quit) {
+        if (ngx_terminate) {
+            ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "exiting");
+ 
+             for (i = 0; cycle->modules[i]; i++) {
+                 if (cycle->modules[i]->exit_process) {
+@@ -319,6 +337,19 @@ ngx_single_process_cycle(ngx_cycle_t *cy
+             ngx_master_process_exit(cycle);
+         }
+ 
+        if (ngx_quit) {
+            ngx_quit = 0;
+            ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0,
+                          "gracefully shutting down");
+            ngx_setproctitle("process is shutting down");
+
+            if (!ngx_exiting) {
+                ngx_exiting = 1;
+                ngx_close_listening_sockets(cycle);
+                ngx_close_idle_connections(cycle);
+            }
+        }
+
+         if (ngx_reconfigure) {
+             ngx_reconfigure = 0;
+             ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "reconfiguring");
--- a/patches/nginx-1.11.2-slab_defrag.patch
+++ b/patches/nginx-1.11.2-slab_defrag.patch
@ -0,0 +1,138 @@
+diff --git a/src/core/ngx_slab.c b/src/core/ngx_slab.c
+index c3a27f7..1bde432 100644
+--- a/src/core/ngx_slab.c
+++ b/src/core/ngx_slab.c
+@@ -6,6 +6,7 @@
+ 
+ #include <ngx_config.h>
+ #include <ngx_core.h>
+#include <assert.h>
+ 
+ 
+ #define NGX_SLAB_PAGE_MASK   3
+@@ -111,6 +112,7 @@ ngx_slab_init(ngx_slab_pool_t *pool)
+     ngx_memzero(p, pages * sizeof(ngx_slab_page_t));
+ 
+     pool->pages = (ngx_slab_page_t *) p;
+    pool->npages = pages;
+ 
+     pool->free.prev = 0;
+     pool->free.next = (ngx_slab_page_t *) p;
+@@ -118,6 +120,7 @@ ngx_slab_init(ngx_slab_pool_t *pool)
+     pool->pages->slab = pages;
+     pool->pages->next = &pool->free;
+     pool->pages->prev = (uintptr_t) &pool->free;
+    pool->pages->prev_slab = 0;
+ 
+     pool->start = (u_char *)
+                   ngx_align_ptr((uintptr_t) p + pages * sizeof(ngx_slab_page_t),
+@@ -625,9 +628,16 @@ ngx_slab_alloc_pages(ngx_slab_pool_t *pool, ngx_uint_t pages)
+         if (page->slab >= pages) {
+ 
+             if (page->slab > pages) {
+                /* adjust the next adjacent block's "prev_slab" field */
+                p = &page[page->slab];
+                if (p < pool->pages + pool->npages) {
+                    p->prev_slab = page->slab - pages;
+                }
+
+                 page[pages].slab = page->slab - pages;
+                 page[pages].next = page->next;
+                 page[pages].prev = page->prev;
+                page[pages].prev_slab = pages;
+ 
+                 p = (ngx_slab_page_t *) page->prev;
+                 p->next = &page[pages];
+@@ -651,6 +661,7 @@ ngx_slab_alloc_pages(ngx_slab_pool_t *pool, ngx_uint_t pages)
+                 p->slab = NGX_SLAB_PAGE_BUSY;
+                 p->next = NULL;
+                 p->prev = NGX_SLAB_PAGE;
+                p->prev_slab = 0;
+                 p++;
+             }
+ 
+@@ -668,7 +679,7 @@ static void
+ ngx_slab_free_pages(ngx_slab_pool_t *pool, ngx_slab_page_t *page,
+     ngx_uint_t pages)
+ {
+-    ngx_slab_page_t  *prev;
+    ngx_slab_page_t  *prev, *p;
+ 
+     page->slab = pages--;
+ 
+@@ -682,6 +693,53 @@ ngx_slab_free_pages(ngx_slab_pool_t *pool, ngx_slab_page_t *page,
+         page->next->prev = page->prev;
+     }
+ 
+    /* merge the next adjacent free block if it is free */
+
+    p = &page[page->slab];
+    if (p < pool->pages + pool->npages
+        && !(p->slab & NGX_SLAB_PAGE_START)
+        && p->next != NULL
+        && (p->prev & NGX_SLAB_PAGE_MASK) == NGX_SLAB_PAGE)
+    {
+        page->slab += p->slab;
+
+        /* remove the next adjacent block from the free list */
+
+        prev = (ngx_slab_page_t *) p->prev;
+        prev->next = p->next;
+        p->next->prev = p->prev;
+
+        /* adjust the "prev_slab" field in the next next adjacent block */
+        if (p + p->slab < pool->pages + pool->npages) {
+            p[p->slab].prev_slab = page->slab;
+        }
+
+        ngx_memzero(p, sizeof(ngx_slab_page_t));
+    }
+
+    if (page->prev_slab) {
+        /* merge the previous adjacent block if it is free */
+
+        p = page - page->prev_slab;
+        if (!(p->slab & NGX_SLAB_PAGE_START)
+            && p->next != NULL
+            && (p->prev & NGX_SLAB_PAGE_MASK) == NGX_SLAB_PAGE)
+        {
+            assert(p->slab == page->prev_slab);
+
+            p->slab += page->slab;
+            ngx_memzero(page, sizeof(ngx_slab_page_t));
+
+            /* adjust the "prev_slab" field in the next adjacent block */
+            if (p + p->slab < pool->pages + pool->npages) {
+                p[p->slab].prev_slab = p->slab;
+            }
+
+            /* skip adding "page" to the free list */
+            return;
+        }
+    }
+
+     page->prev = (uintptr_t) &pool->free;
+     page->next = pool->free.next;
+ 
+diff --git a/src/core/ngx_slab.h b/src/core/ngx_slab.h
+index c5e420b..287ac79 100644
+--- a/src/core/ngx_slab.h
+++ b/src/core/ngx_slab.h
+@@ -19,6 +19,8 @@ struct ngx_slab_page_s {
+     uintptr_t         slab;
+     ngx_slab_page_t  *next;
+     uintptr_t         prev;
+    uintptr_t         prev_slab;
+                         /* number of pages for the previous adjacent block */
+ };
+ 
+ 
+@@ -31,6 +33,8 @@ typedef struct {
+     ngx_slab_page_t  *pages;
+     ngx_slab_page_t   free;
+ 
+    ngx_uint_t        npages;
+
+     u_char           *start;
+     u_char           *end;
+ 
--- a/patches/nginx-1.11.2-ssl_cert_cb_yield.patch
+++ b/patches/nginx-1.11.2-ssl_cert_cb_yield.patch
@ -0,0 +1,42 @@
+# HG changeset patch
+# User Yichun Zhang <agentzh@openresty.org>
+# Date 1451762084 28800
+#      Sat Jan 02 11:14:44 2016 -0800
+# Node ID 449f0461859c16e95bdb18e8be6b94401545d3dd
+# Parent  78b4e10b4367b31367aad3c83c9c3acdd42397c4
+SSL: handled SSL_CTX_set_cert_cb() callback yielding.
+
+OpenSSL 1.0.2+ introduces SSL_CTX_set_cert_cb() to allow custom
+callbacks to serve the SSL certificiates and private keys dynamically
+and lazily. The callbacks may yield for nonblocking I/O or sleeping.
+Here we added support for such usage in NGINX 3rd-party modules
+(like ngx_lua) in NGINX's event handlers for downstream SSL
+connections.
+
+diff -r 78b4e10b4367 -r 449f0461859c src/event/ngx_event_openssl.c
+--- a/src/event/ngx_event_openssl.c	Thu Dec 17 16:39:15 2015 +0300
+++ b/src/event/ngx_event_openssl.c	Sat Jan 02 11:14:44 2016 -0800
+@@ -1210,6 +1210,23 @@
+         return NGX_AGAIN;
+     }
+ 
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L
+    if (sslerr == SSL_ERROR_WANT_X509_LOOKUP) {
+        c->read->handler = ngx_ssl_handshake_handler;
+        c->write->handler = ngx_ssl_handshake_handler;
+
+        if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
+            return NGX_ERROR;
+        }
+
+        if (ngx_handle_write_event(c->write, 0) != NGX_OK) {
+            return NGX_ERROR;
+        }
+
+        return NGX_AGAIN;
+    }
+#endif
+
+     err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0;
+ 
+     c->ssl->no_wait_shutdown = 1;
--- a/patches/nginx-1.11.2-ssl_pending_session.patch
+++ b/patches/nginx-1.11.2-ssl_pending_session.patch
@ -0,0 +1,16 @@
+--- nginx-1.11.2/src/event/ngx_event_openssl.c	2016-07-17 19:20:30.411137606 -0700
+++ nginx-1.11.2-patched/src/event/ngx_event_openssl.c	2016-07-19 16:53:35.539768477 -0700
+@@ -1307,7 +1307,12 @@ ngx_ssl_handshake(ngx_connection_t *c)
+     }
+ 
+ #if OPENSSL_VERSION_NUMBER >= 0x10002000L
+-    if (sslerr == SSL_ERROR_WANT_X509_LOOKUP) {
+    if (sslerr == SSL_ERROR_WANT_X509_LOOKUP
+#   ifdef SSL_ERROR_PENDING_SESSION
+        || sslerr == SSL_ERROR_PENDING_SESSION
+#   endif
+       )
+    {
+         c->read->handler = ngx_ssl_handshake_handler;
+         c->write->handler = ngx_ssl_handshake_handler;
+ 
--- a/patches/nginx-1.11.2-upstream_pipelining.patch
+++ b/patches/nginx-1.11.2-upstream_pipelining.patch
@ -0,0 +1,23 @@
+commit f9907b72a76a21ac5413187b83177a919475c75f
+Author: Yichun Zhang (agentzh) <agentzh@gmail.com>
+Date:   Wed Feb 10 16:05:08 2016 -0800
+
+    bugfix: upstream: keep sending request data after the first write attempt.
+    
+    See
+    http://mailman.nginx.org/pipermail/nginx-devel/2012-March/002040.html
+    for more details on the issue.
+
+diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c
+index dbaa956..a25aaa2 100644
+--- a/src/http/ngx_http_upstream.c
+++ b/src/http/ngx_http_upstream.c
+@@ -2003,7 +2003,7 @@ ngx_http_upstream_send_request_handler(ngx_http_request_t *r,
+ 
+ #endif
+ 
+-    if (u->header_sent) {
+    if (u->request_body_sent) {
+         u->write_event_handler = ngx_http_upstream_dummy_handler;
+ 
+         (void) ngx_handle_write_event(c->write, 0);
--- a/patches/nginx-1.11.2-upstream_timeout_fields.patch
+++ b/patches/nginx-1.11.2-upstream_timeout_fields.patch
@ -0,0 +1,120 @@
+diff -r 13070ecfda67 src/http/ngx_http_upstream.c
+--- a/src/http/ngx_http_upstream.c	Tue Apr 19 19:02:37 2016 +0300
+++ b/src/http/ngx_http_upstream.c	Fri Jul 01 12:14:53 2016 -0700
+@@ -481,12 +481,19 @@ void
+ ngx_http_upstream_init(ngx_http_request_t *r)
+ {
+     ngx_connection_t     *c;
+    ngx_http_upstream_t  *u;
+ 
+     c = r->connection;
+ 
+     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0,
+                    "http init upstream, client timer: %d", c->read->timer_set);
+ 
+    u = r->upstream;
+
+    u->connect_timeout = u->conf->connect_timeout;
+    u->send_timeout = u->conf->send_timeout;
+    u->read_timeout = u->conf->read_timeout;
+
+ #if (NGX_HTTP_V2)
+     if (r->stream) {
+         ngx_http_upstream_init_request(r);
+@@ -1451,7 +1458,7 @@ ngx_http_upstream_connect(ngx_http_reque
+     u->request_body_sent = 0;
+ 
+     if (rc == NGX_AGAIN) {
+-        ngx_add_timer(c->write, u->conf->connect_timeout);
+        ngx_add_timer(c->write, u->connect_timeout);
+         return;
+     }
+ 
+@@ -1540,7 +1547,7 @@ ngx_http_upstream_ssl_init_connection(ng
+     if (rc == NGX_AGAIN) {
+ 
+         if (!c->write->timer_set) {
+-            ngx_add_timer(c->write, u->conf->connect_timeout);
+            ngx_add_timer(c->write, u->connect_timeout);
+         }
+ 
+         c->ssl->handler = ngx_http_upstream_ssl_handshake;
+@@ -1816,7 +1823,7 @@ ngx_http_upstream_send_request(ngx_http_
+ 
+     if (rc == NGX_AGAIN) {
+         if (!c->write->ready) {
+-            ngx_add_timer(c->write, u->conf->send_timeout);
+            ngx_add_timer(c->write, u->send_timeout);
+ 
+         } else if (c->write->timer_set) {
+             ngx_del_timer(c->write);
+@@ -1859,7 +1866,7 @@ ngx_http_upstream_send_request(ngx_http_
+         return;
+     }
+ 
+-    ngx_add_timer(c->read, u->conf->read_timeout);
+    ngx_add_timer(c->read, u->read_timeout);
+ 
+     if (c->read->ready) {
+         ngx_http_upstream_process_header(r, u);
+@@ -2658,7 +2665,7 @@ ngx_http_upstream_process_body_in_memory
+     }
+ 
+     if (rev->active) {
+-        ngx_add_timer(rev, u->conf->read_timeout);
+        ngx_add_timer(rev, u->read_timeout);
+ 
+     } else if (rev->timer_set) {
+         ngx_del_timer(rev);
+@@ -2982,7 +2989,7 @@ ngx_http_upstream_send_response(ngx_http
+         p->cyclic_temp_file = 0;
+     }
+ 
+-    p->read_timeout = u->conf->read_timeout;
+    p->read_timeout = u->read_timeout;
+     p->send_timeout = clcf->send_timeout;
+     p->send_lowat = clcf->send_lowat;
+ 
+@@ -3239,7 +3246,7 @@ ngx_http_upstream_process_upgraded(ngx_h
+     }
+ 
+     if (upstream->write->active && !upstream->write->ready) {
+-        ngx_add_timer(upstream->write, u->conf->send_timeout);
+        ngx_add_timer(upstream->write, u->send_timeout);
+ 
+     } else if (upstream->write->timer_set) {
+         ngx_del_timer(upstream->write);
+@@ -3251,7 +3258,7 @@ ngx_http_upstream_process_upgraded(ngx_h
+     }
+ 
+     if (upstream->read->active && !upstream->read->ready) {
+-        ngx_add_timer(upstream->read, u->conf->read_timeout);
+        ngx_add_timer(upstream->read, u->read_timeout);
+ 
+     } else if (upstream->read->timer_set) {
+         ngx_del_timer(upstream->read);
+@@ -3444,7 +3451,7 @@ ngx_http_upstream_process_non_buffered_r
+     }
+ 
+     if (upstream->read->active && !upstream->read->ready) {
+-        ngx_add_timer(upstream->read, u->conf->read_timeout);
+        ngx_add_timer(upstream->read, u->read_timeout);
+ 
+     } else if (upstream->read->timer_set) {
+         ngx_del_timer(upstream->read);
+diff -r 13070ecfda67 src/http/ngx_http_upstream.h
+--- a/src/http/ngx_http_upstream.h	Tue Apr 19 19:02:37 2016 +0300
+++ b/src/http/ngx_http_upstream.h	Fri Jul 01 12:14:53 2016 -0700
+@@ -309,6 +309,12 @@ struct ngx_http_upstream_s {
+     ngx_chain_writer_ctx_t           writer;
+ 
+     ngx_http_upstream_conf_t        *conf;
+
+#define HAVE_NGX_UPSTREAM_TIMEOUT_FIELDS  1
+    ngx_msec_t                       connect_timeout;
+    ngx_msec_t                       send_timeout;
+    ngx_msec_t                       read_timeout;
+
+ #if (NGX_HTTP_CACHE)
+     ngx_array_t                     *caches;
+ #endif
--- a/patches/nginx-1.13.3-always_enable_cc_feature_tests.patch
+++ b/patches/nginx-1.13.3-always_enable_cc_feature_tests.patch
@ -0,0 +1,11 @@
+--- nginx-1.13.3/auto/cc/conf	2015-10-30 22:47:50.000000000 +0800
+++ nginx-1.13.3-patched/auto/cc/conf	2015-11-02 12:23:05.385156987 +0800
+@@ -136,7 +136,7 @@ fi
+ CFLAGS="$CFLAGS $NGX_CC_OPT"
+ NGX_TEST_LD_OPT="$NGX_LD_OPT"
+ 
+-if [ "$NGX_PLATFORM" != win32 ]; then
+if [ 1 ]; then
+ 
+     if test -n "$NGX_LD_OPT"; then
+         ngx_feature=--with-ld-opt=\"$NGX_LD_OPT\"
--- a/patches/nginx-1.13.3-balancer_status_code.patch
+++ b/patches/nginx-1.13.3-balancer_status_code.patch
@ -0,0 +1,27 @@
+diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c
+index 0f6b3ae..56d44fc 100644
+--- a/src/http/ngx_http_upstream.c
+++ b/src/http/ngx_http_upstream.c
+@@ -1368,6 +1368,11 @@ ngx_http_upstream_connect(ngx_http_request_t *r, ngx_http_upstream_t *u)
+         return;
+     }
+ 
+    if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
+        ngx_http_upstream_finalize_request(r, u, rc);
+        return;
+    }
+
+     u->state->peer = u->peer.name;
+ 
+     if (rc == NGX_BUSY) {
+diff --git a/src/http/ngx_http_upstream.h b/src/http/ngx_http_upstream.h
+index b288f28..9b60e12 100644
+--- a/src/http/ngx_http_upstream.h
+++ b/src/http/ngx_http_upstream.h
+@@ -418,5 +418,6 @@ extern ngx_module_t        ngx_http_upstream_module;
+ extern ngx_conf_bitmask_t  ngx_http_upstream_cache_method_mask[];
+ extern ngx_conf_bitmask_t  ngx_http_upstream_ignore_headers_masks[];
+ 
+#define HAVE_BALANCER_STATUS_CODE_PATCH
+ 
+ #endif /* _NGX_HTTP_UPSTREAM_H_INCLUDED_ */
--- a/patches/nginx-1.13.3-builtin_error_page_footer.patch
+++ b/patches/nginx-1.13.3-builtin_error_page_footer.patch
@ -0,0 +1,13 @@
+diff --git a/src/http/ngx_http_special_response.c b/src/http/ngx_http_special_response.c
+index 64e5acd..f5374f6 100644
+--- a/src/http/ngx_http_special_response.c
+++ b/src/http/ngx_http_special_response.c
+@@ -26,7 +26,7 @@ static u_char ngx_http_error_full_tail[] =
+ 
+ 
+ static u_char ngx_http_error_tail[] =
+-"<hr><center>nginx</center>" CRLF
+"<hr><center>openresty</center>" CRLF
+ "</body>" CRLF
+ "</html>" CRLF
+ ;
--- a/patches/nginx-1.13.3-cache_manager_exit.patch
+++ b/patches/nginx-1.13.3-cache_manager_exit.patch
@ -0,0 +1,19 @@
+# HG changeset patch
+# User Yichun Zhang <agentzh@gmail.com>
+# Date 1383598130 28800
+# Node ID f64218e1ac963337d84092536f588b8e0d99bbaa
+# Parent  dea321e5c0216efccbb23e84bbce7cf3e28f130c
+Cache: gracefully exit the cache manager process.
+
+diff -r dea321e5c021 -r f64218e1ac96 src/os/unix/ngx_process_cycle.c
+--- a/src/os/unix/ngx_process_cycle.c	Thu Oct 31 18:23:49 2013 +0400
+++ b/src/os/unix/ngx_process_cycle.c	Mon Nov 04 12:48:50 2013 -0800
+@@ -1335,7 +1335,7 @@
+ 
+         if (ngx_terminate || ngx_quit) {
+             ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "exiting");
+-            exit(0);
+            ngx_worker_process_exit(cycle);
+         }
+ 
+         if (ngx_reopen) {
--- a/patches/nginx-1.13.3-delayed_posted_events.patch
+++ b/patches/nginx-1.13.3-delayed_posted_events.patch
@ -0,0 +1,98 @@
+diff --git a/src/event/ngx_event.c b/src/event/ngx_event.c
+index 57af8132..4853945f 100644
+--- a/src/event/ngx_event.c
+++ b/src/event/ngx_event.c
+@@ -196,6 +196,9 @@ ngx_process_events_and_timers(ngx_cycle_t *cycle)
+     ngx_uint_t  flags;
+     ngx_msec_t  timer, delta;
+ 
+    ngx_queue_t     *q;
+    ngx_event_t     *ev;
+
+     if (ngx_timer_resolution) {
+         timer = NGX_TIMER_INFINITE;
+         flags = 0;
+@@ -215,6 +218,13 @@ ngx_process_events_and_timers(ngx_cycle_t *cycle)
+ #endif
+     }
+ 
+    if (!ngx_queue_empty(&ngx_posted_delayed_events)) {
+        ngx_log_debug0(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
+                       "posted delayed event queue not empty"
+                       " making poll timeout 0");
+        timer = 0;
+    }
+
+     if (ngx_use_accept_mutex) {
+         if (ngx_accept_disabled > 0) {
+             ngx_accept_disabled--;
+@@ -257,6 +267,35 @@ ngx_process_events_and_timers(ngx_cycle_t *cycle)
+     }
+ 
+     ngx_event_process_posted(cycle, &ngx_posted_events);
+
+    while (!ngx_queue_empty(&ngx_posted_delayed_events)) {
+        q = ngx_queue_head(&ngx_posted_delayed_events);
+
+        ev = ngx_queue_data(q, ngx_event_t, queue);
+        if (ev->delayed) {
+            /* start of newly inserted nodes */
+            for (/* void */;
+                 q != ngx_queue_sentinel(&ngx_posted_delayed_events);
+                 q = ngx_queue_next(q))
+            {
+                ev = ngx_queue_data(q, ngx_event_t, queue);
+                ev->delayed = 0;
+
+                ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
+                               "skipping delayed posted event %p,"
+                               " till next iteration", ev);
+            }
+
+            break;
+        }
+
+        ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
+                       "delayed posted event %p", ev);
+
+        ngx_delete_posted_event(ev);
+
+        ev->handler(ev);
+    }
+ }
+ 
+ 
+@@ -600,6 +639,7 @@ ngx_event_process_init(ngx_cycle_t *cycle)
+ 
+     ngx_queue_init(&ngx_posted_accept_events);
+     ngx_queue_init(&ngx_posted_events);
+    ngx_queue_init(&ngx_posted_delayed_events);
+ 
+     if (ngx_event_timer_init(cycle->log) == NGX_ERROR) {
+         return NGX_ERROR;
+diff --git a/src/event/ngx_event_posted.c b/src/event/ngx_event_posted.c
+index d851f3d1..b6cea009 100644
+--- a/src/event/ngx_event_posted.c
+++ b/src/event/ngx_event_posted.c
+@@ -12,6 +12,7 @@
+ 
+ ngx_queue_t  ngx_posted_accept_events;
+ ngx_queue_t  ngx_posted_events;
+ngx_queue_t  ngx_posted_delayed_events;
+ 
+ 
+ void
+diff --git a/src/event/ngx_event_posted.h b/src/event/ngx_event_posted.h
+index 145d30fe..6c388553 100644
+--- a/src/event/ngx_event_posted.h
+++ b/src/event/ngx_event_posted.h
+@@ -43,6 +43,9 @@ void ngx_event_process_posted(ngx_cycle_t *cycle, ngx_queue_t *posted);
+ 
+ extern ngx_queue_t  ngx_posted_accept_events;
+ extern ngx_queue_t  ngx_posted_events;
+extern ngx_queue_t  ngx_posted_delayed_events;
+
+#define HAVE_POSTED_DELAYED_EVENTS_PATCH
+ 
+ 
+ #endif /* _NGX_EVENT_POSTED_H_INCLUDED_ */
--- a/patches/nginx-1.13.3-dtrace.patch
+++ b/patches/nginx-1.13.3-dtrace.patch
--- a/patches/nginx-1.13.3-gcc-maybe-uninitialized-warning.patch
+++ b/patches/nginx-1.13.3-gcc-maybe-uninitialized-warning.patch
@ -0,0 +1,11 @@
+--- nginx-1.13.3/src/http/ngx_http_request.c	2013-05-06 03:26:50.000000000 -0700
+++ nginx-1.13.3-patched/src/http/ngx_http_request.c	2013-06-11 12:59:48.008321688 -0700
+@@ -1951,7 +1951,7 @@
+     ngx_int_t                  rc;
+     ngx_http_connection_t     *hc;
+     ngx_http_core_loc_conf_t  *clcf;
+-    ngx_http_core_srv_conf_t  *cscf;
+    ngx_http_core_srv_conf_t  *cscf = NULL;
+ 
+     hc = r->http_connection;
+ 
--- a/patches/nginx-1.13.3-hash_overflow.patch
+++ b/patches/nginx-1.13.3-hash_overflow.patch
@ -0,0 +1,20 @@
+# HG changeset patch
+# User Yichun Zhang <agentzh@gmail.com>
+# Date 1412276417 25200
+#      Thu Oct 02 12:00:17 2014 -0700
+# Node ID 4032b992f23b054c1a2cfb0be879330d2c6708e5
+# Parent  1ff0f68d9376e3d184d65814a6372856bf65cfcd
+Hash: buffer overflow might happen when exceeding the pre-configured limits.
+
+diff -r 1ff0f68d9376 -r 4032b992f23b src/core/ngx_hash.c
+--- a/src/core/ngx_hash.c	Tue Sep 30 15:50:28 2014 -0700
+++ b/src/core/ngx_hash.c	Thu Oct 02 12:00:17 2014 -0700
+@@ -312,6 +312,8 @@ ngx_hash_init(ngx_hash_init_t *hinit, ng
+         continue;
+     }
+ 
+    size--;
+
+     ngx_log_error(NGX_LOG_WARN, hinit->pool->log, 0,
+                   "could not build optimal %s, you should increase "
+                   "either %s_max_size: %i or %s_bucket_size: %i; "
--- a/patches/nginx-1.13.3-intercept_error_log.patch
+++ b/patches/nginx-1.13.3-intercept_error_log.patch
@ -0,0 +1,60 @@
+diff --git a/src/core/ngx_cycle.h b/src/core/ngx_cycle.h
+index c51b7ff..4c335b9 100644
+--- a/src/core/ngx_cycle.h
+++ b/src/core/ngx_cycle.h
+@@ -22,9 +22,14 @@
+ #define NGX_DEBUG_POINTS_ABORT  2
+ 
+ 
+#define HAVE_INTERCEPT_ERROR_LOG_PATCH
+
+
+ typedef struct ngx_shm_zone_s  ngx_shm_zone_t;
+ 
+ typedef ngx_int_t (*ngx_shm_zone_init_pt) (ngx_shm_zone_t *zone, void *data);
+typedef ngx_int_t (*ngx_log_intercept_pt) (ngx_log_t *log, ngx_uint_t level,
+    u_char *buf, size_t len);
+ 
+ struct ngx_shm_zone_s {
+     void                     *data;
+@@ -75,6 +80,10 @@ struct ngx_cycle_s {
+     ngx_str_t                 prefix;
+     ngx_str_t                 lock_file;
+     ngx_str_t                 hostname;
+
+    ngx_log_intercept_pt      intercept_error_log_handler;
+    void                     *intercept_error_log_data;
+    unsigned                  entered_logger;    /* :1 */
+ };
+ 
+ 
+diff --git a/src/core/ngx_log.c b/src/core/ngx_log.c
+index 8e9408d..ed9b11b 100644
+--- a/src/core/ngx_log.c
+++ b/src/core/ngx_log.c
+@@ -112,6 +112,8 @@ ngx_log_error_core(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
+     ngx_uint_t   wrote_stderr, debug_connection;
+     u_char       errstr[NGX_MAX_ERROR_STR];
+ 
+    ngx_log_intercept_pt    log_intercept = NULL;
+
+     last = errstr + NGX_MAX_ERROR_STR;
+ 
+     p = ngx_cpymem(errstr, ngx_cached_err_log_time.data,
+@@ -153,6 +155,16 @@ ngx_log_error_core(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
+         p = last - NGX_LINEFEED_SIZE;
+     }
+ 
+    if (ngx_cycle) {
+        log_intercept = ngx_cycle->intercept_error_log_handler;
+    }
+
+    if (log_intercept && !ngx_cycle->entered_logger) {
+        ngx_cycle->entered_logger = 1;
+        log_intercept(log, level, errstr, p - errstr);
+        ngx_cycle->entered_logger = 0;
+    }
+
+     ngx_linefeed(p);
+ 
+     wrote_stderr = 0;
--- a/patches/nginx-1.13.3-larger_max_error_str.patch
+++ b/patches/nginx-1.13.3-larger_max_error_str.patch
@ -0,0 +1,13 @@
+--- nginx-1.13.3/src/core/ngx_log.h	2013-10-08 05:07:14.000000000 -0700
+++ nginx-1.13.3-patched/src/core/ngx_log.h	2013-12-05 20:35:35.996236720 -0800
+@@ -64,7 +64,9 @@ struct ngx_log_s {
+ };
+ 
+ 
+-#define NGX_MAX_ERROR_STR   2048
+#ifndef NGX_MAX_ERROR_STR
+#define NGX_MAX_ERROR_STR   4096
+#endif
+ 
+ 
+ /*********************************/
--- a/patches/nginx-1.13.3-log_escape_non_ascii.patch
+++ b/patches/nginx-1.13.3-log_escape_non_ascii.patch
@ -0,0 +1,117 @@
+diff --git a/src/http/modules/ngx_http_log_module.c b/src/http/modules/ngx_http_log_module.c
+index 917ed55f..b769dfd3 100644
+--- a/src/http/modules/ngx_http_log_module.c
+++ b/src/http/modules/ngx_http_log_module.c
+@@ -79,6 +79,8 @@ typedef struct {
+     time_t                      open_file_cache_valid;
+     ngx_uint_t                  open_file_cache_min_uses;
+ 
+    ngx_flag_t                  escape_non_ascii;
+
+     ngx_uint_t                  off;        /* unsigned  off:1 */
+ } ngx_http_log_loc_conf_t;
+ 
+@@ -131,7 +133,8 @@ static size_t ngx_http_log_variable_getlen(ngx_http_request_t *r,
+     uintptr_t data);
+ static u_char *ngx_http_log_variable(ngx_http_request_t *r, u_char *buf,
+     ngx_http_log_op_t *op);
+-static uintptr_t ngx_http_log_escape(u_char *dst, u_char *src, size_t size);
+static uintptr_t ngx_http_log_escape(ngx_http_log_loc_conf_t *lcf, u_char *dst,
+    u_char *src, size_t size);
+ static size_t ngx_http_log_json_variable_getlen(ngx_http_request_t *r,
+     uintptr_t data);
+ static u_char *ngx_http_log_json_variable(ngx_http_request_t *r, u_char *buf,
+@@ -177,6 +180,13 @@ static ngx_command_t  ngx_http_log_commands[] = {
+       0,
+       NULL },
+ 
+    { ngx_string("log_escape_non_ascii"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_flag_slot,
+      NGX_HTTP_LOC_CONF_OFFSET,
+      offsetof(ngx_http_log_loc_conf_t, escape_non_ascii),
+      NULL },
+
+       ngx_null_command
+ };
+ 
+@@ -935,6 +945,7 @@ static size_t
+ ngx_http_log_variable_getlen(ngx_http_request_t *r, uintptr_t data)
+ {
+     uintptr_t                   len;
+    ngx_http_log_loc_conf_t    *lcf;
+     ngx_http_variable_value_t  *value;
+ 
+     value = ngx_http_get_indexed_variable(r, data);
+@@ -943,7 +954,9 @@ ngx_http_log_variable_getlen(ngx_http_request_t *r, uintptr_t data)
+         return 1;
+     }
+ 
+-    len = ngx_http_log_escape(NULL, value->data, value->len);
+    lcf = ngx_http_get_module_loc_conf(r, ngx_http_log_module);
+
+    len = ngx_http_log_escape(lcf, NULL, value->data, value->len);
+ 
+     value->escape = len ? 1 : 0;
+ 
+@@ -954,6 +967,7 @@ ngx_http_log_variable_getlen(ngx_http_request_t *r, uintptr_t data)
+ static u_char *
+ ngx_http_log_variable(ngx_http_request_t *r, u_char *buf, ngx_http_log_op_t *op)
+ {
+    ngx_http_log_loc_conf_t    *lcf;
+     ngx_http_variable_value_t  *value;
+ 
+     value = ngx_http_get_indexed_variable(r, op->data);
+@@ -967,16 +981,18 @@ ngx_http_log_variable(ngx_http_request_t *r, u_char *buf, ngx_http_log_op_t *op)
+         return ngx_cpymem(buf, value->data, value->len);
+ 
+     } else {
+-        return (u_char *) ngx_http_log_escape(buf, value->data, value->len);
+        lcf = ngx_http_get_module_loc_conf(r, ngx_http_log_module);
+        return (u_char *) ngx_http_log_escape(lcf, buf, value->data, value->len);
+     }
+ }
+ 
+ 
+ static uintptr_t
+-ngx_http_log_escape(u_char *dst, u_char *src, size_t size)
+ngx_http_log_escape(ngx_http_log_loc_conf_t *lcf, u_char *dst, u_char *src,
+    size_t size)
+ {
+-    ngx_uint_t      n;
+-    static u_char   hex[] = "0123456789ABCDEF";
+    ngx_uint_t                   n;
+    static u_char                hex[] = "0123456789ABCDEF";
+ 
+     static uint32_t   escape[] = {
+         0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
+@@ -996,6 +1012,12 @@ ngx_http_log_escape(u_char *dst, u_char *src, size_t size)
+         0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
+     };
+ 
+    if (lcf->escape_non_ascii) {
+        ngx_memset(&escape[4], 0xff, sizeof(uint32_t) * 4);
+
+    } else {
+        ngx_memzero(&escape[4], sizeof(uint32_t) * 4);
+    }
+ 
+     if (dst == NULL) {
+ 
+@@ -1120,6 +1142,7 @@ ngx_http_log_create_loc_conf(ngx_conf_t *cf)
+     }
+ 
+     conf->open_file_cache = NGX_CONF_UNSET_PTR;
+    conf->escape_non_ascii = NGX_CONF_UNSET;
+ 
+     return conf;
+ }
+@@ -1135,6 +1158,8 @@ ngx_http_log_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
+     ngx_http_log_fmt_t        *fmt;
+     ngx_http_log_main_conf_t  *lmcf;
+ 
+    ngx_conf_merge_value(conf->escape_non_ascii, prev->escape_non_ascii, 1);
+
+     if (conf->open_file_cache == NGX_CONF_UNSET_PTR) {
+ 
+         conf->open_file_cache = prev->open_file_cache;
--- a/patches/nginx-1.13.3-no_Werror.patch
+++ b/patches/nginx-1.13.3-no_Werror.patch
@ -0,0 +1,36 @@
+diff -urp nginx-1.13.3/auto/cc/clang nginx-1.13.3-patched/auto/cc/clang
+--- nginx-1.13.3/auto/cc/clang	2014-03-04 03:39:24.000000000 -0800
+++ nginx-1.13.3-patched/auto/cc/clang	2014-03-13 20:54:26.241413360 -0700
+@@ -89,7 +89,7 @@ CFLAGS="$CFLAGS -Wconditional-uninitiali
+ CFLAGS="$CFLAGS -Wno-unused-parameter"
+ 
+ # stop on warning
+-CFLAGS="$CFLAGS -Werror"
+#CFLAGS="$CFLAGS -Werror"
+ 
+ # debug
+ CFLAGS="$CFLAGS -g"
+diff -urp nginx-1.13.3/auto/cc/gcc nginx-1.13.3-patched/auto/cc/gcc
+--- nginx-1.13.3/auto/cc/gcc	2014-03-04 03:39:24.000000000 -0800
+++ nginx-1.13.3-patched/auto/cc/gcc	2014-03-13 20:54:13.301355329 -0700
+@@ -168,7 +168,7 @@ esac
+ 
+ 
+ # stop on warning
+-CFLAGS="$CFLAGS -Werror"
+#CFLAGS="$CFLAGS -Werror"
+ 
+ # debug
+ CFLAGS="$CFLAGS -g"
+diff -urp nginx-1.13.3/auto/cc/icc nginx-1.13.3-patched/auto/cc/icc
+--- nginx-1.13.3/auto/cc/icc	2014-03-04 03:39:24.000000000 -0800
+++ nginx-1.13.3-patched/auto/cc/icc	2014-03-13 20:54:13.301355329 -0700
+@@ -115,7 +115,7 @@ case "$NGX_ICC_VER" in
+ esac
+ 
+ # stop on warning
+-CFLAGS="$CFLAGS -Werror"
+#CFLAGS="$CFLAGS -Werror"
+ 
+ # debug
+ CFLAGS="$CFLAGS -g"
--- a/patches/nginx-1.13.3-no_error_pages.patch
+++ b/patches/nginx-1.13.3-no_error_pages.patch
@ -0,0 +1,90 @@
+--- nginx-1.13.3/src/http/ngx_http_core_module.c	2010-12-14 18:38:42.000000000 +0800
+++ nginx-1.13.3-patched/src/http/ngx_http_core_module.c	2011-01-30 19:24:34.956354518 +0800
+@@ -57,6 +57,8 @@
+     void *conf);
+ static char *ngx_http_core_error_page(ngx_conf_t *cf, ngx_command_t *cmd,
+     void *conf);
+static char *ngx_http_core_no_error_pages(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf);
+ static char *ngx_http_core_try_files(ngx_conf_t *cf, ngx_command_t *cmd,
+     void *conf);
+ static char *ngx_http_core_open_file_cache(ngx_conf_t *cf, ngx_command_t *cmd,
+@@ -614,6 +616,14 @@
+       0,
+       NULL },
+ 
+    { ngx_string("no_error_pages"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF
+                        |NGX_CONF_NOARGS,
+      ngx_http_core_no_error_pages,
+      NGX_HTTP_LOC_CONF_OFFSET,
+      0,
+      NULL },
+
+     { ngx_string("try_files"),
+       NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_2MORE,
+       ngx_http_core_try_files,
+@@ -3052,7 +3062,6 @@
+      *     clcf->types = NULL;
+      *     clcf->default_type = { 0, NULL };
+      *     clcf->error_log = NULL;
+-     *     clcf->error_pages = NULL;
+      *     clcf->try_files = NULL;
+      *     clcf->client_body_path = NULL;
+      *     clcf->regex = NULL;
+@@ -3062,6 +3071,7 @@
+      *     clcf->gzip_proxied = 0;
+      */
+ 
+    clcf->error_pages = NGX_CONF_UNSET_PTR;
+     clcf->client_max_body_size = NGX_CONF_UNSET;
+     clcf->client_body_buffer_size = NGX_CONF_UNSET_SIZE;
+     clcf->client_body_timeout = NGX_CONF_UNSET_MSEC;
+@@ -3250,9 +3260,7 @@
+         }
+     }
+ 
+-    if (conf->error_pages == NULL && prev->error_pages) {
+-        conf->error_pages = prev->error_pages;
+-    }
+    ngx_conf_merge_ptr_value(conf->error_pages, prev->error_pages, NULL);
+ 
+     ngx_conf_merge_str_value(conf->default_type,
+                               prev->default_type, "text/plain");
+@@ -3988,6 +3996,10 @@
+     ngx_http_compile_complex_value_t   ccv;
+ 
+     if (clcf->error_pages == NULL) {
+        return "conflicts with \"no_error_pages\"";
+    }
+
+    if (clcf->error_pages == NGX_CONF_UNSET_PTR) {
+         clcf->error_pages = ngx_array_create(cf->pool, 4,
+                                              sizeof(ngx_http_err_page_t));
+         if (clcf->error_pages == NULL) {
+@@ -4095,6 +4107,25 @@
+ 
+ 
+ static char *
+ngx_http_core_no_error_pages(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+    ngx_http_core_loc_conf_t *clcf = conf;
+
+    if (clcf->error_pages == NULL) {
+        return "is duplicate";
+    }
+
+    if (clcf->error_pages != NGX_CONF_UNSET_PTR) {
+        return "conflicts with \"error_page\"";
+    }
+
+    clcf->error_pages = NULL;
+
+    return NGX_CONF_OK;
+}
+
+
+static char *
+ ngx_http_core_try_files(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+ {
+     ngx_http_core_loc_conf_t *clcf = conf;
--- a/patches/nginx-1.13.3-no_pool.patch
+++ b/patches/nginx-1.13.3-no_pool.patch
@ -0,0 +1,587 @@
+diff --minimal '--exclude=*.swp' '--exclude=*~' -up nginx-1.13.3/src/core/nginx.h nginx-1.13.3-patched/src/core/nginx.h
+--- nginx-1.13.3/src/core/nginx.h	2016-04-19 09:02:38.000000000 -0700
+++ nginx-1.13.3-patched/src/core/nginx.h	2016-04-21 16:25:07.452944624 -0700
+@@ -10,7 +10,7 @@
+ 
+ 
+ #define nginx_version      1013003
+ #define NGINX_VERSION      "1.13.3"
+-#define NGINX_VER          "openresty/" NGINX_VERSION ".unknown"
+#define NGINX_VER          "openresty/" NGINX_VERSION ".unknown (no pool)"
+ 
+ #ifdef NGX_BUILD
+diff --minimal '--exclude=*.swp' '--exclude=*~' -up nginx-1.13.3/src/core/ngx_array.c nginx-1.13.3-patched/src/core/ngx_array.c
+--- nginx-1.13.3/src/core/ngx_array.c	2016-04-19 09:02:38.000000000 -0700
+++ nginx-1.13.3-patched/src/core/ngx_array.c	2016-04-21 16:25:07.453947190 -0700
+@@ -30,26 +30,30 @@ ngx_array_create(ngx_pool_t *p, ngx_uint
+ void
+ ngx_array_destroy(ngx_array_t *a)
+ {
+-    ngx_pool_t  *p;
+    ngx_pool_t          *p;
+    ngx_array_link_t    *link;
+ 
+     p = a->pool;
+ 
+-    if ((u_char *) a->elts + a->size * a->nalloc == p->d.last) {
+-        p->d.last -= a->size * a->nalloc;
+    if (a->elts) {
+        ngx_pfree(p, a->elts);
+     }
+ 
+-    if ((u_char *) a + sizeof(ngx_array_t) == p->d.last) {
+-        p->d.last = (u_char *) a;
+    for (link = a->old_elts; link; link = link->next) {
+        ngx_pfree(p, link->elts);
+     }
+
+    ngx_pfree(p, a);
+ }
+ 
+ 
+ void *
+ ngx_array_push(ngx_array_t *a)
+ {
+-    void        *elt, *new;
+-    size_t       size;
+-    ngx_pool_t  *p;
+    void                *elt, *new;
+    size_t               size;
+    ngx_pool_t          *p;
+    ngx_array_link_t    *link;
+ 
+     if (a->nelts == a->nalloc) {
+ 
+@@ -59,29 +63,27 @@ ngx_array_push(ngx_array_t *a)
+ 
+         p = a->pool;
+ 
+-        if ((u_char *) a->elts + size == p->d.last
+-            && p->d.last + a->size <= p->d.end)
+-        {
+-            /*
+-             * the array allocation is the last in the pool
+-             * and there is space for new allocation
+-             */
+-
+-            p->d.last += a->size;
+-            a->nalloc++;
+        /* allocate a new array */
+ 
+-        } else {
+-            /* allocate a new array */
+        new = ngx_palloc(p, 2 * size);
+        if (new == NULL) {
+            return NULL;
+        }
+ 
+-            new = ngx_palloc(p, 2 * size);
+-            if (new == NULL) {
+-                return NULL;
+-            }
+        ngx_memcpy(new, a->elts, size);
+ 
+-            ngx_memcpy(new, a->elts, size);
+-            a->elts = new;
+-            a->nalloc *= 2;
+        link = ngx_palloc(p, sizeof(ngx_array_link_t));
+        if (link == NULL) {
+            ngx_pfree(p, new);
+            return NULL;
+         }
+
+        link->next = a->old_elts;
+        link->elts = a->elts;
+        a->old_elts = link;
+
+        a->elts = new;
+        a->nalloc *= 2;
+     }
+ 
+     elt = (u_char *) a->elts + a->size * a->nelts;
+@@ -95,11 +97,10 @@ void *
+ ngx_array_push_n(ngx_array_t *a, ngx_uint_t n)
+ {
+     void        *elt, *new;
+-    size_t       size;
+     ngx_uint_t   nalloc;
+     ngx_pool_t  *p;
+ 
+-    size = n * a->size;
+    ngx_array_link_t    *link;
+ 
+     if (a->nelts + n > a->nalloc) {
+ 
+@@ -107,31 +108,27 @@ ngx_array_push_n(ngx_array_t *a, ngx_uin
+ 
+         p = a->pool;
+ 
+-        if ((u_char *) a->elts + a->size * a->nalloc == p->d.last
+-            && p->d.last + size <= p->d.end)
+-        {
+-            /*
+-             * the array allocation is the last in the pool
+-             * and there is space for new allocation
+-             */
+        nalloc = 2 * ((n >= a->nalloc) ? n : a->nalloc);
+ 
+-            p->d.last += size;
+-            a->nalloc += n;
+        new = ngx_palloc(p, nalloc * a->size);
+        if (new == NULL) {
+            return NULL;
+        }
+ 
+-        } else {
+-            /* allocate a new array */
+        ngx_memcpy(new, a->elts, a->nelts * a->size);
+ 
+-            nalloc = 2 * ((n >= a->nalloc) ? n : a->nalloc);
+        link = ngx_palloc(p, sizeof(ngx_array_link_t));
+        if (link == NULL) {
+            ngx_pfree(p, new);
+            return NULL;
+        }
+ 
+-            new = ngx_palloc(p, nalloc * a->size);
+-            if (new == NULL) {
+-                return NULL;
+-            }
+        link->next = a->old_elts;
+        link->elts = a->elts;
+        a->old_elts = link;
+ 
+-            ngx_memcpy(new, a->elts, a->nelts * a->size);
+-            a->elts = new;
+-            a->nalloc = nalloc;
+-        }
+        a->elts = new;
+        a->nalloc = nalloc;
+     }
+ 
+     elt = (u_char *) a->elts + a->size * a->nelts;
+diff --minimal '--exclude=*.swp' '--exclude=*~' -up nginx-1.13.3/src/core/ngx_array.h nginx-1.13.3-patched/src/core/ngx_array.h
+--- nginx-1.13.3/src/core/ngx_array.h	2016-04-19 09:02:38.000000000 -0700
+++ nginx-1.13.3-patched/src/core/ngx_array.h	2016-04-21 16:25:07.453947190 -0700
+@@ -13,12 +13,23 @@
+ #include <ngx_core.h>
+ 
+ 
+typedef struct ngx_array_link_s ngx_array_link_t;
+
+
+struct ngx_array_link_s {
+    void                    *elts;
+    ngx_array_link_t        *next;
+};
+
+
+ typedef struct {
+     void        *elts;
+     ngx_uint_t   nelts;
+     size_t       size;
+     ngx_uint_t   nalloc;
+     ngx_pool_t  *pool;
+
+    ngx_array_link_t *old_elts;
+ } ngx_array_t;
+ 
+ 
+@@ -40,6 +51,7 @@ ngx_array_init(ngx_array_t *array, ngx_p
+     array->size = size;
+     array->nalloc = n;
+     array->pool = pool;
+    array->old_elts = NULL;
+ 
+     array->elts = ngx_palloc(pool, n * size);
+     if (array->elts == NULL) {
+diff --minimal '--exclude=*.swp' '--exclude=*~' -up nginx-1.13.3/src/core/ngx_palloc.c nginx-1.13.3-patched/src/core/ngx_palloc.c
+--- nginx-1.13.3/src/core/ngx_palloc.c	2016-04-19 09:02:38.000000000 -0700
+++ nginx-1.13.3-patched/src/core/ngx_palloc.c	2016-04-21 16:25:45.912282685 -0700
+@@ -9,34 +9,26 @@
+ #include <ngx_core.h>
+ 
+ 
+-static ngx_inline void *ngx_palloc_small(ngx_pool_t *pool, size_t size,
+-    ngx_uint_t align);
+-static void *ngx_palloc_block(ngx_pool_t *pool, size_t size);
+-static void *ngx_palloc_large(ngx_pool_t *pool, size_t size);
+static void * ngx_malloc(ngx_pool_t *pool, size_t size);
+ 
+ 
+ ngx_pool_t *
+ ngx_create_pool(size_t size, ngx_log_t *log)
+ {
+-    ngx_pool_t  *p;
+    ngx_pool_t        *p;
+ 
+-    p = ngx_memalign(NGX_POOL_ALIGNMENT, size, log);
+    size = sizeof(ngx_pool_t);
+    p = ngx_alloc(size, log);
+     if (p == NULL) {
+         return NULL;
+     }
+ 
+-    p->d.last = (u_char *) p + sizeof(ngx_pool_t);
+-    p->d.end = (u_char *) p + size;
+-    p->d.next = NULL;
+-    p->d.failed = 0;
+    ngx_memzero(p, size);
+ 
+     size = size - sizeof(ngx_pool_t);
+     p->max = (size < NGX_MAX_ALLOC_FROM_POOL) ? size : NGX_MAX_ALLOC_FROM_POOL;
+ 
+     p->current = p;
+-    p->chain = NULL;
+-    p->large = NULL;
+-    p->cleanup = NULL;
+     p->log = log;
+ 
+     return p;
+@@ -46,8 +38,7 @@ ngx_create_pool(size_t size, ngx_log_t *
+ void
+ ngx_destroy_pool(ngx_pool_t *pool)
+ {
+-    ngx_pool_t          *p, *n;
+-    ngx_pool_large_t    *l;
+    ngx_pool_data_t     *d, *n;
+     ngx_pool_cleanup_t  *c;
+ 
+     for (c = pool->cleanup; c; c = c->next) {
+@@ -58,6 +49,11 @@ ngx_destroy_pool(ngx_pool_t *pool)
+         }
+     }
+ 
+    if (pool->d == NULL) {
+        ngx_free(pool);
+        return;
+    }
+
+ #if (NGX_DEBUG)
+ 
+     /*
+@@ -65,13 +61,9 @@ ngx_destroy_pool(ngx_pool_t *pool)
+      * so we cannot use this log while free()ing the pool
+      */
+ 
+-    for (l = pool->large; l; l = l->next) {
+-        ngx_log_debug1(NGX_LOG_DEBUG_ALLOC, pool->log, 0, "free: %p", l->alloc);
+-    }
+-
+-    for (p = pool, n = pool->d.next; /* void */; p = n, n = n->d.next) {
+    for (d = pool->d, n = d->next; ; d = n, n = n->next) {
+         ngx_log_debug2(NGX_LOG_DEBUG_ALLOC, pool->log, 0,
+-                       "free: %p, unused: %uz", p, p->d.end - p->d.last);
+                       "free: %p, unused: %d", d, 0);
+ 
+         if (n == NULL) {
+             break;
+@@ -80,171 +72,82 @@ ngx_destroy_pool(ngx_pool_t *pool)
+ 
+ #endif
+ 
+-    for (l = pool->large; l; l = l->next) {
+-        if (l->alloc) {
+-            ngx_free(l->alloc);
+-        }
+-    }
+-
+-    for (p = pool, n = pool->d.next; /* void */; p = n, n = n->d.next) {
+-        ngx_free(p);
+    for (d = pool->d, n = d->next; ; d = n, n = n->next) {
+        ngx_free(d->alloc);
+        ngx_free(d);
+ 
+         if (n == NULL) {
+             break;
+         }
+     }
+
+    pool->d = NULL;
+    ngx_free(pool);
+ }
+ 
+ 
+ void
+ ngx_reset_pool(ngx_pool_t *pool)
+ {
+-    ngx_pool_t        *p;
+-    ngx_pool_large_t  *l;
+    ngx_pool_data_t     *d, *n;
+    ngx_pool_data_t     *saved = NULL;
+ 
+-    for (l = pool->large; l; l = l->next) {
+-        if (l->alloc) {
+-            ngx_free(l->alloc);
+    if (pool->d) {
+        for (d = pool->d, n = d->next; ; d = n, n = n->next) {
+            if (d->alloc == pool->log) {
+                saved = d;
+                continue;
+            }
+
+            ngx_free(d->alloc);
+            ngx_free(d);
+
+            if (n == NULL) {
+                break;
+            }
+         }
+-    }
+ 
+-    for (p = pool; p; p = p->d.next) {
+-        p->d.last = (u_char *) p + sizeof(ngx_pool_t);
+-        p->d.failed = 0;
+        pool->d = saved;
+        pool->current = pool;
+        pool->chain = NULL;
+     }
+-
+-    pool->current = pool;
+-    pool->chain = NULL;
+-    pool->large = NULL;
+ }
+ 
+ 
+ void *
+ ngx_palloc(ngx_pool_t *pool, size_t size)
+ {
+-#if !(NGX_DEBUG_PALLOC)
+-    if (size <= pool->max) {
+-        return ngx_palloc_small(pool, size, 1);
+-    }
+-#endif
+-
+-    return ngx_palloc_large(pool, size);
+    return ngx_malloc(pool, size);
+ }
+ 
+ 
+ void *
+ ngx_pnalloc(ngx_pool_t *pool, size_t size)
+ {
+-#if !(NGX_DEBUG_PALLOC)
+-    if (size <= pool->max) {
+-        return ngx_palloc_small(pool, size, 0);
+-    }
+-#endif
+-
+-    return ngx_palloc_large(pool, size);
+-}
+-
+-
+-static ngx_inline void *
+-ngx_palloc_small(ngx_pool_t *pool, size_t size, ngx_uint_t align)
+-{
+-    u_char      *m;
+-    ngx_pool_t  *p;
+-
+-    p = pool->current;
+-
+-    do {
+-        m = p->d.last;
+-
+-        if (align) {
+-            m = ngx_align_ptr(m, NGX_ALIGNMENT);
+-        }
+-
+-        if ((size_t) (p->d.end - m) >= size) {
+-            p->d.last = m + size;
+-
+-            return m;
+-        }
+-
+-        p = p->d.next;
+-
+-    } while (p);
+-
+-    return ngx_palloc_block(pool, size);
+-}
+-
+-
+-static void *
+-ngx_palloc_block(ngx_pool_t *pool, size_t size)
+-{
+-    u_char      *m;
+-    size_t       psize;
+-    ngx_pool_t  *p, *new;
+-
+-    psize = (size_t) (pool->d.end - (u_char *) pool);
+-
+-    m = ngx_memalign(NGX_POOL_ALIGNMENT, psize, pool->log);
+-    if (m == NULL) {
+-        return NULL;
+-    }
+-
+-    new = (ngx_pool_t *) m;
+-
+-    new->d.end = m + psize;
+-    new->d.next = NULL;
+-    new->d.failed = 0;
+-
+-    m += sizeof(ngx_pool_data_t);
+-    m = ngx_align_ptr(m, NGX_ALIGNMENT);
+-    new->d.last = m + size;
+-
+-    for (p = pool->current; p->d.next; p = p->d.next) {
+-        if (p->d.failed++ > 4) {
+-            pool->current = p->d.next;
+-        }
+-    }
+-
+-    p->d.next = new;
+-
+-    return m;
+    return ngx_malloc(pool, size);
+ }
+ 
+ 
+ static void *
+-ngx_palloc_large(ngx_pool_t *pool, size_t size)
+ngx_malloc(ngx_pool_t *pool, size_t size)
+ {
+-    void              *p;
+-    ngx_uint_t         n;
+-    ngx_pool_large_t  *large;
+    void                *p;
+    ngx_pool_data_t     *d;
+ 
+     p = ngx_alloc(size, pool->log);
+     if (p == NULL) {
+         return NULL;
+     }
+ 
+-    n = 0;
+-
+-    for (large = pool->large; large; large = large->next) {
+-        if (large->alloc == NULL) {
+-            large->alloc = p;
+-            return p;
+-        }
+-
+-        if (n++ > 3) {
+-            break;
+-        }
+-    }
+-
+-    large = ngx_palloc_small(pool, sizeof(ngx_pool_large_t), 1);
+-    if (large == NULL) {
+    d = ngx_alloc(sizeof(ngx_pool_data_t), pool->log);
+    if (d == NULL){
+         ngx_free(p);
+         return NULL;
+     }
+ 
+-    large->alloc = p;
+-    large->next = pool->large;
+-    pool->large = large;
+-
+    d->alloc = p;
+    d->next = pool->d;
+    pool->d = d;
+     return p;
+ }
+ 
+@@ -253,38 +156,48 @@ void *
+ ngx_pmemalign(ngx_pool_t *pool, size_t size, size_t alignment)
+ {
+     void              *p;
+-    ngx_pool_large_t  *large;
+    ngx_pool_data_t   *d;
+ 
+     p = ngx_memalign(alignment, size, pool->log);
+     if (p == NULL) {
+         return NULL;
+     }
+ 
+-    large = ngx_palloc_small(pool, sizeof(ngx_pool_large_t), 1);
+-    if (large == NULL) {
+    d = ngx_alloc(sizeof(ngx_pool_data_t), pool->log);
+    if (d == NULL){
+         ngx_free(p);
+         return NULL;
+     }
+ 
+-    large->alloc = p;
+-    large->next = pool->large;
+-    pool->large = large;
+-
+    d->alloc = p;
+    d->next = pool->d;
+    pool->d = d;
+     return p;
+ }
+ 
+ 
+ ngx_int_t
+-ngx_pfree(ngx_pool_t *pool, void *p)
+ngx_pfree(ngx_pool_t *pool, void *data)
+ {
+-    ngx_pool_large_t  *l;
+    ngx_pool_data_t     *p, *d;
+ 
+-    for (l = pool->large; l; l = l->next) {
+-        if (p == l->alloc) {
+-            ngx_log_debug1(NGX_LOG_DEBUG_ALLOC, pool->log, 0,
+-                           "free: %p", l->alloc);
+-            ngx_free(l->alloc);
+-            l->alloc = NULL;
+    p = NULL;
+    for (d = pool->d; d; p = d, d = d->next) {
+        if (data == d->alloc) {
+
+            ngx_log_debug1(NGX_LOG_DEBUG_ALLOC, pool->log, 0, "free: %p", d->alloc);
+
+            ngx_free(d->alloc);
+            d->alloc = NULL;
+
+            if (p) {
+                p->next = d->next;
+
+            } else {
+                pool->d = d->next;
+            }
+
+            ngx_free(d);
+ 
+             return NGX_OK;
+         }
+diff --minimal '--exclude=*.swp' '--exclude=*~' -up nginx-1.13.3/src/core/ngx_palloc.h nginx-1.13.3-patched/src/core/ngx_palloc.h
+--- nginx-1.13.3/src/core/ngx_palloc.h	2016-04-19 09:02:38.000000000 -0700
+++ nginx-1.13.3-patched/src/core/ngx_palloc.h	2016-04-21 16:25:07.454949755 -0700
+@@ -38,28 +38,21 @@ struct ngx_pool_cleanup_s {
+ };
+ 
+ 
+-typedef struct ngx_pool_large_s  ngx_pool_large_t;
+-
+-struct ngx_pool_large_s {
+-    ngx_pool_large_t     *next;
+-    void                 *alloc;
+-};
+typedef struct ngx_pool_data_s   ngx_pool_large_t;
+typedef struct ngx_pool_data_s   ngx_pool_data_t;
+ 
+ 
+-typedef struct {
+-    u_char               *last;
+-    u_char               *end;
+-    ngx_pool_t           *next;
+-    ngx_uint_t            failed;
+-} ngx_pool_data_t;
+struct ngx_pool_data_s {
+    ngx_pool_data_t        *next;
+    void                   *alloc;
+};
+ 
+ 
+ struct ngx_pool_s {
+-    ngx_pool_data_t       d;
+    ngx_pool_data_t      *d;
+     size_t                max;
+     ngx_pool_t           *current;
+     ngx_chain_t          *chain;
+-    ngx_pool_large_t     *large;
+     ngx_pool_cleanup_t   *cleanup;
+     ngx_log_t            *log;
+ };
--- a/patches/nginx-1.13.3-pcre_conf_opt.patch
+++ b/patches/nginx-1.13.3-pcre_conf_opt.patch
@ -0,0 +1,26 @@
+# HG changeset patch
+# User Yichun Zhang <agentzh@gmail.com>
+# Date 1386694955 28800
+# Node ID 9ba6b149669f1f02eeb4cdc0ebd364a949b5c469
+# Parent  30e806b8636af5fd3f03ec17df24801f390f7511
+Configure: added new option --with-pcre-conf-opt=OPTIONS.
+
+diff -r 30e806b8636a -r 9ba6b149669f auto/options
+--- a/auto/options	Mon Dec 09 10:16:44 2013 +0400
+++ b/auto/options	Tue Dec 10 09:02:35 2013 -0800
+@@ -286,6 +286,7 @@
+         --with-pcre)                     USE_PCRE=YES               ;;
+         --with-pcre=*)                   PCRE="$value"              ;;
+         --with-pcre-opt=*)               PCRE_OPT="$value"          ;;
+        --with-pcre-conf-opt=*)          PCRE_CONF_OPT="$value"     ;;
+         --with-pcre-jit)                 PCRE_JIT=YES               ;;
+ 
+         --with-openssl=*)                OPENSSL="$value"           ;;
+@@ -441,6 +442,7 @@
+   --with-pcre                        force PCRE library usage
+   --with-pcre=DIR                    set path to PCRE library sources
+   --with-pcre-opt=OPTIONS            set additional build options for PCRE
+  --with-pcre-conf-opt=OPTIONS       set additional configure options for PCRE
+   --with-pcre-jit                    build PCRE with JIT compilation support
+ 
+   --with-md5=DIR                     set path to md5 library sources
--- a/patches/nginx-1.13.3-privileged_agent_process.patch
+++ b/patches/nginx-1.13.3-privileged_agent_process.patch
@ -0,0 +1,211 @@
+diff --git a/src/core/nginx.c b/src/core/nginx.c
+index 60f8fe7..4bd244b 100644
+--- a/src/core/nginx.c
+++ b/src/core/nginx.c
+@@ -981,6 +981,7 @@ ngx_core_module_create_conf(ngx_cycle_t *cycle)
+ 
+     ccf->daemon = NGX_CONF_UNSET;
+     ccf->master = NGX_CONF_UNSET;
+    ccf->privileged_agent = NGX_CONF_UNSET;
+     ccf->timer_resolution = NGX_CONF_UNSET_MSEC;
+ 
+     ccf->worker_processes = NGX_CONF_UNSET;
+@@ -1009,6 +1010,7 @@ ngx_core_module_init_conf(ngx_cycle_t *cycle, void *conf)
+ 
+     ngx_conf_init_value(ccf->daemon, 1);
+     ngx_conf_init_value(ccf->master, 1);
+    ngx_conf_init_value(ccf->privileged_agent, 0);
+     ngx_conf_init_msec_value(ccf->timer_resolution, 0);
+ 
+     ngx_conf_init_value(ccf->worker_processes, 1);
+diff --git a/src/core/ngx_cycle.h b/src/core/ngx_cycle.h
+index c51b7ff..3261f90 100644
+--- a/src/core/ngx_cycle.h
+++ b/src/core/ngx_cycle.h
+@@ -22,6 +22,9 @@
+ #define NGX_DEBUG_POINTS_ABORT  2
+ 
+ 
+#define HAVE_PRIVILEGED_PROCESS_PATCH   1
+
+
+ typedef struct ngx_shm_zone_s  ngx_shm_zone_t;
+ 
+ typedef ngx_int_t (*ngx_shm_zone_init_pt) (ngx_shm_zone_t *zone, void *data);
+@@ -81,6 +84,7 @@ struct ngx_cycle_s {
+ typedef struct {
+     ngx_flag_t                daemon;
+     ngx_flag_t                master;
+    ngx_flag_t                privileged_agent;
+ 
+     ngx_msec_t                timer_resolution;
+ 
+diff --git a/src/os/unix/ngx_process_cycle.c b/src/os/unix/ngx_process_cycle.c
+index 7cee1c5..c4f70d6 100644
+--- a/src/os/unix/ngx_process_cycle.c
+++ b/src/os/unix/ngx_process_cycle.c
+@@ -15,6 +15,8 @@ static void ngx_start_worker_processes(ngx_cycle_t *cycle, ngx_int_t n,
+     ngx_int_t type);
+ static void ngx_start_cache_manager_processes(ngx_cycle_t *cycle,
+     ngx_uint_t respawn);
+static void ngx_start_privileged_agent_processes(ngx_cycle_t *cycle,
+    ngx_uint_t respawn);
+ static void ngx_pass_open_channel(ngx_cycle_t *cycle, ngx_channel_t *ch);
+ static void ngx_signal_worker_processes(ngx_cycle_t *cycle, int signo);
+ static ngx_uint_t ngx_reap_children(ngx_cycle_t *cycle);
+@@ -24,6 +26,7 @@ static void ngx_worker_process_init(ngx_cycle_t *cycle, ngx_int_t worker);
+ static void ngx_worker_process_exit(ngx_cycle_t *cycle);
+ static void ngx_channel_handler(ngx_event_t *ev);
+ static void ngx_cache_manager_process_cycle(ngx_cycle_t *cycle, void *data);
+static void ngx_privileged_agent_process_cycle(ngx_cycle_t *cycle, void *data);
+ static void ngx_cache_manager_process_handler(ngx_event_t *ev);
+ static void ngx_cache_loader_process_handler(ngx_event_t *ev);
+ 
+@@ -51,6 +54,8 @@ sig_atomic_t  ngx_noaccept;
+ ngx_uint_t    ngx_noaccepting;
+ ngx_uint_t    ngx_restart;
+ 
+ngx_uint_t    ngx_is_privileged_agent;
+
+ 
+ static u_char  master_process[] = "master process";
+ 
+@@ -130,6 +135,7 @@ ngx_master_process_cycle(ngx_cycle_t *cycle)
+     ngx_start_worker_processes(cycle, ccf->worker_processes,
+                                NGX_PROCESS_RESPAWN);
+     ngx_start_cache_manager_processes(cycle, 0);
+    ngx_start_privileged_agent_processes(cycle, 0);
+ 
+     ngx_new_binary = 0;
+     delay = 0;
+@@ -224,6 +230,7 @@ ngx_master_process_cycle(ngx_cycle_t *cycle)
+                 ngx_start_worker_processes(cycle, ccf->worker_processes,
+                                            NGX_PROCESS_RESPAWN);
+                 ngx_start_cache_manager_processes(cycle, 0);
+                ngx_start_privileged_agent_processes(cycle, 0);
+                 ngx_noaccepting = 0;
+ 
+                 continue;
+@@ -243,6 +250,7 @@ ngx_master_process_cycle(ngx_cycle_t *cycle)
+             ngx_start_worker_processes(cycle, ccf->worker_processes,
+                                        NGX_PROCESS_JUST_RESPAWN);
+             ngx_start_cache_manager_processes(cycle, 1);
+            ngx_start_privileged_agent_processes(cycle, 1);
+ 
+             /* allow new processes to start */
+             ngx_msleep(100);
+@@ -257,6 +265,7 @@ ngx_master_process_cycle(ngx_cycle_t *cycle)
+             ngx_start_worker_processes(cycle, ccf->worker_processes,
+                                        NGX_PROCESS_RESPAWN);
+             ngx_start_cache_manager_processes(cycle, 0);
+            ngx_start_privileged_agent_processes(cycle, 0);
+             live = 1;
+         }
+ 
+@@ -424,6 +433,34 @@ ngx_start_cache_manager_processes(ngx_cycle_t *cycle, ngx_uint_t respawn)
+ 
+ 
+ static void
+ngx_start_privileged_agent_processes(ngx_cycle_t *cycle, ngx_uint_t respawn)
+{
+    ngx_channel_t          ch;
+    ngx_core_conf_t       *ccf;
+
+    ccf = (ngx_core_conf_t *) ngx_get_conf(cycle->conf_ctx,
+                                           ngx_core_module);
+
+    if (!ccf->privileged_agent) {
+        return;
+    }
+
+    ngx_spawn_process(cycle, ngx_privileged_agent_process_cycle,
+                      "privileged agent process", "privileged agent process",
+                      respawn ? NGX_PROCESS_JUST_RESPAWN : NGX_PROCESS_RESPAWN);
+
+    ngx_memzero(&ch, sizeof(ngx_channel_t));
+
+    ch.command = NGX_CMD_OPEN_CHANNEL;
+    ch.pid = ngx_processes[ngx_process_slot].pid;
+    ch.slot = ngx_process_slot;
+    ch.fd = ngx_processes[ngx_process_slot].channel[0];
+
+    ngx_pass_open_channel(cycle, &ch);
+}
+
+
+static void
+ ngx_pass_open_channel(ngx_cycle_t *cycle, ngx_channel_t *ch)
+ {
+     ngx_int_t  i;
+@@ -827,7 +864,10 @@ ngx_worker_process_init(ngx_cycle_t *cycle, ngx_int_t worker)
+         }
+     }
+ 
+-    if (geteuid() == 0) {
+    /*
+     * privileged agent process has the same permission as master process
+     */
+    if (!ngx_is_privileged_agent && geteuid() == 0) {
+         if (setgid(ccf->group) == -1) {
+             ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno,
+                           "setgid(%d) failed", ccf->group);
+@@ -1144,6 +1184,47 @@ ngx_cache_manager_process_cycle(ngx_cycle_t *cycle, void *data)
+ 
+ 
+ static void
+ngx_privileged_agent_process_cycle(ngx_cycle_t *cycle, void *data)
+{
+    char   *name = data;
+
+    /*
+     * Set correct process type since closing listening Unix domain socket
+     * in a master process also removes the Unix domain socket file.
+     */
+    ngx_process = NGX_PROCESS_HELPER;
+    ngx_is_privileged_agent = 1;
+
+    ngx_close_listening_sockets(cycle);
+
+    /* Set a moderate number of connections for a helper process. */
+    cycle->connection_n = 512;
+
+    ngx_worker_process_init(cycle, -1);
+
+    ngx_use_accept_mutex = 0;
+
+    ngx_setproctitle(name);
+
+    for ( ;; ) {
+
+        if (ngx_terminate || ngx_quit) {
+            ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "exiting");
+            ngx_worker_process_exit(cycle);
+        }
+
+        if (ngx_reopen) {
+            ngx_reopen = 0;
+            ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "reopening logs");
+            ngx_reopen_files(cycle, -1);
+        }
+
+        ngx_process_events_and_timers(cycle);
+    }
+}
+
+
+static void
+ ngx_cache_manager_process_handler(ngx_event_t *ev)
+ {
+     time_t        next, n;
+diff --git a/src/os/unix/ngx_process_cycle.h b/src/os/unix/ngx_process_cycle.h
+index 69495d5..5149396 100644
+--- a/src/os/unix/ngx_process_cycle.h
+++ b/src/os/unix/ngx_process_cycle.h
+@@ -45,6 +45,7 @@ extern ngx_pid_t       ngx_new_binary;
+ extern ngx_uint_t      ngx_inherited;
+ extern ngx_uint_t      ngx_daemonized;
+ extern ngx_uint_t      ngx_exiting;
+extern ngx_uint_t      ngx_is_privileged_agent;
+ 
+ extern sig_atomic_t    ngx_reap;
+ extern sig_atomic_t    ngx_sigio;
--- a/patches/nginx-1.13.3-proxy_host_port_vars.patch
+++ b/patches/nginx-1.13.3-proxy_host_port_vars.patch
@ -0,0 +1,19 @@
+--- nginx-1.13.3/src/http/modules/ngx_http_proxy_module.c	2017-07-16 14:02:51.000000000 +0800
+++ nginx-1.13.3-patched/src/http/modules/ngx_http_proxy_module.c	2017-07-16 14:02:51.000000000 +0800
+@@ -793,13 +793,13 @@ static ngx_keyval_t  ngx_http_proxy_cach
+ static ngx_http_variable_t  ngx_http_proxy_vars[] = {
+ 
+     { ngx_string("proxy_host"), NULL, ngx_http_proxy_host_variable, 0,
+-      NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE|NGX_HTTP_VAR_NOHASH, 0 },
+      NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE, 0 },
+ 
+     { ngx_string("proxy_port"), NULL, ngx_http_proxy_port_variable, 0,
+-      NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE|NGX_HTTP_VAR_NOHASH, 0 },
+      NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE, 0 },
+ 
+     { ngx_string("proxy_add_x_forwarded_for"), NULL,
+-      ngx_http_proxy_add_x_forwarded_for_variable, 0, NGX_HTTP_VAR_NOHASH, 0 },
+      ngx_http_proxy_add_x_forwarded_for_variable, 0, 0, 0 },
+ 
+ #if 0
+     { ngx_string("proxy_add_via"), NULL, NULL, 0, NGX_HTTP_VAR_NOHASH, 0 },
--- a/patches/nginx-1.13.3-safe_resolver_ipv6_option.patch
+++ b/patches/nginx-1.13.3-safe_resolver_ipv6_option.patch
@ -0,0 +1,55 @@
+# HG changeset patch
+# User Thibault Charbonnier <thibaultcha@fastmail.com>
+# Date 1481847421 28800
+#      Thu Dec 15 16:17:01 2016 -0800
+# Node ID 8bf038fe006fd8ae253d6b41fc6cf109a8912d3e
+# Parent  a3dc657f4e9530623683e6b85bd7492662e4dc47
+Resolver: ignore ipv6=off resolver option when no ipv6 support
+
+Makes the resolver directive more robust: we only error out when ipv6
+resolution is desired but not supported (ipv6=on).
+
+use case 1: some configurations are sometimes re-used between builds with and
+without ipv6 support. This patch avoids the need to remove the "ipv6=off" flag.
+
+use case 2: currently, some tools rely on the --with-ipv6 configure option from
+"nginx -V" to determine if ipv6 resolution should be disabled in some cases.
+With this option disappearing in Nginx 1.11.5, this patch would allow such tools
+to assume "ipv6=off" to be safe regardless of ipv6 support in the current
+build.
+
+diff -r a3dc657f4e95 -r 8bf038fe006f src/core/ngx_resolver.c
+--- a/src/core/ngx_resolver.c	Thu Dec 15 21:44:34 2016 +0300
+++ b/src/core/ngx_resolver.c	Thu Dec 15 16:17:01 2016 -0800
+@@ -224,14 +224,22 @@
+             continue;
+         }
+ 
+-#if (NGX_HAVE_INET6)
+         if (ngx_strncmp(names[i].data, "ipv6=", 5) == 0) {
+ 
+             if (ngx_strcmp(&names[i].data[5], "on") == 0) {
+#if (NGX_HAVE_INET6)
+                 r->ipv6 = 1;
+#else
+                ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                                   "no ipv6 support but \"%V\" in resolver",
+                                   &names[i]);
+                return NULL;
+#endif
+ 
+             } else if (ngx_strcmp(&names[i].data[5], "off") == 0) {
+#if (NGX_HAVE_INET6)
+                 r->ipv6 = 0;
+#endif
+ 
+             } else {
+                 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+@@ -241,7 +249,6 @@
+ 
+             continue;
+         }
+-#endif
+ 
+         ngx_memzero(&u, sizeof(ngx_url_t));
+ 
--- a/patches/nginx-1.13.3-server_header.patch
+++ b/patches/nginx-1.13.3-server_header.patch
@ -0,0 +1,39 @@
+diff --git a/src/core/nginx.h b/src/core/nginx.h
+index 1f3a369..3620509 100644
+--- a/src/core/nginx.h
+++ b/src/core/nginx.h
+@@ -11,7 +11,7 @@
+ 
+ #define nginx_version      1013003
+ #define NGINX_VERSION      "1.13.3"
+-#define NGINX_VER          "nginx/" NGINX_VERSION
+#define NGINX_VER          "openresty/" NGINX_VERSION ".unknown"
+ 
+ #ifdef NGX_BUILD
+ #define NGINX_VER_BUILD    NGINX_VER " (" NGX_BUILD ")"
+diff --git a/src/http/ngx_http_header_filter_module.c b/src/http/ngx_http_header_filter_module.c
+index 9b89405..ca13f2a 100644
+--- a/src/http/ngx_http_header_filter_module.c
+++ b/src/http/ngx_http_header_filter_module.c
+@@ -46,7 +46,7 @@ ngx_module_t  ngx_http_header_filter_module = {
+ };
+ 
+ 
+-static u_char ngx_http_server_string[] = "Server: nginx" CRLF;
+static u_char ngx_http_server_string[] = "Server: openresty" CRLF;
+ static u_char ngx_http_server_full_string[] = "Server: " NGINX_VER CRLF;
+ static u_char ngx_http_server_build_string[] = "Server: " NGINX_VER_BUILD CRLF;
+ 
+diff --git a/src/http/v2/ngx_http_v2_filter_module.c b/src/http/v2/ngx_http_v2_filter_module.c
+index 8621e7a..a76c677 100644
+--- a/src/http/v2/ngx_http_v2_filter_module.c
+++ b/src/http/v2/ngx_http_v2_filter_module.c
+@@ -143,7 +143,7 @@ ngx_http_v2_header_filter(ngx_http_request_t *r)
+     ngx_http_core_srv_conf_t  *cscf;
+     u_char                     addr[NGX_SOCKADDR_STRLEN];
+ 
+-    static const u_char nginx[5] = "\x84\xaa\x63\x55\xe7";
+    static const u_char nginx[8] = "\x87\x3d\x65\xaa\xc2\xa1\x3e\xbf";
+ #if (NGX_HTTP_GZIP)
+     static const u_char accept_encoding[12] =
+         "\x8b\x84\x84\x2d\x69\x5b\x05\x44\x3c\x86\xaa\x6f";
--- a/patches/nginx-1.13.3-setting_args_invalidates_uri.patch
+++ b/patches/nginx-1.13.3-setting_args_invalidates_uri.patch
@ -0,0 +1,44 @@
+# HG changeset patch
+# User Yichun Zhang <agentzh@gmail.com>
+# Date 1390506359 28800
+# Node ID 17186b98c235c07e94c64e5853689f790f173756
+# Parent  4b50d1f299d8a69f3e3f7975132e1490352642fe
+Variable: setting $args should invalidate unparsed uri.
+
+diff -r 4b50d1f299d8 -r 17186b98c235 src/http/ngx_http_variables.c
+--- a/src/http/ngx_http_variables.c	Fri Jan 10 11:22:14 2014 -0800
+++ b/src/http/ngx_http_variables.c	Thu Jan 23 11:45:59 2014 -0800
+@@ -15,6 +15,8 @@
+     ngx_http_variable_value_t *v, uintptr_t data);
+ static void ngx_http_variable_request_set(ngx_http_request_t *r,
+     ngx_http_variable_value_t *v, uintptr_t data);
+static void ngx_http_variable_request_args_set(ngx_http_request_t *r,
+    ngx_http_variable_value_t *v, uintptr_t data);
+ static ngx_int_t ngx_http_variable_request_get_size(ngx_http_request_t *r,
+     ngx_http_variable_value_t *v, uintptr_t data);
+ static void ngx_http_variable_request_set_size(ngx_http_request_t *r,
+@@ -218,7 +220,7 @@
+       NGX_HTTP_VAR_NOCACHEABLE, 0 },
+ 
+     { ngx_string("args"),
+-      ngx_http_variable_request_set,
+      ngx_http_variable_request_args_set,
+       ngx_http_variable_request,
+       offsetof(ngx_http_request_t, args),
+       NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE, 0 },
+@@ -647,6 +649,15 @@
+ 
+ 
+ static void
+ngx_http_variable_request_args_set(ngx_http_request_t *r,
+    ngx_http_variable_value_t *v, uintptr_t data)
+{
+    r->valid_unparsed_uri = 0;
+    ngx_http_variable_request_set(r, v, data);
+}
+
+
+static void
+ ngx_http_variable_request_set(ngx_http_request_t *r,
+     ngx_http_variable_value_t *v, uintptr_t data)
+ {
--- a/patches/nginx-1.13.3-single_process_graceful_exit.patch
+++ b/patches/nginx-1.13.3-single_process_graceful_exit.patch
@ -0,0 +1,53 @@
+diff --git a/src/os/unix/ngx_process_cycle.c b/src/os/unix/ngx_process_cycle.c
+index 1710ea81..b379da9c 100644
+--- a/src/os/unix/ngx_process_cycle.c
+++ b/src/os/unix/ngx_process_cycle.c
+@@ -304,11 +304,26 @@ ngx_single_process_cycle(ngx_cycle_t *cycle)
+     }
+ 
+     for ( ;; ) {
+        if (ngx_exiting) {
+            if (ngx_event_no_timers_left() == NGX_OK) {
+                ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "exiting");
+
+                for (i = 0; cycle->modules[i]; i++) {
+                    if (cycle->modules[i]->exit_process) {
+                        cycle->modules[i]->exit_process(cycle);
+                    }
+                }
+
+                ngx_master_process_exit(cycle);
+            }
+        }
+
+         ngx_log_debug0(NGX_LOG_DEBUG_EVENT, cycle->log, 0, "worker cycle");
+ 
+         ngx_process_events_and_timers(cycle);
+ 
+-        if (ngx_terminate || ngx_quit) {
+        if (ngx_terminate) {
+            ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "exiting");
+ 
+             for (i = 0; cycle->modules[i]; i++) {
+                 if (cycle->modules[i]->exit_process) {
+@@ -319,6 +334,20 @@ ngx_single_process_cycle(ngx_cycle_t *cycle)
+             ngx_master_process_exit(cycle);
+         }
+ 
+        if (ngx_quit) {
+            ngx_quit = 0;
+            ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0,
+                          "gracefully shutting down");
+            ngx_setproctitle("process is shutting down");
+
+            if (!ngx_exiting) {
+                ngx_exiting = 1;
+                ngx_set_shutdown_timer(cycle);
+                ngx_close_listening_sockets(cycle);
+                ngx_close_idle_connections(cycle);
+            }
+        }
+
+         if (ngx_reconfigure) {
+             ngx_reconfigure = 0;
+             ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "reconfiguring");
--- a/patches/nginx-1.13.3-slab_defrag.patch
+++ b/patches/nginx-1.13.3-slab_defrag.patch
@ -0,0 +1,138 @@
+diff --git a/src/core/ngx_slab.c b/src/core/ngx_slab.c
+index c3a27f7..1bde432 100644
+--- a/src/core/ngx_slab.c
+++ b/src/core/ngx_slab.c
+@@ -6,6 +6,7 @@
+ 
+ #include <ngx_config.h>
+ #include <ngx_core.h>
+#include <assert.h>
+ 
+ 
+ #define NGX_SLAB_PAGE_MASK   3
+@@ -111,6 +112,7 @@ ngx_slab_init(ngx_slab_pool_t *pool)
+     ngx_memzero(p, pages * sizeof(ngx_slab_page_t));
+ 
+     pool->pages = (ngx_slab_page_t *) p;
+    pool->npages = pages;
+ 
+     pool->free.prev = 0;
+     pool->free.next = (ngx_slab_page_t *) p;
+@@ -118,6 +120,7 @@ ngx_slab_init(ngx_slab_pool_t *pool)
+     pool->pages->slab = pages;
+     pool->pages->next = &pool->free;
+     pool->pages->prev = (uintptr_t) &pool->free;
+    pool->pages->prev_slab = 0;
+ 
+     pool->start = (u_char *)
+                   ngx_align_ptr((uintptr_t) p + pages * sizeof(ngx_slab_page_t),
+@@ -625,9 +628,16 @@ ngx_slab_alloc_pages(ngx_slab_pool_t *pool, ngx_uint_t pages)
+         if (page->slab >= pages) {
+ 
+             if (page->slab > pages) {
+                /* adjust the next adjacent block's "prev_slab" field */
+                p = &page[page->slab];
+                if (p < pool->pages + pool->npages) {
+                    p->prev_slab = page->slab - pages;
+                }
+
+                 page[pages].slab = page->slab - pages;
+                 page[pages].next = page->next;
+                 page[pages].prev = page->prev;
+                page[pages].prev_slab = pages;
+ 
+                 p = (ngx_slab_page_t *) page->prev;
+                 p->next = &page[pages];
+@@ -651,6 +661,7 @@ ngx_slab_alloc_pages(ngx_slab_pool_t *pool, ngx_uint_t pages)
+                 p->slab = NGX_SLAB_PAGE_BUSY;
+                 p->next = NULL;
+                 p->prev = NGX_SLAB_PAGE;
+                p->prev_slab = 0;
+                 p++;
+             }
+ 
+@@ -668,7 +679,7 @@ static void
+ ngx_slab_free_pages(ngx_slab_pool_t *pool, ngx_slab_page_t *page,
+     ngx_uint_t pages)
+ {
+-    ngx_slab_page_t  *prev;
+    ngx_slab_page_t  *prev, *p;
+ 
+     page->slab = pages--;
+ 
+@@ -682,6 +693,53 @@ ngx_slab_free_pages(ngx_slab_pool_t *pool, ngx_slab_page_t *page,
+         page->next->prev = page->prev;
+     }
+ 
+    /* merge the next adjacent free block if it is free */
+
+    p = &page[page->slab];
+    if (p < pool->pages + pool->npages
+        && !(p->slab & NGX_SLAB_PAGE_START)
+        && p->next != NULL
+        && (p->prev & NGX_SLAB_PAGE_MASK) == NGX_SLAB_PAGE)
+    {
+        page->slab += p->slab;
+
+        /* remove the next adjacent block from the free list */
+
+        prev = (ngx_slab_page_t *) p->prev;
+        prev->next = p->next;
+        p->next->prev = p->prev;
+
+        /* adjust the "prev_slab" field in the next next adjacent block */
+        if (p + p->slab < pool->pages + pool->npages) {
+            p[p->slab].prev_slab = page->slab;
+        }
+
+        ngx_memzero(p, sizeof(ngx_slab_page_t));
+    }
+
+    if (page->prev_slab) {
+        /* merge the previous adjacent block if it is free */
+
+        p = page - page->prev_slab;
+        if (!(p->slab & NGX_SLAB_PAGE_START)
+            && p->next != NULL
+            && (p->prev & NGX_SLAB_PAGE_MASK) == NGX_SLAB_PAGE)
+        {
+            assert(p->slab == page->prev_slab);
+
+            p->slab += page->slab;
+            ngx_memzero(page, sizeof(ngx_slab_page_t));
+
+            /* adjust the "prev_slab" field in the next adjacent block */
+            if (p + p->slab < pool->pages + pool->npages) {
+                p[p->slab].prev_slab = p->slab;
+            }
+
+            /* skip adding "page" to the free list */
+            return;
+        }
+    }
+
+     page->prev = (uintptr_t) &pool->free;
+     page->next = pool->free.next;
+ 
+diff --git a/src/core/ngx_slab.h b/src/core/ngx_slab.h
+index c5e420b..287ac79 100644
+--- a/src/core/ngx_slab.h
+++ b/src/core/ngx_slab.h
+@@ -19,6 +19,8 @@ struct ngx_slab_page_s {
+     uintptr_t         slab;
+     ngx_slab_page_t  *next;
+     uintptr_t         prev;
+    uintptr_t         prev_slab;
+                         /* number of pages for the previous adjacent block */
+ };
+ 
+ 
+@@ -31,6 +33,8 @@ typedef struct {
+     ngx_slab_page_t  *pages;
+     ngx_slab_page_t   free;
+ 
+    ngx_uint_t        npages;
+
+     u_char           *start;
+     u_char           *end;
+ 
--- a/patches/nginx-1.13.3-ssl_cert_cb_yield.patch
+++ b/patches/nginx-1.13.3-ssl_cert_cb_yield.patch
@ -0,0 +1,42 @@
+# HG changeset patch
+# User Yichun Zhang <agentzh@openresty.org>
+# Date 1451762084 28800
+#      Sat Jan 02 11:14:44 2016 -0800
+# Node ID 449f0461859c16e95bdb18e8be6b94401545d3dd
+# Parent  78b4e10b4367b31367aad3c83c9c3acdd42397c4
+SSL: handled SSL_CTX_set_cert_cb() callback yielding.
+
+OpenSSL 1.0.2+ introduces SSL_CTX_set_cert_cb() to allow custom
+callbacks to serve the SSL certificiates and private keys dynamically
+and lazily. The callbacks may yield for nonblocking I/O or sleeping.
+Here we added support for such usage in NGINX 3rd-party modules
+(like ngx_lua) in NGINX's event handlers for downstream SSL
+connections.
+
+diff -r 78b4e10b4367 -r 449f0461859c src/event/ngx_event_openssl.c
+--- a/src/event/ngx_event_openssl.c	Thu Dec 17 16:39:15 2015 +0300
+++ b/src/event/ngx_event_openssl.c	Sat Jan 02 11:14:44 2016 -0800
+@@ -1210,6 +1210,23 @@
+         return NGX_AGAIN;
+     }
+ 
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L
+    if (sslerr == SSL_ERROR_WANT_X509_LOOKUP) {
+        c->read->handler = ngx_ssl_handshake_handler;
+        c->write->handler = ngx_ssl_handshake_handler;
+
+        if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
+            return NGX_ERROR;
+        }
+
+        if (ngx_handle_write_event(c->write, 0) != NGX_OK) {
+            return NGX_ERROR;
+        }
+
+        return NGX_AGAIN;
+    }
+#endif
+
+     err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0;
+ 
+     c->ssl->no_wait_shutdown = 1;
--- a/patches/nginx-1.13.3-ssl_pending_session.patch
+++ b/patches/nginx-1.13.3-ssl_pending_session.patch
@ -0,0 +1,16 @@
+--- nginx-1.13.3/src/event/ngx_event_openssl.c	2016-07-17 19:20:30.411137606 -0700
+++ nginx-1.13.3-patched/src/event/ngx_event_openssl.c	2016-07-19 16:53:35.539768477 -0700
+@@ -1307,7 +1307,12 @@ ngx_ssl_handshake(ngx_connection_t *c)
+     }
+ 
+ #if OPENSSL_VERSION_NUMBER >= 0x10002000L
+-    if (sslerr == SSL_ERROR_WANT_X509_LOOKUP) {
+    if (sslerr == SSL_ERROR_WANT_X509_LOOKUP
+#   ifdef SSL_ERROR_PENDING_SESSION
+        || sslerr == SSL_ERROR_PENDING_SESSION
+#   endif
+       )
+    {
+         c->read->handler = ngx_ssl_handshake_handler;
+         c->write->handler = ngx_ssl_handshake_handler;
+ 
--- a/patches/nginx-1.13.3-stream_balancer_export.patch
+++ b/patches/nginx-1.13.3-stream_balancer_export.patch
@ -0,0 +1,53 @@
+diff --git a/src/stream/ngx_stream_upstream_round_robin.c b/src/stream/ngx_stream_upstream_round_robin.c
+index 526de3a..b531ce1 100644
+--- a/src/stream/ngx_stream_upstream_round_robin.c
+++ b/src/stream/ngx_stream_upstream_round_robin.c
+@@ -21,10 +21,6 @@ static void ngx_stream_upstream_notify_round_robin_peer(
+ 
+ #if (NGX_STREAM_SSL)
+ 
+-static ngx_int_t ngx_stream_upstream_set_round_robin_peer_session(
+-    ngx_peer_connection_t *pc, void *data);
+-static void ngx_stream_upstream_save_round_robin_peer_session(
+-    ngx_peer_connection_t *pc, void *data);
+ static ngx_int_t ngx_stream_upstream_empty_set_session(
+     ngx_peer_connection_t *pc, void *data);
+ static void ngx_stream_upstream_empty_save_session(ngx_peer_connection_t *pc,
+@@ -690,7 +686,7 @@ ngx_stream_upstream_notify_round_robin_peer(ngx_peer_connection_t *pc,
+ 
+ #if (NGX_STREAM_SSL)
+ 
+-static ngx_int_t
+ngx_int_t
+ ngx_stream_upstream_set_round_robin_peer_session(ngx_peer_connection_t *pc,
+     void *data)
+ {
+@@ -756,7 +752,7 @@ ngx_stream_upstream_set_round_robin_peer_session(ngx_peer_connection_t *pc,
+ }
+ 
+ 
+-static void
+void
+ ngx_stream_upstream_save_round_robin_peer_session(ngx_peer_connection_t *pc,
+     void *data)
+ {
+diff --git a/src/stream/ngx_stream_upstream_round_robin.h b/src/stream/ngx_stream_upstream_round_robin.h
+index 35d9fce..75f3e31 100644
+--- a/src/stream/ngx_stream_upstream_round_robin.h
+++ b/src/stream/ngx_stream_upstream_round_robin.h
+@@ -142,5 +142,15 @@ ngx_int_t ngx_stream_upstream_get_round_robin_peer(ngx_peer_connection_t *pc,
+ void ngx_stream_upstream_free_round_robin_peer(ngx_peer_connection_t *pc,
+     void *data, ngx_uint_t state);
+ 
+#if (NGX_STREAM_SSL)
+ngx_int_t ngx_stream_upstream_set_round_robin_peer_session(
+    ngx_peer_connection_t *pc, void *data);
+void ngx_stream_upstream_save_round_robin_peer_session(
+    ngx_peer_connection_t *pc, void *data);
+#endif
+
+
+#define HAVE_NGX_STREAM_BALANCER_EXPORT_PATCH 1
+
+ 
+ #endif /* _NGX_STREAM_UPSTREAM_ROUND_ROBIN_H_INCLUDED_ */
--- a/patches/nginx-1.13.3-stream_proxy_get_next_upstream_tries.patch
+++ b/patches/nginx-1.13.3-stream_proxy_get_next_upstream_tries.patch
@ -0,0 +1,31 @@
+diff --git a/src/stream/ngx_stream.h b/src/stream/ngx_stream.h
+index 09d2459..de92724 100644
+--- a/src/stream/ngx_stream.h
+++ b/src/stream/ngx_stream.h
+@@ -303,4 +303,7 @@ typedef ngx_int_t (*ngx_stream_filter_pt)(ngx_stream_session_t *s,
+ extern ngx_stream_filter_pt  ngx_stream_top_filter;
+ 
+ 
+#define HAS_NGX_STREAM_PROXY_GET_NEXT_UPSTREAM_TRIES_PATCH 1
+
+
+ #endif /* _NGX_STREAM_H_INCLUDED_ */
+diff --git a/src/stream/ngx_stream_proxy_module.c b/src/stream/ngx_stream_proxy_module.c
+index 0afde1c..3254ce1 100644
+--- a/src/stream/ngx_stream_proxy_module.c
+++ b/src/stream/ngx_stream_proxy_module.c
+@@ -2156,3 +2156,14 @@ ngx_stream_proxy_bind(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+ 
+     return NGX_CONF_OK;
+ }
+
+
+ngx_uint_t
+ngx_stream_proxy_get_next_upstream_tries(ngx_stream_session_t *s)
+{
+    ngx_stream_proxy_srv_conf_t      *pscf;
+
+    pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module);
+
+    return pscf->next_upstream_tries;
+}
--- a/patches/nginx-1.13.3-stream_proxy_timeout_fields.patch
+++ b/patches/nginx-1.13.3-stream_proxy_timeout_fields.patch
@ -0,0 +1,169 @@
+diff --git a/src/stream/ngx_stream.h b/src/stream/ngx_stream.h
+index 09d2459..a4dda5d 100644
+--- a/src/stream/ngx_stream.h
+++ b/src/stream/ngx_stream.h
+@@ -241,6 +241,15 @@ typedef struct {
+ } ngx_stream_module_t;
+ 
+ 
+typedef struct {
+    ngx_msec_t                       connect_timeout;
+    ngx_msec_t                       timeout;
+} ngx_stream_proxy_ctx_t;
+
+
+#define NGX_STREAM_HAVE_PROXY_TIMEOUT_FIELDS_PATCH 1
+
+
+ #define NGX_STREAM_MODULE       0x4d525453     /* "STRM" */
+ 
+ #define NGX_STREAM_MAIN_CONF    0x02000000
+@@ -294,6 +303,7 @@ void ngx_stream_finalize_session(ngx_stream_session_t *s, ngx_uint_t rc);
+ extern ngx_module_t  ngx_stream_module;
+ extern ngx_uint_t    ngx_stream_max_module;
+ extern ngx_module_t  ngx_stream_core_module;
+extern ngx_module_t  ngx_stream_proxy_module;
+ 
+ 
+ typedef ngx_int_t (*ngx_stream_filter_pt)(ngx_stream_session_t *s,
+diff --git a/src/stream/ngx_stream_proxy_module.c b/src/stream/ngx_stream_proxy_module.c
+index 0afde1c..c16db76 100644
+--- a/src/stream/ngx_stream_proxy_module.c
+++ b/src/stream/ngx_stream_proxy_module.c
+@@ -359,6 +359,7 @@ ngx_stream_proxy_handler(ngx_stream_session_t *s)
+     ngx_stream_proxy_srv_conf_t      *pscf;
+     ngx_stream_upstream_srv_conf_t   *uscf, **uscfp;
+     ngx_stream_upstream_main_conf_t  *umcf;
+    ngx_stream_proxy_ctx_t           *pctx;
+ 
+     c = s->connection;
+ 
+@@ -367,6 +368,17 @@ ngx_stream_proxy_handler(ngx_stream_session_t *s)
+     ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0,
+                    "proxy connection handler");
+ 
+    pctx = ngx_palloc(c->pool, sizeof(ngx_stream_proxy_ctx_t));
+    if (pctx == NULL) {
+        ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR);
+        return;
+    }
+
+    pctx->connect_timeout = pscf->connect_timeout;
+    pctx->timeout = pscf->timeout;
+
+    ngx_stream_set_ctx(s, pctx, ngx_stream_proxy_module);
+
+     u = ngx_pcalloc(c->pool, sizeof(ngx_stream_upstream_t));
+     if (u == NULL) {
+         ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR);
+@@ -654,6 +666,7 @@ ngx_stream_proxy_connect(ngx_stream_session_t *s)
+     ngx_connection_t             *c, *pc;
+     ngx_stream_upstream_t        *u;
+     ngx_stream_proxy_srv_conf_t  *pscf;
+    ngx_stream_proxy_ctx_t       *ctx;
+ 
+     c = s->connection;
+ 
+@@ -661,6 +674,8 @@ ngx_stream_proxy_connect(ngx_stream_session_t *s)
+ 
+     pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module);
+ 
+    ctx = ngx_stream_get_module_ctx(s, ngx_stream_proxy_module);
+
+     u = s->upstream;
+ 
+     u->connected = 0;
+@@ -722,7 +737,7 @@ ngx_stream_proxy_connect(ngx_stream_session_t *s)
+     pc->read->handler = ngx_stream_proxy_connect_handler;
+     pc->write->handler = ngx_stream_proxy_connect_handler;
+ 
+-    ngx_add_timer(pc->write, pscf->connect_timeout);
+    ngx_add_timer(pc->write, ctx->connect_timeout);
+ }
+ 
+ 
+@@ -900,8 +915,10 @@ ngx_stream_proxy_send_proxy_protocol(ngx_stream_session_t *s)
+     ssize_t                       n, size;
+     ngx_connection_t             *c, *pc;
+     ngx_stream_upstream_t        *u;
+-    ngx_stream_proxy_srv_conf_t  *pscf;
+     u_char                        buf[NGX_PROXY_PROTOCOL_MAX_HEADER];
+    ngx_stream_proxy_ctx_t       *ctx;
+
+    ctx = ngx_stream_get_module_ctx(s, ngx_stream_proxy_module);
+ 
+     c = s->connection;
+ 
+@@ -928,9 +945,7 @@ ngx_stream_proxy_send_proxy_protocol(ngx_stream_session_t *s)
+             return NGX_ERROR;
+         }
+ 
+-        pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module);
+-
+-        ngx_add_timer(pc->write, pscf->timeout);
+        ngx_add_timer(pc->write, ctx->timeout);
+ 
+         pc->write->handler = ngx_stream_proxy_connect_handler;
+ 
+@@ -994,6 +1009,9 @@ ngx_stream_proxy_ssl_init_connection(ngx_stream_session_t *s)
+     ngx_connection_t             *pc;
+     ngx_stream_upstream_t        *u;
+     ngx_stream_proxy_srv_conf_t  *pscf;
+    ngx_stream_proxy_ctx_t       *ctx;
+
+    ctx = ngx_stream_get_module_ctx(s, ngx_stream_proxy_module);
+ 
+     u = s->upstream;
+ 
+@@ -1029,7 +1047,7 @@ ngx_stream_proxy_ssl_init_connection(ngx_stream_session_t *s)
+     if (rc == NGX_AGAIN) {
+ 
+         if (!pc->write->timer_set) {
+-            ngx_add_timer(pc->write, pscf->connect_timeout);
+            ngx_add_timer(pc->write, ctx->connect_timeout);
+         }
+ 
+         pc->ssl->handler = ngx_stream_proxy_ssl_handshake;
+@@ -1285,11 +1303,14 @@ ngx_stream_proxy_process_connection(ngx_event_t *ev, ngx_uint_t from_upstream)
+     ngx_stream_session_t         *s;
+     ngx_stream_upstream_t        *u;
+     ngx_stream_proxy_srv_conf_t  *pscf;
+    ngx_stream_proxy_ctx_t       *ctx;
+ 
+     c = ev->data;
+     s = c->data;
+     u = s->upstream;
+ 
+    ctx = ngx_stream_get_module_ctx(s, ngx_stream_proxy_module);
+
+     c = s->connection;
+     pc = u->peer.connection;
+ 
+@@ -1309,7 +1330,7 @@ ngx_stream_proxy_process_connection(ngx_event_t *ev, ngx_uint_t from_upstream)
+                 }
+ 
+                 if (u->connected && !c->read->delayed && !pc->read->delayed) {
+-                    ngx_add_timer(c->write, pscf->timeout);
+                    ngx_add_timer(c->write, ctx->timeout);
+                 }
+ 
+                 return;
+@@ -1451,6 +1472,9 @@ ngx_stream_proxy_process(ngx_stream_session_t *s, ngx_uint_t from_upstream,
+     ngx_log_handler_pt            handler;
+     ngx_stream_upstream_t        *u;
+     ngx_stream_proxy_srv_conf_t  *pscf;
+    ngx_stream_proxy_ctx_t       *ctx;
+
+    ctx = ngx_stream_get_module_ctx(s, ngx_stream_proxy_module);
+ 
+     u = s->upstream;
+ 
+@@ -1642,7 +1666,7 @@ ngx_stream_proxy_process(ngx_stream_session_t *s, ngx_uint_t from_upstream,
+         }
+ 
+         if (!c->read->delayed && !pc->read->delayed) {
+-            ngx_add_timer(c->write, pscf->timeout);
+            ngx_add_timer(c->write, ctx->timeout);
+ 
+         } else if (c->write->timer_set) {
+             ngx_del_timer(c->write);
--- a/patches/nginx-1.13.3-upstream_pipelining.patch
+++ b/patches/nginx-1.13.3-upstream_pipelining.patch
@ -0,0 +1,23 @@
+commit f9907b72a76a21ac5413187b83177a919475c75f
+Author: Yichun Zhang (agentzh) <agentzh@gmail.com>
+Date:   Wed Feb 10 16:05:08 2016 -0800
+
+    bugfix: upstream: keep sending request data after the first write attempt.
+    
+    See
+    http://mailman.nginx.org/pipermail/nginx-devel/2012-March/002040.html
+    for more details on the issue.
+
+diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c
+index dbaa956..a25aaa2 100644
+--- a/src/http/ngx_http_upstream.c
+++ b/src/http/ngx_http_upstream.c
+@@ -2003,7 +2003,7 @@ ngx_http_upstream_send_request_handler(ngx_http_request_t *r,
+ 
+ #endif
+ 
+-    if (u->header_sent) {
+    if (u->request_body_sent) {
+         u->write_event_handler = ngx_http_upstream_dummy_handler;
+ 
+         (void) ngx_handle_write_event(c->write, 0);
--- a/patches/nginx-1.13.3-upstream_timeout_fields.patch
+++ b/patches/nginx-1.13.3-upstream_timeout_fields.patch
@ -0,0 +1,121 @@
+diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c
+index c394b291..e10df0ab 100644
+--- a/src/http/ngx_http_upstream.c
+++ b/src/http/ngx_http_upstream.c
+@@ -502,12 +502,19 @@ void
+ ngx_http_upstream_init(ngx_http_request_t *r)
+ {
+     ngx_connection_t     *c;
+    ngx_http_upstream_t  *u;
+ 
+     c = r->connection;
+ 
+     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0,
+                    "http init upstream, client timer: %d", c->read->timer_set);
+ 
+    u = r->upstream;
+
+    u->connect_timeout = u->conf->connect_timeout;
+    u->send_timeout = u->conf->send_timeout;
+    u->read_timeout = u->conf->read_timeout;
+
+ #if (NGX_HTTP_V2)
+     if (r->stream) {
+         ngx_http_upstream_init_request(r);
+@@ -1590,7 +1597,7 @@ ngx_http_upstream_connect(ngx_http_request_t *r, ngx_http_upstream_t *u)
+     u->request_body_sent = 0;
+ 
+     if (rc == NGX_AGAIN) {
+-        ngx_add_timer(c->write, u->conf->connect_timeout);
+        ngx_add_timer(c->write, u->connect_timeout);
+         return;
+     }
+ 
+@@ -1666,7 +1673,7 @@ ngx_http_upstream_ssl_init_connection(ngx_http_request_t *r,
+     if (rc == NGX_AGAIN) {
+ 
+         if (!c->write->timer_set) {
+-            ngx_add_timer(c->write, u->conf->connect_timeout);
+            ngx_add_timer(c->write, u->connect_timeout);
+         }
+ 
+         c->ssl->handler = ngx_http_upstream_ssl_handshake_handler;
+@@ -1960,7 +1967,7 @@ ngx_http_upstream_send_request(ngx_http_request_t *r, ngx_http_upstream_t *u,
+ 
+     if (rc == NGX_AGAIN) {
+         if (!c->write->ready) {
+-            ngx_add_timer(c->write, u->conf->send_timeout);
+            ngx_add_timer(c->write, u->send_timeout);
+ 
+         } else if (c->write->timer_set) {
+             ngx_del_timer(c->write);
+@@ -2003,7 +2010,7 @@ ngx_http_upstream_send_request(ngx_http_request_t *r, ngx_http_upstream_t *u,
+         return;
+     }
+ 
+-    ngx_add_timer(c->read, u->conf->read_timeout);
+    ngx_add_timer(c->read, u->read_timeout);
+ 
+     if (c->read->ready) {
+         ngx_http_upstream_process_header(r, u);
+@@ -2800,7 +2807,7 @@ ngx_http_upstream_process_body_in_memory(ngx_http_request_t *r,
+     }
+ 
+     if (rev->active) {
+-        ngx_add_timer(rev, u->conf->read_timeout);
+        ngx_add_timer(rev, u->read_timeout);
+ 
+     } else if (rev->timer_set) {
+         ngx_del_timer(rev);
+@@ -3129,7 +3136,7 @@ ngx_http_upstream_send_response(ngx_http_request_t *r, ngx_http_upstream_t *u)
+         p->cyclic_temp_file = 0;
+     }
+ 
+-    p->read_timeout = u->conf->read_timeout;
+    p->read_timeout = u->read_timeout;
+     p->send_timeout = clcf->send_timeout;
+     p->send_lowat = clcf->send_lowat;
+ 
+@@ -3367,7 +3374,7 @@ ngx_http_upstream_process_upgraded(ngx_http_request_t *r,
+     }
+ 
+     if (upstream->write->active && !upstream->write->ready) {
+-        ngx_add_timer(upstream->write, u->conf->send_timeout);
+        ngx_add_timer(upstream->write, u->send_timeout);
+ 
+     } else if (upstream->write->timer_set) {
+         ngx_del_timer(upstream->write);
+@@ -3379,7 +3386,7 @@ ngx_http_upstream_process_upgraded(ngx_http_request_t *r,
+     }
+ 
+     if (upstream->read->active && !upstream->read->ready) {
+-        ngx_add_timer(upstream->read, u->conf->read_timeout);
+        ngx_add_timer(upstream->read, u->read_timeout);
+ 
+     } else if (upstream->read->timer_set) {
+         ngx_del_timer(upstream->read);
+@@ -3573,7 +3580,7 @@ ngx_http_upstream_process_non_buffered_request(ngx_http_request_t *r,
+     }
+ 
+     if (upstream->read->active && !upstream->read->ready) {
+-        ngx_add_timer(upstream->read, u->conf->read_timeout);
+        ngx_add_timer(upstream->read, u->read_timeout);
+ 
+     } else if (upstream->read->timer_set) {
+         ngx_del_timer(upstream->read);
+diff --git a/src/http/ngx_http_upstream.h b/src/http/ngx_http_upstream.h
+index c552ac0c..40b69d0a 100644
+--- a/src/http/ngx_http_upstream.h
+++ b/src/http/ngx_http_upstream.h
+@@ -329,6 +329,11 @@ struct ngx_http_upstream_s {
+     ngx_array_t                     *caches;
+ #endif
+ 
+#define HAVE_NGX_UPSTREAM_TIMEOUT_FIELDS  1
+    ngx_msec_t                       connect_timeout;
+    ngx_msec_t                       send_timeout;
+    ngx_msec_t                       read_timeout;
+
+     ngx_http_upstream_headers_in_t   headers_in;
+ 
+     ngx_http_upstream_resolved_t    *resolved;
--- a/patches/nginx-1.13.4-always_enable_cc_feature_tests.patch
+++ b/patches/nginx-1.13.4-always_enable_cc_feature_tests.patch
@ -0,0 +1,11 @@
+--- nginx-1.13.4/auto/cc/conf	2015-10-30 22:47:50.000000000 +0800
+++ nginx-1.13.4-patched/auto/cc/conf	2015-11-02 12:23:05.385156987 +0800
+@@ -136,7 +136,7 @@ fi
+ CFLAGS="$CFLAGS $NGX_CC_OPT"
+ NGX_TEST_LD_OPT="$NGX_LD_OPT"
+ 
+-if [ "$NGX_PLATFORM" != win32 ]; then
+if [ 1 ]; then
+ 
+     if test -n "$NGX_LD_OPT"; then
+         ngx_feature=--with-ld-opt=\"$NGX_LD_OPT\"
--- a/patches/nginx-1.13.4-balancer_status_code.patch
+++ b/patches/nginx-1.13.4-balancer_status_code.patch
@ -0,0 +1,27 @@
+diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c
+index 0f6b3ae..56d44fc 100644
+--- a/src/http/ngx_http_upstream.c
+++ b/src/http/ngx_http_upstream.c
+@@ -1368,6 +1368,11 @@ ngx_http_upstream_connect(ngx_http_request_t *r, ngx_http_upstream_t *u)
+         return;
+     }
+ 
+    if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
+        ngx_http_upstream_finalize_request(r, u, rc);
+        return;
+    }
+
+     u->state->peer = u->peer.name;
+ 
+     if (rc == NGX_BUSY) {
+diff --git a/src/http/ngx_http_upstream.h b/src/http/ngx_http_upstream.h
+index b288f28..9b60e12 100644
+--- a/src/http/ngx_http_upstream.h
+++ b/src/http/ngx_http_upstream.h
+@@ -418,5 +418,6 @@ extern ngx_module_t        ngx_http_upstream_module;
+ extern ngx_conf_bitmask_t  ngx_http_upstream_cache_method_mask[];
+ extern ngx_conf_bitmask_t  ngx_http_upstream_ignore_headers_masks[];
+ 
+#define HAVE_BALANCER_STATUS_CODE_PATCH
+ 
+ #endif /* _NGX_HTTP_UPSTREAM_H_INCLUDED_ */
--- a/patches/nginx-1.13.4-builtin_error_page_footer.patch
+++ b/patches/nginx-1.13.4-builtin_error_page_footer.patch
@ -0,0 +1,13 @@
+diff --git a/src/http/ngx_http_special_response.c b/src/http/ngx_http_special_response.c
+index 64e5acd..f5374f6 100644
+--- a/src/http/ngx_http_special_response.c
+++ b/src/http/ngx_http_special_response.c
+@@ -26,7 +26,7 @@ static u_char ngx_http_error_full_tail[] =
+ 
+ 
+ static u_char ngx_http_error_tail[] =
+-"<hr><center>nginx</center>" CRLF
+"<hr><center>openresty</center>" CRLF
+ "</body>" CRLF
+ "</html>" CRLF
+ ;
--- a/patches/nginx-1.13.4-cache_manager_exit.patch
+++ b/patches/nginx-1.13.4-cache_manager_exit.patch
@ -0,0 +1,19 @@
+# HG changeset patch
+# User Yichun Zhang <agentzh@gmail.com>
+# Date 1383598130 28800
+# Node ID f64218e1ac963337d84092536f588b8e0d99bbaa
+# Parent  dea321e5c0216efccbb23e84bbce7cf3e28f130c
+Cache: gracefully exit the cache manager process.
+
+diff -r dea321e5c021 -r f64218e1ac96 src/os/unix/ngx_process_cycle.c
+--- a/src/os/unix/ngx_process_cycle.c	Thu Oct 31 18:23:49 2013 +0400
+++ b/src/os/unix/ngx_process_cycle.c	Mon Nov 04 12:48:50 2013 -0800
+@@ -1335,7 +1335,7 @@
+ 
+         if (ngx_terminate || ngx_quit) {
+             ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "exiting");
+-            exit(0);
+            ngx_worker_process_exit(cycle);
+         }
+ 
+         if (ngx_reopen) {
--- a/Show More
+++ b/Show More