syzbot

panic: broken type ref

goroutine 35 [running]:
github.com/google/syzkaller/prog.ArgCommon.Type(...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/prog.go:59
github.com/google/syzkaller/prog.(*ConstArg).Size(0xc0022210d0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/prog.go:79 +0xfb
github.com/google/syzkaller/prog.foreachArgImpl({0x747378, 0xc00169f120}, 0xc001dd34c0, 0xc0001f1d28)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:147 +0x883
github.com/google/syzkaller/prog.foreachArgImpl({0x7473b8, 0xc001a3d710}, 0xc001dd34c0, 0xc0001f1d28)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:163 +0x38d
github.com/google/syzkaller/prog.ForeachArg(0xc001999db0, 0xc0001f1d28)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:122 +0x12a
github.com/google/syzkaller/prog.AssignRandomAsync(0xc002415e00, 0xc0016cab10)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/collide.go:32 +0x106
main.(*Proc).randomCollide(0xc0016f9840, 0xc002415e00)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:304 +0x8e
main.(*Proc).executeAndCollide(0xc0016f9840, 0xc0000151f8, 0xc002415e00, 0x0, 0x5)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:292 +0x8f
main.(*Proc).smashInput(0xc0016f9840, 0xc000de17e0)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:221 +0x21c
main.(*Proc).loop(0xc0016f9840)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:78 +0x17b
created by main.main
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:300 +0x1ce9