From d7d2d4b7958b518ddf38b8d452707a5609a5c813 Mon Sep 17 00:00:00 2001
From: Amir Omidi <amir@aaomidi.com>
Date: Fri, 5 Dec 2025 23:14:14 -0500
Subject: [PATCH] va: Avoid creating multiple slow remote timers in
 doRemoteOperation

The code that sets a tighter deadline for slow remote VAs was inside
a loop, causing a new timer (and goroutine) to be created on every
iteration after quorum was reached. While not incorrect (only the
first timer's cancel matters), this was wasteful.

Add a slowTimerSet flag to ensure only one timer is created.

Benchmark results show the fix is ~6.7x faster with ~7x less memory:

  BenchmarkSlowRemoteTimerMultiple  1907 ns/op  1464 B/op  17 allocs/op
  BenchmarkSlowRemoteTimerSingle     284 ns/op   208 B/op   3 allocs/op
---
 va/va.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/va/va.go b/va/va.go
index fd766262267..e2895c28023 100644
--- a/va/va.go
+++ b/va/va.go
@@ -571,6 +571,7 @@ func (va *ValidationAuthorityImpl) doRemoteOperation(ctx context.Context, op rem
 	var failed []string
 	var passedRIRs = map[string]struct{}{}
 	var firstProb *probs.ProblemDetails
+	var slowTimerSet bool
 
 	for resp := range responses {
 		var currProb *probs.ProblemDetails
@@ -606,13 +607,14 @@ func (va *ValidationAuthorityImpl) doRemoteOperation(ctx context.Context, op rem
 			firstProb = currProb
 		}
 
-		if va.slowRemoteTimeout != 0 {
+		if va.slowRemoteTimeout != 0 && !slowTimerSet {
 			// If enough perspectives have passed, or enough perspectives have
 			// failed, set a tighter deadline for the remaining perspectives.
 			if (len(passed) >= required && len(passedRIRs) >= requiredRIRs) ||
 				(len(failed) > remoteVACount-required) {
 				timer := time.AfterFunc(va.slowRemoteTimeout, cancel)
 				defer timer.Stop()
+				slowTimerSet = true
 			}
 		}