program:
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r0)
r1 = syz_open_dev$dri(&(0x7f0000001a80), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000600)={r3, 0x0, 0x0, 0x0, 0x0, [<r4=>0x0]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325258, 0x0, [r4], [0x2b8]})

[   75.002749][ T4688] Bluetooth: hci0: command tx timeout
[   75.078087][ T5338] ------------[ cut here ]------------
[   75.081042][ T5338] WARNING: CPU: 0 PID: 5338 at drivers/gpu/drm/drm_gem.c:286 drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.086185][ T5338] Modules linked in:
[   75.087923][ T5338] CPU: 0 UID: 0 PID: 5338 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[   75.093032][ T5338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.097609][ T5338] RIP: 0010:drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.100761][ T5338] Code: 89 ee e8 54 ee 5d fc 85 ed 7e 2f e8 0b ea 5d fc 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f2 e9 5d fc 90 <0f> 0b 90 eb e1 e8 e7 e9 5d fc 90 0f 0b 90 eb d6 e8 dc e9 5d fc 4c
[   75.109192][ T5338] RSP: 0018:ffffc9000d45fb10 EFLAGS: 00010293
[   75.111915][ T5338] RAX: ffffffff856274ae RBX: ffff8880003fd808 RCX: ffff888033b3a440
[   75.115705][ T5338] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   75.118947][ T5338] RBP: 0000000000000000 R08: ffffffff8fa1e7f7 R09: 1ffffffff1f43cfe
[   75.122808][ T5338] R10: dffffc0000000000 R11: fffffbfff1f43cff R12: ffff8880003fd804
[   75.126104][ T5338] R13: 1ffff1100007fb00 R14: ffff8880313a6000 R15: 1ffff1100007fb01
[   75.129302][ T5338] FS:  00005555882d4500(0000) GS:ffff88808d21c000(0000) knlGS:0000000000000000
[   75.133151][ T5338] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.135767][ T5338] CR2: 00005591e625af00 CR3: 0000000044383000 CR4: 0000000000352ef0
[   75.139102][ T5338] Call Trace:
[   75.140566][ T5338]  <TASK>
[   75.141918][ T5338]  ? __pfx_virtio_gpu_gem_object_close+0x10/0x10
[   75.144662][ T5338]  drm_gem_object_release_handle+0xa2/0xc0
[   75.147129][ T5338]  idr_for_each+0x1b5/0x290
[   75.149107][ T5338]  ? __pfx_drm_fb_release+0x10/0x10
[   75.152087][ T5338]  ? __pfx_drm_gem_object_release_handle+0x10/0x10
[   75.154950][ T5338]  ? __pfx_idr_for_each+0x10/0x10
[   75.157040][ T5338]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.159728][ T5338]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   75.162307][ T5338]  ? idr_destroy+0x218/0x290
[   75.164423][ T5338]  drm_gem_release+0x28/0x40
[   75.166372][ T5338]  drm_file_free+0x6c7/0x960
[   75.168308][ T5338]  drm_release+0x2de/0x3f0
[   75.170064][ T5338]  ? __pfx_drm_release+0x10/0x10
[   75.172132][ T5338]  __fput+0x44c/0xa70
[   75.173993][ T5338]  task_work_run+0x1d1/0x260
[   75.175985][ T5338]  ? __pfx_task_work_run+0x10/0x10
[   75.178148][ T5338]  ? exit_to_user_mode_loop+0x40/0x110
[   75.180497][ T5338]  exit_to_user_mode_loop+0xec/0x110
[   75.182803][ T5338]  do_syscall_64+0x2bd/0x3b0
[   75.184762][ T5338]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.187248][ T5338]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   75.189899][ T5338]  ? clear_bhb_loop+0x60/0xb0
[   75.191999][ T5338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.194465][ T5338] RIP: 0033:0x7f0f6038e929
[   75.196314][ T5338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.204444][ T5338] RSP: 002b:00007fff9a79b538 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   75.208034][ T5338] RAX: 0000000000000000 RBX: 0000000000012494 RCX: 00007f0f6038e929
[   75.211419][ T5338] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[   75.215058][ T5338] RBP: 00007f0f605b7ba0 R08: 0000000000000001 R09: 000000079a79b82f
[   75.218357][ T5338] R10: 00007f0f601ff02c R11: 0000000000000246 R12: 00007f0f605b5fac
[   75.221659][ T5338] R13: 00007f0f605b5fa0 R14: ffffffffffffffff R15: 00007fff9a79b650
[   75.225320][ T5338]  </TASK>
[   75.226555][ T5338] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   75.229397][ T5338] CPU: 0 UID: 0 PID: 5338 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[   75.233842][ T5338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.238172][ T5338] Call Trace:
[   75.239565][ T5338]  <TASK>
[   75.240965][ T5338]  dump_stack_lvl+0x99/0x250
[   75.242935][ T5338]  ? __asan_memcpy+0x40/0x70
[   75.244865][ T5338]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.246989][ T5338]  ? __pfx__printk+0x10/0x10
[   75.248939][ T5338]  panic+0x2db/0x790
[   75.250589][ T5338]  ? __pfx_panic+0x10/0x10
[   75.252457][ T5338]  __warn+0x31b/0x4b0
[   75.254424][ T5338]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.257160][ T5338]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.259986][ T5338]  report_bug+0x2be/0x4f0
[   75.262031][ T5338]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.264789][ T5338]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.267769][ T5338]  ? drm_gem_object_handle_put_unlocked+0x291/0x340
[   75.270573][ T5338]  handle_bug+0x84/0x160
[   75.272331][ T5338]  exc_invalid_op+0x1a/0x50
[   75.274229][ T5338]  asm_exc_invalid_op+0x1a/0x20
[   75.276253][ T5338] RIP: 0010:drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.279112][ T5338] Code: 89 ee e8 54 ee 5d fc 85 ed 7e 2f e8 0b ea 5d fc 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f2 e9 5d fc 90 <0f> 0b 90 eb e1 e8 e7 e9 5d fc 90 0f 0b 90 eb d6 e8 dc e9 5d fc 4c
[   75.287014][ T5338] RSP: 0018:ffffc9000d45fb10 EFLAGS: 00010293
[   75.289709][ T5338] RAX: ffffffff856274ae RBX: ffff8880003fd808 RCX: ffff888033b3a440
[   75.293732][ T5338] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   75.296992][ T5338] RBP: 0000000000000000 R08: ffffffff8fa1e7f7 R09: 1ffffffff1f43cfe
[   75.300307][ T5338] R10: dffffc0000000000 R11: fffffbfff1f43cff R12: ffff8880003fd804
[   75.303712][ T5338] R13: 1ffff1100007fb00 R14: ffff8880313a6000 R15: 1ffff1100007fb01
[   75.306835][ T5338]  ? drm_gem_object_handle_put_unlocked+0x28e/0x340
[   75.309489][ T5338]  ? __pfx_virtio_gpu_gem_object_close+0x10/0x10
[   75.312053][ T5338]  drm_gem_object_release_handle+0xa2/0xc0
[   75.314432][ T5338]  idr_for_each+0x1b5/0x290
[   75.316346][ T5338]  ? __pfx_drm_fb_release+0x10/0x10
[   75.318452][ T5338]  ? __pfx_drm_gem_object_release_handle+0x10/0x10
[   75.320911][ T5338]  ? __pfx_idr_for_each+0x10/0x10
[   75.322989][ T5338]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.325733][ T5338]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   75.328208][ T5338]  ? idr_destroy+0x218/0x290
[   75.330130][ T5338]  drm_gem_release+0x28/0x40
[   75.332006][ T5338]  drm_file_free+0x6c7/0x960
[   75.333959][ T5338]  drm_release+0x2de/0x3f0
[   75.335847][ T5338]  ? __pfx_drm_release+0x10/0x10
[   75.337799][ T5338]  __fput+0x44c/0xa70
[   75.339438][ T5338]  task_work_run+0x1d1/0x260
[   75.341525][ T5338]  ? __pfx_task_work_run+0x10/0x10
[   75.343653][ T5338]  ? exit_to_user_mode_loop+0x40/0x110
[   75.345938][ T5338]  exit_to_user_mode_loop+0xec/0x110
[   75.348161][ T5338]  do_syscall_64+0x2bd/0x3b0
[   75.350139][ T5338]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.352703][ T5338]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   75.355296][ T5338]  ? clear_bhb_loop+0x60/0xb0
[   75.357319][ T5338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.359764][ T5338] RIP: 0033:0x7f0f6038e929
[   75.361723][ T5338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.369451][ T5338] RSP: 002b:00007fff9a79b538 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   75.373162][ T5338] RAX: 0000000000000000 RBX: 0000000000012494 RCX: 00007f0f6038e929
[   75.376300][ T5338] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[   75.379493][ T5338] RBP: 00007f0f605b7ba0 R08: 0000000000000001 R09: 000000079a79b82f
[   75.382793][ T5338] R10: 00007f0f601ff02c R11: 0000000000000246 R12: 00007f0f605b5fac
[   75.386039][ T5338] R13: 00007f0f605b5fa0 R14: ffffffffffffffff R15: 00007fff9a79b650
[   75.389314][ T5338]  </TASK>
[   75.391040][ T5338] Kernel Offset: disabled
[   75.392831][ T5338] Rebooting in 86400 seconds..