smp: ensure safe thread termination in rt_thread_close

eatvector · eatvector · commit f31445711e14 · 2025-07-27T11:31:33.000Z
diff --git a/src/thread.c b/src/thread.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2006-2022, RT-Thread Development Team
+ * Copyright (c) 2006-2025, RT-Thread Development Team
  *
  * SPDX-License-Identifier: Apache-2.0
  *
@@ -116,6 +116,7 @@ static void _thread_detach_from_mutex(rt_thread_t thread) {}
 
 static void _thread_exit(void)
 {
+    rt_err_t error;
     struct rt_thread *thread;
     rt_base_t critical_level;
 
@@ -124,12 +125,19 @@ static void _thread_exit(void)
 
     critical_level = rt_enter_critical();
 
-    rt_thread_close(thread);
+    error=rt_thread_close(thread);
 
-    _thread_detach_from_mutex(thread);
+    /**
+     * this check prevents concurrent _thread_detach operations by other threads.
+     * proceeds only when the current thread has successfully closed the target thread.
+     */
+    if(error == RT_EOK)
+    {
+        _thread_detach_from_mutex(thread);
 
-    /* insert to defunct thread list */
-    rt_thread_defunct_enqueue(thread);
+        /* insert to defunct thread list */
+        rt_thread_defunct_enqueue(thread);
+    }
 
     rt_exit_critical_safe(critical_level);
 
@@ -423,12 +431,15 @@ RTM_EXPORT(rt_thread_startup);
  */
 rt_err_t rt_thread_close(rt_thread_t thread)
 {
+    rt_err_t error;
     rt_sched_lock_level_t slvl;
     rt_uint8_t thread_status;
 
     /* forbid scheduling on current core if closing current thread */
     RT_ASSERT(thread != rt_thread_self() || rt_critical_level());
 
+    error = RT_EOK;
+
     /* before checking status of scheduler */
     rt_sched_lock(&slvl);
 
@@ -447,12 +458,73 @@ rt_err_t rt_thread_close(rt_thread_t thread)
 
         /* change stat */
         rt_sched_thread_close(thread);
+
+#ifdef RT_USING_SMP
+        int cpu_id;
+        rt_tick_t start_tick = rt_tick_get();
+        /**
+         * using conservative 500ms timeout, may adjust based on
+         * hardware characteristics and system load.
+        */
+        rt_tick_t timeout = RT_TICK_PER_SECOND >> 1;
+        rt_bool_t need_wait = RT_FALSE;
+
+        /**
+         * in SMP, the current thread and target thread may run on different CPUs.
+         * although we set the target thread's state to closed, it may still execute
+         * on another CPU until rescheduled. send IPI to force immediate rescheduling.
+         */
+        cpu_id = RT_SCHED_CTX(thread).oncpu;
+        rt_sched_unlock(slvl);
+        if ((cpu_id != RT_CPU_DETACHED) && (cpu_id != rt_cpu_get_id()))
+        {
+            rt_hw_ipi_send(RT_SCHEDULE_IPI, RT_CPU_MASK ^ (1 << cpu_id));
+            need_wait = RT_TRUE;
+        }
+
+        /**
+         * continuously check if target thread has detached from CPU core.
+         * this loop ensures the thread fully stops before resource cleanup.
+         * a timeout prevents deadlock if thread fails to detach promptly.
+         */
+        while (need_wait)
+        {
+            if (rt_tick_get_delta(start_tick) >= timeout)
+            {
+                LOG_D("Timeout waiting for thread %s (tid=%p) to detach from CPU%d",
+                      RT_NAME_MAX, thread->parent.name, thread, cpu_id);
+                error = -RT_ETIMEOUT;
+                break;
+            }
+
+            rt_hw_cpu_relax();
+
+            rt_sched_lock(&slvl);
+            cpu_id = RT_SCHED_CTX(thread).oncpu;
+            rt_sched_unlock(slvl);
+
+            if (cpu_id == RT_CPU_DETACHED)
+            {
+                break;
+            }
+        }
+
+        return error;
+#endif
+    }
+    else
+    {
+        /**
+         * avoid duplicate closing: if the thread is already closed, return an error.
+         * this prevents race conditions when multiple threads call _thread_detach/_thread_exit concurrently.
+         */
+        error = -RT_ERROR;
     }
 
     /* scheduler works are done */
     rt_sched_unlock(slvl);
 
-    return RT_EOK;
+    return error;
 }
 RTM_EXPORT(rt_thread_close);
 
@@ -491,10 +563,18 @@ static rt_err_t _thread_detach(rt_thread_t thread)
 
     error = rt_thread_close(thread);
 
-    _thread_detach_from_mutex(thread);
+    /**
+     * prevents concurrent thread cleanup operations by synchronizing between external
+     * _thread_detach calls and the target thread's own _thread_exit path.
+     * proceeds only when the current thread has successfully closed the target thread.
+     */
+    if (error == RT_EOK)
+    {
+        _thread_detach_from_mutex(thread);
 
-    /* insert to defunct thread list */
-    rt_thread_defunct_enqueue(thread);
+        /* insert to defunct thread list */
+        rt_thread_defunct_enqueue(thread);
+    }
 
     rt_exit_critical_safe(critical_level);
     return error;
@@ -1143,3 +1223,4 @@ rt_err_t rt_thread_get_name(rt_thread_t thread, char *name, rt_uint8_t name_size
 RTM_EXPORT(rt_thread_get_name);
 
 /**@}*/
+
