Inferensys

Glossary

Out-Of-Memory (OOM) Killer

The Out-Of-Memory (OOM) Killer is a Linux kernel process that selectively terminates applications to free up memory when the system is critically low on available RAM.
Developer building agentic RAG system, retrieval pipeline diagram on laptop, technical workspace with notes.
MEMORY UPDATE AND EVICTION

What is Out-Of-Memory (OOM) Killer?

A definition of the Linux kernel's emergency process for managing critical memory exhaustion.

The Out-Of-Memory (OOM) Killer is a Linux kernel process that selectively terminates applications to free up memory when the system is critically low on available RAM. It is invoked as a last resort when all other memory reclamation efforts, such as garbage collection and cache eviction, have failed to prevent an out-of-memory condition. The kernel calculates an oom_score for each process based on its memory usage, runtime, and priority to determine the optimal target for termination.

This mechanism is a critical, albeit disruptive, form of system-level memory management that prevents total system lockup. In agentic systems, analogous eviction policies like Least Recently Used (LRU) manage context windows and vector stores proactively to avoid reaching such a critical state. Understanding the OOM Killer is essential for engineers designing resilient systems that must gracefully handle resource constraints without catastrophic failure.

LINUX KERNEL MECHANISM

Key Characteristics of the OOM Killer

The Out-Of-Memory (OOM) Killer is a last-resort Linux kernel process that terminates applications to free up memory when the system faces a critical, unrecoverable shortage of available RAM.

01

Trigger Mechanism: The OOM Score

The kernel does not trigger the OOM Killer at the moment physical RAM is exhausted. Instead, it activates when the system is under severe memory pressure and the swapping mechanism is overwhelmed or disabled. The kernel calculates a dynamic oom_score for each process, which estimates the system memory that would be reclaimed if the process were terminated. Key factors include:

  • Memory Usage: Total resident memory and swap usage.
  • Process Age: Longer-running processes may receive a penalty.
  • Process Niceness (nice value): Lower priority (higher nice value) processes are favored for killing.
  • User Privileges: Root-owned processes may be penalized less.
  • Direct Reclaim Activity: Processes causing significant memory reclaim work may be targeted.
02

Selection Algorithm: The `oom_score_adj` Tuning

While the kernel calculates a base oom_score, administrators and processes can influence the selection via the oom_score_adj tunable (ranging from -1000 to +1000). This value is added to the final oom_score. This allows for critical system protection and application-level control.

  • Protecting Critical Daemons: Setting oom_score_adj to -1000 for sshd or systemd ensures they are virtually never killed.
  • Prioritizing Eviction: Setting a high positive oom_score_adj on a memory-intensive, non-critical batch job makes it the primary candidate for termination.
  • The chosen victim is the process with the highest adjusted oom_score. The kernel logs the kill event with details like oom_score, oom_score_adj, and memory usage to /var/log/kern.log.
03

System-Wide vs. Cgroup Enforcement

The OOM Killer operates in two primary scopes, with cgroup (Control Group)-based killing being the modern standard for containerized environments.

  • System-Wide OOM Killer: The traditional model that evaluates all processes on the system. This can lead to the termination of a critical database process to save a rogue user application.
  • Cgroup-Aware OOM Killer: In modern kernels, memory limits are enforced via memory cgroups. When a cgroup hits its hard memory limit, the OOM Killer is invoked within that cgroup only. This provides crucial isolation:
    • A container exceeding its memory limit is terminated without affecting the host or other containers.
    • Quality of Service (QoS) is maintained by protecting higher-priority cgroups.
    • This is the fundamental mechanism enabling memory limits in Docker and Kubernetes.
04

The `oom_kill_allocating_task` Optimization

A kernel tunable (/proc/sys/vm/oom_kill_allocating_task) provides a performance optimization. When enabled (set to 1), the kernel bypasses the full oom_score calculation and immediately kills the task that triggered the OOM condition by attempting to allocate memory.

  • Advantage: Extremely fast resolution. It avoids scanning the entire task list, reducing latency during a critical memory crisis.
  • Disadvantage: It is a blunt instrument. The allocating task might be a critical service (e.g., a database handling a query) rather than the true source of the memory leak. This setting is often unsuitable for complex, multi-service systems but can be useful for simple, single-application workloads.
05

Interaction with Swapping (Swapiness)

The OOM Killer's behavior is intrinsically linked to the kernel's swapping policy, governed by the vm.swappiness parameter (0-100).

  • High Swappiness (e.g., 60): The kernel aggressively moves inactive memory pages to swap space on disk. This delays the onset of OOM conditions but can cause thrashing—severe performance degradation due to excessive disk I/O.
  • Low Swappiness (e.g., 10 or 0): The kernel avoids swapping, keeping more data in fast RAM. This improves performance but causes memory pressure to rise faster, triggering the OOM Killer sooner.
  • Swappiness = 0: Does not disable swapping entirely. It prevents reclaiming anonymous memory for the file cache but will still swap under absolute memory pressure. In container environments, swap is often disabled (--memory-swap equals --memory) to guarantee predictable OOM behavior and latency.
06

Mitigation Strategies in Production

Reliable systems are designed to avoid invoking the OOM Killer, as its actions are non-deterministic from an application perspective. Key engineering mitigations include:

  • Resource Limits: Enforce strict memory cgroup limits on all containers and processes. This confines the blast radius.
  • Monitoring and Alerting: Monitor oom_kill events via kernel logs or Prometheus/node_exporter metrics (node_vmstat_oom_kill). Alert on rising memory pressure, not just usage.
  • Application-Level Resilience: Design services to be stateless and idempotent, allowing them to be restarted after being killed without data loss.
  • Overprovisioning and Right-Sizing: Allocate sufficient memory headroom based on the working set model of applications.
  • Use of mlock(): For extreme latency-sensitive processes (e.g., real-time trading), critical memory pages can be locked in RAM using mlock() or mlockall() to prevent them from being swapped or considered for reclaim, though this reduces system flexibility.
OUT-OF-MEMORY (OOM) KILLER

Frequently Asked Questions

The Out-Of-Memory (OOM) Killer is a critical Linux kernel mechanism for managing severe memory pressure. These questions address its operation, configuration, and relevance to modern AI and agentic systems.

The Out-Of-Memory (OOM) Killer is a Linux kernel process that selectively terminates applications to free up memory when the system is critically low on available RAM and cannot satisfy allocation requests. It is a last-resort mechanism invoked after the kernel has exhausted standard memory management techniques like aggressive cache eviction and swapping. The OOM Killer's primary function is to prevent a complete system lockup by sacrificing one or more processes to restore system responsiveness. It calculates an oom_score for each running process based on its memory consumption, runtime, and user-defined adjustments, then terminates the process with the highest score to reclaim its memory.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.