#!/usr/bin/env python3
"""Extract canary's v80000000 256MB span as a flat binary mirroring our format.

Reads the canary Memory::Save dump at audit-runs/audit-024a-canary-diff/canary-memory.dump,
walks heaps in order (v00 v40 v80 v90 physical), and for v80 writes each committed
65536-byte page to its file offset (page_idx * 65536). Uncommitted pages stay zero.
"""
import struct
import sys
import os

HEAPS = [
    ("v00000000", 0x00000000, 0x40000000, 4096),
    ("v40000000", 0x40000000, 0x3F000000, 65536),
    ("v80000000", 0x80000000, 0x10000000, 65536),
    ("v90000000", 0x90000000, 0x10000000, 4096),
    ("physical",  0x00000000, 0x20000000, 4096),
]
K_COMMIT = 0x2

def main():
    src = sys.argv[1] if len(sys.argv) > 1 else \
        "/home/fabi/RE Project Sylpheed/xenia-rs/audit-runs/audit-024a-canary-diff/canary-memory.dump"
    out = sys.argv[2] if len(sys.argv) > 2 else \
        os.path.join(os.path.dirname(__file__), "canary-v80.bin")
    with open(src, "rb") as f:
        data = f.read()
    print(f"[i] dump size: {len(data)} bytes ({len(data)/1024/1024:.1f} MiB)")
    cursor = 0
    out_buf = None
    for name, base, size, page_size in HEAPS:
        page_count = size // page_size
        committed = 0
        if name == "v80000000":
            out_buf = bytearray(size)
        for i in range(page_count):
            qword = struct.unpack_from("<Q", data, cursor)[0]
            cursor += 8
            state = (qword >> 60) & 0x3
            if state != 0 and (state & K_COMMIT):
                if name == "v80000000":
                    out_buf[i*page_size:(i+1)*page_size] = data[cursor:cursor+page_size]
                cursor += page_size
                committed += 1
        print(f"[i] {name}: pages={page_count} committed={committed}")
    print(f"[i] total parsed: {cursor:#x} (file size: {len(data):#x})")
    with open(out, "wb") as f:
        f.write(out_buf)
    print(f"[i] wrote {len(out_buf)} bytes to {out}")

if __name__ == "__main__":
    main()