traps: PANIC: double fault, error_code: 0x0
Oops: double fault: 0000 [#1] SMP KASAN NOPTI
CPU: 2 UID: 0 PID: 7353 Comm: syz.1.279 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
RIP: 0010:__switch_to_asm+0x52/0x70 arch/x86/entry/entry_64.S:209
Code: 29 eb 27 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc <41> 5f 41 5e 41 5d 41 5c 5b 5d e9 3f d0 30 00 66 66 2e 0f 1f 84 00
RSP: 0018:ffffc900032579b8 EFLAGS: 00010046
RAX: dffffc0000000000 RBX: b99bf0131ad67800 RCX: ffffc90004536b84
RDX: 1ffff1100d4c7462 RSI: ffff888035d60000 RDI: ffff888035d62440
RBP: ffffc90004536d78 R08: 0000000000000001 R09: 0000000000000001
R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000
R13: ffff888035d60558 R14: ffff88806a63a300 R15: ffff888035d62440
FS:  0000000000000000(0000) GS:ffff8880d68b2000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc900032579a8 CR3: 00000000290ec000 CR4: 0000000000352ef0
Call Trace:
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__switch_to_asm+0x52/0x70 arch/x86/entry/entry_64.S:209
Code: 29 eb 27 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc <41> 5f 41 5e 41 5d 41 5c 5b 5d e9 3f d0 30 00 66 66 2e 0f 1f 84 00
RSP: 0018:ffffc900032579b8 EFLAGS: 00010046
RAX: dffffc0000000000 RBX: b99bf0131ad67800 RCX: ffffc90004536b84
RDX: 1ffff1100d4c7462 RSI: ffff888035d60000 RDI: ffff888035d62440
RBP: ffffc90004536d78 R08: 0000000000000001 R09: 0000000000000001
R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000
R13: ffff888035d60558 R14: ffff88806a63a300 R15: ffff888035d62440
FS:  0000000000000000(0000) GS:ffff8880d68b2000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc900032579a8 CR3: 00000000290ec000 CR4: 0000000000352ef0
----------------
Code disassembly (best guess), 1 bytes skipped:
   0:	eb 27                	jmp    0x29
   2:	cc                   	int3
   3:	cc                   	int3
   4:	cc                   	int3
   5:	cc                   	int3
   6:	cc                   	int3
   7:	cc                   	int3
   8:	cc                   	int3
   9:	cc                   	int3
   a:	cc                   	int3
   b:	cc                   	int3
   c:	cc                   	int3
   d:	cc                   	int3
   e:	cc                   	int3
   f:	cc                   	int3
  10:	cc                   	int3
  11:	cc                   	int3
  12:	cc                   	int3
  13:	cc                   	int3
  14:	cc                   	int3
  15:	cc                   	int3
  16:	cc                   	int3
  17:	cc                   	int3
  18:	cc                   	int3
  19:	cc                   	int3
  1a:	cc                   	int3
  1b:	cc                   	int3
  1c:	cc                   	int3
  1d:	cc                   	int3
  1e:	cc                   	int3
  1f:	cc                   	int3
  20:	cc                   	int3
  21:	cc                   	int3
  22:	cc                   	int3
  23:	cc                   	int3
  24:	cc                   	int3
  25:	cc                   	int3
  26:	cc                   	int3
  27:	cc                   	int3
  28:	cc                   	int3
* 29:	41 5f                	pop    %r15 <-- trapping instruction
  2b:	41 5e                	pop    %r14
  2d:	41 5d                	pop    %r13
  2f:	41 5c                	pop    %r12
  31:	5b                   	pop    %rbx
  32:	5d                   	pop    %rbp
  33:	e9 3f d0 30 00       	jmp    0x30d077
  38:	66                   	data16
  39:	66                   	data16
  3a:	2e                   	cs
  3b:	0f                   	.byte 0xf
  3c:	1f                   	(bad)
  3d:	84 00                	test   %al,(%rax)