Merge remote-tracking branch 'upstream/develop' into feature/p2p-msg-validation-1

# Conflicts:
#	framework/src/test/java/org/tron/core/net/messagehandler/TransactionsMsgHandlerTest.java

Author: wb

actuator/src/main/java/org/tron/core/actuator/VMActuator.java

@@ -398,9 +398,9 @@ private void create()
       byte[] ops = newSmartContract.getBytecode().toByteArray();
       rootInternalTx = new InternalTransaction(trx, trxType);
 
-      long maxCpuTimeOfOneTx = rootRepository.getDynamicPropertiesStore()
-          .getMaxCpuTimeOfOneTx() * VMConstant.ONE_THOUSAND;
-      long thisTxCPULimitInUs = (long) (maxCpuTimeOfOneTx * getCpuLimitInUsRatio());
+      long thisTxCPULimitInUs = calculateCpuLimitInUs(isConstantCall,
+          rootRepository.getDynamicPropertiesStore().getMaxCpuTimeOfOneTx(),
+          getCpuLimitInUsRatio(), CommonParameter.getInstance().getConstantCallTimeoutMs());
       long vmStartInUs = System.nanoTime() / VMConstant.ONE_THOUSAND;
       long vmShouldEndInUs = vmStartInUs + thisTxCPULimitInUs;
       ProgramInvoke programInvoke = ProgramInvokeFactory
@@ -512,10 +512,9 @@ private void call()
         energyLimit = getTotalEnergyLimit(creator, caller, contract, feeLimit, callValue);
       }
 
-      long maxCpuTimeOfOneTx = rootRepository.getDynamicPropertiesStore()
-          .getMaxCpuTimeOfOneTx() * VMConstant.ONE_THOUSAND;
-      long thisTxCPULimitInUs =
-          (long) (maxCpuTimeOfOneTx * getCpuLimitInUsRatio());
+      long thisTxCPULimitInUs = calculateCpuLimitInUs(isConstantCall,
+          rootRepository.getDynamicPropertiesStore().getMaxCpuTimeOfOneTx(),
+          getCpuLimitInUsRatio(), CommonParameter.getInstance().getConstantCallTimeoutMs());
       long vmStartInUs = System.nanoTime() / VMConstant.ONE_THOUSAND;
       long vmShouldEndInUs = vmStartInUs + thisTxCPULimitInUs;
       ProgramInvoke programInvoke = ProgramInvokeFactory
@@ -692,6 +691,14 @@ private double getCpuLimitInUsRatio() {
     return cpuLimitRatio;
   }
 
+  static long calculateCpuLimitInUs(boolean isConstantCall, long maxCpuTimeOfOneTxMs,
+      double cpuLimitInUsRatio, long constantCallTimeoutMs) {
+    if (isConstantCall && constantCallTimeoutMs > 0L) {
+      return constantCallTimeoutMs * VMConstant.ONE_THOUSAND;
+    }
+    return (long) (maxCpuTimeOfOneTxMs * VMConstant.ONE_THOUSAND * cpuLimitInUsRatio);
+  }
+
   public long getTotalEnergyLimitWithFixRatio(AccountCapsule creator, AccountCapsule caller,
       TriggerSmartContract contract, long feeLimit, long callValue)
       throws ContractValidateException {

actuator/src/main/java/org/tron/core/vm/PrecompiledContracts.java

@@ -3,6 +3,8 @@
 import static java.util.Arrays.copyOfRange;
 import static org.tron.common.math.Maths.max;
 import static org.tron.common.math.Maths.min;
+import static org.tron.common.math.StrictMathWrapper.multiplyExact;
+import static org.tron.common.math.StrictMathWrapper.subtractExact;
 import static org.tron.common.runtime.vm.DataWord.WORD_SIZE;
 import static org.tron.common.utils.BIUtil.addSafely;
 import static org.tron.common.utils.BIUtil.isLessThan;
@@ -427,6 +429,14 @@ private static byte[] extractBytes(byte[] data, int offset, int len) {
     return Arrays.copyOfRange(data, offset, offset + len);
   }
 
+  private static boolean isValidAbiEncoding(byte[] data, int headerWords, int itemWords) {
+    if (data == null || data.length % WORD_SIZE != 0) {
+      return false;
+    }
+    long tail = subtractExact(data.length, multiplyExact(headerWords, WORD_SIZE));
+    return tail > 0 && tail % multiplyExact(itemWords, WORD_SIZE) == 0;
+  }
+
   public abstract static class PrecompiledContract {
 
     protected static final byte[] DATA_FALSE = new byte[WORD_SIZE];
@@ -1020,6 +1030,8 @@ public static class ValidateMultiSign extends PrecompiledContract {
 
     private static final int ENGERYPERSIGN = 1500;
     private static final int MAX_SIZE = 5;
+    private static final int ABI_HEADER_WORDS = 5;
+    private static final int ABI_ITEM_WORDS = 5;
 
 
     @Override
@@ -1031,6 +1043,10 @@ public long getEnergyForData(byte[] data) {
 
     @Override
     public Pair<Boolean, byte[]> execute(byte[] rawData) {
+      if (VMConfig.allowTvmOsaka()
+          && !isValidAbiEncoding(rawData, ABI_HEADER_WORDS, ABI_ITEM_WORDS)) {
+        return Pair.of(false, EMPTY_BYTE_ARRAY);
+      }
       DataWord[] words = DataWord.parseArray(rawData);
       byte[] address = words[0].toTronAddress();
       int permissionId = words[1].intValueSafe();
@@ -1103,6 +1119,8 @@ public static class BatchValidateSign extends PrecompiledContract {
     private static final String workersName = "validate-sign-contract";
     private static final int ENGERYPERSIGN = 1500;
     private static final int MAX_SIZE = 16;
+    private static final int ABI_HEADER_WORDS = 5;
+    private static final int ABI_ITEM_WORDS = 6;
 
     static {
       workers = ExecutorServiceManager.newFixedThreadPool(workersName,
@@ -1130,6 +1148,10 @@ public Pair<Boolean, byte[]> execute(byte[] data) {
 
     private Pair<Boolean, byte[]> doExecute(byte[] data)
         throws InterruptedException, ExecutionException {
+      if (VMConfig.allowTvmOsaka()
+          && !isValidAbiEncoding(data, ABI_HEADER_WORDS, ABI_ITEM_WORDS)) {
+        return Pair.of(false, EMPTY_BYTE_ARRAY);
+      }
       DataWord[] words = DataWord.parseArray(data);
       byte[] hash = words[0].getData();
 

actuator/src/test/java/org/tron/core/actuator/VMActuatorTest.java

@@ -0,0 +1,23 @@
+package org.tron.core.actuator;
+
+import static org.junit.Assert.assertEquals;
+
+import org.junit.Test;
+
+public class VMActuatorTest {
+
+  @Test
+  public void testConstantCallUsesConfiguredTimeoutVerbatim() {
+    assertEquals(123_000L, VMActuator.calculateCpuLimitInUs(true, 80L, 5.0, 123L));
+  }
+
+  @Test
+  public void testConstantCallWithoutConfiguredTimeoutUsesNetworkDeadline() {
+    assertEquals(400_000L, VMActuator.calculateCpuLimitInUs(true, 80L, 5.0, 0L));
+  }
+
+  @Test
+  public void testNonConstantCallIgnoresConfiguredTimeout() {
+    assertEquals(400_000L, VMActuator.calculateCpuLimitInUs(false, 80L, 5.0, 123L));
+  }
+}

common/src/main/java/org/tron/common/parameter/CommonParameter.java

@@ -71,6 +71,18 @@ public class CommonParameter {
   @Getter
   @Setter
   public double maxTimeRatio = calcMaxTimeRatio();
+  /**
+   * Max TVM execution time (ms) for constant calls — covers
+   * triggerconstantcontract, triggersmartcontract dispatched to view/pure
+   * functions, estimateenergy, eth_call, eth_estimateGas, and any other
+   * RPC routed through Wallet#callConstantContract. 0 = use the same
+   * deadline as block processing (current behaviour). When operators set
+   * this in config the value must be positive and fit VM deadline conversion;
+   * validated at config-load in VmConfig.
+   */
+  @Getter
+  @Setter
+  public long constantCallTimeoutMs = 0L;
   @Getter
   @Setter
   public boolean saveInternalTx;

common/src/main/java/org/tron/core/config/args/VmConfig.java

@@ -2,19 +2,24 @@
 
 import com.typesafe.config.Config;
 import com.typesafe.config.ConfigBeanFactory;
+import lombok.AccessLevel;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.extern.slf4j.Slf4j;
 
 /**
  * VM configuration bean. Field names match config.conf keys under the "vm" section.
- * Bound automatically via ConfigBeanFactory — no manual key constants needed.
+ * Most fields are bound automatically via ConfigBeanFactory; opt-in fields that
+ * must stay absent from reference.conf are bound manually after hasPath checks.
  */
 @Slf4j
 @Getter
 @Setter
 public class VmConfig {
 
+  private static final String CONSTANT_CALL_TIMEOUT_MS_KEY = "constantCallTimeoutMs";
+  static final long MAX_CONSTANT_CALL_TIMEOUT_MS = Long.MAX_VALUE / 1_000L;
+
   private boolean supportConstant = false;
   private long maxEnergyLimitForConstant = 100_000_000L;
   private int lruCacheSize = 500;
@@ -27,6 +32,11 @@ public class VmConfig {
   private boolean saveInternalTx = false;
   private boolean saveFeaturedInternalTx = false;
   private boolean saveCancelAllUnfreezeV2Details = false;
+  // Excluded from ConfigBeanFactory binding (no setter): the property is
+  // intentionally absent from reference.conf so {@code Config#hasPath} alone
+  // signals operator opt-in. Bound manually in {@link #fromConfig}.
+  @Setter(AccessLevel.NONE)
+  private long constantCallTimeoutMs = 0L;
 
   /**
    * Create VmConfig from the "vm" section of the application config.
@@ -36,11 +46,11 @@ public class VmConfig {
   public static VmConfig fromConfig(Config config) {
     Config vmSection = config.getConfig("vm");
     VmConfig vmConfig = ConfigBeanFactory.create(vmSection, VmConfig.class);
-    vmConfig.postProcess();
+    vmConfig.postProcess(vmSection);
     return vmConfig;
   }
 
-  private void postProcess() {
+  private void postProcess(Config vmSection) {
     // clamp maxEnergyLimitForConstant
     if (maxEnergyLimitForConstant < 3_000_000L) {
       maxEnergyLimitForConstant = 3_000_000L;
@@ -60,5 +70,23 @@ private void postProcess() {
       logger.warn("Configuring [vm.saveCancelAllUnfreezeV2Details] won't work as "
           + "vm.saveInternalTx or vm.saveFeaturedInternalTx is off.");
     }
+
+    // constantCallTimeoutMs is excluded from ConfigBeanFactory binding (no
+    // setter) and intentionally absent from reference.conf, so hasPath alone
+    // tells us whether the operator opted in. Only positive values that can be
+    // safely converted to microseconds are valid.
+    if (vmSection.hasPath(CONSTANT_CALL_TIMEOUT_MS_KEY)) {
+      long value = vmSection.getLong(CONSTANT_CALL_TIMEOUT_MS_KEY);
+      if (value <= 0L) {
+        throw new IllegalArgumentException(
+            "vm.constantCallTimeoutMs must be > 0 when configured, got " + value);
+      }
+      if (value > MAX_CONSTANT_CALL_TIMEOUT_MS) {
+        throw new IllegalArgumentException(
+            "vm.constantCallTimeoutMs must be <= " + MAX_CONSTANT_CALL_TIMEOUT_MS
+                + " to fit VM deadline conversion, got " + value);
+      }
+      constantCallTimeoutMs = value;
+    }
   }
 }

common/src/test/java/org/tron/core/config/args/VmConfigTest.java

@@ -88,4 +88,68 @@ public void testEstimateEnergyMaxRetryBoundaryValues() {
     assertEquals(3, VmConfig.fromConfig(
         withRef("vm { estimateEnergyMaxRetry = 3 }")).getEstimateEnergyMaxRetry());
   }
+
+  // ===========================================================================
+  // Constant-call timeout (issue #6681). The validation rule: any positive
+  // value that fits VM deadline conversion is accepted, but zero/negative is
+  // rejected ONLY when the operator explicitly set the property in their
+  // config. Absence keeps the in-Java default (0L = "share the
+  // block-processing deadline").
+  // ===========================================================================
+
+  @Test
+  public void testConstantCallTimeoutDefaultWhenAbsent() {
+    // No path in the config, no entry in reference.conf -> default 0L kept,
+    // no validation triggered.
+    VmConfig vm = VmConfig.fromConfig(withRef());
+    assertEquals(0L, vm.getConstantCallTimeoutMs());
+  }
+
+  @Test
+  public void testConstantCallTimeoutAcceptsAnyPositiveValue() {
+    assertEquals(1L, VmConfig.fromConfig(
+        withRef("vm { constantCallTimeoutMs = 1 }")).getConstantCallTimeoutMs());
+    assertEquals(50L, VmConfig.fromConfig(
+        withRef("vm { constantCallTimeoutMs = 50 }")).getConstantCallTimeoutMs());
+    assertEquals(500L, VmConfig.fromConfig(
+        withRef("vm { constantCallTimeoutMs = 500 }")).getConstantCallTimeoutMs());
+    assertEquals(5_000L, VmConfig.fromConfig(
+        withRef("vm { constantCallTimeoutMs = 5000 }")).getConstantCallTimeoutMs());
+  }
+
+  @Test
+  public void testConstantCallTimeoutZeroRejectedWhenExplicitlyConfigured() {
+    // Operator wrote `= 0` in config -> treated as a misconfiguration even
+    // though it equals the in-Java default. Forces an explicit positive value.
+    try {
+      VmConfig.fromConfig(withRef("vm { constantCallTimeoutMs = 0 }"));
+      org.junit.Assert.fail("expected IllegalArgumentException for explicit 0");
+    } catch (IllegalArgumentException ex) {
+      org.junit.Assert.assertTrue(ex.getMessage(),
+          ex.getMessage().contains("constantCallTimeoutMs"));
+    }
+  }
+
+  @Test
+  public void testConstantCallTimeoutNegativeRejected() {
+    try {
+      VmConfig.fromConfig(withRef("vm { constantCallTimeoutMs = -1 }"));
+      org.junit.Assert.fail("expected IllegalArgumentException for negative ms");
+    } catch (IllegalArgumentException ex) {
+      org.junit.Assert.assertTrue(ex.getMessage(),
+          ex.getMessage().contains("constantCallTimeoutMs"));
+    }
+  }
+
+  @Test
+  public void testConstantCallTimeoutOverflowRejected() {
+    long value = VmConfig.MAX_CONSTANT_CALL_TIMEOUT_MS + 1L;
+    try {
+      VmConfig.fromConfig(withRef("vm { constantCallTimeoutMs = " + value + " }"));
+      org.junit.Assert.fail("expected IllegalArgumentException for overflowing ms");
+    } catch (IllegalArgumentException ex) {
+      org.junit.Assert.assertTrue(ex.getMessage(),
+          ex.getMessage().contains("deadline conversion"));
+    }
+  }
 }

framework/src/main/java/org/tron/core/config/args/Args.java

@@ -195,6 +195,7 @@ private static void applyVmConfig(VmConfig vm) {
     PARAMETER.saveInternalTx = vm.isSaveInternalTx();
     PARAMETER.saveFeaturedInternalTx = vm.isSaveFeaturedInternalTx();
     PARAMETER.saveCancelAllUnfreezeV2Details = vm.isSaveCancelAllUnfreezeV2Details();
+    PARAMETER.constantCallTimeoutMs = vm.getConstantCallTimeoutMs();
   }
 
   // Old applyStorageConfig removed — merged into applyStorageConfig()

framework/src/main/resources/config.conf

@@ -732,6 +732,18 @@ vm = {
 
   # Indicates the max retry time for executing transaction in estimating energy. Default 3.
   # estimateEnergyMaxRetry = 3
+
+  # Max TVM execution time (ms) for constant calls — applies to
+  # triggerconstantcontract, triggersmartcontract dispatched to view/pure
+  # functions, estimateenergy, eth_call, eth_estimateGas, and any other RPC
+  # routed through the constant-call path. When set, must be a positive
+  # integer that fits VM deadline conversion and is used verbatim as the
+  # per-call deadline (no clamp against the network's maxCpuTimeOfOneTx).
+  # Omit the property entirely to keep the default behaviour of sharing the
+  # block-processing deadline. Migration note: if previously running --debug
+  # to extend constant calls, switch to this option (--debug also extends
+  # block-processing, which is unsafe; see issue #6266).
+  # constantCallTimeoutMs = 100
 }
 
 # These parameters are designed for private chain testing only and cannot be freely switched on or off in production systems.