ASSERT dispatch.c:755 get_syscall_method() == SYSCALL_METHOD_SYSENTER

Running an app with DR statically linked and using dr_app_start/dr_app_stop_and_cleanup I sometimes see this assert:

<Detaching from application xxx (969)>
<Application xxx (969).  Internal Error: DynamoRIO debug check failure: core/dispatch.c:755 get_syscall_method() == SYSCALL_METHOD_SYSENTER
(Error occurred @24465 frags)

Later this showed up like this:

<Attached to 9 threads in application xxx (3102)>
<dropping 3rd pending alarm signal>
<dropping nested signal>
<Detaching from application xxx (3102)>
<rank order violation executable_areas(readwrite)@core/vmareas.c:1587 acquired after memory_info_buf_lock(mutex)@core/unix/memquery_linux.c:71 in tid:c21>

Getting the callstack of the rank order:

   0x555557ae8eec <read_lock+796>:      add    $0x10,%rsp
   0x555557b8117b <is_executable_area_writable_overlap+43>:     xor    %eax,%eax
   0x555557ad914f <copy_frame_to_stack+431>:    mov    %rax,-0x40(%rbp)
   0x555557ad99c2 <sig_detach+290>:     mov    -0x28(%rbp),%rax
   0x555557acded7 <handle_suspend_signal+1879>:
    lea    0x280d25a(%rip),%rax        # 0x55555a2db138 <dynamo_options>
   0x555557ac62a3 <master_signal_handler_C+10259>:      cmp    $0x0,%al
   0x555557bbbb93 <dynamorio_sigreturn>:        mov    $0xf,%eax
   0x555557aa0dc3 <os_read+35>: add    $0x20,%rsp
   0x555557a87076 <memquery_iterator_next+758>:
    lea    0x28540bb(%rip),%rdx        # 0x55555a2db138 <dynamo_options>
   0x555557a875bc <memquery_from_os+156>:       cmp    $0x0,%al
   0x555557aae715 <query_memory_ex_from_os+37>: mov    %al,-0x12(%rbp)
   0x555557ab3875 <get_memory_info_from_os+37>: cmp    $0x0,%al
   0x555557aa1fd2 <is_readable_without_exception_internal+146>: movsbl %al,%r8d
   0x555557aa20e8 <is_readable_without_exception_query_os_noblock+56>:  mov    %al,-0x1(%rbp)
   0x555557ae29de <report_dynamorio_problem+1438>:      movsbl %al,%edx
   0x555557ae1fc9 <internal_error+473>: callq  0x555557b749d0 <soft_terminate>
   0x5555578177b4 <dispatch_enter_dynamorio+116>:
    jmpq   0x5555578177be <dispatch_enter_dynamorio+126>
   0x5555578162b9 <dispatch+217>:
    lea    0x2c46a60(%rip),%rax        # 0x55555a45cd20 <stats>
   0x55553558bf05:      Cannot access memory at address 0x55553558bf05
   0x555557665628  <app code>

So it's reporting the assert above:

        ASSERT(get_syscall_method() == SYSCALL_METHOD_SYSENTER);

Getting the wherewasi value:

<Detaching from application xxx (2614)>
wherewasi=2 last-tag=0x0000000000000000
<rank order violation executable_areas(readwrite)@core/vmareas.c:1587 acquired after memory_info_buf_lock(mutex)@core/unix/memquery_linux.c:71 in tid:a39>

2==DR_WHERE_DISPATCH

Some have non-NULL last_fragment->tag but it's just some app bb ending in cbr: nothing unusual.

So the issue is, how did it get to dispatch from dispatch?