A runtime panic was triggered in promoteExecutables/demoteUnexecutables when
account balance was converted with uint256.MustFromBig(...):
panic: overflow
... legacypool.go:1637
Root cause:
- pool.currentState.GetBalance(addr) can exceed uint256 range in this code path.
- uint256.MustFromBig(balance) panics on overflow, crashing the reorg loop.
What this commit changes:
- remove uint256.MustFromBig(balance) from executable/non-executable filtering paths
- change list.Filter costLimit from *uint256.Int to *big.Int, and compare costs using big.Int directly
- keep overflow-safe totalcost accounting for replacements (subtract old cost first, then add new)
- return txpool.ErrSpecialTxCostOverflow for special-tx cost/totalcost overflow instead of returning (false, nil)
- avoid partial pending-state mutation by attaching a new pending list only after overflow-safe totalcost calculation succeeds
Tests:
- add regression coverage for special-tx overflow rejection returning non-nil error
- verify no pending/lookup/nonce mutation on overflow rejection
- cover replacement paths to ensure no intermediate-overflow regressions in list.Add/promoteSpecialTx
bd355d7b3f