From: Mingming Cao <cmm@us.ibm.com>

I found several bugs/issues in the ext2_new_inode() code:

1) The for loop variable "i" is used to save the inode offset.  In the
   case of failure, the loop variable could be crapped.  So it is possible
   to quit searching before looking at every block groups.

2) The number of free inodes in the selected group is possibly being
   miscalculated.  The counter is only decreased in the find_group_xx()
   functions for the initial selected group.  If the initial try failed,
   and succeed in finding a free inode in other group, the counter for that
   group will not to be decreased.

3) In case of the concurrent case, going back to find_group_xx()
   functions are unnecessary, it will only get the same group as before.

The following patch fixed those issues.  Ideas are stolen from
ext3_new_inode().