From 62883e4ea23f65c42ff5c488faee1c5283df3b0c Mon Sep 17 00:00:00 2001 From: Matthew McPherrin Date: Sun, 17 May 2026 16:47:35 +0000 Subject: [PATCH 1/4] ct-test-srv: cap tracked submissions When using long-running test environments, ct-test-srv grows until it OOMs, which is causing some noise in my efforts to right-size memory usage. --- test/ct-test-srv/main.go | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/test/ct-test-srv/main.go b/test/ct-test-srv/main.go index bc413cc2b88..7c4707d6b4c 100644 --- a/test/ct-test-srv/main.go +++ b/test/ct-test-srv/main.go @@ -30,6 +30,7 @@ type ctSubmissionRequest struct { type integrationSrv struct { sync.Mutex submissions map[string]int64 + submissionsCap int // Hostnames where we refuse to provide an SCT. This is to exercise the code // path where all CT servers fail. rejectHosts map[string]bool @@ -156,9 +157,6 @@ func (is *integrationSrv) addChainOrPre(w http.ResponseWriter, r *http.Request, } } - is.Lock() - is.submissions[hostnames]++ - is.Unlock() if is.flakinessRate != 0 && rand.IntN(100) < is.flakinessRate { time.Sleep(10 * time.Second) @@ -168,6 +166,16 @@ func (is *integrationSrv) addChainOrPre(w http.ResponseWriter, r *http.Request, w.Write(publisher.CreateTestingSignedSCT(addChainReq.Chain, is.key, precert, time.Now())) } +func (is *integrationSrv) addSubmission(hostname String) { + is.Lock() + defer is.Unlock() + + _, ok := is.submissions[hostnames] + if ok || len(is.submissions) < is.submissionsCap { + is.submissions[hostnames]++ + } +} + func (is *integrationSrv) getSubmissions(w http.ResponseWriter, r *http.Request) { if r.Method != "GET" { http.NotFound(w, r) @@ -199,6 +207,9 @@ type Personality struct { // FlakinessRate is an integer between 0-100 that controls how often the log // "flakes", i.e. fails to respond in a reasonable time frame. FlakinessRate int + // SubmissionsCap limits the number of hostnames we track. Defaults to 100. + // After that many entries, new hostnames won't be counted in /submissions. + SubmissionsCap int } func runPersonality(p Personality) { @@ -210,12 +221,17 @@ func runPersonality(p Personality) { if err != nil { log.Fatal(err) } + cap := p.SubmissionsCap + if cap == 0 { + cap = 100 + } is := integrationSrv{ - key: key, - flakinessRate: p.FlakinessRate, - submissions: make(map[string]int64), - rejectHosts: make(map[string]bool), - userAgent: p.UserAgent, + key: key, + flakinessRate: p.FlakinessRate, + submissions: make(map[string]int64), + submissionsCap: cap, + rejectHosts: make(map[string]bool), + userAgent: p.UserAgent, } m := http.NewServeMux() m.HandleFunc("/submissions", is.getSubmissions) From 99acd2bc1ecd79a9bbd5d770d607c32a0a4e1534 Mon Sep 17 00:00:00 2001 From: Matthew McPherrin Date: Sun, 17 May 2026 17:32:10 +0000 Subject: [PATCH 2/4] Fix incomplete refactoring --- test/ct-test-srv/main.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/ct-test-srv/main.go b/test/ct-test-srv/main.go index 7c4707d6b4c..0d25059c66a 100644 --- a/test/ct-test-srv/main.go +++ b/test/ct-test-srv/main.go @@ -157,6 +157,7 @@ func (is *integrationSrv) addChainOrPre(w http.ResponseWriter, r *http.Request, } } + is.addSubmission(hostnames) if is.flakinessRate != 0 && rand.IntN(100) < is.flakinessRate { time.Sleep(10 * time.Second) @@ -166,7 +167,7 @@ func (is *integrationSrv) addChainOrPre(w http.ResponseWriter, r *http.Request, w.Write(publisher.CreateTestingSignedSCT(addChainReq.Chain, is.key, precert, time.Now())) } -func (is *integrationSrv) addSubmission(hostname String) { +func (is *integrationSrv) addSubmission(hostnames string) { is.Lock() defer is.Unlock() From 70a2ce86b173eb0c64e638069b3125b5fe545e49 Mon Sep 17 00:00:00 2001 From: Matthew McPherrin Date: Sun, 17 May 2026 17:36:12 +0000 Subject: [PATCH 3/4] fmt --- test/ct-test-srv/main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/ct-test-srv/main.go b/test/ct-test-srv/main.go index 0d25059c66a..f63e4fd399c 100644 --- a/test/ct-test-srv/main.go +++ b/test/ct-test-srv/main.go @@ -29,7 +29,7 @@ type ctSubmissionRequest struct { type integrationSrv struct { sync.Mutex - submissions map[string]int64 + submissions map[string]int64 submissionsCap int // Hostnames where we refuse to provide an SCT. This is to exercise the code // path where all CT servers fail. From 1f20d4fe0a913dd98f3cef08aca632fa208d4866 Mon Sep 17 00:00:00 2001 From: Matthew McPherrin Date: Mon, 18 May 2026 15:33:02 -0400 Subject: [PATCH 4/4] Default to 1M --- test/ct-test-srv/main.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/ct-test-srv/main.go b/test/ct-test-srv/main.go index f63e4fd399c..66a13cf42d4 100644 --- a/test/ct-test-srv/main.go +++ b/test/ct-test-srv/main.go @@ -208,7 +208,7 @@ type Personality struct { // FlakinessRate is an integer between 0-100 that controls how often the log // "flakes", i.e. fails to respond in a reasonable time frame. FlakinessRate int - // SubmissionsCap limits the number of hostnames we track. Defaults to 100. + // SubmissionsCap limits the number of hostnames we track. Defaults to 1 million. // After that many entries, new hostnames won't be counted in /submissions. SubmissionsCap int } @@ -224,7 +224,7 @@ func runPersonality(p Personality) { } cap := p.SubmissionsCap if cap == 0 { - cap = 100 + cap = 1_000_000 } is := integrationSrv{ key: key,