program:
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r0)
r1 = syz_open_dev$dri(&(0x7f0000001a80), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000600)={r3, 0x0, 0x0, 0x0, 0x0, [<r4=>0x0]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325258, 0x0, [r4], [0x2b8]})

[   67.671203][ T5317] Bluetooth: hci0: command tx timeout
[   67.682635][ T5335] ------------[ cut here ]------------
[   67.685408][ T5335] WARNING: CPU: 0 PID: 5335 at drivers/gpu/drm/drm_gem.c:286 drm_gem_object_handle_put_unlocked+0x28f/0x340
[   67.690340][ T5335] Modules linked in:
[   67.692611][ T5335] CPU: 0 UID: 0 PID: 5335 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[   67.702471][ T5335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   67.706948][ T5335] RIP: 0010:drm_gem_object_handle_put_unlocked+0x28f/0x340
[   67.710110][ T5335] Code: 89 ee e8 54 ee 5d fc 85 ed 7e 2f e8 0b ea 5d fc 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f2 e9 5d fc 90 <0f> 0b 90 eb e1 e8 e7 e9 5d fc 90 0f 0b 90 eb d6 e8 dc e9 5d fc 4c
[   67.718642][ T5335] RSP: 0018:ffffc9000ff2fb10 EFLAGS: 00010293
[   67.721801][ T5335] RAX: ffffffff856274ae RBX: ffff888033ed5808 RCX: ffff888000218000
[   67.725813][ T5335] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   67.729240][ T5335] RBP: 0000000000000000 R08: ffffffff8fa1e7f7 R09: 1ffffffff1f43cfe
[   67.733185][ T5335] R10: dffffc0000000000 R11: fffffbfff1f43cff R12: ffff888033ed5804
[   67.736506][ T5335] R13: 1ffff110067dab00 R14: ffff888000850000 R15: 1ffff110067dab01
[   67.739997][ T5335] FS:  0000555589977500(0000) GS:ffff88808d21c000(0000) knlGS:0000000000000000
[   67.743830][ T5335] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   67.746682][ T5335] CR2: 00007fcd51d86538 CR3: 0000000040968000 CR4: 0000000000352ef0
[   67.750108][ T5335] Call Trace:
[   67.751784][ T5335]  <TASK>
[   67.753070][ T5335]  ? __pfx_virtio_gpu_gem_object_close+0x10/0x10
[   67.755785][ T5335]  drm_gem_object_release_handle+0xa2/0xc0
[   67.758334][ T5335]  idr_for_each+0x1b5/0x290
[   67.760297][ T5335]  ? __pfx_drm_fb_release+0x10/0x10
[   67.762661][ T5335]  ? __pfx_drm_gem_object_release_handle+0x10/0x10
[   67.765391][ T5335]  ? __pfx_idr_for_each+0x10/0x10
[   67.767617][ T5335]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   67.770311][ T5335]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   67.772995][ T5335]  ? idr_destroy+0x218/0x290
[   67.775001][ T5335]  drm_gem_release+0x28/0x40
[   67.777034][ T5335]  drm_file_free+0x6c7/0x960
[   67.779005][ T5335]  drm_release+0x2de/0x3f0
[   67.781080][ T5335]  ? __pfx_drm_release+0x10/0x10
[   67.783201][ T5335]  __fput+0x44c/0xa70
[   67.784936][ T5335]  task_work_run+0x1d1/0x260
[   67.786934][ T5335]  ? __pfx_task_work_run+0x10/0x10
[   67.789146][ T5335]  ? exit_to_user_mode_loop+0x40/0x110
[   67.791577][ T5335]  exit_to_user_mode_loop+0xec/0x110
[   67.793874][ T5335]  do_syscall_64+0x2bd/0x3b0
[   67.795945][ T5335]  ? lockdep_hardirqs_on+0x9c/0x150
[   67.798217][ T5335]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.800934][ T5335]  ? clear_bhb_loop+0x60/0xb0
[   67.802980][ T5335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.805611][ T5335] RIP: 0033:0x7fcd51b8e929
[   67.807573][ T5335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.815905][ T5335] RSP: 002b:00007ffdf4de0318 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   67.819405][ T5335] RAX: 0000000000000000 RBX: 00000000000107c4 RCX: 00007fcd51b8e929
[   67.822833][ T5335] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[   67.826228][ T5335] RBP: 00007fcd51db7ba0 R08: 0000000000000001 R09: 00000007f4de060f
[   67.829962][ T5335] R10: 00007fcd519ff02c R11: 0000000000000246 R12: 00007fcd51db5fac
[   67.833766][ T5335] R13: 00007fcd51db5fa0 R14: ffffffffffffffff R15: 00007ffdf4de0430
[   67.837096][ T5335]  </TASK>
[   67.838460][ T5335] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   67.841522][ T5335] CPU: 0 UID: 0 PID: 5335 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[   67.846342][ T5335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   67.851015][ T5335] Call Trace:
[   67.852521][ T5335]  <TASK>
[   67.853891][ T5335]  dump_stack_lvl+0x99/0x250
[   67.855896][ T5335]  ? __asan_memcpy+0x40/0x70
[   67.857789][ T5335]  ? __pfx_dump_stack_lvl+0x10/0x10
[   67.860047][ T5335]  ? __pfx__printk+0x10/0x10
[   67.862103][ T5335]  panic+0x2db/0x790
[   67.863872][ T5335]  ? __pfx_panic+0x10/0x10
[   67.865887][ T5335]  __warn+0x31b/0x4b0
[   67.867605][ T5335]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   67.870506][ T5335]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   67.873422][ T5335]  report_bug+0x2be/0x4f0
[   67.875265][ T5335]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   67.878104][ T5335]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   67.880925][ T5335]  ? drm_gem_object_handle_put_unlocked+0x291/0x340
[   67.883933][ T5335]  handle_bug+0x84/0x160
[   67.885905][ T5335]  exc_invalid_op+0x1a/0x50
[   67.887972][ T5335]  asm_exc_invalid_op+0x1a/0x20
[   67.890096][ T5335] RIP: 0010:drm_gem_object_handle_put_unlocked+0x28f/0x340
[   67.893457][ T5335] Code: 89 ee e8 54 ee 5d fc 85 ed 7e 2f e8 0b ea 5d fc 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f2 e9 5d fc 90 <0f> 0b 90 eb e1 e8 e7 e9 5d fc 90 0f 0b 90 eb d6 e8 dc e9 5d fc 4c
[   67.901854][ T5335] RSP: 0018:ffffc9000ff2fb10 EFLAGS: 00010293
[   67.904495][ T5335] RAX: ffffffff856274ae RBX: ffff888033ed5808 RCX: ffff888000218000
[   67.907950][ T5335] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   67.911423][ T5335] RBP: 0000000000000000 R08: ffffffff8fa1e7f7 R09: 1ffffffff1f43cfe
[   67.914823][ T5335] R10: dffffc0000000000 R11: fffffbfff1f43cff R12: ffff888033ed5804
[   67.918295][ T5335] R13: 1ffff110067dab00 R14: ffff888000850000 R15: 1ffff110067dab01
[   67.921766][ T5335]  ? drm_gem_object_handle_put_unlocked+0x28e/0x340
[   67.924572][ T5335]  ? __pfx_virtio_gpu_gem_object_close+0x10/0x10
[   67.927349][ T5335]  drm_gem_object_release_handle+0xa2/0xc0
[   67.929930][ T5335]  idr_for_each+0x1b5/0x290
[   67.931939][ T5335]  ? __pfx_drm_fb_release+0x10/0x10
[   67.934225][ T5335]  ? __pfx_drm_gem_object_release_handle+0x10/0x10
[   67.937009][ T5335]  ? __pfx_idr_for_each+0x10/0x10
[   67.939231][ T5335]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   67.941933][ T5335]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   67.944566][ T5335]  ? idr_destroy+0x218/0x290
[   67.946610][ T5335]  drm_gem_release+0x28/0x40
[   67.948641][ T5335]  drm_file_free+0x6c7/0x960
[   67.950627][ T5335]  drm_release+0x2de/0x3f0
[   67.952667][ T5335]  ? __pfx_drm_release+0x10/0x10
[   67.954736][ T5335]  __fput+0x44c/0xa70
[   67.956435][ T5335]  task_work_run+0x1d1/0x260
[   67.958237][ T5335]  ? __pfx_task_work_run+0x10/0x10
[   67.960334][ T5335]  ? exit_to_user_mode_loop+0x40/0x110
[   67.962505][ T5335]  exit_to_user_mode_loop+0xec/0x110
[   67.964587][ T5335]  do_syscall_64+0x2bd/0x3b0
[   67.966434][ T5335]  ? lockdep_hardirqs_on+0x9c/0x150
[   67.968378][ T5335]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.971455][ T5335]  ? clear_bhb_loop+0x60/0xb0
[   67.973411][ T5335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.975966][ T5335] RIP: 0033:0x7fcd51b8e929
[   67.977948][ T5335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.986256][ T5335] RSP: 002b:00007ffdf4de0318 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   67.989842][ T5335] RAX: 0000000000000000 RBX: 00000000000107c4 RCX: 00007fcd51b8e929
[   67.993221][ T5335] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[   67.996536][ T5335] RBP: 00007fcd51db7ba0 R08: 0000000000000001 R09: 00000007f4de060f
[   67.999854][ T5335] R10: 00007fcd519ff02c R11: 0000000000000246 R12: 00007fcd51db5fac
[   68.003100][ T5335] R13: 00007fcd51db5fa0 R14: ffffffffffffffff R15: 00007ffdf4de0430
[   68.006455][ T5335]  </TASK>
[   68.008135][ T5335] Kernel Offset: disabled
[   68.010117][ T5335] Rebooting in 86400 seconds..