OOM Killer for embedded systems Documentation for oom.c Last update: $Date: 2006/10/24 10:15:59 $ * What is oom killer? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ It is a way to recover memory when the system lacks of (memory). The only way the kernel can find is to kill a process to recover the memory. a routine, oom_kill is called from memory management to choose and kill a process. a routine, badness, is called to set the process ability to be killed * Problem with embedded systems ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ On embedded systems, as on real-time systems, we want to be deterministic and may want to implement some kind of degraded mode or reconfiguration. The actual implementation of oom killer implements a way to reduce the badness of a process but it is quite complicated to use in a deterministic way like ranking group of processes with predefined badness as this badness will change during the system live. * Proposed solution for embedded systems ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The solution I propose is to add a new /proc/pid/oom_ranking value to be modified by a reconfiguration process. The implementation is triggered by CONFIG_OOM_EMBEDDED The kernel hook is installed at the begining of the selec_bad_process() I implemented the change with: Overall ranking: threshold with minimal value of oom_ranking to kill a process. /* CODE */ if(p->oom_ranking < oom_rank_threshold) continue; /* END CODE */ The difference with the use of (p->oomkilladj == OOM_DISABLE) is for degradded mode managment and reconfiguration issue: One can define different kind of processes: - Unkillable: oomkilladj == OOM_DISABLE - Protected : oom_ranking < oom_rank_threshold - eligible : worst ranked by badness() Another variable implements oom_reconfigure_wanted which incremented when the oom_killer has been invoked. This let the configuration manager to take opropriate decision to reconfigure the system Last change: the call to panic is changed on option to a call to reboot triggered by CONFIG_OOM_EMBEDDED_REBOOT: emergency_restart() If you do not use this option you can use panic_timeout to reboot the system, this let you reboot more cleanly (if possible) and analyse the crash with screen information or crash handler. Changed files: include/linux/sysctl.h include/linux/sched.h mm/oom_kill.c kernel/sysctl.c fs/proc/base.c kernel/Kconfig Documentation/oom_killer/embedded.txt