program:
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r0)
r1 = syz_open_dev$dri(&(0x7f0000001a80), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000600)={r3, 0x0, 0x0, 0x0, 0x0, [<r4=>0x0]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325258, 0x0, [r4], [0x2b8]})

[   75.004012][ T4688] Bluetooth: hci0: command tx timeout
[   75.068085][ T5338] ------------[ cut here ]------------
[   75.070407][ T5338] WARNING: CPU: 0 PID: 5338 at drivers/gpu/drm/drm_gem.c:286 drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.075252][ T5338] Modules linked in:
[   75.076914][ T5338] CPU: 0 UID: 0 PID: 5338 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[   75.082161][ T5338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.087158][ T5338] RIP: 0010:drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.090339][ T5338] Code: 89 ee e8 54 ee 5d fc 85 ed 7e 2f e8 0b ea 5d fc 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f2 e9 5d fc 90 <0f> 0b 90 eb e1 e8 e7 e9 5d fc 90 0f 0b 90 eb d6 e8 dc e9 5d fc 4c
[   75.098856][ T5338] RSP: 0018:ffffc9000d45fb10 EFLAGS: 00010293
[   75.101601][ T5338] RAX: ffffffff856274ae RBX: ffff8880003fd808 RCX: ffff888033b3a440
[   75.105208][ T5338] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   75.108408][ T5338] RBP: 0000000000000000 R08: ffffffff8fa1e7f7 R09: 1ffffffff1f43cfe
[   75.111686][ T5338] R10: dffffc0000000000 R11: fffffbfff1f43cff R12: ffff8880003fd804
[   75.115336][ T5338] R13: 1ffff1100007fb00 R14: ffff8880313a6000 R15: 1ffff1100007fb01
[   75.118776][ T5338] FS:  00005555882d4500(0000) GS:ffff88808d21c000(0000) knlGS:0000000000000000
[   75.123211][ T5338] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.126067][ T5338] CR2: 00007f0f60586538 CR3: 0000000044383000 CR4: 0000000000352ef0
[   75.129314][ T5338] Call Trace:
[   75.130810][ T5338]  <TASK>
[   75.132040][ T5338]  ? __pfx_virtio_gpu_gem_object_close+0x10/0x10
[   75.135030][ T5338]  drm_gem_object_release_handle+0xa2/0xc0
[   75.137849][ T5338]  idr_for_each+0x1b5/0x290
[   75.139988][ T5338]  ? __pfx_drm_fb_release+0x10/0x10
[   75.142238][ T5338]  ? __pfx_drm_gem_object_release_handle+0x10/0x10
[   75.145047][ T5338]  ? __pfx_idr_for_each+0x10/0x10
[   75.147259][ T5338]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.149896][ T5338]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   75.152816][ T5338]  ? idr_destroy+0x218/0x290
[   75.154956][ T5338]  drm_gem_release+0x28/0x40
[   75.156989][ T5338]  drm_file_free+0x6c7/0x960
[   75.158918][ T5338]  drm_release+0x2de/0x3f0
[   75.160882][ T5338]  ? __pfx_drm_release+0x10/0x10
[   75.163176][ T5338]  __fput+0x44c/0xa70
[   75.165006][ T5338]  task_work_run+0x1d1/0x260
[   75.167049][ T5338]  ? __pfx_task_work_run+0x10/0x10
[   75.169138][ T5338]  ? exit_to_user_mode_loop+0x40/0x110
[   75.171234][ T5338]  exit_to_user_mode_loop+0xec/0x110
[   75.173531][ T5338]  do_syscall_64+0x2bd/0x3b0
[   75.175565][ T5338]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.177953][ T5338]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.180542][ T5338]  ? clear_bhb_loop+0x60/0xb0
[   75.182688][ T5338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.185178][ T5338] RIP: 0033:0x7f0f6038e929
[   75.187190][ T5338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.195290][ T5338] RSP: 002b:00007fff9a79b538 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   75.198711][ T5338] RAX: 0000000000000000 RBX: 000000000001247f RCX: 00007f0f6038e929
[   75.202720][ T5338] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[   75.206164][ T5338] RBP: 00007f0f605b7ba0 R08: 0000000000000001 R09: 000000079a79b82f
[   75.209594][ T5338] R10: 00007f0f601ff02c R11: 0000000000000246 R12: 00007f0f605b5fac
[   75.213077][ T5338] R13: 00007f0f605b5fa0 R14: ffffffffffffffff R15: 00007fff9a79b650
[   75.216540][ T5338]  </TASK>
[   75.217977][ T5338] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   75.221030][ T5338] CPU: 0 UID: 0 PID: 5338 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[   75.225596][ T5338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.230262][ T5338] Call Trace:
[   75.231820][ T5338]  <TASK>
[   75.233152][ T5338]  dump_stack_lvl+0x99/0x250
[   75.235238][ T5338]  ? __asan_memcpy+0x40/0x70
[   75.237223][ T5338]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.239490][ T5338]  ? __pfx__printk+0x10/0x10
[   75.241626][ T5338]  panic+0x2db/0x790
[   75.243407][ T5338]  ? __pfx_panic+0x10/0x10
[   75.245420][ T5338]  __warn+0x31b/0x4b0
[   75.247203][ T5338]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.249960][ T5338]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.252761][ T5338]  report_bug+0x2be/0x4f0
[   75.255429][ T5338]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.258081][ T5338]  ? drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.260935][ T5338]  ? drm_gem_object_handle_put_unlocked+0x291/0x340
[   75.263773][ T5338]  handle_bug+0x84/0x160
[   75.265745][ T5338]  exc_invalid_op+0x1a/0x50
[   75.267803][ T5338]  asm_exc_invalid_op+0x1a/0x20
[   75.269869][ T5338] RIP: 0010:drm_gem_object_handle_put_unlocked+0x28f/0x340
[   75.272963][ T5338] Code: 89 ee e8 54 ee 5d fc 85 ed 7e 2f e8 0b ea 5d fc 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f2 e9 5d fc 90 <0f> 0b 90 eb e1 e8 e7 e9 5d fc 90 0f 0b 90 eb d6 e8 dc e9 5d fc 4c
[   75.281535][ T5338] RSP: 0018:ffffc9000d45fb10 EFLAGS: 00010293
[   75.284110][ T5338] RAX: ffffffff856274ae RBX: ffff8880003fd808 RCX: ffff888033b3a440
[   75.287446][ T5338] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   75.291248][ T5338] RBP: 0000000000000000 R08: ffffffff8fa1e7f7 R09: 1ffffffff1f43cfe
[   75.295177][ T5338] R10: dffffc0000000000 R11: fffffbfff1f43cff R12: ffff8880003fd804
[   75.298657][ T5338] R13: 1ffff1100007fb00 R14: ffff8880313a6000 R15: 1ffff1100007fb01
[   75.302247][ T5338]  ? drm_gem_object_handle_put_unlocked+0x28e/0x340
[   75.305097][ T5338]  ? __pfx_virtio_gpu_gem_object_close+0x10/0x10
[   75.307842][ T5338]  drm_gem_object_release_handle+0xa2/0xc0
[   75.310351][ T5338]  idr_for_each+0x1b5/0x290
[   75.312408][ T5338]  ? __pfx_drm_fb_release+0x10/0x10
[   75.314626][ T5338]  ? __pfx_drm_gem_object_release_handle+0x10/0x10
[   75.317412][ T5338]  ? __pfx_idr_for_each+0x10/0x10
[   75.319660][ T5338]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.322450][ T5338]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   75.325076][ T5338]  ? idr_destroy+0x218/0x290
[   75.327127][ T5338]  drm_gem_release+0x28/0x40
[   75.329427][ T5338]  drm_file_free+0x6c7/0x960
[   75.331542][ T5338]  drm_release+0x2de/0x3f0
[   75.333450][ T5338]  ? __pfx_drm_release+0x10/0x10
[   75.335459][ T5338]  __fput+0x44c/0xa70
[   75.337153][ T5338]  task_work_run+0x1d1/0x260
[   75.339269][ T5338]  ? __pfx_task_work_run+0x10/0x10
[   75.341562][ T5338]  ? exit_to_user_mode_loop+0x40/0x110
[   75.344574][ T5338]  exit_to_user_mode_loop+0xec/0x110
[   75.347158][ T5338]  do_syscall_64+0x2bd/0x3b0
[   75.349268][ T5338]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.351443][ T5338]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.354091][ T5338]  ? clear_bhb_loop+0x60/0xb0
[   75.356219][ T5338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.358826][ T5338] RIP: 0033:0x7f0f6038e929
[   75.360747][ T5338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.369031][ T5338] RSP: 002b:00007fff9a79b538 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   75.372668][ T5338] RAX: 0000000000000000 RBX: 000000000001247f RCX: 00007f0f6038e929
[   75.376122][ T5338] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[   75.379673][ T5338] RBP: 00007f0f605b7ba0 R08: 0000000000000001 R09: 000000079a79b82f
[   75.383164][ T5338] R10: 00007f0f601ff02c R11: 0000000000000246 R12: 00007f0f605b5fac
[   75.386683][ T5338] R13: 00007f0f605b5fa0 R14: ffffffffffffffff R15: 00007fff9a79b650
[   75.390047][ T5338]  </TASK>
[   75.391931][ T5338] Kernel Offset: disabled
[   75.393763][ T5338] Rebooting in 86400 seconds..