core(5) - f36

1CORE(5)                    Linux Programmer's Manual                   CORE(5)
2
3
4

NAME

6       core - core dump file
7

DESCRIPTION

9       The  default  action of certain signals is to cause a process to termi‐
10       nate and produce a core dump file, a file containing an  image  of  the
11       process's memory at the time of termination.  This image can be used in
12       a debugger (e.g., gdb(1)) to inspect the state of the  program  at  the
13       time  that  it terminated.  A list of the signals which cause a process
14       to dump core can be found in signal(7).
15
16       A process can set its soft RLIMIT_CORE resource limit to place an upper
17       limit on the size of the core dump file that will be produced if it re‐
18       ceives a "core dump" signal; see getrlimit(2) for details.
19
20       There are various circumstances in which a core dump file is  not  pro‐
21       duced:
22
23       *  The  process  does  not have permission to write the core file.  (By
24          default, the core file is called core or core.pid, where pid is  the
25          ID  of  the  process that dumped core, and is created in the current
26          working directory.  See below for details on naming.)   Writing  the
27          core file fails if the directory in which it is to be created is not
28          writable, or if a file with the same name exists and is not writable
29          or  is  not  a  regular  file (e.g., it is a directory or a symbolic
30          link).
31
32       *  A (writable, regular) file with the same name as would be  used  for
33          the  core  dump already exists, but there is more than one hard link
34          to that file.
35
36       *  The filesystem where the core dump file would be created is full; or
37          has  run  out  of  inodes;  or is mounted read-only; or the user has
38          reached their quota for the filesystem.
39
40       *  The directory in which the core dump file is to be created does  not
41          exist.
42
43       *  The  RLIMIT_CORE  (core  file  size) or RLIMIT_FSIZE (file size) re‐
44          source limits for the process are set to zero; see getrlimit(2)  and
45          the documentation of the shell's ulimit command (limit in csh(1)).
46
47       *  The  binary being executed by the process does not have read permis‐
48          sion enabled.  (This is a security measure to ensure  that  an  exe‐
49          cutable  whose contents are not readable does not produce a—possibly
50          readable—core dump containing an image of the executable.)
51
52       *  The process is executing a set-user-ID (set-group-ID)  program  that
53          is  owned  by  a user (group) other than the real user (group) ID of
54          the process, or the process is executing a program that has file ca‐
55          pabilities  (see capabilities(7)).  (However, see the description of
56          the prctl(2) PR_SET_DUMPABLE operation, and the description  of  the
57          /proc/sys/fs/suid_dumpable file in proc(5).)
58
59       *  /proc/sys/kernel/core_pattern    is    empty    and   /proc/sys/ker‐
60          nel/core_uses_pid contains the value 0.  (These files are  described
61          below.)   Not