syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
panic: bad group arg size 24, should be <= 0 for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[]prog.Arg{}} type "array"

goroutine 27 [running]:
github.com/google/syzkaller/prog.foreachArgImpl({0x8b44d8, 0xc0157a2a40}, 0xc018e0b580, 0xc001fa9d00)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:157 +0x5d9
github.com/google/syzkaller/prog.foreachArgImpl({0x8b4518, 0xc018f5d920}, 0xc018e0b580, 0xc00059fd00)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:164 +0x337
github.com/google/syzkaller/prog.ForeachArg(0xc018b96960, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:123 +0x105
github.com/google/syzkaller/prog.(*Prog).MutateWithHints(0xc0280b2640, 0x0, 0xc018e07410, 0xc00059fd80)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/hints.go:78 +0xaa
main.(*Proc).executeHintSeed(0xc0280b2640, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:248 +0xd2
main.(*Proc).smashInput(0xc0280b2640, 0xc01a8c13b0)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:214 +0x88
main.(*Proc).loop(0xc0280b2640)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:78 +0x125
created by main.main
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:310 +0x15e5