8<--- cut here ---
Unable to handle kernel NULL pointer dereference at virtual address 00000038
pgd = 87080a80
[00000038] *pgd=8670b003, *pmd=fe703003
Internal error: Oops: 207 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 1 PID: 7601 Comm: syz-executor.1 Not tainted 5.12.0-rc3-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at cdev_unmap fs/char_dev.c:580 [inline]
PC is at cdev_del+0x1c/0x34 fs/char_dev.c:596
LR is at tty_unregister_device drivers/tty/tty_io.c:3343 [inline]
LR is at tty_unregister_device+0x4c/0x58 drivers/tty/tty_io.c:3338
pc : [<804df8bc>]    lr : [<8093cee8>]    psr: 60000013
sp : 8646bda8  ip : 8646bdc0  fp : 8646bdbc
r10: 00000001  r9 : 87080548  r8 : 86c5e140
r7 : 867c2000  r6 : 00000000  r5 : 00000041  r4 : 00000000
r3 : 832cb0b4  r2 : 00000000  r1 : 821137b8  r0 : 83420c00
Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
Control: 30c5387d  Table: 87080a80  DAC: 00000000
Process syz-executor.1 (pid: 7601, stack limit = 0x8646a210)
Stack: (0x8646bda8 to 0x8646c000)
bda0:                   842ea900 00000041 8646bddc 8646bdc0 8093cee8 804df8ac
bdc0: 00000042 00000080 833a9d74 867c2000 8646bdfc 8646bde0 80950750 8093cea8
bde0: 86df4400 86662480 86df4418 86df4018 8646be14 8646be00 809466d0 80950718
be00: 86df4400 86df4000 8646be2c 8646be18 80946870 80946684 86df4400 86df4000
be20: 8646be4c 8646be30 80946a50 80946844 86df4400 00000001 86df4000 86df4784
be40: 8646be64 8646be50 8093e97c 8094695c 86df4400 87080540 8646beac 8646be68
be60: 8093edbc 8093e970 00000000 86707910 81fb8eec 86df468c 81f5a420 86df468c
be80: 8181dacc 86c5e140 8451e418 040a0001 86707910 83df8a80 85655734 5ac3c35a
bea0: 8646bee4 8646beb0 804dc2e0 8093e9e0 8646bedc 8646bec0 80384db8 8181ca64
bec0: 00000000 856556e4 85655140 82c6ba40 81f4a770 85655734 8646bef4 8646bee8
bee0: 804dc524 804dc250 8646bf1c 8646bef8 80270030 804dc520 ffffe000 8646bfb0
bf00: 80200224 8646a000 fffffe30 81f42a14 8646bfac 8646bf20 8020ce3c 8026ff9c
bf20: 86c5e140 00000000 8646bf4c 8646bf38 804dc0d8 8026fdd4 5ac3c35a 82a2244c
bf40: 8646bf5c 8646bf50 804dc564 804dc07c 8646bf7c 8646bf60 804d5158 804dc534
bf60: 86c5ec80 01e204c0 00000000 00000006 8646bf94 8646bf80 80502460 56b92eae
bf80: 00000004 00000004 01e204c0 00000000 00000006 80200224 8646a000 00000006
bfa0: 00000000 8646bfb0 80200098 8020c928 00000000 00000002 00000000 00000003
bfc0: 00000004 01e204c0 00000000 00000006 001208b0 0026a3a0 00000010 00000000
bfe0: 31a20000 7ee80370 00028cc4 00029180 80000010 00000003 00000000 00000000
Backtrace: 
[<804df8a0>] (cdev_del) from [<8093cee8>] (tty_unregister_device drivers/tty/tty_io.c:3343 [inline])
[<804df8a0>] (cdev_del) from [<8093cee8>] (tty_unregister_device+0x4c/0x58 drivers/tty/tty_io.c:3338)
 r5:00000041 r4:842ea900
[<8093ce9c>] (tty_unregister_device) from [<80950750>] (gsmld_detach_gsm drivers/tty/n_gsm.c:2409 [inline])
[<8093ce9c>] (tty_unregister_device) from [<80950750>] (gsmld_close+0x44/0xdc drivers/tty/n_gsm.c:2478)
 r7:867c2000 r6:833a9d74 r5:00000080 r4:00000042
[<8095070c>] (gsmld_close) from [<809466d0>] (tty_ldisc_close+0x58/0xac drivers/tty/tty_ldisc.c:488)
 r7:86df4018 r6:86df4418 r5:86662480 r4:86df4400
[<80946678>] (tty_ldisc_close) from [<80946870>] (tty_ldisc_kill+0x38/0x78 drivers/tty/tty_ldisc.c:636)
 r5:86df4000 r4:86df4400
[<80946838>] (tty_ldisc_kill) from [<80946a50>] (tty_ldisc_release+0x100/0x19c drivers/tty/tty_ldisc.c:809)
 r5:86df4000 r4:86df4400
[<80946950>] (tty_ldisc_release) from [<8093e97c>] (tty_release_struct+0x18/0x70 drivers/tty/tty_io.c:1714)
 r7:86df4784 r6:86df4000 r5:00000001 r4:86df4400
[<8093e964>] (tty_release_struct) from [<8093edbc>] (tty_release+0x3e8/0x610 drivers/tty/tty_io.c:1885)
 r5:87080540 r4:86df4400
[<8093e9d4>] (tty_release) from [<804dc2e0>] (__fput+0x9c/0x264 fs/file_table.c:280)
 r10:5ac3c35a r9:85655734 r8:83df8a80 r7:86707910 r6:040a0001 r5:8451e418
 r4:86c5e140
[<804dc244>] (__fput) from [<804dc524>] (____fput+0x10/0x14 fs/file_table.c:313)
 r9:85655734 r8:81f4a770 r7:82c6ba40 r6:85655140 r5:856556e4 r4:00000000
[<804dc514>] (____fput) from [<80270030>] (task_work_run+0xa0/0xdc kernel/task_work.c:140)
[<8026ff90>] (task_work_run) from [<8020ce3c>] (tracehook_notify_resume include/linux/tracehook.h:189 [inline])
[<8026ff90>] (task_work_run) from [<8020ce3c>] (do_work_pending+0x520/0x648 arch/arm/kernel/signal.c:672)
 r9:81f42a14 r8:fffffe30 r7:8646a000 r6:80200224 r5:8646bfb0 r4:ffffe000
[<8020c91c>] (do_work_pending) from [<80200098>] (slow_work_pending+0xc/0x20)
Exception stack(0x8646bfb0 to 0x8646bff8)
bfa0:                                     00000000 00000002 00000000 00000003
bfc0: 00000004 01e204c0 00000000 00000006 001208b0 0026a3a0 00000010 00000000
bfe0: 31a20000 7ee80370 00028cc4 00029180 80000010 00000003
 r10:00000006 r9:8646a000 r8:80200224 r7:00000006 r6:00000000 r5:01e204c0
 r4:00000004
Code: e30b30b4 e348332c e1a04000 e59303fc (e5942038) 
---[ end trace 89ec48437a6be30b ]---