Make improvements

- Document redbean's argon2 module
- Fix regressions in cthreads library
- Make testlib work better with threads
- Give the cthreads library lots of love
- Remove some of the stdio assembly code
- Implement getloadavg() across platforms
- Code size optimizations for errnos, etc.
- Only check for signals in main thread on Windows
- Make errnos for dup2 / dup3 consistent with posix

This change also fixes a bug in the argon2 module, where the NUL
terminator was being included in the hash encoded ascii string. This
shouldn't require any database migrations to folks who found this module
and productionized it, since the argon2 library treats it as a c string.

tool/net/help.txt

@@ -1563,6 +1563,73 @@ MAXMIND MODULE
 
   For further details, please see maxmind.lua in redbean-demo.com.
 
+────────────────────────────────────────────────────────────────────────────────
+
+ARGON2 MODULE
+
+  This module implemeents a password hashing algorithm based on blake2b
+  that won the Password Hashing Competition.
+
+  It can be used to securely store user passwords in your SQLite
+  database, in a way that destroys the password, but can be verified by
+  regenerating the hash again the next time the user logs in. Destroying
+  the password is important, since if your database is compromised, the
+  bad guys won't be able to use rainbow tables to recover the plain text
+  of the passwords.
+
+  Argon2 achieves this security by being expensive to compute. Care
+  should be taken in choosing parameters, since an HTTP endpoint that
+  uses Argon2 can just as easily become a denial of service vector. For
+  example, you may want to consider throttling your login endpoint.
+
+  argon2.hash_encoded(pass:str, salt:int[, config:table])
+      ├─→ ascii:str
+      └─→ nil, error:str
+
+    Hashes password.
+
+    This is consistent with the README of the reference implementation:
+
+        >: assert(argon2.hash_encoded("password", "somesalt", {
+               variant = argon2.variants.argon2_i,
+               m_cost = 65536,
+               hash_len = 24,
+               parallelism = 4,
+               t_cost = 2,
+             }))
+        "$argon2i$v=19$m=65536,t=2,p=4$c29tZXNhbHQ$RdescudvJCsgt3ub+b+dWRWJTmaaJObG"
+
+    `pass` is the secret value to be encoded.
+
+    `salt` is a nonce value used to hash the string.
+
+    `config.m_cost` is the memory hardness in kibibytes, which defaults
+    to 4096 (4 mibibytes). It's recommended that this be tuned upwards.
+
+    `config.t_cost` is the number of iterations, which defaults to 3.
+
+    `config.parallelism` is the parallelism factor, which defaults to 1.
+
+    `config.hash_len` is the number of desired bytes in hash output,
+    which defaults to 32.
+
+    `config.variant` may be:
+
+      - `argon2.variants.argon2_id` blend of other two methods [default]
+      - `argon2.variants.argon2_i` maximize resistance to side-channel attacks
+      - `argon2.variants.argon2_d` maximize resistance to gpu cracking attacks
+
+  argon2.verify(encoded:str, pass:str)
+      ├─→ ok:bool
+      └─→ nil, error:str
+
+    Verifies password, e.g.
+
+        >: argon2.verify(
+            "$argon2i$v=19$m=65536,t=2," ..
+              "p=4$c29tZXNhbHQ$RdescudvJCsgt3ub+b+dWRWJTmaaJObG",
+            "password")
+        true
 
 ────────────────────────────────────────────────────────────────────────────────