Fix bug in readdir loop condition.

Reading all dirents using a small buffer and multiple calls now works.

Bug found by "Shamar" on #rumpkernel

sys/fs/sysvbfs/sysvbfs_vnops.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: sysvbfs_vnops.c,v 1.58 2015/04/04 13:28:36 riastradh Exp $	*/
+/*	$NetBSD: sysvbfs_vnops.c,v 1.59 2015/11/13 13:36:54 pooka Exp $	*/
 
 /*-
  * Copyright (c) 2004 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sysvbfs_vnops.c,v 1.58 2015/04/04 13:28:36 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sysvbfs_vnops.c,v 1.59 2015/11/13 13:36:54 pooka Exp $");
 
 #include <sys/param.h>
 #include <sys/kernel.h>
@@ -642,15 +642,18 @@ sysvbfs_readdir(void *v)
 	if ((i + n) > bfs->n_dirent)
 		n = bfs->n_dirent - i;
 
-	for (file = &bfs->dirent[i]; i < n; file++) {
-		if (file->inode == 0)
-			continue;
+	DPRINTF("%s 1: %d %d %d\n", __func__, i, n, bfs->n_dirent);
+	for (file = &bfs->dirent[i]; n > 0; file++, i++) {
 		if (i == bfs->max_dirent) {
 			DPRINTF("%s: file system inconsistent.\n",
 			    __func__);
 			break;
 		}
-		i++;
+		if (file->inode == 0)
+			continue;
+
+		/* ok, we have a live one here */
+		n--;
 		memset(dp, 0, sizeof(struct dirent));
 		dp->d_fileno = file->inode;
 		dp->d_type = file->inode == BFS_ROOT_INODE ? DT_DIR : DT_REG;
@@ -663,7 +666,7 @@ sysvbfs_readdir(void *v)
 			return error;
 		}
 	}
-	DPRINTF("%s: %d %d %d\n", __func__, i, n, bfs->n_dirent);
+	DPRINTF("%s 2: %d %d %d\n", __func__, i, n, bfs->n_dirent);
 	*ap->a_eofflag = (i == bfs->n_dirent);
 
 	free(dp, M_BFS);