I've been running these patches in some form for a while. Now tidied up for RFC. It's quite possible I misinterpreted something; the behaviours seem to be quite long-standing, hence a first pass for comments. This has taken me to the _avail() functions, which do not seem to be prepared for signed output, yet callers interpret as signed and ultimately end up in external API. Their handling of wraparound conditions etc. may not be as expected. I've already started to look at these. -- Mark
