Ring Buffer Race Condition Causing Null Pointer Crash

[ericraio]

Experienced crashes on Linux with null pointer dereference at ring_buffer.cpp:124 in RingBuffer::free_empty()

Fault address: 0x0000000000000008 (null pointer dereference)
Location: datastax-cpp-driver/src/ring_buffer.cpp:124
Function: RingBuffer::free_empty()
Error: assert(cur->write_pos_ == cur->read_pos_)

Thread NIO-SGLTN-1-#2
  └─ uv_run (libuv event loop)
     └─ EventLoop::internal_on_run
        └─ OpenSslSession::decrypt
           └─ CNIOBoringSSL_SSL_read
              └─ RingBufferBio::read
                 └─ RingBuffer::read
                    └─ RingBuffer::free_empty ← CRASH

Root Cause

The C++ DataStax driver's RingBuffer class lacks thread synchronization. When multiple Swift threads concurrently call cass_session_execute(), they race on the circular linked list in the ring buffer.

[ericraio]

A quick fix is to serialize every call but this will have performance implications, a better fix would be to distribute queries across a pool using round-robin but more complex.