program:
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r0)
r1 = syz_open_dev$dri(&(0x7f0000001a80), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000600)={r3, 0x0, 0x0, 0x0, 0x0, [<r4=>0x0]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325258, 0x0, [r4], [0x2b8]})

[   76.088716][ T4688] Bluetooth: hci0: command tx timeout
[   76.135659][ T5339] ------------[ cut here ]------------
[   76.140531][ T5339] WARNING: CPU: 0 PID: 5339 at drivers/gpu/drm/drm_gem.c:286 drm_gem_object_handle_put_unlocked+0x28f/0x340
[   76.146611][ T5339] Modules linked in:
[   76.148618][ T5339] CPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[   76.153605][ T5339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.158473][ T5339] RIP: 0010:drm_gem_object_handle_put_unlocked+0x28f/0x340
[   76.161929][ T5339] Code: 89 ee e8 54 ee 5d fc 85 ed 7e 2f e8 0b ea 5d fc 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f2 e9 5d fc 90 <0f> 0b 90 eb e1 e8 e7 e9 5d fc 90 0f 0b 90 eb d6 e8 dc e9 5d fc 4c
[   76.171012][ T5339] RSP: 0018:ffffc9000d657b10 EFLAGS: 00010293
[   76.173698][ T5339] RAX: ffffffff856274ae RBX: ffff888033e76008 RCX: ffff8880339b0000
[   76.177077][ T5339] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   76.181190][ T5339] RBP: 0000000000000000 R08: ffffffff8fa1e7f7 R09: 1ffffffff1f43cfe
[   76.184760][ T5339] R10: dffffc0000000000 R11: fffffbfff1f43cff R12: ffff888033e76004
[   76.188223][ T5339] R13: 1ffff110067cec00 R14: ffff888033e6c000 R15: 1ffff110067cec01
[   76.191603][ T5339] FS:  0000555575b60500(0000) GS:ffff88808d21c000(0000) knlGS:0000000000000000
[   76.195471][ T5339] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.198541][ T5339] CR2: 00007f85a3386538 CR3: 000000004419c000 CR4: 0000000000352ef0
[   76.202003][ T5339] Call Trace:
[   76.203756][ T5339]  <TASK>
[   76.205142][ T5339]  ? __pfx_virtio_gpu_gem_object_close+0x10/0x10
[   76.207962][ T5339]  drm_gem_object_release_handle+0xa2/0xc0
[   76.210716][ T5339]  idr_for_each+0x1b5/0x290
[   76.213059][ T5339]  ? __pfx_drm_fb_release+0x10/0x10
[   76.215363][ T5339]  ? __pfx_drm_gem_object_release_handle+0x10/0x10
[   76.218992][ T5339]  ? __pfx_idr_for_each+0x10/0x10
[   76.221406][ T5339]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   76.224167][ T5339]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   76.226823][ T5339]  ? idr_destroy+0x218/0x290
[   76.228996][ T5339]  drm_gem_release+0x28/0x40
[   76.231047][ T5339]  drm_file_free+0x6c7/0x960
[   76.233188][ T5339]  drm_release+0x2de/0x3f0
[   76.235101][ T5339]  ? __pfx_drm_release+0x10/0x10
[   76.237286][ T5339]  __fput+0x44c/0xa70
[   76.239163][ T5339]  task_work_run+0x1d1/0x260
[   76.241198][ T5339]  ? __pfx_task_work_run+0x10/0x10
[   76.243513][ T5339]  ? exit_to_user_mode_loop+0x40/0x110
[   76.245898][ T5339]  exit_to_user_mode_loop+0xec/0x110
[   76.248313][ T5339]  do_syscall_64+0x2bd/0x3b0
[   76.250495][ T5339]  ? lockdep_hardirqs_on+0x9c/0x150
[   76.252998][ T5339]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.255631][ T5339]  ? clear_bhb_loop+0x60/0xb0
[   76.257690][ T5339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.260411][ T5339] RIP: 0033:0x7f85a318e929
[   76.262449][ T5339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.270828][ T5339] RSP: 002b:00007ffcbb2f2f68 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   76.274332][ T5339] RAX: 0000000000000000 RBX: 00000000000128b8 RCX: 00007f85a318e929
[   76.278009][ T5339] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[   76.284260][ T5339] RBP: 00007f85a33b7ba0 R08: 0000000000000001 R09: 00000007bb2f325f
[   76.287771][ T5339] R10: 00007f85a2fff02c R11: 0000000000000246 R12: 00007f85a33b5fac
[   76.291445][ T5339] R13: 00007f85a33b5fa0 R14: ffffffffffffffff R15: 00007ffcbb2f3080
[   76.294842][ T5339]  </TASK>
[   76.296169][ T5339] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   76.299259][ T5339] CPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[   76.304347][ T5339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.308814][ T5339] Call Trace:
[   76.310299][ T5339]  <TASK>
[   76.311630][ T5339]  dump_stack_lvl+0x99/0x250
[   76.313954][ T5339]  ? __asan_memcpy+0x40/0x70
[   76.316128][ T5339]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.318390][ T5339]  ? __pfx__printk+0x10/0x10
[   76.320483][ T5339]  panic+0x2db/0x790
[   76.322719][ T5339]  ? __pfx_panic+0x10/0x10
[   76.324921][ T5339]  __warn+0x31b/0x4b0
[   76.326840][ T5339]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   76.329883][ T5339]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   76.332854][ T5339]  report_bug+0x2be/0x4f0
[   76.334807][ T5339]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   76.337654][ T5339]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   76.340640][ T5339]  ? drm_gem_object_handle_put_unlocked+0x291/0x340
[   76.343652][ T5339]  handle_bug+0x84/0x160
[   76.345616][ T5339]  exc_invalid_op+0x1a/0x50
[   76.347671][ T5339]  asm_exc_invalid_op+0x1a/0x20
[   76.349823][ T5339] RIP: 0010:drm_gem_object_handle_put_unlocked+0x28f/0x340
[   76.352868][ T5339] Code: 89 ee e8 54 ee 5d fc 85 ed 7e 2f e8 0b ea 5d fc 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f2 e9 5d fc 90 <0f> 0b 90 eb e1 e8 e7 e9 5d fc 90 0f 0b 90 eb d6 e8 dc e9 5d fc 4c
[   76.361341][ T5339] RSP: 0018:ffffc9000d657b10 EFLAGS: 00010293
[   76.364161][ T5339] RAX: ffffffff856274ae RBX: ffff888033e76008 RCX: ffff8880339b0000
[   76.367946][ T5339] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   76.372062][ T5339] RBP: 0000000000000000 R08: ffffffff8fa1e7f7 R09: 1ffffffff1f43cfe
[   76.375626][ T5339] R10: dffffc0000000000 R11: fffffbfff1f43cff R12: ffff888033e76004
[   76.379154][ T5339] R13: 1ffff110067cec00 R14: ffff888033e6c000 R15: 1ffff110067cec01
[   76.382839][ T5339]  ? drm_gem_object_handle_put_unlocked+0x28e/0x340
[   76.385758][ T5339]  ? __pfx_virtio_gpu_gem_object_close+0x10/0x10
[   76.388567][ T5339]  drm_gem_object_release_handle+0xa2/0xc0
[   76.391142][ T5339]  idr_for_each+0x1b5/0x290
[   76.393286][ T5339]  ? __pfx_drm_fb_release+0x10/0x10
[   76.395734][ T5339]  ? __pfx_drm_gem_object_release_handle+0x10/0x10
[   76.398699][ T5339]  ? __pfx_idr_for_each+0x10/0x10
[   76.400939][ T5339]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   76.403932][ T5339]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   76.406630][ T5339]  ? idr_destroy+0x218/0x290
[   76.408755][ T5339]  drm_gem_release+0x28/0x40
[   76.410781][ T5339]  drm_file_free+0x6c7/0x960
[   76.412855][ T5339]  drm_release+0x2de/0x3f0
[   76.414792][ T5339]  ? __pfx_drm_release+0x10/0x10
[   76.416935][ T5339]  __fput+0x44c/0xa70
[   76.418630][ T5339]  task_work_run+0x1d1/0x260
[   76.420651][ T5339]  ? __pfx_task_work_run+0x10/0x10
[   76.422946][ T5339]  ? exit_to_user_mode_loop+0x40/0x110
[   76.425303][ T5339]  exit_to_user_mode_loop+0xec/0x110
[   76.427616][ T5339]  do_syscall_64+0x2bd/0x3b0
[   76.429620][ T5339]  ? lockdep_hardirqs_on+0x9c/0x150
[   76.431890][ T5339]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.434498][ T5339]  ? clear_bhb_loop+0x60/0xb0
[   76.436570][ T5339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.439392][ T5339] RIP: 0033:0x7f85a318e929
[   76.441410][ T5339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.449898][ T5339] RSP: 002b:00007ffcbb2f2f68 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   76.453749][ T5339] RAX: 0000000000000000 RBX: 00000000000128b8 RCX: 00007f85a318e929
[   76.457581][ T5339] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[   76.460822][ T5339] RBP: 00007f85a33b7ba0 R08: 0000000000000001 R09: 00000007bb2f325f
[   76.464374][ T5339] R10: 00007f85a2fff02c R11: 0000000000000246 R12: 00007f85a33b5fac
[   76.467784][ T5339] R13: 00007f85a33b5fa0 R14: ffffffffffffffff R15: 00007ffcbb2f3080
[   76.471380][ T5339]  </TASK>
[   76.473068][ T5339] Kernel Offset: disabled
[   76.474977][ T5339] Rebooting in 86400 seconds..