/* snapdiff.h - per-process temporal snapshot + diff (OS-agnostic handler).
 *
 * A `snapshot` captures the bytes of every mapped run in a VA window under a
 * `cr3` at time T0. snap_diff re-reads the same window now and emits the runs
 * whose bytes changed (coalesced VA-contiguous diffs), including runs that
 * appeared or disappeared since T0. Keyed by `vmie_mem* + cr3`; it names no
 * Windows object.
 *
 * Ownership: snap_take / snap_free (create/destroy). snap_free is safe on NULL.
 */
#ifndef VMIE_SNAPDIFF_H
#define VMIE_SNAPDIFF_H
#include <stdint.h>
#include <stddef.h>
#include "memmodel.h"    /* vmie_mem, vregion */

typedef struct snapshot snapshot;

/* Capture the bytes of every mapped run in [lo,hi] (prot filter) under `cr3` at
 * T0. Returns a heap-owned snapshot, or NULL on OOM / bad input. */
snapshot* snap_take(vmie_mem* m, uintptr_t cr3, uint64_t lo, uint64_t hi, uint32_t prot_any);

/* Release a snapshot from snap_take. Safe on NULL. */
void      snap_free(snapshot* s);

/* Re-read the window now, compare to the snapshot, and emit changed runs as
 * vregion {va, len, prot = current} - coalescing VA-contiguous changed bytes
 * into one run. Runs that appeared or disappeared since T0 count as changed.
 * Writes up to `max` runs to `changed` (NULL to count only) and returns the
 * TOTAL number of changed runs, or -1 on bad input. */
int       snap_diff(const snapshot* s, vmie_mem* m, uintptr_t cr3,
                    vregion* changed, int max);

#endif /* VMIE_SNAPDIFF_H */