HANG: os_heap_reserve_in_region incorrectly thinks a large alloc spanning the end of the requested region is a match

With a maps file something like this:

00400000-17d0f000 r-xp ... <application>
19c78000-c6998000 rw-p 00000000 00:00 0                                  [heap]
c6998000-c82e2000 rw-p 00000000 00:00 0                                  [heap]
c82e2000-c82e8000 rw-p 00000000 00:00 0                                  [heap]

During init with default options and the client statically linked into the application, we have:

vmm_heap_unit_init: preferred=0x0000000055bfc000, allow=0x0000000000000000-0x0000000093dfffff
os_heap_reserve_in_region: 536887296 bytes in 0x0000000000000000-0x0000000093dff000
os_heap_reserve_in_region: asked for 0x00000000c6998000 size=536887296 got error 2 
os_heap_reserve_in_region: asked for 0x00000000c6998000 size=536887296 got error 2 
os_heap_reserve_in_region: asked for 0x00000000c6998000 size=536887296 got error 2 
os_heap_reserve_in_region: asked for 0x00000000c6998000 size=536887296 got error 2 
os_heap_reserve_in_region: asked for 0x00000000c6998000 size=536887296 got error 2 
os_heap_reserve_in_region: asked for 0x00000000c6998000 size=536887296 got error 2 
...

It's an infinite loop. The code:

        if (iter.vm_start >= start &&
            MIN(iter.vm_start, end) - MAX(last_end, start) >= size) {

fails to also check that the gap it found is not occupied, when it spans the endpoint.