cleanup(scap,sinsp): Clean up proc callback handling code

[gnosek]

What type of PR is this?

Uncomment one (or more) /kind <> lines:

/kind bug

/kind cleanup

/kind design

/kind documentation

/kind failing-test

/kind feature

Any specific area of the project related to this PR?

Uncomment one (or more) /area <> lines:

/area API-version

/area build

/area CI

/area driver-kmod

/area driver-bpf

/area driver-modern-bpf

/area libscap-engine-bpf

/area libscap-engine-gvisor

/area libscap-engine-kmod

/area libscap-engine-modern-bpf

/area libscap-engine-nodriver

/area libscap-engine-noop

/area libscap-engine-source-plugin

/area libscap-engine-savefile

/area libscap-engine-udig

/area libscap

/area libpman

/area libsinsp

/area tests

/area proposals

Does this PR require a change in the driver versions?

/version driver-API-version-major

/version driver-API-version-minor

/version driver-API-version-patch

/version driver-SCHEMA-version-major

/version driver-SCHEMA-version-minor

/version driver-SCHEMA-version-patch

What this PR does / why we need it:

This PR aims to simplify the infrastructure around the proc callback (a function called from scap for every new thread and fd discovered during the /proc scan). The end result is:

• +274/-495: a bit of code removed, mostly in the dark corners of scap
• reduced allocations during /proc scan (we freed most of them immediately)
• fewer special cases all over the place

Summary of changes:

• every place that used to check for m_proc_callback now calls it unconditionally
• internal hash table manipulation (the m_proc_callback==NULL case) is now simply a different (default) callback
• scap_proc_read_thread is no longer a special case with the procinfo param, just uses its own temporary proclist
• scap_get_proc_table is gone (no longer used by sinsp)
• all scap_tinfo/scap_fdinfo heap allocations now happen in the proc callback, only when really needed

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

I'd call the diff surprisingly readable for a PR that touches half the world. There were fairly few incidental changes (except for a massive tinfo->foo -> tinfo.foo in scap_proc_add_from_proc).

Note: I may have broken something around filtering captures (the code is... interesting, with sinsp storing bits in scap_threadinfos) so I'll try to come up with some tests for it. For now, I'm just letting CI have its fun with the PR.

Does this PR introduce a user-facing change?:

BREAKING CHANGE: scap_get_proc_table is gone

[gnosek]

Yeah, we're completely bypassing capture filtering now. Will fix.

[gnosek]

I dropped the more aggressive changes for now, if the tests pass, I'll probably submit the rest as a separate PR.

[gnosek]

I know i am getting annoying...

Nah, this sort of annoying I fully approve :D

[FedeDP]

/approve

[poiana]

LGTM label has been added.

Git tree hash: 73b4175fabdaa0defb245905a4a245a0c05d5109

[incertum]

/approve

[poiana]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: FedeDP, gnosek, incertum

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [FedeDP,gnosek,incertum]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment