How Linux’s OOM Killer Works and How to Protect Critical Processes

Background of the OOM Killer

Linux uses an overcommit memory policy, allowing the total requested memory by processes to exceed the physical RAM because allocations are often not used immediately. When many processes start using their allocated memory simultaneously, the system can run out of RAM, triggering the OOM Killer.

How the OOM Killer Operates

When memory is insufficient and other recovery methods (cache reclaim, swap) fail, the kernel calls the out_of_memory() function, which starts the OOM Killer. The killer scans all processes, calculates an oom_score for each based on memory consumption, priority, and other factors, and selects the process with the highest score for termination.

Factors Influencing OOM Killer Decisions

Memory usage : The more physical memory a process consumes, the higher its oom_score and the greater the chance it will be killed.

Process priority : Adjusting the value in /proc/[PID]/oom_score_adj changes the oom_score . The range is -1000 to 1000; higher values increase kill probability, while -1000 protects the process from termination.

System parameters : Kernel settings such as /proc/sys/vm/overcommit_memory and /proc/sys/vm/panic_on_oom affect OOM Killer behavior. overcommit_memory controls the overcommit strategy, and panic_on_oom decides whether the system panics or invokes the OOM Killer when memory is exhausted.

Preventing Critical Processes from Being Killed

To keep essential services (e.g., sshd) alive, you can take the following actions:

Adjust oom_score_adj : Set the value to -1000 for the critical process. echo -1000 > /proc/[PID]/oom_score_adj Optimize memory usage : Ensure applications use memory efficiently, avoid leaks, and reduce unnecessary consumption.

Configure memory limits : Use mechanisms like cgroups to impose memory caps on processes, preventing any single process from monopolizing RAM.

Conclusion

The OOM Killer safeguards Linux systems by selectively terminating processes when memory runs out. Understanding its scoring algorithm and tuning related kernel parameters, along with good application memory practices and cgroup limits, are essential for maintaining the stability of critical services.