malloc()'s interaction with the kernel

Jason Tyler (
Wed, 21 Aug 1996 17:00:21 +1000 (EST)


I'm interested in finding out what type of system-level events
take place when a user process calls malloc() and free().

The main situation I'm having trouble understanding is this:
imagine that a process's heap is full of malloc()ed stuff, so
that on the next call to malloc it is going to run out of heap
space. So when it calls malloc(), malloc is (I assume) going to
call brk() to increase the process's data segment size. Then,
when the task tries to use the new memory, it will page fault,
and the OS will have to map some more pages into its address
space, calling something like page_alloc() and then putting the
pages into its page table in the new space made by brk().

My question is: how do we determine when we can free these new
pages? If they are used to hold several malloc()ed blocks, it
seems difficult to keep track of when _all_ the blocks within a
particular page are free()d so that the page itself may be freed
with a system call. Does the C library keep a count of how many
blocks are malloc()ed inside each page?

I'd appreciate it if someone could clear this point up for me, as
well as pointing out the inevitable errors in my guesswork above.
Apologies if this isn't strongly kernel-related, but I couldn't
think of a better place to ask.