Bugfix: Wallet: Lock cs_wallet for SignMessage

[luke-jr]

cs_desc_main is typically locked within scope of a cs_wallet lock, but:

CWallet::IsLocked locks cs_wallet
...called from DescriptorScriptPubKeyMan::GetKeys
...called from DescriptorScriptPubKeyMan::GetSigningProvider which locks cs_desc_main first, but has no access to cs_wallet ...called from DescriptorScriptPubKeyMan::SignMessage ...called from CWallet::SignMessage which can access and lock cs_wallet

Resolve the out of order locks by grabbing cs_wallet in CWallet::SignMessage first

---

Note this is currently only an issue for the GUI (which lacks sufficient testing apparently), but can be reproduced by #26082 (CI fails as a result)

[luke-jr]

(It would be good to have someone more familiar with descriptor wallet code take a look if there's a better way to fix this.)

[DrahtBot]

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Conflicts

Reviewers, this pull request conflicts with the following ones:

• #24058 (BIP-322 basic support by kallewoof)
• #16545 (refactor: Implement missing error checking for ArgsManager flags by ryanofsky)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

[achow101]

ACK a60d9eb

Note that the signmessage RPC does not run into this issue because the RPC function holds cs_wallet prior to calling CWallet::SignMessage.

[w0xlt]

ACK a60d9eb

But most CI checks are failing with an unclear message.

[achow101]

But most CI checks are failing with an unclear message.

I think it needs to be rebased.

[luke-jr]

But most CI checks are failing with an unclear message.

This is a CI bug.

Edit: To be more specific, it looks like the CI infra is handling it okay, but some older CI distros have a very old version of git that can't handle the merge.

[fanquake]

but some older CI distros

The majority of the failing jobs are using Ubuntu Focal, which was released 2 years ago, and is LTS for another 3 years.

have a very old version of git

Ubuntu Focal ships with git version 2.25, which was released ~2.5 years ago.

[hebasto]

But most CI checks are failing with an unclear message.

I think it needs to be rebased.

... but some older CI distros have a very old version of git that can't handle the merge.

Confirming that rebasing does help.

[luke-jr]

Looks like the minimum git to make the merge is 2.33. But the PR itself is fine as-is, and once merged won't be a problem even for old versions of git.

[fanquake]

@achow101 are we backporting this for 24.x?

[achow101]

Yes, for backport

[fanquake]

Backported to 24.x in #26178.

[hebasto]

Looks like the minimum git to make the merge is 2.33. But the PR itself is fine as-is, and once merged won't be a problem even for old versions of git.

It appears, it is a problem as now the CI linter job fails.

[luke-jr]

It appears, it is a problem as now the CI linter job fails.

??? Looks like it's working fine to me? https://cirrus-ci.com/build/5775460305993728

[hebasto]

It appears, it is a problem as now the CI linter job fails.

??? Looks like it's working fine to me? https://cirrus-ci.com/build/5775460305993728

Don't hesitate to look into the following merge commits:

• https://cirrus-ci.com/task/6353622547038208:

Merge commit 0cfbb171bd6f61a4edba913e281553b9bdf08d4a is not clean

• https://cirrus-ci.com/task/5277524866367488:

Merge commit 0cfbb171bd6f61a4edba913e281553b9bdf08d4a is not clean

[luke-jr]

Looks like an issue with verify-commits. Not sure what the best way to fix that is.