MDEV-35420 Server aborts while deleting the record in spatial index

- This issue caused by commit a032f14(MDEV-33559).
In MDEV-33559, matched_rec::block was changed to pointer
and assinged with the help of buf_block_alloc(). But patch
fails to check for the block can be nullptr in
rtr_check_discard_page().

rtr_cur_search_with_match(): Acquire rtr_match_mutex before
creating shadow block for the matched records

rtr_pcur_move_to_next(): Copy the shadow block to page cursor
block under rtr_match_mutex

Author: Thirunarayanan

mysql-test/suite/innodb_gis/r/rollback.result

@@ -412,3 +412,16 @@ update t1 set a=point(5,5), b=point(5,5), c=5 where i < 3;
 ERROR HY000: Lost connection to MySQL server during query
 insert into t1 values(5, point(5,5), point(5,5), 5);
 drop table t1;
+#
+# MDEV-35420 Server aborts while deleting the record
+#               in spatial index
+#
+CREATE TABLE t1 (c POINT NOT NULL, SPATIAL(c)) engine=InnoDB;
+CHECK TABLE t1;
+Table	Op	Msg_type	Msg_text
+test.t1	check	status	OK
+SET STATEMENT unique_checks=0,foreign_key_checks=0 FOR
+START TRANSACTION;
+INSERT INTO t1 SELECT ST_GeomFromText('POINT(114368751 656950466)') FROM seq_1_to_512;
+ROLLBACK;
+DROP TABLE t1;

mysql-test/suite/innodb_gis/t/rollback.test

@@ -8,6 +8,7 @@
 # Avoid CrashReporter popup on Mac
 --source include/not_crashrep.inc
 --source include/have_innodb_16k.inc
+--source include/have_sequence.inc
 
 CREATE TABLE t4 (id bigint(12) unsigned NOT NULL auto_increment,
   c2 varchar(15) collate utf8_bin default NULL,
@@ -475,3 +476,15 @@ update t1 set a=point(5,5), b=point(5,5), c=5 where i < 3;
 insert into t1 values(5, point(5,5), point(5,5), 5);
 
 drop table t1;
+
+--echo #
+--echo # MDEV-35420 Server aborts while deleting the record
+--echo #               in spatial index
+--echo #
+CREATE TABLE t1 (c POINT NOT NULL, SPATIAL(c)) engine=InnoDB;
+CHECK TABLE t1;
+SET STATEMENT unique_checks=0,foreign_key_checks=0 FOR
+START TRANSACTION;
+INSERT INTO t1 SELECT ST_GeomFromText('POINT(114368751 656950466)') FROM seq_1_to_512;
+ROLLBACK;
+DROP TABLE t1;

storage/innobase/gis/gis0sea.cc

@@ -495,10 +495,10 @@ rtr_pcur_move_to_next(
 		rtr_rec_t	rec;
 		rec = rtr_info->matches->matched_recs->back();
 		rtr_info->matches->matched_recs->pop_back();
+		cursor->btr_cur.page_cur.block = rtr_info->matches->block;
 		mutex_exit(&rtr_info->matches->rtr_match_mutex);
 
 		cursor->btr_cur.page_cur.rec = rec.r_rec;
-		cursor->btr_cur.page_cur.block = rtr_info->matches->block;
 
 		DEBUG_SYNC_C("rtr_pcur_move_to_next_return");
 		return(true);
@@ -1204,8 +1204,11 @@ rtr_check_discard_page(
 		if (rtr_info->matches) {
 			mutex_enter(&rtr_info->matches->rtr_match_mutex);
 
-			if (rtr_info->matches->block->page.id().page_no()
-			     == pageno) {
+			/* matches->block could be nullptr when cursor
+			encounters empty table */
+			if (rtr_info->matches->block
+			    && rtr_info->matches->block->page.id().page_no()
+			    == pageno) {
 				if (!rtr_info->matches->matched_recs->empty()) {
 					rtr_info->matches->matched_recs->clear();
 				}
@@ -1849,21 +1852,28 @@ rtr_cur_search_with_match(
 					ut_ad(orig_mode
 					      != PAGE_CUR_RTREE_LOCATE);
 
+					/* Collect matched records on page */
+					offsets = rec_get_offsets(
+						rec, index, offsets,
+						index->n_fields,
+						ULINT_UNDEFINED, &heap);
+
+					mutex_enter(
+					  &rtr_info->matches->rtr_match_mutex);
+
 					if (!match_init) {
 						rtr_init_match(
 							rtr_info->matches,
 							block, page);
 						match_init = true;
 					}
 
-					/* Collect matched records on page */
-					offsets = rec_get_offsets(
-						rec, index, offsets,
-						index->n_fields,
-						ULINT_UNDEFINED, &heap);
 					rtr_leaf_push_match_rec(
 						rec, rtr_info, offsets,
 						page_is_comp(page));
+
+					mutex_exit(
+					  &rtr_info->matches->rtr_match_mutex);
 				}
 
 				last_match_rec = rec;