

Warning C28616

Multithreaded AV condition

This warning indicates that a thread has potential to access deleted objects if preempted.


There should be no access to a reference-counted object after the reference count is at zero.



The following code generates this warning. This is an example of threading time sequence that could expose this problem. In this example, m_cRef is a member of this:

A thread T1 executes the if condition, decrements m_cRef to 1, and is then preempted.

Another thread T2 executes the if condition, decrements m_cRef to 0, executes the if body (where this is deleted), and returns NULL.

When T1 is rescheduled, it will reference m_cref on line 9. Thus it will access a member variable after the related this pointer has been deleted—and when the heap for the object is in an unknown state.

ULONG CObject::Release()
    if (0 == InterlockedDecrement(&m_cRef))
        delete this;
        return NULL;
    /* this.m_cRef isn't thread safe */
    return m_cRef;

The following code does not reference any heap memory after the object is deleted.

ULONG CObject::Release()
    ASSERT(0 != m_cRef);
    ULONG cRef = InterlockedDecrement(&m_cRef);
    if (0 == cRef)
        delete this;
        return NULL;
    return cRef;