We need to call `tx_accept_msg` in `tx_process_override` before we pass
message to the override handler. Unfortunately if handler response with
IPROTO_HANDLER_FALLBACK we call the builtin handler for message that
calls `tx_accept_msg` again which is not expected. Some actions of
this function are idempotent and some are not.

Let's make the function NOP if it called once again.

Closes #9345

NO_DOC=bugfix

(cherry picked from commit 21112b06)

Without checking the return value of lua_pcall()` in
`lua_field_inspect_ucdata()`, the error message itself is returned as a
serialized result. The result status of `lua_pcall()` is not ignored
now.

NO_DOC=bugfix

Closes #9396

(cherry picked from commit 98474f70)

This module became unused as a result of LuaJIT bump made in the
commit 88333d13 ("luajit: bump new version"), so it can be
purged safely from the Tarantool sources.

Part of #8700

NO_DOC=internal
NO_TEST=internal
NO_CHANGELOG=added within the aforementioned commit

(cherry picked from commit e2851883)

Current split-brain detector implementation raises an error each time a
CONFIRM or ROLLBACK entry is received from the previous synchronous
transaction queue owner. It is assumed that the new queue owner must
have witnessed all the previous CONFIRMS. Besides, according to Raft,
ROLLBACK should never happen.

Actually there is a case when a CONFIRM from an old term is legal: it's
possible that during leader transition old leader writes a CONFIRM for
the same transaction that is confirmed by the new leader's PROMOTE. If
PROMOTE and CONFIRM lsns match there is nothing bad about such
situation.

Symmetrically, when an old leader issues a ROLLBACK with the lsn right
after the new leader's PROMOTE lsn, it is not a split-brain.

Allow such cases by tracking the last confirmed lsn for each synchronous
transaction queue owner and silently nopifying CONFIRMs with an lsn less
than the one recorded and ROLLBACKs with lsn greater than that.

Closes #9138

NO_DOC=bugfix

(cherry picked from commit ffa6ac15)

Previously the replicas only persisted the confirmed lsn of the current
synchronous transaction queue owner. As soon as the onwer changed, the
info about which lsn was confirmed by the previous owner was lost.

Actually, this info is needed to correctly filter synchro requests
coming from the old term, so start tracking confirmed vclock instead of
the confirmed lsn on replicas.

In-scope of #9138

NO_TEST=covered by the next commit
NO_CHANGELOG=internal change

@TarantoolBot document
Title: Document new IPROTO_RAFT_PROMOTE request field

IPROTO_RAFT_PROMOTE and IPROTO_RAFT_DEMOTE requests receive a new key
value pair:

IPROTO_VCLOCK : MP_MAP

The vclock holds a confirmed vclock of the node sending the request.

(cherry picked from commit c4415d44)

Synchronous requests will receive a new field encoding a full vclock
soon. Theoretically a vclock may take up to ~ 300-400 bytes (3 bytes for
a map header + 32 components each taking up 1 byte for replica id and up
to 9 bytes for lsn). So it makes no sense to increase
SYNCHRO_BODY_LEN_MAX from 32 to 400-500. It would become almost the same
as plain BODY_LEN_MAX. Simply reuse the latter everywhere.

In-scope-of #9138

NO_DOC=refactoring
NO_TEST=refactoring
NO_CHANGELOG=refactoring

(cherry picked from commit 53605779)

There was an error in xrow_decode_synchro: it compared the expected type
of the value to the type of the key (MP_UINT) instead of the type of the
actual value. This went unnoticed because all values in synchro requests
were integers.

This is going to change soon, when PROMOTE requests will start holding a
vclock, so fix the wrong type check.

In-scope-of #9138

NO_DOC=bugfix
NO_CHANGELOG=not user-visible

(cherry picked from commit c18410f5)

The fix is simple: look up the function in `box.func` by name and, if
found, execute its `call` method. The only tricky part is to avoid the
lookup before `box.cfg` is called because `box.func` is unavailable at
the time. We achieve that by checking `box.ctl.is_recovery_finished`.

Closes #9131

NO_DOC=bug fix

(cherry picked from commit e92a8e7b)

In this commit, we're fixing a problem with Docker in the workflow
`.github/workflows/source.yml`.

The mentioned workflow uses the `.github/actions/environment` action
that needs a permission to make a loopback device for [1]. We didn't
allow for that before due to missing container args, and it caused the
following error:

```
umount: /tmp/luajit-test-vardir: must be superuser to unmount.
256000+0 records in
256000+0 records out
1048576000 bytes (1.0 GB, 1000 MiB) copied, 1.36702 s, 767 MB/s
mount: /tmp/luajit-test-vardir: mount failed: Operation not permitted.
Error: Process completed with exit code 1.
```

The problem started since commit af996bbb ("ci: dockerize
linux workflows"). The simplest way to fix the issue is not to run
the workflow inside a Docker container because a tarball with the
source code is created via the `./packpack/packpack tarball` command
that runs a Docker container as well.

[1] https://github.com/tarantool/tarantool/issues/7472

NO_DOC=ci
NO_TEST=ci
NO_CHANGELOG=ci

(cherry picked from commit 09ad57f4)

On Tarantool shutdown we destroy all the fibers in some sequence. We
don't require that all the fibers are finished before shutdown. So it
may turn out that we first destroy some alive fiber and then destroy
another alive fiber which joins the first one. Currently we have
use-after-free issue in this case because clearing `link` field of
the second fiber changes `wake` field of the first fiber.

Close #9406

NO_DOC=bugfix

(cherry picked from commit 2f7ec948)

Graceful shutdown is done in a special fiber which is started for
example on SIGTERM. So it can run concurrently with fiber executing
Tarantool init script. On init fiber exit we break event loop to pass
control back to the Tarantool initialization code. But we fail to run
event loop a bit more to finish graceful shutdown.

The test is a bit contrived. A more real world case is when Tarantool is
termintated during lingering box.cfg().

Close #9411

NO_DOC=bugfix

(cherry picked from commit 786eb2ac)

Modify Linux workflows for running jobs inside Docker containers. It
helps isolate the building and testing environment from the runner's
system and other workflows.

Closes tarantool/tarantool-qa#327

NO_DOC=ci
NO_TEST=ci
NO_CHANGELOG=ci

(cherry picked from commit af996bbb)

According to ANSI, EXISTS is a predicate that tests a given subquery and
returns true if it returns more than 0 rows, false otherwise. However,
after 2a720d11, EXISTS worked correctly only if there were exactly 0
or 1 rows, and in all other cases it gave an error. This patch makes
EXITS work properly.

Closes #8676

NO_DOC=bugfix

(cherry picked from commit a5e498d1)

In the `.github/workflows/source.yml` workflow for preparing a tarball
with the source code, a PackPack Docker container is already used. For
uploading the tarball to the repo, the `aws` utility is used, which is
installed before. To skip installation of additional packages on the
self-hosted runners, we are moving to the GitHub-hosted runners, which
already have the `aws` utility installed. Step `Prepare checkout` is
removed because the GitHub-hosted runner is an ephemeral environment.

NO_DOC=ci
NO_TEST=ci
NO_CHANGELOG=ci

(cherry picked from commit 3ee68d8b)

We run SVACE on static build. It doesn't compile unless libsvace is in
the allow list.

Follow-up #9242

NO_DOC=build
NO_TEST=build
NO_CHANGELOG=build

(cherry picked from commit a6a8ef68)

SVACE stopped working after commit 98b38e89 ("cmake: allow to
bundle static dependencies in main project") changed the bundled libs
directory layout. To fix this, let's introduce the new cmake option
BUNDLED_LIBS_INSTALL_DIR and set it in static-build/CMakeLists.txt to
the legacy location. Also, let's use the legacy directories for each
external project's PREFIX, SOURCE_DIR, BINARY_DIR, and STAMP_DIR.

Follow-up #9242

NO_DOC=build
NO_TEST=build
NO_CHANGELOG=build

(cherry picked from commit 37b1c287)

NO_DOC=tests
NO_TEST=tests
NO_CHANGELOG=tests

(cherry picked from commit 941a85c3)

* Mark CONV as non-weak, to prevent elimination of its side-effect.
* Fix ABC FOLD rule with constants.
* test: add test for conversions folding
* Add NaN check to IR_NEWREF.
* LJ_GC64: Fix lua_concat().
* test: introduce asserts assert_str{_not}_equal
* ci: enable codespell
* cmake: introduce target with codespell
* codehealth: fix typos
* tools: add cli flag to run profile dump parsers
* profilers: purge generation mechanism
* memprof: refactor symbol resolution
* sysprof: fix crash during FFUNC stream
* Fix last commit.
* Print errors from __gc finalizers instead of rethrowing them.
* x86/x64: Fix math.ceil(-0.9) result sign.
* test: fix flaky fix-jit-dump-ir-conv.test.lua
* IR_MIN/IR_MAX is non-commutative due to underlying FPU ops.
* Fix jit.dump() output for IR_CONV.
* Fix FOLD rule for x-0.
* FFI: Fix pragma push stack limit check and throw on overflow.
* Prevent compile of __concat with tailcall to fast function.
* Fix base register coalescing in side trace.
* Fix register mask for stack check in head of side trace.
* x64: Properly fix __call metamethod return dispatch.

Closes #8594
Closes #8767
Closes #9339
Part of #9145

NO_DOC=LuaJIT submodule bump
NO_TEST=LuaJIT submodule bump

Instead of using ctest, let's simply run the CheckDependencies.cmake as
a post build command if Tarantool was built without dependencies. The
good thing about it is that the check will run even if the static build
is created directly, without the /static-build/CMakeLists.txt wrapper.

Part of #9242

NO_DOC=build
NO_TEST=build
NO_CHANGELOG=build

(cherry picked from commit fa4939bd)

zzip is installed to lib64/ on some systems by default so we need to
explicitly set the install dir to lib/.

Fixes commit 140fd681 ("cmake: allow to use bundled zzip").

NO_DOC=build
NO_TEST=build
NO_CHANGELOG=build

(cherry picked from commit a2311666)

Currently, the BUILD_STATIC and BUILD_STATIC_WITH_BUNDLED_LIBS cmake
options don't enable static linking of the OpenSSL library so we have
to set OPENSSL_USE_STATIC_LIBS explicitly. Let's enable static linking
of OpenSSL by default because we enable it anyway in all our official
builds.

NO_DOC=build
NO_TEST=build
NO_CHANGELOG=build

(cherry picked from commit edadffd7)

Tarantool EE needs to build or find some extra libraries. Let's add
the new variable EXTRA_DEPENDENCIES_CMAKE for that. It'll be defined
by the parent project.

Since we might need to link the extra dependencies to the core library,
we also add the new list variable EXTRA_CORE_DEPENDENCIES. If set, its
contents will be appended to the core library dependencies list.

Follow-up #9242

NO_DOC=build
NO_TEST=build
NO_CHANGELOG=build

(cherry picked from commit a367265b)

There's EMBED_LUZIP cmake option that embeds the Lua zip module in
Tarantool binary. Since the Lua zip module depends on the zzip library,
it also links the zzip library. The option is used only by Tarantool EE
so there's no config for bundling the zzip library in the CE repository.
Now, that we bundle all static build dependencies in the main project
cmake config, let's add zzip bundling code here as well. The code of
/cmake/BuildZZIP.make is copied from /static-build/CMakeLists.txt of
the EE repository.

Follow-up #9242

NO_DOC=build
NO_TEST=build
NO_CHANGELOG=build

(cherry picked from commit 140fd681)

The BUILD_STATIC cmake config option forces the build system link
Tarantool binary statically with its dependencies. It expects that all
static libraries on which Tarantool binary depends are available at
build time.

We don't use this option directly to create static binaries because it
would produce different results on different build systems. Instead, we
use the separate cmake config located in the static-build directory,
which fetches all Tarantool dependencies from a predefined location
before building a static binary.

Having a separate cmake config is inconvenient. Let's enable bundling of
static binary dependencies right in the main project cmake config, like
we bundle, for example, libcurl. To achieve that, the new build option
was introduced BUILD_STATIC_WITH_BUNDLED_LIBS. It implies BUILD_STATIC
and also fetches and builds all required dependencies, like the
static-build cmake config used to. The latter doesn't do it anymore;
from now on, it just sets BUILD_STATIC_WITH_BUNDLED_LIBS when building
Tarantool. We can't remove the static-build cmake config yet because
there are quire a few CI workflows depending on it.

Note that, just like BUILD_STATIC, BUILD_STATIC_WITH_BUNDLED_LIBS
doesn't imply OPENSSL_USE_STATIC_LIBS so the latter should be set
explicitly if one wants to use the static openssl library. However,
setting OPENSSL_USE_STATIC_LIBS with BUILD_STATIC_WITH_BUNDLED_LIBS will
force the build system use bundled static openssl library.

This patch is relatively straightforward. It just moves the external
projects from /static-build/cmake/AddDependencyProjects.cmake to /cmake
adding build dependencies where required and setting variables that are
set by the corresponding /cmake/FindXXX.cmake configs.

There are a few things that should be noted separately though:
 - We dropped the ZLIB_FOUND check from the main project cmake config.
   It was used for building EE but the latter is going to be broken
   anyway once this patch is committed. We'll fix it in following
   commits.
 - FindLibUnwind referenced zlib library by ZLIB::ZLIB. We don't set
   it for bundled zlib so let's use ZLIB_LIBRARIES instead.
 - We don't need to detect dependency cflags while building bundled
   libraries as we can reuse the flags set by the main project.
 - We don't use HARDENING_LDFLAGS because it makes no sense when
   building static libraries.

Closes #9242

NO_DOC=build
NO_TEST=build
NO_CHANGELOG=build

(cherry picked from commit 98b38e89)

Currently, we simply include the libyaml source directory into the main
project. The problem is that libyaml uses ICU. If ICU is built outside
the main project cmake config, as it's the case with the static-build,
both the main project and libyaml cmake configs will use the same ICU
version. However, if we build ICU in the main project, as we intend to
do to resolve #9242, it may not work. To fix that, we need to use the
external project API to build libyaml.

Needed for #9242

NO_DOC=build
NO_TEST=build
NO_CHANGELOG=build

(cherry picked from commit 8820f5c9)

There's no need in it because we closed Tarantool symbols long ago and
now export only those symbols that are specified in exports files. Let's
remove the useless code.

Needed for #9242

NO_DOC=build
NO_TEST=build
NO_CHANGELOG=build

(cherry picked from commit 707ff97f)

The tests are TAP compatible and applicable to all Tarantool builds so
there's no need to run them with ctest. We just need to add a couple
skip conditions:
 - The luarocks test shouldn't be run on dynamic builds because luarocks
   modules aren't embedded there.
 - The traceback test should be run only if ENABLE_BACKTRACE was set at
   build time.

Part of #9242

NO_DOC=refactoring
NO_TEST=refactoring
NO_CHANGELOG=refactoring

(cherry picked from commit 1eb98ef3)

* Revert "Update cur_L on exceptional path (arm)"
* Revert "arm64: fix cur_L restoration on error throw"
* Revert "Update cur_L on exceptional path"
* Revert "Fix cur_L tracking on exceptional path"
* Restore cur_L for specific Lua/C API use case.
* Fix Clang build.

Closes #6323
Part of #9145

NO_DOC=LuaJIT submodule bump
NO_TEST=LuaJIT submodule bump

Prior to this patch, there were many possible code execution options
that were not covered by tests. After this commit, any assert(false)
inside box_wait_limbo_acked cause a crash.

Closes #7318

NO_DOC=test
NO_CHANGELOG=test

(cherry picked from commit 7fce5bec)

New commits:

- test: fix test build for Debian 9 and alike
- test: fix unused variable warning in matras test

NO_TEST=submodule bump
NO_CHANGELOG=submodule bump
NO_DOC=submodule bump

Old: "Failed to allocate 2147483648 bytes in hash_table for key"
New: "Failed to allocate 16384 bytes in hash_table for key"

ERRINJ_INDEX_ALLOC cannot be used to test this error, because it fails
earlier, so ERRINJ_HASH_INDEX_REPLACE is introduced.

Follow-up #3594

NO_DOC=minor
NO_CHANGELOG=minor

(cherry picked from commit 0a8043d1)

The issue is fixed in the `small' submodule by the following commit:

* matras: fix matras_view::block_count overflow

Closes #3594

NO_TEST=The test requires more than 64 GB of RAM.

@TarantoolBot document
Title: Document maximum number of tuples in hash index
Product: Tarantool
Root document: https://www.tarantool.io/en/doc/latest/book/box/limitations/

Number of tuples in hash index: 2147483648

(cherry picked from commit 7eaa2d23)

The bug was fixed in the small library:
 - slab: fix NULL ptr deref in assertion in slab_get
   https://github.com/tarantool/small/commit/ef77efacd452cb90caea2caf22d266f791c95ec3
 - slab: fix uint32_t overflow in slab_capacity
   https://github.com/tarantool/small/commit/77203600a7c645d97bce56f901eec25de0b29d6e

The small library submodule was updated in commit ebafd684
("small: bump version").

Closes #9218

NO_DOC=changelog
NO_TEST=changelog

(cherry picked from commit 1fc6b4a1)

This is part of master commit bd4c6675 ("memtx: use MemtxAllocator
stats for box.info.memory"). The test is failed without the patch in
ASAN build.

Follow-up #7327

NO_CHANGELOG=test fix
NO_DOC=test fix

Message body resides in one of rotating input buffers for the
connection. When we don't need message body anymore we advance the
reading end of the input buffer by the size of the message. But message
processing order can differ from the order of messages in the wire.
Thus this advancing a bit hacky. Let's instead mark the data in the
input buffer as read when we process all the messages in the input
buffer. We cannot reuse the buffer any earlier anyway.

Follow-up #7327

NO_TEST=refactoring
NO_CHANGELOG=refactoring
NO_DOC=refactoring

(cherry picked from commit 9e918278)

The API functions additionally poison related data in ASAN build.

Follow-up #7327

NO_TEST=refactoring
NO_CHANGELOG=refactoring
NO_DOC=refactoring

(cherry picked from commit 73832668)

The new macro is like assert, but it evaluates the checked expression
even in the release mode.

NO_DOC=internal
NO_TEST=internal
NO_CHANGELOG=internal

(cherry picked from commit bfd2a20d)

The test is quite a flacky in debug ASAN CI workflow. The issue is test
check upper boundary of it's execution time. I run many instances of
this test on in parallel and got average time of 40s for memtex and 70s
for vinyl.

The time quota is already changed by the commit 84cb1e04 ("sql:
increase time quota for selectG test on vinyl") for laptops with HDD.
I did not check execution time for HDD though. I guess the bottleneck
for debug ASAN is CPU.

Follow-up #7327

NO_CHANGELOG=internal
NO_DOC=internal

(cherry picked from commit 703d11fe)

This patch also includes:
  - misc trivial fixes for ASAN discovered issues
  - minor adaptations for ASAN friendly allocators

Closes #7327

NO_DOC=internal
NO_CHANGELOG=internal

(cherry picked from commit 446201b8)

With new ASAN-friendly small implementation unit/fiber_stack.c test
start to fail. The issue is leak sanitizer reports a leak. This is an
expected leak of test for mprotect failure on fiber stack destruction.
Let's tell sanitizer to ignore this case.

By the way let's drop test code for temporary redirecting stderr. It is
outdated as test is TAP-compatible. It was a PITA as due to this
redirection there was no leak report only error exit code.

Part of #7327

NO_CHANGELOG=internal
NO_DOC=internal

(cherry picked from commit 41844ffb)