Strange behaviour with free()

[Vikaas BV]

Hi,

Can anyone explain the following behavior in the code below.  My
observations are as follows:

1.  I am calling free on the character pointer x and I do not get a
Segmentation fault.  However, if one remarks the allocation for z, the
code seg faults

2.  When I free x twice and then call malloc_stats(I kind of use it to
determine if there are any unfreed memory blocks in my program), the
program hangs.   When I use gdb and interrupt the program in this state,
it says the execution point is somewhere in libc.so.6.

3.  When I use printf to generate output onto the screen, nothing
appears till I print a newline character.  Even a call to fflush does
not seem to help.


#include <stdio.h>
 
main() {
    char * x;
    char * y;
    char * z;
 
    x = (char *) malloc(sizeof(char) * 100);
/* Remarking out the following line will cause the Seg fault at free.  I
am at a loss to
 * understand the relation between x and z.  Further, I can still free z
without
 * any problems.
 *
 * Additionally, a call to malloc_stats() freezes the program when x is
freed twice
*/
    z = (char *) malloc(sizeof(char) * 100);
    bzero(x, 100);
 
    free(x);
//  sleep(10);
 
 
/* Should it not seg fault when I try to free the same variable twice ?
*/
    free(x);
 
    printf("%s", "Should Segfault before");
    fflush(stdout);
//  malloc_stats();
}

I have tested it on 2 systems - one running 
Mandrake 7.2, 
kernel 2.2.19,
libc-2.1.3, 
gcc 2.95.3 

and the other running 
Mandrake 8.0,
kernel 2.4.3
libc-2.2.2,
gcc 2.96

Regards
vikas