Pick up stat analysis patches made for 23.12 and 2.11.0

This patch combines patches from these two picodata/tarantool fork branches:
https://git.picodata.io/picodata/tarantool/-/tree/dynamic-linking-from-system?ref_type=heads
https://git.picodata.io/picodata/picodata/picodata/-/tree/svace-fixes?ref_type=heads

Previously patches for tarantool were made for 2.11.0 so for 2.11.2 (version we currently use)
some of them had to be updated.

Patches from b124e8f01fafb98bc3005f77b8852d1f699f8666 initially were committed
to fork repo but for manageability it was decided that its easier to support
those via patch files. So these changes are added to existing patches in
certification_patches dir.

Then follow changes from 6b851b86
and 2be2aab5. Patch application is
currently concentrated in gitlab-ci.yml. 6b851b moved svace patches
application to tarantool's makefile. For now its easier to keep it
in one place. Svace patches from previous commit are moved into
subdirectory. Patches that touch supplementary files or simply remove
them are removed and the list of the files is kept for later to form a
dedicated list of files for deletion.

Conflicting were picked from f98334ea.
Redundant patch for curl libssh was removed because the same change
appeared upstream https://github.com/curl/curl/pull/11088/files



Luagdb patch was updated.
OSCP response patch as well as icu_common_exec patch were removed,
since original files are not needed in the build process and thus are
deleted from the repo.

Lastly patch application is moved to dedicated python script for
ease of sharing with vm builder repo.

Co-authored-by: Feodor Alexandrov <feodor.alex.alexandrov@gmail.com>

.gitlab-ci.yml

@@ -344,6 +344,8 @@ gamayun-run:
     - eval $TUNNEL
     - ls -la
     - |
+      # TODO consider moving this to the script as well, this may delete some html 
+      # license files which is probably not intended
       find . -type d -name 'test*' -o -name 'doc' -o -name 'docs' | xargs -n1 rm -rvf
       find tarantool-sys/third_party/ -type f -name '*.htm*' | xargs -n 1 rm -rfv
       find tarantool-sys/vendor/ -type f -name '*.htm*' | xargs -n 1 rm -rfv
@@ -353,20 +355,13 @@ gamayun-run:
       find . -type d -name 'docsrc' | xargs -n 1 rm -rvf
       find . -name '*.md' | xargs -n 1 rm -rvf
       find http tarantool-sys vshard -type d -name .github | xargs -n 1 rm -rfv
-    - PATCH_DIR=$(pwd)/certification_patches
     - |
-      (cd tarantool-sys; find ${PATCH_DIR} -name "tarantool-sys_*" | xargs -n 1 git apply)
-      (cd tarantool-sys/third_party/curl; find ${PATCH_DIR} -name "curl_*" | xargs -n 1 git apply)
-      (cd tarantool-sys/third_party/zstd; find ${PATCH_DIR} -name "zstd_*" | xargs -n 1 git apply)
-      (cd tarantool-sys/third_party/luajit; find ${PATCH_DIR} -name "luajit_*" | xargs -n 1 git apply)
-      (cd tarantool-sys/third_party/nghttp2; find ${PATCH_DIR} -name "nghttp2_*" | xargs -n 1 git apply)
-      (cd tarantool-sys/third_party/checks; find ${PATCH_DIR} -name "checks_*" | xargs -n 1 git apply)
-      (cd http; find ${PATCH_DIR} -name "http_*" | xargs -n 1 git apply)
-      (cd vshard; find ${PATCH_DIR} -name "vshard_*" | xargs -n 1 git apply)
+      ./tools/prepare_source_tree_for_stat_analysis.py gamayun
+      ./tools/prepare_source_tree_for_stat_analysis.py svace
     - |
       docker run --rm -t \
         -v $PWD:/tmp/src:rw \
-        -e "SONAR_OPS=-Dsonar.python.version=3 -Dsonar.login=${SONAR} -Dsonar.projectKey=Picodata-CI -Dsonar.exclusions=**/*.mod" \
+        -e "SONAR_OPS=-Dsonar.python.version=3 -Dsonar.login=${SONAR} -Dsonar.projectKey=Picodata-CI -Dsonar.exclusions=**/*.mod,osv-sonar.json" \
         -e "SONAR_SCANNER_OPTS="-Xmx4096m"" \
         -e "CARGO_CLIPPY_FILE=clippy.json" \
         -u $(id -u):$(id -g) --ulimit nofile=100000:100000 --network=host \

certification_patches/curl_libssh2.patch

-diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
-index ce9229f8f..4aef2ae70 100644
---- a/lib/vssh/libssh2.c
-+++ b/lib/vssh/libssh2.c
-@@ -723,11 +723,11 @@ static CURLcode ssh_check_fingerprint(struct Curl_easy *data)
-      */
-     if((pub_pos != b64_pos) ||
-        strncmp(fingerprint_b64, pubkey_sha256, pub_pos)) {
--      free(fingerprint_b64);
- 
-       failf(data,
-             "Denied establishing ssh session: mismatch sha256 fingerprint. "
-             "Remote %s is not equal to %s", fingerprint_b64, pubkey_sha256);
-+      free(fingerprint_b64);
-       state(data, SSH_SESSION_FREE);
-       sshc->actualcode = CURLE_PEER_FAILED_VERIFICATION;
-       return sshc->actualcode;

certification_patches/luajit_luajit-gdb.patch → certification_patches/gamayun_patches/luajit_luajit-gdb.patch

 diff --git a/src/luajit-gdb.py b/src/luajit-gdb.py
-index 96ee2289..7fd90e88 100644
+index d2070e9b..05351b9f 100644
 --- a/src/luajit-gdb.py
 +++ b/src/luajit-gdb.py
-@@ -279,7 +279,8 @@ def itypemap(o):
-         return LJ_T['NUMX'] if tvisnumber(o) else itype(o)
+@@ -327,7 +327,8 @@ def itypemap(o):
+ 
  
  def funcproto(func):
--    assert(func['ffid'] == 0)
+-    assert func['ffid'] == 0
 +    if not (func['ffid'] == 0):
 +        raise RuntimeError("assert failed")
  
      return cast('GCproto *',
-         mref('char *', func['pc']) - gdb.lookup_type('GCproto').sizeof)
+                 mref('char *', func['pc']) - gdb.lookup_type('GCproto').sizeof)

certification_patches/gamayun_patches/tarantool-sys_lua-cjson.patch

+diff --git a/third_party/lua-cjson/strbuf.c b/third_party/lua-cjson/strbuf.c
+index 69057ffb3..5a0272be1 100644
+--- a/third_party/lua-cjson/strbuf.c
++++ b/third_party/lua-cjson/strbuf.c
+@@ -106,7 +106,7 @@ static int calculate_new_size(strbuf_t *s, int len)
+         /* Exponential sizing */
+         while (newsize < reqsize)
+             newsize *= -s->increment;
+-    } else {
++    } else if (s->increment > 0) {
+         /* Linear sizing */
+         newsize = ((newsize + s->increment - 1) / s->increment) * s->increment;
+     }