================================================
WARNING: lock held when returning to user space!
6.18.0-rc7-next-20251128 #1 Not tainted
------------------------------------------------
syz-executor.1/22564 is leaving the kernel with locks still held!
EXT4-fs (loop5): bad geometry: block count 259 exceeds size of device (256 blocks)
1 lock held by syz-executor.1/22564:
 #0: ffff88800b3e15c8 (&sb->s_type->i_mutex_key#23/1){+.+.}-{4:4}, at: start_creating_noperm+0x84/0xd0
9p: Bad value for 'wfdno'
9p: Bad value for 'wfdno'
loop0: detected capacity change from 0 to 4
EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
sr 1:0:0:0: [sr0] tag#0 Sense Key : Illegal Request [current] 
sr 1:0:0:0: [sr0] tag#0 Add. Sense: Invalid command operation code
sr 1:0:0:0: [sr0] tag#0 CDB: Write(10) 2a 00 00 00 00 00 00 00 0c 00
blk_print_req_error: 6 callbacks suppressed
critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x100000 phys_seg 48 prio class 2
buffer_io_error: 6 callbacks suppressed
Buffer I/O error on dev sr0, logical block 0, lost async page write
Buffer I/O error on dev sr0, logical block 1, lost async page write
Buffer I/O error on dev sr0, logical block 2, lost async page write
Buffer I/O error on dev sr0, logical block 3, lost async page write
Buffer I/O error on dev sr0, logical block 4, lost async page write
Buffer I/O error on dev sr0, logical block 5, lost async page write
Buffer I/O error on dev sr0, logical block 6, lost async page write
Buffer I/O error on dev sr0, logical block 7, lost async page write
Buffer I/O error on dev sr0, logical block 8, lost async page write
Buffer I/O error on dev sr0, logical block 9, lost async page write
loop5: detected capacity change from 0 to 512
EXT4-fs (loop5): bad geometry: block count 260 exceeds size of device (256 blocks)
loop0: detected capacity change from 0 to 4
EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
loop0: detected capacity change from 0 to 4
EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
loop0: detected capacity change from 0 to 4
loop5: detected capacity change from 0 to 512
EXT4-fs (loop5): bad geometry: block count 261 exceeds size of device (256 blocks)
EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
loop0: detected capacity change from 0 to 4
EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities