The commit bd6fb06a ("core: allow
spurious wakeups in cbus_call") mistakenly removed the msg->caller
cleanup after a spurious wakeup or a timeout. Fix that.

NO_DOC=internal change
NO_CHANGELOG=internal change

Feedback daemon is reconfiguread as many times as number of options
changed during single box.cfg call which is suboptimal. Add proper support
for modules which configure all its options in a single call.

Part of https://github.com/tarantool/tarantool-ee/issues/200

NO_DOC=refactoring
NO_TEST=refactoring
NO_CHANGELOG=refactoring

Some luatest framework tests use Lua `assert`s, which are incomprehensible
when failed (the only information provided is 'assertion failed!'),
making debugging difficult: replace them with luatest `assert`s and their
context-specific varieties.

NO_CHANGELOG=<code health>
NO_DOC=<code health>

If an update operation tried to insert a new key into a map or an
array which was created by a previous update operation, then the
process would fail an assertion.

That was because the first operation was stored as a bar update.
The second operation tried to branch it assuming that the entire
bar update's JSON path must exist, but it wasn't so for the newly
created part of the path.

The solution is to fallback to branching earlier than the entire
bar path ends, if can see that the next part of the path can't be
found.

Closes #7705

NO_DOC=bugfix

TREE (HASH) index implements `random` method: if the space is empty from
the transaction's perspective, which means we have to return nothing, add
gap tracking of whole range (full scan
tracking), since this result is equivalent to `index:select{}`, otherwise
repeatedly call `random` and clarify result, until we get a non-empty one.
We do not care about performance here, since all operations in context of
transaction management currently have O(number of dirty tuples)
complexity.

Closes #7670

NO_DOC=bugfix

Since `key_def_merge` sets the merged key definition's unique part count
equal to the new part count, the extra assignment in case the index is not
unique is redundant: remove it.

NO_CHANGELOG=<refactoring>
NO_DOC=<refactoring>
NO_TEST=<refactoring>

If TREE index `get` result is empty, the key part count is incorrectly
compared to the tree's `cmp_def->part_count`, though it should be compared
with `cmp_def->unique_part_count`. But we can actually assume that by the
time we get to the index's `get` method the part count is equal to the
unique part count (partial keys are rejected and `get` is not
supported for non-unique indexes): change check to correct assertion.

Closes #7685

NO_DOC=<bugfix>

Replaced assertions, that no one started new elections/promoted while
acquiring limbo, with checks that raft term and limbo term didn't
change. In case they did - don't write DEMOTE/PROMOTE and just release
limbo, because it's already owned/will soon be by someone else.

Closes #7086

NO_DOC=Bugfix

@TarantoolBot document
Title: Document encoding parameters in http client

New option "params" passed to HTTP request allows a user to add query
parameters into URI. When option "params" contains a Lua table with
key-value pairs these parameters encoded to a string and passed as an
URL path in GET/HEAD/DELETE methods and as a HTTP body with POST method.
In a latter case error will be raised when body is not empty.

```
> uri = require("uri")
> httpc = require("httpc")
> params = { key1 = 'value1', key2 = uri.values('value1', 'value2') }
> r = http.client.get("http://httpbin.org/get", { params = params })
> r.url
---
- http://httpbin.org/get?key1=value1&key2=value1&key2=value2
...

```

Key and values could be a Lua number, string, boolean, anything that has
a `__serialize` or `__tostring` metamethod. It is possible to pass
datetime, decimal and number64 values.

Limitations:

- order of keys with values in a result string is not deterministic
- percent encoding is not supported at the moment

Closes #6832

@TarantoolBot document
Title: Document encoding HTTP parameters to a query string

New method uri.values() allows a user to represent multivalue
parameter's.

Setting multivalue parameter with `uri.parse()` and `uri.format()`:

```
> params = {q1 = uri.values("v1", "v2")}}
> uri.format({host = 'brnkv.ru', params = params})
---
- http://x.html?q1=v1&q1=v2
...

> uri.parse({"/tmp/unix.sock", params = params)
---
- host: unix/
  service: /tmp/unix.sock
  unix: /tmp/unix.sock
  params:
    q1:
    - v1
    - v2
...

```

Key and values could be a Lua number, string, boolean, anything that has
a `__serialize` or `__tostring` metamethod. It is possible to pass
`datetime`, `decimal` and `number64` values too.

NOTE: Order of keys with values in a result string is not deterministic.

Needed for #6832

Patch introduces two internal functions: `uri.params()` and
`uri.encode_kv()`.

NO_CHANGELOG=internal
NO_DOC=internal

Needed for #6832

NO_CHANGELOG=internal
NO_DOC=internal
NO_TEST=internal

NO_CHANGELOG=internal
NO_DOC=internal
NO_TEST=internal

Currently, it is possible to create a constraint with a name that does
not match the rules for identifiers. Fix this by validating them by
identifier_check.

Closes #7201

NO_DOC=bugfix
NO_CHANGELOG=minor bug

Introduce cmake option ENABLE_HARDENING, which is TRUE by default for
non-debug regular and static builds, excluding AArch64 and FreeBSD.
It passess compiler flags that harden Tarantool (including the bundled
libraries) against memory corruption attacks. The following flags are
passed:

* -Wformat - Check calls to printf and scanf, etc., to make sure that
  the arguments supplied have types appropriate to the format string
  specified.

* -Wformat-security -Werror=format-security - Warn about uses of format
  functions that represent possible security problems. And make the
  warning into an error.

* -fstack-protector-strong - Emit extra code to check for buffer
  overflows, such as stack smashing attacks.

* -fPIC -pie - Generate position-independent code (PIC). It allows to
  take advantage of the Address Space Layout Randomization (ASLR).

* -z relro -z now - Resolve all dynamically linked functions at the
  beginning of the execution, and then make the GOT read-only.

Also do not disable hardening for Debian and RPM-based Linux distros.

Closes #5372
Closes #7536

NO_DOC=build
NO_TEST=build

Bump test-run to new version with the following improvements:

- Improve getting iproto port for tarantool < 2.4.1 [1]

[1] https://github.com/tarantool/test-run/pull/349

NO_DOC=testing stuff
NO_TEST=testing stuff
NO_CHANGELOG=testing stuff

TAP tests could be running by test-run.py, but it is often convenient to
run these tests by tarantool only: tarantool test/app-tap/yaml.test.lua.
Most TAP tests returns non-zero exit code when TAP asserts are failed.
But exit code is not changed when TAP plan is bad (number of planned
testcases is not equal to executed). Proposed patch adds test:check() to
TAP tests so tests will return non-zero exit code when plan is bad.

NO_CHANGELOG=it is not a user-visible change
NO_DOC=tests

`directly_replaced` stories can potentially get garbage collected in
`memtx_tx_handle_gap_write`, which is unexpected and leads to 'use after
free': in order to fix this, limit garbage collection points only to
external API calls.

Wrap all possible garbage collection points with explicit warnings (see
c9981a56).

Closes #7449

NO_DOC=bugfix

NO_CHANGELOG=internal
NO_DOC=internal
NO_TEST=internal

Commit 9adedc1f ("test: add new `make` test targets") introduced new
targets for running test-run.py with unit tests. However, this target
doesn't depend on changes in tested libraries and changes in unit tests.
Proposed patch introduces a function that creates a build targets for
unit tests and fixes the described problem with dependencies.

Additionally, patch added missed dependence for popen and popen-child.

NO_CHANGELOG=internal
NO_DOC=internal

NO_CHANGELOG=internal
NO_DOC=internal
NO_TEST=refactoring

Needed for the next commit

All merge sources (including the merger itself) share the same
`<merge source>:pairs()` implementation, which returns `gen, param,
state` triplet. `gen` is `lbox_merge_source_gen()`, `param` is `nil`,
`state` in the merge source.

The `lbox_merge_source_gen()` returns `source, tuple`. The returned
source is supposed to be the same object as a one passed to the function
(`gen(param, state)`), so the function assumes the object as alive and
don't increment source's refcounter at entering, don't decrease it at
exitting.

This logic is perfect, but there was a mistake in the implementation:
the function returns a new cdata object (which holds the same pointer to
the merge source structure) instead of the same cdata object.

The new cdata object neither increases the source's refcounter at
pushing to Lua, nor decreases it at collecting. At result, if we'll loss
the original merge source object (and the first `state` that is returned
from `:pairs()`), the source structure may be freed. The pointer in the
new cdata object will be invalid so.

A sketchy code that illustrates the problem:

```lua
gen, param, state0 = source:pairs()
assert(state0 == source)
source = nil
state1, tuple = gen(param, state0)
state0 = nil
-- assert(state1 == source) -- would fails
collectgarbage()
-- The cdata object that is referenced as `source` and as `state`
-- is collected. The GC handler is called and dropped the merge
-- source structure refcounter to zero. The structure is freed.
-- The call below will crash.
gen(param, state1)
```

In the fixed code `state1 == source`, so the GC handler is not called
prematurely: we have the merge source object alive till the end of the
iterator or till the stop of the traversal.

Fixes #7657

NO_DOC=a crash is definitely not what we want to document

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

NO_DOC=internal
NO_CHANGELOG=internal

* From Lua 5.3: assert() accepts any type of error object.

Closes #7457
Part of #7230

NO_DOC=LuaJIT submodule bump
NO_TEST=LuaJIT submodule bump

When conflicting transactions that made full scans in
`memtx_tx_handle_gap_write`, we need to also track that the conflicted
transaction has read the inserted tuple, just like we do in gap tracking
for ordered indexes — otherwise another transaction can overwrite the
inserted tuple in which case no gap tracking will be handled.

Closes #7493

NO_DOC=bugfix