1  typedef struct {int dims[0]; } *A;
       2  
       3  f(unsigned long obj)
       4  {
       5    unsigned char y = obj >> 24;
       6    y &= ~4;
       7  
       8    if ((y==0)||(y!=251  ))
       9      abort();
      10  
      11    if(((int)obj&7)!=7)return;
      12  
      13    REST_OF_CODE_JUST_HERE_TO_TRIGGER_THE_BUG:
      14  
      15    {
      16      unsigned char t = obj >> 24;
      17      if (!(t==0)&&(t<=0x03))
      18        return 0;
      19      return ((A)(obj&0x00FFFFFFL))->dims[1];
      20    }
      21  }
      22  
      23  long g(){return 0xff000000L;}
      24  main (){int x;f(g());exit(0);}