Who "Killed" my process and why?

views:

1929

answers:

+5 Q:

Who "Killed" my process and why?

My application runs as a background process on Linux. It is currently started at the command line in a Terminal window.

Recently a user was executing the application for a while and it died mysteriously. The text:

Killed

was on the terminal. This happened two times. I asked if someone at a different Terminal used the kill command to kill the process? No.

Under what conditions would Linux decide to kill my process? I believe the shell displayed "Killed" because the process died after receiving the kill(9) signal. If Linux sent the kill signal should there be a message in a system log somewhere that explains why it was killed?

+1 A:

The user has the ability to kill his own programs, using kill or Control+C, but I get the impression that's not what happened, and that the user complained to you.

root has the ability to kill programs of course, but if someone has root on your machine and is killing stuff you have bigger problems.

If you are not the sysadmin, the sysadmin may have set up quotas on CPU, RAM, ort disk usage and auto-kills processes that exceed them.

Other than those guesses, I'm not sure without more info about the program.

Tom Ritter 2009-04-07 17:12:54

CTRL-C sends a different kill than the OP reported (SIGINT (2) as I recall, whereas the program is receiving a SIGKILL (9)).

R. Bemrose 2009-04-07 17:26:09

+9 A:

If the user or sysadmin did not kill the program the kernel may have. The kernel would only kill a process under exceptional circumstances such as extreme resource starvation (think mem+swap exhaustion).

dwc 2009-04-07 17:23:58

If the kernel killed the process would it put a message in a log somewhere?

sbq 2009-04-07 17:29:16

I just wrote a program that malloc'd memory in an inifite loop. After the system got slow, "Killed" was displayed in the terminal and the process was terminated. The file /var/log/kern.log contained a lot of info about the termination.-Thanks for the pointer.

sbq 2009-04-07 17:49:35

That's almost definitely it. I saw this a lot when TAing. Many students would forget to free their objects, and the apps would eventually reach 3GB of virtual memory usage. As soon as it hit that point it was killed.

Herms 2009-04-07 19:03:16

Does the OS actually kill the process or does the program simply crash? I think allocating memory when nothing is available is a fatal error in C++.

wp123 2010-05-12 14:54:03

The OS will actually kill the process, regardless of the language used. Failure to allocate memory is handled in various ways in various languages, but typically it's a matter of handling an exception or checking return status. This won't help if you've successfully allocated memory and the OOM killer targets you.

dwc 2010-05-13 20:41:28

We have had recurring problems under Linux at a customer site (Red Hat, I think), with OOMKiller (out-of-memory killer) killing both our principle application (i.e. the reason the server exists) and it's data base processes.

In each case OOMKiller simply decided that the processes were using to much resources... the machine wasn't even about to fail for lack of resources. Neither the application nor it's database has problems with memory leaks (or any other resource leak).

I am not a Linux expert, but I rather gathered it's algorithm for deciding when to kill something and what to kill is complex. Also, I was told (I can't speak as to the accuracy of this) that OOMKiller is baked into the Kernel and you can't simply not run it.

Software Monkey 2009-04-07 17:44:23

IIRC, OOMKiller is only invoked as a last resort. I think the system will even send a signal to various apps asking them to kindly give up some resources before it is forced to invoke OOMKiller. Take with a grain of salt, as it's been a long time...

rmeador 2009-04-07 18:04:15

You *can* simply not run it. It is baked into the kernel, but there are options to tune how it runs, and even which processes it is likely to kill. It runs when the whole system is out of memory, not when a specific process is using too much. See my answer for more details.

Adam Jaskiewicz 2009-04-07 18:28:18

+14 A:

This looks like a good article on the subject: Taming the OOM killer.

The gist is that Linux overcommits memory. When a process asks for more space, Linux will give it that space, even if it is claimed by another process, under the assumption that nobody actually uses all of the memory they ask for. The process will get exclusive use of the memory it has allocated when it actually uses it, not when it asks for it. This makes allocation quick, and might allow you to "cheat" and allocate more memory than you really have. However, once processes start using this memory, Linux might realize that it has been too generous in allocating memory it doesn't have, and will have to kill off a process to free some up. The process to be killed is based on a score taking into account runtime (long-running processes are safer), memory usage (greedy processes are less safe), and a few other factors, including a value you can adjust to make a process less likely to be killed. It's all described in the article in a lot more detail.

Edit: And here is another article that explains pretty well how a process is chosen (annotated with some kernel code examples). The great thing about this is that it includes some commentary on the reasoning behind the various badness() rules.

Adam Jaskiewicz 2009-04-07 17:51:37

ansaurus

tags:

views:

answers:

Who "Killed" my process and why?

related questions