https://bugs.kde.org/show_bug.cgi?id=522615
Bug ID: 522615
Summary: kwalletd6 Secret Service session memory leak causing
exponential RSS growth and kernel OOM after prolonged
use
Classification: Frameworks and Libraries
Product: frameworks-kwallet
Version First 6.27.0
Reported In:
Platform: Arch Linux
OS: Linux
Status: REPORTED
Severity: critical
Priority: NOR
Component: general
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
Target Milestone: ---
Created attachment 194006
--> https://bugs.kde.org/attachment.cgi?id=194006&action=edit
Forensic snapshot and full investigation report inside it
DESCRIPTION
After approximately 11 hours of uptime, kwalletd6's anonymous RSS grew from a
normal baseline (~50 MB) to roughly 18.9 GB (anon-rss: 19,796,084 kB),
exhausting the system's 32 GB of physical RAM plus 4 GB of swap. The Linux
kernel OOM killer terminated kwalletd6 (PID 3911). systemd restarted it
immediately and the system recovered. The restarted instance logs GTask
"finalized without ever returning" warnings related to Secret Service prompt
handling, suggesting the leak occurs in the D-Bus Secret Service code path.
Two attachments are provided with this report:
1. Full investigation report with complete evidence and analysis.
2. Forensic snapshot archive (14 MB compressed) containing OOM logs, complete
journal, /proc snapshots, D-Bus traces, and a core dump of the running
kwalletd6 instance for analysis.
STEPS TO REPRODUCE
1. Leave a KDE Plasma 6 session running with kwalletd6 D-Bus activated, Chrome
(or other libsecret-using clients) running in the background.
2. Allow the system to remain idle or in light use for approximately 11+ hours.
3. Observe kwalletd6 RSS growth via system monitor. The leak rate is
approximately 28 MB/minute once active. At ~18-19 GB RSS the kernel OOM killer
will terminate kwalletd6.
Note: The issue is not fully reproducible on demand. See full report for
conditions observed.
OBSERVED RESULT
- kwalletd6 anon-rss: 19,796,084 kB (~18.9 GB) at OOM kill time.
- file-rss: only 2,212 kB (negligible file-backed pages), confirming a pure
heap leak, not file cache or shared memory.
- VIRT: 23,228,428 kB (~22.2 GB).
- systemd reported 18.9G memory peak and 2.9G swap peak.
- oom_score_adj: 200 (positive adjustment set by systemd for the dbus-activated
unit).
- After OOM kill, the restarted kwalletd6 (PID 172592) logged:
- "received unexpected result type ao from Completed signal instead of
expected o"
- "GTask secret_service_real_prompt_async ... finalized without ever
returning (using g_task_return_*()). This potentially indicates a bug in the
program."
- The OOM-killed instance (PID 3911) did not log these GTask warnings during
its 11-hour lifetime, suggesting either a silent leak path or different code
path was exercised.
EXPECTED RESULT
kwalletd6 should maintain a stable memory footprint of approximately 30-100 MB
RSS regardless of uptime or Secret Service client activity.
SOFTWARE/OS VERSIONS
Operating System: Arch Linux (rolling), x86_64
KDE Plasma Version: 6.7.2-1
KDE Frameworks Version: (bundled in kwallet 6.27.0-1)
Qt Version: 6.11.1-1
Linux Kernel: 7.0.14-zen1-1-zen
Key packages:
kwallet: 6.27.0-1
glib2: 2.88.2-1
libsecret: 0.21.7-1
qca-qt6: 2.3.10-7
xdg-desktop-portal: 1.22.1-2
xdg-desktop-portal-kde: 6.7.2-1
ADDITIONAL INFORMATION
- systemd-oomd is verified disabled; this was the kernel OOM killer.
- Bug 490788 (QCA::Initializer destruction order, fixed in 6.23.0) shares the
same code area
(KWalletFreedesktopService/KWalletFreedesktopSessionAlgorithmDhAes) but causes
a different symptom (crash on shutdown, not memory leak during operation). Our
version 6.27.0 includes the fix, so this leak is a separate issue.
- Portal registration failure ("Could not register app ID") affects ALL KDE
components equally on this installation -- it is systemic, not
kwallet-specific, and therefore likely not the root cause.
- The signal type mismatch ("ao" vs "o" for the Completed signal) is a key
lead: it causes the GLib GTask for the Secret Service prompt to never complete,
potentially leaking the allocated task resources.
- Chrome (google-chrome 150.0.7871.46) is the most likely frequent caller of
the Secret Service API during the observation period, but direct client-side
evidence is not available in the current logs.
- Two files attached:
(1) Forensic snapshot: kwalletd6_forensics_20260704_200709.tar.xz
(2) Full investigation report inside the forensic snapshot:
kwalletd6_memory_leak_bug_report.txt
--
You are receiving this mail because:
You are watching all bug changes.