panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x60 pc=0x78a469]

goroutine 24 [running]:
github.com/google/syzkaller/prog.(*ConstArg).Size(0xc00275f4e0, 0xc00275f4e0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/prog.go:50 +0x29
github.com/google/syzkaller/prog.foreachArgImpl(0x9a8c40, 0xc00252a240, 0xc00252a0d0, 0xc00252a060, 0x188, 0x0, 0xc00014bd38)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:137 +0x1dc
github.com/google/syzkaller/prog.foreachArgImpl(0x9a8c40, 0xc00252a1b0, 0xc00252a0d0, 0xc00252a060, 0x158, 0x0, 0xc00014bd38)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:136 +0x1c8
github.com/google/syzkaller/prog.foreachArgImpl(0x9a8c40, 0xc00252a0c0, 0xc00252a0a0, 0xc00252a060, 0x10, 0x0, 0xc00014bd38)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:136 +0x1c8
github.com/google/syzkaller/prog.foreachArgImpl(0x9a8c40, 0xc00252a090, 0xc00196c608, 0xc00252a060, 0x0, 0x203000, 0xc00014bd38)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:136 +0x1c8
github.com/google/syzkaller/prog.foreachArgImpl(0x9a8c80, 0xc00252a060, 0xc00196c608, 0x0, 0x0, 0x8cde00, 0xc00014bd38)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:151 +0x3a6
github.com/google/syzkaller/prog.ForeachArg(0xc00196c600, 0xc00014bd38)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:120 +0x9e
github.com/google/syzkaller/prog.(*state).analyzeImpl(0xc001aaeb40, 0xc00196c600, 0xc002434001)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:58 +0x61
github.com/google/syzkaller/prog.analyze(0xc001410240, 0xc002434000, 0x204e, 0x2400, 0xc00196c5c0, 0xc00196c940, 0xc00014be20)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:34 +0xa5
github.com/google/syzkaller/prog.(*mutator).insertCall(0xc00014bec0, 0x14)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:140 +0xc6
github.com/google/syzkaller/prog.(*Prog).Mutate(0xc00196c5c0, 0x9a34c0, 0xc001ff9cb0, 0x14, 0xc001410240, 0xc002434000, 0x204e, 0x2400)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:45 +0x2ea
main.(*Proc).loop(0xc0014102c0)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:95 +0x434
created by main.main
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:259 +0x114c