Server crashes in setup_returning_fields upon 2nd execution of multi-table-styled DELETE from a view

CREATE TABLE t (a INT);

CREATE VIEW v AS SELECT * FROM t;

PREPARE stmt FROM " DELETE v FROM v";

EXECUTE stmt;

EXECUTE stmt;

DROP VIEW v;

DROP TABLE t;

#4  <signal handler called>

#5  operator| (b=SELECT_ACL, a=<error reading variable: Cannot access memory at address 0x360>) at /data/bld/11.4-asan-ubsan/sql/privilege.h:211

#6  operator|= (b=SELECT_ACL, a=<error reading variable: Cannot access memory at address 0x360>) at /data/bld/11.4-asan-ubsan/sql/privilege.h:229

#7  setup_returning_fields (thd=thd@entry=0x62c0000b0218, table_list=table_list@entry=0x62d00026ead0) at /data/bld/11.4-asan-ubsan/sql/sql_base.cc:8331

#8  0x00005555978dc1ca in Sql_cmd_delete::prepare_inner (this=0x62d00026e9f8, thd=0x62c0000b0218) at /data/bld/11.4-asan-ubsan/sql/sql_delete.cc:1851

#9  0x0000555597ca642f in Sql_cmd_dml::prepare (this=0x62d00026e9f8, thd=0x62c0000b0218) at /data/bld/11.4-asan-ubsan/sql/sql_select.cc:34498

#10 0x0000555597cafd64 in Sql_cmd_dml::execute (this=0x62d00026e9f8, thd=0x62c0000b0218) at /data/bld/11.4-asan-ubsan/sql/sql_select.cc:34552

#11 0x0000555597b20ba8 in mysql_execute_command (thd=0x62c0000b0218, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=true) at /data/bld/11.4-asan-ubsan/sql/sql_parse.cc:4436

#12 0x0000555597c30cd7 in Prepared_statement::execute (this=this@entry=0x61900005a098, expanded_query=expanded_query@entry=0x7f25b7f48700, open_cursor=open_cursor@entry=false) at /data/bld/11.4-asan-ubsan/sql/sql_prepare.cc:5097

#13 0x0000555597c359f1 in Prepared_statement::execute_loop (this=this@entry=0x61900005a098, expanded_query=expanded_query@entry=0x7f25b7f48700, open_cursor=open_cursor@entry=false, packet=packet@entry=0x0, packet_end=packet_end@entry=0x0) at /data/bld/11.4-asan-ubsan/sql/sql_prepare.cc:4482

#14 0x0000555597c37158 in mysql_sql_stmt_execute (thd=thd@entry=0x62c0000b0218) at /data/bld/11.4-asan-ubsan/sql/sql_prepare.cc:3502

#15 0x0000555597b1c4eb in mysql_execute_command (thd=thd@entry=0x62c0000b0218, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /data/bld/11.4-asan-ubsan/sql/sql_parse.cc:4003

#16 0x0000555597b3b271 in mysql_parse (thd=thd@entry=0x62c0000b0218, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7f25b7f49ab0) at /data/bld/11.4-asan-ubsan/sql/sql_parse.cc:7945

#17 0x0000555597b44661 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x62c0000b0218, packet=packet@entry=0x629000253219 "EXECUTE stmt", packet_length=packet_length@entry=12, blocking=blocking@entry=true) at /data/bld/11.4-asan-ubsan/sql/sql_parse.cc:1923

#18 0x0000555597b5136a in do_command (thd=thd@entry=0x62c0000b0218, blocking=blocking@entry=true) at /data/bld/11.4-asan-ubsan/sql/sql_parse.cc:1433

#19 0x000055559837a02a in do_handle_one_connection (connect=<optimized out>, connect@entry=0x6080000039b8, put_in_cache=put_in_cache@entry=true) at /data/bld/11.4-asan-ubsan/sql/sql_connect.cc:1497

#20 0x000055559837b187 in handle_one_connection (arg=0x6080000039b8) at /data/bld/11.4-asan-ubsan/sql/sql_connect.cc:1409

#21 0x0000555599dcb2d9 in pfs_spawn_thread (arg=0x617000005b98) at /data/bld/11.4-asan-ubsan/storage/perfschema/pfs.cc:2201

#22 0x00007f25c32a81c4 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442

#23 0x00007f25c332885c in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

commit 678ff03ee7fca139454ce469aa448795f525cc00

Merge: 224efb91b4f 8fab1293827

Author: Marko Mäkelä

Date:   Fri Jan 2 11:53:09 2026 +0200

    Merge 10.11 into 11.4

commit ca63e2c6276e5ea121d456524446f4f22b5b7e56

Commit:     Rucha Deodhar

CommitDate: Tue Dec 23 18:55:46 2025 +0530

    MDEV-37950: INSERT ... RETURNING exposes columns for which the user lacks