gntdev: fix multi-page slot allocation Any range with the first slot available would have got considered usable, as range_length never got reset when encountering an in-use slot. Additionally fold the two almost identical loops into a single instance, at once avoiding to go through both loops when start_index was zero even for the first one. Signed-off-by: Jan Beulich --- a/drivers/xen/gntdev/gntdev.c +++ b/drivers/xen/gntdev/gntdev.c @@ -285,35 +285,27 @@ static void compress_free_list(gntdev_fi static int find_contiguous_free_range(gntdev_file_private_data_t *private_data, uint32_t num_slots) { - uint32_t i, start_index = private_data->next_fit_index; - uint32_t range_start = 0, range_length; - - /* First search from the start_index to the end of the array. */ - range_length = 0; - for (i = start_index; i < private_data->grants_size; ++i) { - if (private_data->grants[i].state == GNTDEV_SLOT_INVALID) { - if (range_length == 0) { - range_start = i; - } - ++range_length; - if (range_length == num_slots) { - return range_start; - } - } - } - - /* Now search from the start of the array to the start_index. */ - range_length = 0; - for (i = 0; i < start_index; ++i) { - if (private_data->grants[i].state == GNTDEV_SLOT_INVALID) { - if (range_length == 0) { - range_start = i; - } - ++range_length; - if (range_length == num_slots) { - return range_start; - } - } + /* First search from next_fit_index to the end of the array. */ + uint32_t start_index = private_data->next_fit_index; + uint32_t end_index = private_data->grants_size; + + for (;;) { + uint32_t i, range_start = 0, range_length = 0; + + for (i = start_index; i < end_index; ++i) { + if (private_data->grants[i].state == GNTDEV_SLOT_INVALID) { + if (range_length == 0) + range_start = i; + if (++range_length == num_slots) + return range_start; + } else + range_length = 0; + } + /* Now search from the start of the array to next_fit_index. */ + if (!start_index) + break; + end_index = start_index; + start_index = 0; } return -ENOMEM;