wip

pkg/proctree/datasource.go

@@ -103,7 +103,7 @@ func (ptds *DataSource) exportProcessInfo(
 		}
 		childInfo := child.GetInfo()
 		if childInfo.IsAliveAt(queryTime) {
-			aliveChildren[childInfo.GetPid()] = childHash
+			aliveChildren[int(childInfo.GetPid())] = childHash // TODO: change types to reduce mem footprint
 		}
 	}
 
@@ -116,7 +116,7 @@ func (ptds *DataSource) exportProcessInfo(
 		}
 		threadInfo := thread.GetInfo()
 		if threadInfo.IsAliveAt(queryTime) {
-			aliveThreads[threadInfo.GetTid()] = threadHash
+			aliveThreads[int(threadInfo.GetTid())] = threadHash // TODO: change types to reduce mem footprint
 		}
 	}
 
@@ -126,10 +126,11 @@ func (ptds *DataSource) exportProcessInfo(
 	// Export the information as the expected datasource process structure.
 	return datasource.TimeRelevantInfo[datasource.ProcessInfo]{
 		Info: datasource.ProcessInfo{
-			EntityId:          process.GetHash(),
-			Pid:               infoFeed.Pid,
-			NsPid:             infoFeed.NsPid,
-			Ppid:              infoFeed.PPid,
+			EntityId: process.GetHash(),
+			// TODO: change types to reduce mem footprint (Pid, NsPid, Ppid, ThreadsIds, ChildProcessesIds)
+			Pid:               int(infoFeed.Pid),
+			NsPid:             int(infoFeed.NsPid),
+			Ppid:              int(infoFeed.PPid),
 			ContainerId:       "",         // TODO: Add
 			Cmd:               []string{}, // TODO: Add
 			ExecutionBinary:   exportFileInfo(executable, queryTime),
@@ -156,12 +157,13 @@ func (ptds *DataSource) exportThreadInfo(
 	// Export the information as the expected datasource thread structure.
 	return datasource.TimeRelevantInfo[datasource.ThreadInfo]{
 		Info: datasource.ThreadInfo{
-			EntityId:  thread.GetHash(),
-			Tid:       infoFeed.Tid,
-			NsTid:     infoFeed.NsTid,
-			Pid:       infoFeed.Pid,
-			UserId:    infoFeed.Uid,
-			GroupId:   infoFeed.Gid,
+			EntityId: thread.GetHash(),
+			// TODO: change types to reduce mem footprint (Tid, NsTid, Pid, UserId, GroupId)
+			Tid:       int(infoFeed.Tid),
+			NsTid:     int(infoFeed.NsTid),
+			Pid:       int(infoFeed.Pid),
+			UserId:    int(infoFeed.Uid),
+			GroupId:   int(infoFeed.Gid),
 			StartTime: info.GetStartTime(),
 			ExitTime:  info.GetExitTime(),
 			Name:      infoFeed.Name,
@@ -217,11 +219,12 @@ func exportFileInfo(fileInfo *FileInfo, queryTime time.Time) datasource.FileInfo
 
 	// Export the information as the expected datasource file structure.
 	return datasource.FileInfo{
-		Path:   fileInfoFeed.Path,
-		Hash:   "", // TODO: Add
-		Inode:  fileInfoFeed.Inode,
-		Device: fileInfoFeed.Dev,
+		Path: fileInfoFeed.Path,
+		Hash: "", // TODO: Add
+		// TODO: change types to reduce mem footprint (Inode, Device, Mode)
+		Inode:  int(fileInfoFeed.Inode),
+		Device: int(fileInfoFeed.Dev),
 		Ctime:  time.Unix(0, int64(fileInfoFeed.Ctime)),
-		Mode:   fileInfoFeed.InodeMode,
+		Mode:   int(fileInfoFeed.InodeMode),
 	}
 }

pkg/proctree/fileinfo.go

@@ -12,10 +12,10 @@ import (
 type FileInfoFeed struct {
 	// Name      string
 	Path      string // mutable (file path)
-	Dev       int    // mutable (device number)
-	Ctime     int    // mutable (creation time)
-	Inode     int    // mutable (inode number)
-	InodeMode int    // mutable (inode mode)
+	Dev       uint32 // mutable (device number)
+	Ctime     uint64 // mutable (creation time)
+	Inode     uint64 // mutable (inode number)
+	InodeMode uint16 // mutable (inode mode)
 }
 
 //
@@ -145,63 +145,63 @@ func (fi *FileInfo) GetPathAt(targetTime time.Time) string {
 }
 
 // GetDev returns the device number of the file.
-func (fi *FileInfo) GetDev() int {
+func (fi *FileInfo) GetDev() uint32 {
 	fi.mutex.RLock()
 	defer fi.mutex.RUnlock()
 
 	return fi.getFeed().Dev
 }
 
 // GetDevAt returns the device number of the file at the given time.
-func (fi *FileInfo) GetDevAt(targetTime time.Time) int {
+func (fi *FileInfo) GetDevAt(targetTime time.Time) uint32 {
 	fi.mutex.RLock()
 	defer fi.mutex.RUnlock()
 
 	return fi.getFeedAt(targetTime).Dev
 }
 
 // GetCtime returns the creation time of the file.
-func (fi *FileInfo) GetCtime() int {
+func (fi *FileInfo) GetCtime() uint64 {
 	fi.mutex.RLock()
 	defer fi.mutex.RUnlock()
 
 	return fi.getFeed().Ctime
 }
 
 // GetCtimeAt returns the creation time of the file at the given time.
-func (fi *FileInfo) GetCtimeAt(targetTime time.Time) int {
+func (fi *FileInfo) GetCtimeAt(targetTime time.Time) uint64 {
 	fi.mutex.RLock()
 	defer fi.mutex.RUnlock()
 
 	return fi.getFeedAt(targetTime).Ctime
 }
 
 // GetInode returns the inode number of the file.
-func (fi *FileInfo) GetInode() int {
+func (fi *FileInfo) GetInode() uint64 {
 	fi.mutex.RLock()
 	defer fi.mutex.RUnlock()
 
 	return fi.getFeed().Inode
 }
 
 // GetInodeAt returns the inode number of the file at the given time.
-func (fi *FileInfo) GetInodeAt(targetTime time.Time) int {
+func (fi *FileInfo) GetInodeAt(targetTime time.Time) uint64 {
 	fi.mutex.RLock()
 	defer fi.mutex.RUnlock()
 
 	return fi.getFeedAt(targetTime).Inode
 }
 
 // GetInodeMode returns the inode mode of the file.
-func (fi *FileInfo) GetInodeMode() int {
+func (fi *FileInfo) GetInodeMode() uint16 {
 	fi.mutex.RLock()
 	defer fi.mutex.RUnlock()
 
 	return fi.getFeed().InodeMode
 }
 
 // GetInodeModeAt returns the inode mode of the file at the given time.
-func (fi *FileInfo) GetInodeModeAt(targetTime time.Time) int {
+func (fi *FileInfo) GetInodeModeAt(targetTime time.Time) uint16 {
 	fi.mutex.RLock()
 	defer fi.mutex.RUnlock()
 

pkg/proctree/proctree.go

@@ -74,7 +74,7 @@ type ProcTreeConfig struct {
 type ProcessTree struct {
 	processes   *lru.Cache[uint32, *Process] // hash -> process
 	threads     *lru.Cache[uint32, *Thread]  // hash -> threads
-	procfsChan  chan int                     // channel of pids to read from procfs
+	procfsChan  chan int32                   // channel of pids to read from procfs
 	procfsOnce  *sync.Once                   // busy loop debug message throttling
 	ctx         context.Context              // context for the process tree
 	procfsQuery bool

pkg/proctree/proctree_feed.go

@@ -1,6 +1,7 @@
 package proctree
 
 import (
+	"math"
 	"path/filepath"
 	"time"
 
@@ -44,15 +45,15 @@ func (pt *ProcessTree) setParentFeed(
 	taskInfoFeed := pt.GetTaskInfoFeedFromPool()
 
 	taskInfoFeed.Name = "" // do not change the parent name
-	taskInfoFeed.Tid = int(forkFeed.ParentTid)
-	taskInfoFeed.Pid = int(forkFeed.ParentPid)
-	taskInfoFeed.NsTid = int(forkFeed.ParentNsTid)
-	taskInfoFeed.NsPid = int(forkFeed.ParentNsPid)
+	taskInfoFeed.Tid = forkFeed.ParentTid
+	taskInfoFeed.Pid = forkFeed.ParentPid
+	taskInfoFeed.NsTid = forkFeed.ParentNsTid
+	taskInfoFeed.NsPid = forkFeed.ParentNsPid
 	taskInfoFeed.StartTimeNS = forkFeed.ParentStartTime
-	taskInfoFeed.PPid = -1   // do not change the parent ppid
-	taskInfoFeed.NsPPid = -1 // do not change the parent nsppid
-	taskInfoFeed.Uid = -1    // do not change the parent uid
-	taskInfoFeed.Gid = -1    // do not change the parent gid
+	taskInfoFeed.PPid = -1            // do not change the parent ppid
+	taskInfoFeed.NsPPid = -1          // do not change the parent nsppid
+	taskInfoFeed.Uid = math.MaxUint32 // do not change the parent uid
+	taskInfoFeed.Gid = math.MaxUint32 // do not change the parent gid
 	taskInfoFeed.ExitTimeNS = 0
 
 	parent.GetInfo().SetFeedAt(taskInfoFeed, feedTimeStamp)
@@ -62,7 +63,7 @@ func (pt *ProcessTree) setParentFeed(
 
 	if pt.procfsQuery {
 		// why not to pass also the parent hash? create new API to pass the parent hash
-		pt.FeedFromProcFSAsync(int(forkFeed.ParentPid)) // try to enrich ppid and name from procfs
+		pt.FeedFromProcFSAsync(forkFeed.ParentPid) // try to enrich ppid and name from procfs
 	}
 }
 
@@ -75,15 +76,15 @@ func (pt *ProcessTree) setLeaderFeed(
 	taskInfoFeed := pt.GetTaskInfoFeedFromPool()
 
 	taskInfoFeed.Name = parent.GetInfo().GetName()
-	taskInfoFeed.Tid = int(forkFeed.LeaderTid)
-	taskInfoFeed.Pid = int(forkFeed.LeaderPid)
-	taskInfoFeed.NsTid = int(forkFeed.LeaderNsTid)
-	taskInfoFeed.NsPid = int(forkFeed.LeaderNsPid)
+	taskInfoFeed.Tid = forkFeed.LeaderTid
+	taskInfoFeed.Pid = forkFeed.LeaderPid
+	taskInfoFeed.NsTid = forkFeed.LeaderNsTid
+	taskInfoFeed.NsPid = forkFeed.LeaderNsPid
 	taskInfoFeed.StartTimeNS = forkFeed.LeaderStartTime
-	taskInfoFeed.PPid = int(forkFeed.ParentPid)
-	taskInfoFeed.NsPPid = int(forkFeed.ParentNsPid)
-	taskInfoFeed.Uid = -1 // do not change the leader uid
-	taskInfoFeed.Gid = -1 // do not change the leader gid
+	taskInfoFeed.PPid = forkFeed.ParentPid
+	taskInfoFeed.NsPPid = forkFeed.ParentNsPid
+	taskInfoFeed.Uid = math.MaxUint32 // do not change the leader uid
+	taskInfoFeed.Gid = math.MaxUint32 // do not change the leader gid
 	taskInfoFeed.ExitTimeNS = 0
 
 	leader.GetInfo().SetFeedAt(taskInfoFeed, feedTimeStamp)
@@ -93,7 +94,7 @@ func (pt *ProcessTree) setLeaderFeed(
 
 	if pt.procfsQuery {
 		// why not to pass also the parent hash? create new API to pass the leader hash
-		pt.FeedFromProcFSAsync(int(forkFeed.LeaderPid)) // try to enrich name from procfs if needed
+		pt.FeedFromProcFSAsync(forkFeed.LeaderPid) // try to enrich name from procfs if needed
 	}
 }
 
@@ -107,15 +108,15 @@ func (pt *ProcessTree) setThreadFeed(
 	taskInfoFeed := pt.GetTaskInfoFeedFromPool()
 
 	taskInfoFeed.Name = leader.GetInfo().GetName()
-	taskInfoFeed.Tid = int(forkFeed.ChildTid)
-	taskInfoFeed.Pid = int(forkFeed.ChildPid)
-	taskInfoFeed.NsTid = int(forkFeed.ChildNsTid)
-	taskInfoFeed.NsPid = int(forkFeed.ChildNsPid)
+	taskInfoFeed.Tid = forkFeed.ChildTid
+	taskInfoFeed.Pid = forkFeed.ChildPid
+	taskInfoFeed.NsTid = forkFeed.ChildNsTid
+	taskInfoFeed.NsPid = forkFeed.ChildNsPid
 	taskInfoFeed.StartTimeNS = forkFeed.ChildStartTime
-	taskInfoFeed.PPid = int(forkFeed.ParentPid)
-	taskInfoFeed.NsPPid = int(forkFeed.ParentNsPid)
-	taskInfoFeed.Uid = -1 // do not change the thread uid
-	taskInfoFeed.Gid = -1 // do not change the thread gid
+	taskInfoFeed.PPid = forkFeed.ParentPid
+	taskInfoFeed.NsPPid = forkFeed.ParentNsPid
+	taskInfoFeed.Uid = math.MaxUint32 // do not change the thread uid
+	taskInfoFeed.Gid = math.MaxUint32 // do not change the thread gid
 	taskInfoFeed.ExitTimeNS = 0
 
 	thread.GetInfo().SetFeedAt(taskInfoFeed, feedTimeStamp)
@@ -150,7 +151,7 @@ func (pt *ProcessTree) FeedFromFork(feed *ForkFeed) error {
 	// might have been created by execve() events, and those need to be updated (they're missing
 	// ppid, for example).
 
-	if !found || parent.GetInfo().GetPid() != int(feed.ParentPid) {
+	if !found || parent.GetInfo().GetPid() != feed.ParentPid {
 		pt.setParentFeed(parent, feed, feedTimeStamp)
 	}
 
@@ -165,7 +166,7 @@ func (pt *ProcessTree) FeedFromFork(feed *ForkFeed) error {
 
 	// Same case here (for events out of order created by execve first)
 
-	if !found || leader.GetInfo().GetPPid() != int(feed.ParentPid) {
+	if !found || leader.GetInfo().GetPPid() != feed.ParentPid {
 		pt.setLeaderFeed(leader, parent, feed, feedTimeStamp)
 	}
 
@@ -191,7 +192,7 @@ func (pt *ProcessTree) FeedFromFork(feed *ForkFeed) error {
 
 	// Same case here (for events out of order created by execve first)
 
-	if !found || thread.GetInfo().GetPPid() != int(feed.ParentPid) {
+	if !found || thread.GetInfo().GetPPid() != feed.ParentPid {
 		pt.setThreadFeed(thread, leader, feed, feedTimeStamp)
 	}
 
@@ -265,10 +266,10 @@ func (pt *ProcessTree) FeedFromExec(feed *ExecFeed) error {
 	fileInfoFeed := pt.GetFileInfoFeedFromPool()
 
 	fileInfoFeed.Path = feed.PathName
-	fileInfoFeed.Dev = int(feed.Dev)
-	fileInfoFeed.Ctime = int(feed.Ctime)
-	fileInfoFeed.Inode = int(feed.Inode)
-	fileInfoFeed.InodeMode = int(feed.InodeMode)
+	fileInfoFeed.Dev = feed.Dev
+	fileInfoFeed.Ctime = feed.Ctime
+	fileInfoFeed.Inode = feed.Inode
+	fileInfoFeed.InodeMode = feed.InodeMode
 
 	process.GetExecutable().SetFeedAt(fileInfoFeed, execTimestamp)
 

pkg/proctree/proctree_output.go

@@ -124,9 +124,9 @@ func (pt *ProcessTree) String() string {
 		}
 		hashStr := fmt.Sprintf("%v", process.GetHash())
 		startTime := fmt.Sprintf("%v", process.GetInfo().GetStartTimeNS())
-		tid := stringify(processFeed.Tid)
-		pid := stringify(processFeed.Pid)
-		ppid := stringify(processFeed.PPid)
+		tid := stringify(int(processFeed.Tid))
+		pid := stringify(int(processFeed.Pid))
+		ppid := stringify(int(processFeed.PPid))
 		date := process.GetInfo().GetStartTime().Format("2006-01-02 15:04:05")
 
 		// add the row to the table