Amazingly, this sort of use-after-free causes compatibility problems for allocator writers even today. Imagine if you change the implementation of malloc() such that smaller allocations get their own mmap() region rather than being stuffed in with other allocations. Now any use-after-free bugs to allocations affected by the change will segfault instead of reading garbage, since the allocator would munmap the region upon free().
That's why programs like valgrind are great, they check all your memory allocations, and ensure these kinds of bugs don't occur (though it can only test codepaths that run, and has an overhead for all the checks).
This is also why I'm so excited about Rust. Suddenly your compiler and language definition ensure these kinds of bugs can't occur.
