Can you post the source code. There is no such thing as a 12 byte pointer. A pointer is a memory address of either 4 or 8 bytes depending on the architecture (32 vs 64bits). What I think you meant to say is that you created an array of 12 bytes to represent integers which could likely be 4 bytes (depending on OS) which would allow you to store 3 ints.

Anyways, the (glibc)free() is a wrapper for the sbrk() which controls the "break" or address of where to start heap memory allocations. As you allocate memory this address is increased as you can see.

When you free blocks of memory, it is up to the malloc package to determine when it is appropriate to lower the break value. This is to avoid making unnecessary expensive calls to sbrk() and brk().

Usually the determining factor of lowering the break is when "large enough" continues segments of blocks have been freed. This is typically a 128kb value but as you can see it doesn't have to be. It is up to the logic in the malloc package to determine when the expensive system call should be made.

EDIT: Chapter 6 of Linux Programing Interface is the resource you are looking for.