Server crashes in Item_func_match::init_search on 2nd execution of PS

CREATE TABLE t (a VARCHAR(255), FULLTEXT(a));

INSERT INTO t VALUES ('foo'),('bar'); # Optional, fails either way

CREATE VIEW v AS 

  SELECT MATCH (a) AGAINST ('MariaDB' IN NATURAL LANGUAGE MODE) AS f

  FROM t

  WHERE MATCH (a) AGAINST ('MariaDB' IN NATURAL LANGUAGE MODE) > 0

  ORDER BY f;

PREPARE stmt FROM "SELECT f FROM v ORDER BY f";

EXECUTE stmt;

EXECUTE stmt;

# Cleanup

DROP VIEW v;

DROP TABLE t;

#3  <signal handler called>

#4  0x00005612021b3e77 in Item_func_match::init_search (this=0x62900024a848, thd=0x62b00005b208, no_order=true) at /data/src/10.4/sql/item_func.cc:5997

#5  0x00005612021b45cd in Item_func_match::init_search (this=0x629000249920, thd=0x62b00005b208, no_order=true) at /data/src/10.4/sql/item_func.cc:6031

#6  0x00005612021b45cd in Item_func_match::init_search (this=0x62b000091d48, thd=0x62b00005b208, no_order=true) at /data/src/10.4/sql/item_func.cc:6031

#7  0x0000561201719163 in init_ftfuncs (thd=0x62b00005b208, select_lex=0x62b00008dea0, no_order=true) at /data/src/10.4/sql/sql_base.cc:9133

#8  0x000056120194102d in JOIN::optimize_stage2 (this=0x62b000062458) at /data/src/10.4/sql/sql_select.cc:2913

#9  0x000056120193b557 in JOIN::optimize_inner (this=0x62b000062458) at /data/src/10.4/sql/sql_select.cc:2394

#10 0x00005612019341f5 in JOIN::optimize (this=0x62b000062458) at /data/src/10.4/sql/sql_select.cc:1711

#11 0x00005612019550c1 in mysql_select (thd=0x62b00005b208, tables=0x62b00008e508, wild_num=0, fields=..., conds=0x629000249b28, og_num=1, order=0x62b00008f5c0, group=0x0, having=0x0, proc_param=0x0, select_options=2416184064, result=0x62b00008f670, unit=0x62b00008c2f8, select_lex=0x62b00008dea0) at /data/src/10.4/sql/sql_select.cc:4812

#12 0x0000561201925e17 in handle_select (thd=0x62b00005b208, lex=0x62b00008c238, result=0x62b00008f670, setup_tables_done_option=0) at /data/src/10.4/sql/sql_select.cc:442

#13 0x0000561201895339 in execute_sqlcom_select (thd=0x62b00005b208, all_tables=0x62b00008e508) at /data/src/10.4/sql/sql_parse.cc:6475

#14 0x000056120188284e in mysql_execute_command (thd=0x62b00005b208) at /data/src/10.4/sql/sql_parse.cc:3978

#15 0x00005612018f26fd in Prepared_statement::execute (this=0x619000087a88, expanded_query=0x7f750100db30, open_cursor=false) at /data/src/10.4/sql/sql_prepare.cc:5068

#16 0x00005612018edd3d in Prepared_statement::execute_loop (this=0x619000087a88, expanded_query=0x7f750100db30, open_cursor=false, packet=0x0, packet_end=0x0) at /data/src/10.4/sql/sql_prepare.cc:4515

#17 0x00005612018e7baf in mysql_sql_stmt_execute (thd=0x62b00005b208) at /data/src/10.4/sql/sql_prepare.cc:3587

#18 0x0000561201882893 in mysql_execute_command (thd=0x62b00005b208) at /data/src/10.4/sql/sql_parse.cc:3994

#19 0x000056120189e589 in mysql_parse (thd=0x62b00005b208, rawbuf=0x62b000062228 "EXECUTE stmt", length=12, parser_state=0x7f750100f860, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:8012

#20 0x0000561201874818 in dispatch_command (command=COM_QUERY, thd=0x62b00005b208, packet=0x629000230209 "EXECUTE stmt", packet_length=12, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1857

#21 0x0000561201871387 in do_command (thd=0x62b00005b208) at /data/src/10.4/sql/sql_parse.cc:1378

#22 0x0000561201c70dd2 in do_handle_one_connection (connect=0x6080000009a8) at /data/src/10.4/sql/sql_connect.cc:1420

#23 0x0000561201c706e9 in handle_one_connection (arg=0x6080000009a8) at /data/src/10.4/sql/sql_connect.cc:1324

#24 0x00005612028e20ee in pfs_spawn_thread (arg=0x615000003508) at /data/src/10.4/storage/perfschema/pfs.cc:1869

#25 0x00007f7508dc8fd4 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442

#26 0x00007f7508e495bc in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81