Comment 0 for bug 1346497

Mark Plotnick (mark-plotnick) wrote :

On Ubuntu 14.04, calling the shell's "ulimit -c 20" command sets a ULIMIT_CORE in the kernel of 20480 bytes, as expected, verified by looking at /proc/$$/limits. (This is just an example; I'd likely not use a value that low.) The contents of /proc/sys/kernel/core_pattern is "|/usr/share/apport/apport %p %s %c %P".

When a process gets a memory fault, a core file much larger than 20480 bytes is created.

apport multiplies its third argument, 20480, by 1024, giving a limit of 20MB.

Test program:

#include <sys/time.h>
#include <sys/resource.h>
#include <stdlib.h>
#include <stdio.h>

main()
{
 struct rlimit r;

 getrlimit(RLIMIT_CORE, &r);
 printf("%ld %ld\n", (long) r.rlim_cur, r.rlim_max);
 malloc(1000000);
 abort();
}

Excerpts from /var/log/apport.log for the test program :

ERROR: apport (pid 4574) Sun Jul 20 21:37:38 2014: called for pid 4573, signal 6, core limit 204800
ERROR: apport (pid 4574) Sun Jul 20 21:37:38 2014: executable: /home/mp/ab (command line "./ab")
ERROR: apport (pid 4574) Sun Jul 20 21:37:38 2014: executable does not belong to a package, ignoring
ERROR: apport (pid 4574) Sun Jul 20 21:37:38 2014: writing core dump to /home/mp/core (limit: 209715200)