[#MDEV-21560] Assertion `grant_table || grant_table_role' failed in check_grant_all

CREATE DATABASE db;

CREATE TABLE db.t1 (a INT);

INSERT INTO db.t1 VALUES (1);

CREATE USER foo;

GRANT DELETE ON db.* TO foo;

--connect (con1,localhost,foo,,)

--error ER_COLUMNACCESS_DENIED_ERROR

DELETE FROM db.t1 RETURNING *;

# Cleanup

--disconnect con1

--connection default

DROP DATABASE db;

DROP USER foo;

10.1 982294ac
mysqld: /data/src/10.1/sql/sql_acl.cc:7308: bool check_grant_all_columns(THD, ulong, Field_iterator_table_ref): Assertion `grant_table \|\| grant_table_role' failed.
200123 21:28:36 [ERROR] mysqld got signal 6 ;

#7 0x00007f16326fcf12 in __GI___assert_fail (assertion=0x558d9fb23ff8 "grant_table \|\| grant_table_role", file=0x558d9fb22df8 "/data/src/10.1/sql/sql_acl.cc", line=7308, function=0x558d9fb26060 <check_grant_all_columns(THD, unsigned long, Field_iterator_table_ref)::__PRETTY_FUNCTION__> "bool check_grant_all_columns(THD, ulong, Field_iterator_table_ref)") at assert.c:101
#8 0x0000558d9f11edf9 in check_grant_all_columns (thd=0x7f162b7d1070, want_access_arg=1, fields=0x7f16342dc950) at /data/src/10.1/sql/sql_acl.cc:7308
#9 0x0000558d9f142e55 in insert_fields (thd=0x7f162b7d1070, context=0x7f162b7d5310, db_name=0x0, table_name=0x0, it=0x7f16342dcd40, any_privileges=false) at /data/src/10.1/sql/sql_base.cc:8472
#10 0x0000558d9f141950 in setup_wild (thd=0x7f162b7d1070, tables=0x7f1629c22178, fields=..., sum_func_list=0x0, wild_num=1) at /data/src/10.1/sql/sql_base.cc:7940
#11 0x0000558d9f5409f1 in mysql_prepare_delete (thd=0x7f162b7d1070, table_list=0x7f1629c22178, wild_num=1, field_list=..., conds=0x7f16342dce98) at /data/src/10.1/sql/sql_delete.cc:768
#12 0x0000558d9f53ee58 in mysql_delete (thd=0x7f162b7d1070, table_list=0x7f1629c22178, conds=0x0, order_list=0x7f162b7d5528, limit=18446744073709551615, options=0, result=0x7f1629c22878) at /data/src/10.1/sql/sql_delete.cc:273
#13 0x0000558d9f1a1fa0 in mysql_execute_command (thd=0x7f162b7d1070) at /data/src/10.1/sql/sql_parse.cc:3870
#14 0x0000558d9f1ac561 in mysql_parse (thd=0x7f162b7d1070, rawbuf=0x7f1629c22088 "DELETE FROM db.t1 RETURNING *", length=29, parser_state=0x7f16342de1e0) at /data/src/10.1/sql/sql_parse.cc:7209
#15 0x0000558d9f19b73b in dispatch_command (command=COM_QUERY, thd=0x7f162b7d1070, packet=0x7f162b7d7071 "DELETE FROM db.t1 RETURNING *", packet_length=29) at /data/src/10.1/sql/sql_parse.cc:1499
#16 0x0000558d9f19a4f9 in do_command (thd=0x7f162b7d1070) at /data/src/10.1/sql/sql_parse.cc:1131
#17 0x0000558d9f2d78e3 in do_handle_one_connection (thd_arg=0x7f162b7d1070) at /data/src/10.1/sql/sql_connect.cc:1331
#18 0x0000558d9f2d7614 in handle_one_connection (arg=0x7f162b7d1070) at /data/src/10.1/sql/sql_connect.cc:1242
#19 0x0000558d9f6fd344 in pfs_spawn_thread (arg=0x7f1631c3a170) at /data/src/10.1/storage/perfschema/pfs.cc:1868
#20 0x00007f1633fab4a4 in start_thread (arg=0x7f16342df700) at pthread_create.c:456
#21 0x00007f16327b9d0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97

Reproducible on 10.1-10.5.
10.5 has the same effect with INSERT .. RETURNING.
No obvious problem on a non-debug build.

[MDEV-21560] Assertion `grant_table \|\| grant_table_role' failed in check_grant_all_columns Created: 2020-01-23 Updated: 2020-06-13 Resolved: 2020-06-13
Status:	Closed
Project:	MariaDB Server
Component/s:	Authentication and Privilege System, Debug
Affects Version/s:	10.1, 10.2, 10.3, 10.4
Fix Version/s:	10.5.4, 10.4.14

[MDEV-21560] Assertion `grant_table || grant_table_role' failed in check_grant_all_columns Created: 2020-01-23 Updated: 2020-06-13 Resolved: 2020-06-13