1 /* 2 ** 2008 August 18 3 ** 4 ** The author disclaims copyright to this source code. In place of 5 ** a legal notice, here is a blessing: 6 ** 7 ** May you do good and not evil. 8 ** May you find forgiveness for yourself and forgive others. 9 ** May you share freely, never taking more than you give. 10 ** 11 ************************************************************************* 12 ** 13 ** This file contains routines used for walking the parser tree and 14 ** resolve all identifiers by associating them with a particular 15 ** table and column. 16 */ 17 #include "sqliteInt.h" 18 #include <stdlib.h> 19 #include <string.h> 20 21 /* 22 ** Walk the expression tree pExpr and increase the aggregate function 23 ** depth (the Expr.op2 field) by N on every TK_AGG_FUNCTION node. 24 ** This needs to occur when copying a TK_AGG_FUNCTION node from an 25 ** outer query into an inner subquery. 26 ** 27 ** incrAggFunctionDepth(pExpr,n) is the main routine. incrAggDepth(..) 28 ** is a helper function - a callback for the tree walker. 29 */ 30 static int incrAggDepth(Walker *pWalker, Expr *pExpr){ 31 if( pExpr->op==TK_AGG_FUNCTION ) pExpr->op2 += pWalker->u.i; 32 return WRC_Continue; 33 } 34 static void incrAggFunctionDepth(Expr *pExpr, int N){ 35 if( N>0 ){ 36 Walker w; 37 memset(&w, 0, sizeof(w)); 38 w.xExprCallback = incrAggDepth; 39 w.u.i = N; 40 sqlite3WalkExpr(&w, pExpr); 41 } 42 } 43 44 /* 45 ** Turn the pExpr expression into an alias for the iCol-th column of the 46 ** result set in pEList. 47 ** 48 ** If the result set column is a simple column reference, then this routine 49 ** makes an exact copy. But for any other kind of expression, this 50 ** routine make a copy of the result set column as the argument to the 51 ** TK_AS operator. The TK_AS operator causes the expression to be 52 ** evaluated just once and then reused for each alias. 53 ** 54 ** The reason for suppressing the TK_AS term when the expression is a simple 55 ** column reference is so that the column reference will be recognized as 56 ** usable by indices within the WHERE clause processing logic. 57 ** 58 ** The TK_AS operator is inhibited if zType[0]=='G'. This means 59 ** that in a GROUP BY clause, the expression is evaluated twice. Hence: 60 ** 61 ** SELECT random()%5 AS x, count(*) FROM tab GROUP BY x 62 ** 63 ** Is equivalent to: 64 ** 65 ** SELECT random()%5 AS x, count(*) FROM tab GROUP BY random()%5 66 ** 67 ** The result of random()%5 in the GROUP BY clause is probably different 68 ** from the result in the result-set. On the other hand Standard SQL does 69 ** not allow the GROUP BY clause to contain references to result-set columns. 70 ** So this should never come up in well-formed queries. 71 ** 72 ** If the reference is followed by a COLLATE operator, then make sure 73 ** the COLLATE operator is preserved. For example: 74 ** 75 ** SELECT a+b, c+d FROM t1 ORDER BY 1 COLLATE nocase; 76 ** 77 ** Should be transformed into: 78 ** 79 ** SELECT a+b, c+d FROM t1 ORDER BY (a+b) COLLATE nocase; 80 ** 81 ** The nSubquery parameter specifies how many levels of subquery the 82 ** alias is removed from the original expression. The usually value is 83 ** zero but it might be more if the alias is contained within a subquery 84 ** of the original expression. The Expr.op2 field of TK_AGG_FUNCTION 85 ** structures must be increased by the nSubquery amount. 86 */ 87 static void resolveAlias( 88 Parse *pParse, /* Parsing context */ 89 ExprList *pEList, /* A result set */ 90 int iCol, /* A column in the result set. 0..pEList->nExpr-1 */ 91 Expr *pExpr, /* Transform this into an alias to the result set */ 92 const char *zType, /* "GROUP" or "ORDER" or "" */ 93 int nSubquery /* Number of subqueries that the label is moving */ 94 ){ 95 Expr *pOrig; /* The iCol-th column of the result set */ 96 Expr *pDup; /* Copy of pOrig */ 97 sqlite3 *db; /* The database connection */ 98 99 assert( iCol>=0 && iCol<pEList->nExpr ); 100 pOrig = pEList->a[iCol].pExpr; 101 assert( pOrig!=0 ); 102 assert( pOrig->flags & EP_Resolved ); 103 db = pParse->db; 104 pDup = sqlite3ExprDup(db, pOrig, 0); 105 if( pDup==0 ) return; 106 if( pOrig->op!=TK_COLUMN && zType[0]!='G' ){ 107 incrAggFunctionDepth(pDup, nSubquery); 108 pDup = sqlite3PExpr(pParse, TK_AS, pDup, 0, 0); 109 if( pDup==0 ) return; 110 ExprSetProperty(pDup, EP_Skip); 111 if( pEList->a[iCol].u.x.iAlias==0 ){ 112 pEList->a[iCol].u.x.iAlias = (u16)(++pParse->nAlias); 113 } 114 pDup->iTable = pEList->a[iCol].u.x.iAlias; 115 } 116 if( pExpr->op==TK_COLLATE ){ 117 pDup = sqlite3ExprAddCollateString(pParse, pDup, pExpr->u.zToken); 118 } 119 120 /* Before calling sqlite3ExprDelete(), set the EP_Static flag. This 121 ** prevents ExprDelete() from deleting the Expr structure itself, 122 ** allowing it to be repopulated by the memcpy() on the following line. 123 ** The pExpr->u.zToken might point into memory that will be freed by the 124 ** sqlite3DbFree(db, pDup) on the last line of this block, so be sure to 125 ** make a copy of the token before doing the sqlite3DbFree(). 126 */ 127 ExprSetProperty(pExpr, EP_Static); 128 sqlite3ExprDelete(db, pExpr); 129 memcpy(pExpr, pDup, sizeof(*pExpr)); 130 if( !ExprHasProperty(pExpr, EP_IntValue) && pExpr->u.zToken!=0 ){ 131 assert( (pExpr->flags & (EP_Reduced|EP_TokenOnly))==0 ); 132 pExpr->u.zToken = sqlite3DbStrDup(db, pExpr->u.zToken); 133 pExpr->flags |= EP_MemToken; 134 } 135 sqlite3DbFree(db, pDup); 136 } 137 138 139 /* 140 ** Return TRUE if the name zCol occurs anywhere in the USING clause. 141 ** 142 ** Return FALSE if the USING clause is NULL or if it does not contain 143 ** zCol. 144 */ 145 static int nameInUsingClause(IdList *pUsing, const char *zCol){ 146 if( pUsing ){ 147 int k; 148 for(k=0; k<pUsing->nId; k++){ 149 if( sqlite3StrICmp(pUsing->a[k].zName, zCol)==0 ) return 1; 150 } 151 } 152 return 0; 153 } 154 155 /* 156 ** Subqueries stores the original database, table and column names for their 157 ** result sets in ExprList.a[].zSpan, in the form "DATABASE.TABLE.COLUMN". 158 ** Check to see if the zSpan given to this routine matches the zDb, zTab, 159 ** and zCol. If any of zDb, zTab, and zCol are NULL then those fields will 160 ** match anything. 161 */ 162 int sqlite3MatchSpanName( 163 const char *zSpan, 164 const char *zCol, 165 const char *zTab, 166 const char *zDb 167 ){ 168 int n; 169 for(n=0; ALWAYS(zSpan[n]) && zSpan[n]!='.'; n++){} 170 if( zDb && (sqlite3StrNICmp(zSpan, zDb, n)!=0 || zDb[n]!=0) ){ 171 return 0; 172 } 173 zSpan += n+1; 174 for(n=0; ALWAYS(zSpan[n]) && zSpan[n]!='.'; n++){} 175 if( zTab && (sqlite3StrNICmp(zSpan, zTab, n)!=0 || zTab[n]!=0) ){ 176 return 0; 177 } 178 zSpan += n+1; 179 if( zCol && sqlite3StrICmp(zSpan, zCol)!=0 ){ 180 return 0; 181 } 182 return 1; 183 } 184 185 /* 186 ** Given the name of a column of the form X.Y.Z or Y.Z or just Z, look up 187 ** that name in the set of source tables in pSrcList and make the pExpr 188 ** expression node refer back to that source column. The following changes 189 ** are made to pExpr: 190 ** 191 ** pExpr->iDb Set the index in db->aDb[] of the database X 192 ** (even if X is implied). 193 ** pExpr->iTable Set to the cursor number for the table obtained 194 ** from pSrcList. 195 ** pExpr->pTab Points to the Table structure of X.Y (even if 196 ** X and/or Y are implied.) 197 ** pExpr->iColumn Set to the column number within the table. 198 ** pExpr->op Set to TK_COLUMN. 199 ** pExpr->pLeft Any expression this points to is deleted 200 ** pExpr->pRight Any expression this points to is deleted. 201 ** 202 ** The zDb variable is the name of the database (the "X"). This value may be 203 ** NULL meaning that name is of the form Y.Z or Z. Any available database 204 ** can be used. The zTable variable is the name of the table (the "Y"). This 205 ** value can be NULL if zDb is also NULL. If zTable is NULL it 206 ** means that the form of the name is Z and that columns from any table 207 ** can be used. 208 ** 209 ** If the name cannot be resolved unambiguously, leave an error message 210 ** in pParse and return WRC_Abort. Return WRC_Prune on success. 211 */ 212 static int lookupName( 213 Parse *pParse, /* The parsing context */ 214 const char *zDb, /* Name of the database containing table, or NULL */ 215 const char *zTab, /* Name of table containing column, or NULL */ 216 const char *zCol, /* Name of the column. */ 217 NameContext *pNC, /* The name context used to resolve the name */ 218 Expr *pExpr /* Make this EXPR node point to the selected column */ 219 ){ 220 int i, j; /* Loop counters */ 221 int cnt = 0; /* Number of matching column names */ 222 int cntTab = 0; /* Number of matching table names */ 223 int nSubquery = 0; /* How many levels of subquery */ 224 sqlite3 *db = pParse->db; /* The database connection */ 225 struct SrcList_item *pItem; /* Use for looping over pSrcList items */ 226 struct SrcList_item *pMatch = 0; /* The matching pSrcList item */ 227 NameContext *pTopNC = pNC; /* First namecontext in the list */ 228 Schema *pSchema = 0; /* Schema of the expression */ 229 int isTrigger = 0; /* True if resolved to a trigger column */ 230 Table *pTab = 0; /* Table hold the row */ 231 Column *pCol; /* A column of pTab */ 232 233 assert( pNC ); /* the name context cannot be NULL. */ 234 assert( zCol ); /* The Z in X.Y.Z cannot be NULL */ 235 assert( !ExprHasProperty(pExpr, EP_TokenOnly|EP_Reduced) ); 236 237 /* Initialize the node to no-match */ 238 pExpr->iTable = -1; 239 pExpr->pTab = 0; 240 ExprSetVVAProperty(pExpr, EP_NoReduce); 241 242 /* Translate the schema name in zDb into a pointer to the corresponding 243 ** schema. If not found, pSchema will remain NULL and nothing will match 244 ** resulting in an appropriate error message toward the end of this routine 245 */ 246 if( zDb ){ 247 testcase( pNC->ncFlags & NC_PartIdx ); 248 testcase( pNC->ncFlags & NC_IsCheck ); 249 if( (pNC->ncFlags & (NC_PartIdx|NC_IsCheck))!=0 ){ 250 /* Silently ignore database qualifiers inside CHECK constraints and partial 251 ** indices. Do not raise errors because that might break legacy and 252 ** because it does not hurt anything to just ignore the database name. */ 253 zDb = 0; 254 }else{ 255 for(i=0; i<db->nDb; i++){ 256 assert( db->aDb[i].zName ); 257 if( sqlite3StrICmp(db->aDb[i].zName,zDb)==0 ){ 258 pSchema = db->aDb[i].pSchema; 259 break; 260 } 261 } 262 } 263 } 264 265 /* Start at the inner-most context and move outward until a match is found */ 266 while( pNC && cnt==0 ){ 267 ExprList *pEList; 268 SrcList *pSrcList = pNC->pSrcList; 269 270 if( pSrcList ){ 271 for(i=0, pItem=pSrcList->a; i<pSrcList->nSrc; i++, pItem++){ 272 pTab = pItem->pTab; 273 assert( pTab!=0 && pTab->zName!=0 ); 274 assert( pTab->nCol>0 ); 275 if( pItem->pSelect && (pItem->pSelect->selFlags & SF_NestedFrom)!=0 ){ 276 int hit = 0; 277 pEList = pItem->pSelect->pEList; 278 for(j=0; j<pEList->nExpr; j++){ 279 if( sqlite3MatchSpanName(pEList->a[j].zSpan, zCol, zTab, zDb) ){ 280 cnt++; 281 cntTab = 2; 282 pMatch = pItem; 283 pExpr->iColumn = j; 284 hit = 1; 285 } 286 } 287 if( hit || zTab==0 ) continue; 288 } 289 if( zDb && pTab->pSchema!=pSchema ){ 290 continue; 291 } 292 if( zTab ){ 293 const char *zTabName = pItem->zAlias ? pItem->zAlias : pTab->zName; 294 assert( zTabName!=0 ); 295 if( sqlite3StrICmp(zTabName, zTab)!=0 ){ 296 continue; 297 } 298 } 299 if( 0==(cntTab++) ){ 300 pMatch = pItem; 301 } 302 for(j=0, pCol=pTab->aCol; j<pTab->nCol; j++, pCol++){ 303 if( sqlite3StrICmp(pCol->zName, zCol)==0 ){ 304 /* If there has been exactly one prior match and this match 305 ** is for the right-hand table of a NATURAL JOIN or is in a 306 ** USING clause, then skip this match. 307 */ 308 if( cnt==1 ){ 309 if( pItem->jointype & JT_NATURAL ) continue; 310 if( nameInUsingClause(pItem->pUsing, zCol) ) continue; 311 } 312 cnt++; 313 pMatch = pItem; 314 /* Substitute the rowid (column -1) for the INTEGER PRIMARY KEY */ 315 pExpr->iColumn = j==pTab->iPKey ? -1 : (i16)j; 316 break; 317 } 318 } 319 } 320 if( pMatch ){ 321 pExpr->iTable = pMatch->iCursor; 322 pExpr->pTab = pMatch->pTab; 323 pSchema = pExpr->pTab->pSchema; 324 } 325 } /* if( pSrcList ) */ 326 327 #ifndef SQLITE_OMIT_TRIGGER 328 /* If we have not already resolved the name, then maybe 329 ** it is a new.* or old.* trigger argument reference 330 */ 331 if( zDb==0 && zTab!=0 && cntTab==0 && pParse->pTriggerTab!=0 ){ 332 int op = pParse->eTriggerOp; 333 assert( op==TK_DELETE || op==TK_UPDATE || op==TK_INSERT ); 334 if( op!=TK_DELETE && sqlite3StrICmp("new",zTab) == 0 ){ 335 pExpr->iTable = 1; 336 pTab = pParse->pTriggerTab; 337 }else if( op!=TK_INSERT && sqlite3StrICmp("old",zTab)==0 ){ 338 pExpr->iTable = 0; 339 pTab = pParse->pTriggerTab; 340 }else{ 341 pTab = 0; 342 } 343 344 if( pTab ){ 345 int iCol; 346 pSchema = pTab->pSchema; 347 cntTab++; 348 for(iCol=0, pCol=pTab->aCol; iCol<pTab->nCol; iCol++, pCol++){ 349 if( sqlite3StrICmp(pCol->zName, zCol)==0 ){ 350 if( iCol==pTab->iPKey ){ 351 iCol = -1; 352 } 353 break; 354 } 355 } 356 if( iCol>=pTab->nCol && sqlite3IsRowid(zCol) && HasRowid(pTab) ){ 357 /* IMP: R-24309-18625 */ 358 /* IMP: R-44911-55124 */ 359 iCol = -1; 360 } 361 if( iCol<pTab->nCol ){ 362 cnt++; 363 if( iCol<0 ){ 364 pExpr->affinity = SQLITE_AFF_INTEGER; 365 }else if( pExpr->iTable==0 ){ 366 testcase( iCol==31 ); 367 testcase( iCol==32 ); 368 pParse->oldmask |= (iCol>=32 ? 0xffffffff : (((u32)1)<<iCol)); 369 }else{ 370 testcase( iCol==31 ); 371 testcase( iCol==32 ); 372 pParse->newmask |= (iCol>=32 ? 0xffffffff : (((u32)1)<<iCol)); 373 } 374 pExpr->iColumn = (i16)iCol; 375 pExpr->pTab = pTab; 376 isTrigger = 1; 377 } 378 } 379 } 380 #endif /* !defined(SQLITE_OMIT_TRIGGER) */ 381 382 /* 383 ** Perhaps the name is a reference to the ROWID 384 */ 385 if( cnt==0 && cntTab==1 && pMatch && sqlite3IsRowid(zCol) 386 && HasRowid(pMatch->pTab) ){ 387 cnt = 1; 388 pExpr->iColumn = -1; /* IMP: R-44911-55124 */ 389 pExpr->affinity = SQLITE_AFF_INTEGER; 390 } 391 392 /* 393 ** If the input is of the form Z (not Y.Z or X.Y.Z) then the name Z 394 ** might refer to an result-set alias. This happens, for example, when 395 ** we are resolving names in the WHERE clause of the following command: 396 ** 397 ** SELECT a+b AS x FROM table WHERE x<10; 398 ** 399 ** In cases like this, replace pExpr with a copy of the expression that 400 ** forms the result set entry ("a+b" in the example) and return immediately. 401 ** Note that the expression in the result set should have already been 402 ** resolved by the time the WHERE clause is resolved. 403 ** 404 ** The ability to use an output result-set column in the WHERE, GROUP BY, 405 ** or HAVING clauses, or as part of a larger expression in the ORDRE BY 406 ** clause is not standard SQL. This is a (goofy) SQLite extension, that 407 ** is supported for backwards compatibility only. TO DO: Issue a warning 408 ** on sqlite3_log() whenever the capability is used. 409 */ 410 if( (pEList = pNC->pEList)!=0 411 && zTab==0 412 && cnt==0 413 ){ 414 for(j=0; j<pEList->nExpr; j++){ 415 char *zAs = pEList->a[j].zName; 416 if( zAs!=0 && sqlite3StrICmp(zAs, zCol)==0 ){ 417 Expr *pOrig; 418 assert( pExpr->pLeft==0 && pExpr->pRight==0 ); 419 assert( pExpr->x.pList==0 ); 420 assert( pExpr->x.pSelect==0 ); 421 pOrig = pEList->a[j].pExpr; 422 if( (pNC->ncFlags&NC_AllowAgg)==0 && ExprHasProperty(pOrig, EP_Agg) ){ 423 sqlite3ErrorMsg(pParse, "misuse of aliased aggregate %s", zAs); 424 return WRC_Abort; 425 } 426 resolveAlias(pParse, pEList, j, pExpr, "", nSubquery); 427 cnt = 1; 428 pMatch = 0; 429 assert( zTab==0 && zDb==0 ); 430 goto lookupname_end; 431 } 432 } 433 } 434 435 /* Advance to the next name context. The loop will exit when either 436 ** we have a match (cnt>0) or when we run out of name contexts. 437 */ 438 if( cnt==0 ){ 439 pNC = pNC->pNext; 440 nSubquery++; 441 } 442 } 443 444 /* 445 ** If X and Y are NULL (in other words if only the column name Z is 446 ** supplied) and the value of Z is enclosed in double-quotes, then 447 ** Z is a string literal if it doesn't match any column names. In that 448 ** case, we need to return right away and not make any changes to 449 ** pExpr. 450 ** 451 ** Because no reference was made to outer contexts, the pNC->nRef 452 ** fields are not changed in any context. 453 */ 454 if( cnt==0 && zTab==0 && ExprHasProperty(pExpr,EP_DblQuoted) ){ 455 pExpr->op = TK_STRING; 456 pExpr->pTab = 0; 457 return WRC_Prune; 458 } 459 460 /* 461 ** cnt==0 means there was not match. cnt>1 means there were two or 462 ** more matches. Either way, we have an error. 463 */ 464 if( cnt!=1 ){ 465 const char *zErr; 466 zErr = cnt==0 ? "no such column" : "ambiguous column name"; 467 if( zDb ){ 468 sqlite3ErrorMsg(pParse, "%s: %s.%s.%s", zErr, zDb, zTab, zCol); 469 }else if( zTab ){ 470 sqlite3ErrorMsg(pParse, "%s: %s.%s", zErr, zTab, zCol); 471 }else{ 472 sqlite3ErrorMsg(pParse, "%s: %s", zErr, zCol); 473 } 474 pParse->checkSchema = 1; 475 pTopNC->nErr++; 476 } 477 478 /* If a column from a table in pSrcList is referenced, then record 479 ** this fact in the pSrcList.a[].colUsed bitmask. Column 0 causes 480 ** bit 0 to be set. Column 1 sets bit 1. And so forth. If the 481 ** column number is greater than the number of bits in the bitmask 482 ** then set the high-order bit of the bitmask. 483 */ 484 if( pExpr->iColumn>=0 && pMatch!=0 ){ 485 int n = pExpr->iColumn; 486 testcase( n==BMS-1 ); 487 if( n>=BMS ){ 488 n = BMS-1; 489 } 490 assert( pMatch->iCursor==pExpr->iTable ); 491 pMatch->colUsed |= ((Bitmask)1)<<n; 492 } 493 494 /* Clean up and return 495 */ 496 sqlite3ExprDelete(db, pExpr->pLeft); 497 pExpr->pLeft = 0; 498 sqlite3ExprDelete(db, pExpr->pRight); 499 pExpr->pRight = 0; 500 pExpr->op = (isTrigger ? TK_TRIGGER : TK_COLUMN); 501 lookupname_end: 502 if( cnt==1 ){ 503 assert( pNC!=0 ); 504 if( pExpr->op!=TK_AS ){ 505 sqlite3AuthRead(pParse, pExpr, pSchema, pNC->pSrcList); 506 } 507 /* Increment the nRef value on all name contexts from TopNC up to 508 ** the point where the name matched. */ 509 for(;;){ 510 assert( pTopNC!=0 ); 511 pTopNC->nRef++; 512 if( pTopNC==pNC ) break; 513 pTopNC = pTopNC->pNext; 514 } 515 return WRC_Prune; 516 } else { 517 return WRC_Abort; 518 } 519 } 520 521 /* 522 ** Allocate and return a pointer to an expression to load the column iCol 523 ** from datasource iSrc in SrcList pSrc. 524 */ 525 Expr *sqlite3CreateColumnExpr(sqlite3 *db, SrcList *pSrc, int iSrc, int iCol){ 526 Expr *p = sqlite3ExprAlloc(db, TK_COLUMN, 0, 0); 527 if( p ){ 528 struct SrcList_item *pItem = &pSrc->a[iSrc]; 529 p->pTab = pItem->pTab; 530 p->iTable = pItem->iCursor; 531 if( p->pTab->iPKey==iCol ){ 532 p->iColumn = -1; 533 }else{ 534 p->iColumn = (ynVar)iCol; 535 testcase( iCol==BMS ); 536 testcase( iCol==BMS-1 ); 537 pItem->colUsed |= ((Bitmask)1)<<(iCol>=BMS ? BMS-1 : iCol); 538 } 539 ExprSetProperty(p, EP_Resolved); 540 } 541 return p; 542 } 543 544 /* 545 ** Report an error that an expression is not valid for a partial index WHERE 546 ** clause. 547 */ 548 static void notValidPartIdxWhere( 549 Parse *pParse, /* Leave error message here */ 550 NameContext *pNC, /* The name context */ 551 const char *zMsg /* Type of error */ 552 ){ 553 if( (pNC->ncFlags & NC_PartIdx)!=0 ){ 554 sqlite3ErrorMsg(pParse, "%s prohibited in partial index WHERE clauses", 555 zMsg); 556 } 557 } 558 559 #ifndef SQLITE_OMIT_CHECK 560 /* 561 ** Report an error that an expression is not valid for a CHECK constraint. 562 */ 563 static void notValidCheckConstraint( 564 Parse *pParse, /* Leave error message here */ 565 NameContext *pNC, /* The name context */ 566 const char *zMsg /* Type of error */ 567 ){ 568 if( (pNC->ncFlags & NC_IsCheck)!=0 ){ 569 sqlite3ErrorMsg(pParse,"%s prohibited in CHECK constraints", zMsg); 570 } 571 } 572 #else 573 # define notValidCheckConstraint(P,N,M) 574 #endif 575 576 /* 577 ** Expression p should encode a floating point value between 1.0 and 0.0. 578 ** Return 1024 times this value. Or return -1 if p is not a floating point 579 ** value between 1.0 and 0.0. 580 */ 581 static int exprProbability(Expr *p){ 582 double r = -1.0; 583 if( p->op!=TK_FLOAT ) return -1; 584 sqlite3AtoF(p->u.zToken, &r, sqlite3Strlen30(p->u.zToken), SQLITE_UTF8); 585 assert( r>=0.0 ); 586 if( r>1.0 ) return -1; 587 return (int)(r*1000.0); 588 } 589 590 /* 591 ** This routine is callback for sqlite3WalkExpr(). 592 ** 593 ** Resolve symbolic names into TK_COLUMN operators for the current 594 ** node in the expression tree. Return 0 to continue the search down 595 ** the tree or 2 to abort the tree walk. 596 ** 597 ** This routine also does error checking and name resolution for 598 ** function names. The operator for aggregate functions is changed 599 ** to TK_AGG_FUNCTION. 600 */ 601 static int resolveExprStep(Walker *pWalker, Expr *pExpr){ 602 NameContext *pNC; 603 Parse *pParse; 604 605 pNC = pWalker->u.pNC; 606 assert( pNC!=0 ); 607 pParse = pNC->pParse; 608 assert( pParse==pWalker->pParse ); 609 610 if( ExprHasProperty(pExpr, EP_Resolved) ) return WRC_Prune; 611 ExprSetProperty(pExpr, EP_Resolved); 612 #ifndef NDEBUG 613 if( pNC->pSrcList && pNC->pSrcList->nAlloc>0 ){ 614 SrcList *pSrcList = pNC->pSrcList; 615 int i; 616 for(i=0; i<pNC->pSrcList->nSrc; i++){ 617 assert( pSrcList->a[i].iCursor>=0 && pSrcList->a[i].iCursor<pParse->nTab); 618 } 619 } 620 #endif 621 switch( pExpr->op ){ 622 623 #if defined(SQLITE_ENABLE_UPDATE_DELETE_LIMIT) && !defined(SQLITE_OMIT_SUBQUERY) 624 /* The special operator TK_ROW means use the rowid for the first 625 ** column in the FROM clause. This is used by the LIMIT and ORDER BY 626 ** clause processing on UPDATE and DELETE statements. 627 */ 628 case TK_ROW: { 629 SrcList *pSrcList = pNC->pSrcList; 630 struct SrcList_item *pItem; 631 assert( pSrcList && pSrcList->nSrc==1 ); 632 pItem = pSrcList->a; 633 pExpr->op = TK_COLUMN; 634 pExpr->pTab = pItem->pTab; 635 pExpr->iTable = pItem->iCursor; 636 pExpr->iColumn = -1; 637 pExpr->affinity = SQLITE_AFF_INTEGER; 638 break; 639 } 640 #endif /* defined(SQLITE_ENABLE_UPDATE_DELETE_LIMIT) && !defined(SQLITE_OMIT_SUBQUERY) */ 641 642 /* A lone identifier is the name of a column. 643 */ 644 case TK_ID: { 645 return lookupName(pParse, 0, 0, pExpr->u.zToken, pNC, pExpr); 646 } 647 648 /* A table name and column name: ID.ID 649 ** Or a database, table and column: ID.ID.ID 650 */ 651 case TK_DOT: { 652 const char *zColumn; 653 const char *zTable; 654 const char *zDb; 655 Expr *pRight; 656 657 /* if( pSrcList==0 ) break; */ 658 pRight = pExpr->pRight; 659 if( pRight->op==TK_ID ){ 660 zDb = 0; 661 zTable = pExpr->pLeft->u.zToken; 662 zColumn = pRight->u.zToken; 663 }else{ 664 assert( pRight->op==TK_DOT ); 665 zDb = pExpr->pLeft->u.zToken; 666 zTable = pRight->pLeft->u.zToken; 667 zColumn = pRight->pRight->u.zToken; 668 } 669 return lookupName(pParse, zDb, zTable, zColumn, pNC, pExpr); 670 } 671 672 /* Resolve function names 673 */ 674 case TK_FUNCTION: { 675 ExprList *pList = pExpr->x.pList; /* The argument list */ 676 int n = pList ? pList->nExpr : 0; /* Number of arguments */ 677 int no_such_func = 0; /* True if no such function exists */ 678 int wrong_num_args = 0; /* True if wrong number of arguments */ 679 int is_agg = 0; /* True if is an aggregate function */ 680 int auth; /* Authorization to use the function */ 681 int nId; /* Number of characters in function name */ 682 const char *zId; /* The function name. */ 683 FuncDef *pDef; /* Information about the function */ 684 u8 enc = ENC(pParse->db); /* The database encoding */ 685 686 assert( !ExprHasProperty(pExpr, EP_xIsSelect) ); 687 notValidPartIdxWhere(pParse, pNC, "functions"); 688 zId = pExpr->u.zToken; 689 nId = sqlite3Strlen30(zId); 690 pDef = sqlite3FindFunction(pParse->db, zId, nId, n, enc, 0); 691 if( pDef==0 ){ 692 pDef = sqlite3FindFunction(pParse->db, zId, nId, -2, enc, 0); 693 if( pDef==0 ){ 694 no_such_func = 1; 695 }else{ 696 wrong_num_args = 1; 697 } 698 }else{ 699 is_agg = pDef->xFunc==0; 700 if( pDef->funcFlags & SQLITE_FUNC_UNLIKELY ){ 701 ExprSetProperty(pExpr, EP_Unlikely|EP_Skip); 702 if( n==2 ){ 703 pExpr->iTable = exprProbability(pList->a[1].pExpr); 704 if( pExpr->iTable<0 ){ 705 sqlite3ErrorMsg(pParse, "second argument to likelihood() must be a " 706 "constant between 0.0 and 1.0"); 707 pNC->nErr++; 708 } 709 }else{ 710 /* EVIDENCE-OF: R-61304-29449 The unlikely(X) function is equivalent to 711 ** likelihood(X, 0.0625). 712 ** EVIDENCE-OF: R-01283-11636 The unlikely(X) function is short-hand for 713 ** likelihood(X,0.0625). */ 714 /* TUNING: unlikely() probability is 0.0625. likely() is 0.9375 */ 715 pExpr->iTable = pDef->zName[0]=='u' ? 62 : 938; 716 } 717 } 718 } 719 #ifndef SQLITE_OMIT_AUTHORIZATION 720 if( pDef ){ 721 auth = sqlite3AuthCheck(pParse, SQLITE_FUNCTION, 0, pDef->zName, 0); 722 if( auth!=SQLITE_OK ){ 723 if( auth==SQLITE_DENY ){ 724 sqlite3ErrorMsg(pParse, "not authorized to use function: %s", 725 pDef->zName); 726 pNC->nErr++; 727 } 728 pExpr->op = TK_NULL; 729 return WRC_Prune; 730 } 731 if( pDef->funcFlags & SQLITE_FUNC_CONSTANT ) ExprSetProperty(pExpr,EP_Constant); 732 } 733 #endif 734 if( is_agg && (pNC->ncFlags & NC_AllowAgg)==0 ){ 735 sqlite3ErrorMsg(pParse, "misuse of aggregate function %.*s()", nId,zId); 736 pNC->nErr++; 737 is_agg = 0; 738 }else if( no_such_func && pParse->db->init.busy==0 ){ 739 sqlite3ErrorMsg(pParse, "no such function: %.*s", nId, zId); 740 pNC->nErr++; 741 }else if( wrong_num_args ){ 742 sqlite3ErrorMsg(pParse,"wrong number of arguments to function %.*s()", 743 nId, zId); 744 pNC->nErr++; 745 } 746 if( is_agg ) pNC->ncFlags &= ~NC_AllowAgg; 747 sqlite3WalkExprList(pWalker, pList); 748 if( is_agg ){ 749 NameContext *pNC2 = pNC; 750 pExpr->op = TK_AGG_FUNCTION; 751 pExpr->op2 = 0; 752 while( pNC2 && !sqlite3FunctionUsesThisSrc(pExpr, pNC2->pSrcList) ){ 753 pExpr->op2++; 754 pNC2 = pNC2->pNext; 755 } 756 if( pNC2 ) pNC2->ncFlags |= NC_HasAgg; 757 pNC->ncFlags |= NC_AllowAgg; 758 } 759 /* FIX ME: Compute pExpr->affinity based on the expected return 760 ** type of the function 761 */ 762 return WRC_Prune; 763 } 764 #ifndef SQLITE_OMIT_SUBQUERY 765 case TK_SELECT: 766 case TK_EXISTS: testcase( pExpr->op==TK_EXISTS ); 767 #endif 768 case TK_IN: { 769 testcase( pExpr->op==TK_IN ); 770 if( ExprHasProperty(pExpr, EP_xIsSelect) ){ 771 int nRef = pNC->nRef; 772 notValidCheckConstraint(pParse, pNC, "subqueries"); 773 notValidPartIdxWhere(pParse, pNC, "subqueries"); 774 sqlite3WalkSelect(pWalker, pExpr->x.pSelect); 775 assert( pNC->nRef>=nRef ); 776 if( nRef!=pNC->nRef ){ 777 ExprSetProperty(pExpr, EP_VarSelect); 778 } 779 } 780 break; 781 } 782 case TK_VARIABLE: { 783 notValidCheckConstraint(pParse, pNC, "parameters"); 784 notValidPartIdxWhere(pParse, pNC, "parameters"); 785 break; 786 } 787 } 788 return (pParse->nErr || pParse->db->mallocFailed) ? WRC_Abort : WRC_Continue; 789 } 790 791 /* 792 ** pEList is a list of expressions which are really the result set of the 793 ** a SELECT statement. pE is a term in an ORDER BY or GROUP BY clause. 794 ** This routine checks to see if pE is a simple identifier which corresponds 795 ** to the AS-name of one of the terms of the expression list. If it is, 796 ** this routine return an integer between 1 and N where N is the number of 797 ** elements in pEList, corresponding to the matching entry. If there is 798 ** no match, or if pE is not a simple identifier, then this routine 799 ** return 0. 800 ** 801 ** pEList has been resolved. pE has not. 802 */ 803 static int resolveAsName( 804 Parse *pParse, /* Parsing context for error messages */ 805 ExprList *pEList, /* List of expressions to scan */ 806 Expr *pE /* Expression we are trying to match */ 807 ){ 808 int i; /* Loop counter */ 809 810 UNUSED_PARAMETER(pParse); 811 812 if( pE->op==TK_ID ){ 813 char *zCol = pE->u.zToken; 814 for(i=0; i<pEList->nExpr; i++){ 815 char *zAs = pEList->a[i].zName; 816 if( zAs!=0 && sqlite3StrICmp(zAs, zCol)==0 ){ 817 return i+1; 818 } 819 } 820 } 821 return 0; 822 } 823 824 /* 825 ** pE is a pointer to an expression which is a single term in the 826 ** ORDER BY of a compound SELECT. The expression has not been 827 ** name resolved. 828 ** 829 ** At the point this routine is called, we already know that the 830 ** ORDER BY term is not an integer index into the result set. That 831 ** case is handled by the calling routine. 832 ** 833 ** Attempt to match pE against result set columns in the left-most 834 ** SELECT statement. Return the index i of the matching column, 835 ** as an indication to the caller that it should sort by the i-th column. 836 ** The left-most column is 1. In other words, the value returned is the 837 ** same integer value that would be used in the SQL statement to indicate 838 ** the column. 839 ** 840 ** If there is no match, return 0. Return -1 if an error occurs. 841 */ 842 static int resolveOrderByTermToExprList( 843 Parse *pParse, /* Parsing context for error messages */ 844 Select *pSelect, /* The SELECT statement with the ORDER BY clause */ 845 Expr *pE /* The specific ORDER BY term */ 846 ){ 847 int i; /* Loop counter */ 848 ExprList *pEList; /* The columns of the result set */ 849 NameContext nc; /* Name context for resolving pE */ 850 sqlite3 *db; /* Database connection */ 851 int rc; /* Return code from subprocedures */ 852 u8 savedSuppErr; /* Saved value of db->suppressErr */ 853 854 assert( sqlite3ExprIsInteger(pE, &i)==0 ); 855 pEList = pSelect->pEList; 856 857 /* Resolve all names in the ORDER BY term expression 858 */ 859 memset(&nc, 0, sizeof(nc)); 860 nc.pParse = pParse; 861 nc.pSrcList = pSelect->pSrc; 862 nc.pEList = pEList; 863 nc.ncFlags = NC_AllowAgg; 864 nc.nErr = 0; 865 db = pParse->db; 866 savedSuppErr = db->suppressErr; 867 db->suppressErr = 1; 868 rc = sqlite3ResolveExprNames(&nc, pE); 869 db->suppressErr = savedSuppErr; 870 if( rc ) return 0; 871 872 /* Try to match the ORDER BY expression against an expression 873 ** in the result set. Return an 1-based index of the matching 874 ** result-set entry. 875 */ 876 for(i=0; i<pEList->nExpr; i++){ 877 if( sqlite3ExprCompare(pEList->a[i].pExpr, pE, -1)<2 ){ 878 return i+1; 879 } 880 } 881 882 /* If no match, return 0. */ 883 return 0; 884 } 885 886 /* 887 ** Generate an ORDER BY or GROUP BY term out-of-range error. 888 */ 889 static void resolveOutOfRangeError( 890 Parse *pParse, /* The error context into which to write the error */ 891 const char *zType, /* "ORDER" or "GROUP" */ 892 int i, /* The index (1-based) of the term out of range */ 893 int mx /* Largest permissible value of i */ 894 ){ 895 sqlite3ErrorMsg(pParse, 896 "%r %s BY term out of range - should be " 897 "between 1 and %d", i, zType, mx); 898 } 899 900 /* 901 ** Analyze the ORDER BY clause in a compound SELECT statement. Modify 902 ** each term of the ORDER BY clause is a constant integer between 1 903 ** and N where N is the number of columns in the compound SELECT. 904 ** 905 ** ORDER BY terms that are already an integer between 1 and N are 906 ** unmodified. ORDER BY terms that are integers outside the range of 907 ** 1 through N generate an error. ORDER BY terms that are expressions 908 ** are matched against result set expressions of compound SELECT 909 ** beginning with the left-most SELECT and working toward the right. 910 ** At the first match, the ORDER BY expression is transformed into 911 ** the integer column number. 912 ** 913 ** Return the number of errors seen. 914 */ 915 static int resolveCompoundOrderBy( 916 Parse *pParse, /* Parsing context. Leave error messages here */ 917 Select *pSelect /* The SELECT statement containing the ORDER BY */ 918 ){ 919 int i; 920 ExprList *pOrderBy; 921 ExprList *pEList; 922 sqlite3 *db; 923 int moreToDo = 1; 924 925 pOrderBy = pSelect->pOrderBy; 926 if( pOrderBy==0 ) return 0; 927 db = pParse->db; 928 #if SQLITE_MAX_COLUMN 929 if( pOrderBy->nExpr>db->aLimit[SQLITE_LIMIT_COLUMN] ){ 930 sqlite3ErrorMsg(pParse, "too many terms in ORDER BY clause"); 931 return 1; 932 } 933 #endif 934 for(i=0; i<pOrderBy->nExpr; i++){ 935 pOrderBy->a[i].done = 0; 936 } 937 pSelect->pNext = 0; 938 while( pSelect->pPrior ){ 939 pSelect->pPrior->pNext = pSelect; 940 pSelect = pSelect->pPrior; 941 } 942 while( pSelect && moreToDo ){ 943 struct ExprList_item *pItem; 944 moreToDo = 0; 945 pEList = pSelect->pEList; 946 assert( pEList!=0 ); 947 for(i=0, pItem=pOrderBy->a; i<pOrderBy->nExpr; i++, pItem++){ 948 int iCol = -1; 949 Expr *pE, *pDup; 950 if( pItem->done ) continue; 951 pE = sqlite3ExprSkipCollate(pItem->pExpr); 952 if( sqlite3ExprIsInteger(pE, &iCol) ){ 953 if( iCol<=0 || iCol>pEList->nExpr ){ 954 resolveOutOfRangeError(pParse, "ORDER", i+1, pEList->nExpr); 955 return 1; 956 } 957 }else{ 958 iCol = resolveAsName(pParse, pEList, pE); 959 if( iCol==0 ){ 960 pDup = sqlite3ExprDup(db, pE, 0); 961 if( !db->mallocFailed ){ 962 assert(pDup); 963 iCol = resolveOrderByTermToExprList(pParse, pSelect, pDup); 964 } 965 sqlite3ExprDelete(db, pDup); 966 } 967 } 968 if( iCol>0 ){ 969 /* Convert the ORDER BY term into an integer column number iCol, 970 ** taking care to preserve the COLLATE clause if it exists */ 971 Expr *pNew = sqlite3Expr(db, TK_INTEGER, 0); 972 if( pNew==0 ) return 1; 973 pNew->flags |= EP_IntValue; 974 pNew->u.iValue = iCol; 975 if( pItem->pExpr==pE ){ 976 pItem->pExpr = pNew; 977 }else{ 978 assert( pItem->pExpr->op==TK_COLLATE ); 979 assert( pItem->pExpr->pLeft==pE ); 980 pItem->pExpr->pLeft = pNew; 981 } 982 sqlite3ExprDelete(db, pE); 983 pItem->u.x.iOrderByCol = (u16)iCol; 984 pItem->done = 1; 985 }else{ 986 moreToDo = 1; 987 } 988 } 989 pSelect = pSelect->pNext; 990 } 991 for(i=0; i<pOrderBy->nExpr; i++){ 992 if( pOrderBy->a[i].done==0 ){ 993 sqlite3ErrorMsg(pParse, "%r ORDER BY term does not match any " 994 "column in the result set", i+1); 995 return 1; 996 } 997 } 998 return 0; 999 } 1000 1001 /* 1002 ** Check every term in the ORDER BY or GROUP BY clause pOrderBy of 1003 ** the SELECT statement pSelect. If any term is reference to a 1004 ** result set expression (as determined by the ExprList.a.u.x.iOrderByCol 1005 ** field) then convert that term into a copy of the corresponding result set 1006 ** column. 1007 ** 1008 ** If any errors are detected, add an error message to pParse and 1009 ** return non-zero. Return zero if no errors are seen. 1010 */ 1011 int sqlite3ResolveOrderGroupBy( 1012 Parse *pParse, /* Parsing context. Leave error messages here */ 1013 Select *pSelect, /* The SELECT statement containing the clause */ 1014 ExprList *pOrderBy, /* The ORDER BY or GROUP BY clause to be processed */ 1015 const char *zType /* "ORDER" or "GROUP" */ 1016 ){ 1017 int i; 1018 sqlite3 *db = pParse->db; 1019 ExprList *pEList; 1020 struct ExprList_item *pItem; 1021 1022 if( pOrderBy==0 || pParse->db->mallocFailed ) return 0; 1023 #if SQLITE_MAX_COLUMN 1024 if( pOrderBy->nExpr>db->aLimit[SQLITE_LIMIT_COLUMN] ){ 1025 sqlite3ErrorMsg(pParse, "too many terms in %s BY clause", zType); 1026 return 1; 1027 } 1028 #endif 1029 pEList = pSelect->pEList; 1030 assert( pEList!=0 ); /* sqlite3SelectNew() guarantees this */ 1031 for(i=0, pItem=pOrderBy->a; i<pOrderBy->nExpr; i++, pItem++){ 1032 if( pItem->u.x.iOrderByCol ){ 1033 if( pItem->u.x.iOrderByCol>pEList->nExpr ){ 1034 resolveOutOfRangeError(pParse, zType, i+1, pEList->nExpr); 1035 return 1; 1036 } 1037 resolveAlias(pParse, pEList, pItem->u.x.iOrderByCol-1, pItem->pExpr, zType,0); 1038 } 1039 } 1040 return 0; 1041 } 1042 1043 /* 1044 ** pOrderBy is an ORDER BY or GROUP BY clause in SELECT statement pSelect. 1045 ** The Name context of the SELECT statement is pNC. zType is either 1046 ** "ORDER" or "GROUP" depending on which type of clause pOrderBy is. 1047 ** 1048 ** This routine resolves each term of the clause into an expression. 1049 ** If the order-by term is an integer I between 1 and N (where N is the 1050 ** number of columns in the result set of the SELECT) then the expression 1051 ** in the resolution is a copy of the I-th result-set expression. If 1052 ** the order-by term is an identifier that corresponds to the AS-name of 1053 ** a result-set expression, then the term resolves to a copy of the 1054 ** result-set expression. Otherwise, the expression is resolved in 1055 ** the usual way - using sqlite3ResolveExprNames(). 1056 ** 1057 ** This routine returns the number of errors. If errors occur, then 1058 ** an appropriate error message might be left in pParse. (OOM errors 1059 ** excepted.) 1060 */ 1061 static int resolveOrderGroupBy( 1062 NameContext *pNC, /* The name context of the SELECT statement */ 1063 Select *pSelect, /* The SELECT statement holding pOrderBy */ 1064 ExprList *pOrderBy, /* An ORDER BY or GROUP BY clause to resolve */ 1065 const char *zType /* Either "ORDER" or "GROUP", as appropriate */ 1066 ){ 1067 int i, j; /* Loop counters */ 1068 int iCol; /* Column number */ 1069 struct ExprList_item *pItem; /* A term of the ORDER BY clause */ 1070 Parse *pParse; /* Parsing context */ 1071 int nResult; /* Number of terms in the result set */ 1072 1073 if( pOrderBy==0 ) return 0; 1074 nResult = pSelect->pEList->nExpr; 1075 pParse = pNC->pParse; 1076 for(i=0, pItem=pOrderBy->a; i<pOrderBy->nExpr; i++, pItem++){ 1077 Expr *pE = pItem->pExpr; 1078 Expr *pE2 = sqlite3ExprSkipCollate(pE); 1079 if( zType[0]!='G' ){ 1080 iCol = resolveAsName(pParse, pSelect->pEList, pE2); 1081 if( iCol>0 ){ 1082 /* If an AS-name match is found, mark this ORDER BY column as being 1083 ** a copy of the iCol-th result-set column. The subsequent call to 1084 ** sqlite3ResolveOrderGroupBy() will convert the expression to a 1085 ** copy of the iCol-th result-set expression. */ 1086 pItem->u.x.iOrderByCol = (u16)iCol; 1087 continue; 1088 } 1089 } 1090 if( sqlite3ExprIsInteger(pE2, &iCol) ){ 1091 /* The ORDER BY term is an integer constant. Again, set the column 1092 ** number so that sqlite3ResolveOrderGroupBy() will convert the 1093 ** order-by term to a copy of the result-set expression */ 1094 if( iCol<1 || iCol>0xffff ){ 1095 resolveOutOfRangeError(pParse, zType, i+1, nResult); 1096 return 1; 1097 } 1098 pItem->u.x.iOrderByCol = (u16)iCol; 1099 continue; 1100 } 1101 1102 /* Otherwise, treat the ORDER BY term as an ordinary expression */ 1103 pItem->u.x.iOrderByCol = 0; 1104 if( sqlite3ResolveExprNames(pNC, pE) ){ 1105 return 1; 1106 } 1107 for(j=0; j<pSelect->pEList->nExpr; j++){ 1108 if( sqlite3ExprCompare(pE, pSelect->pEList->a[j].pExpr, -1)==0 ){ 1109 pItem->u.x.iOrderByCol = j+1; 1110 } 1111 } 1112 } 1113 return sqlite3ResolveOrderGroupBy(pParse, pSelect, pOrderBy, zType); 1114 } 1115 1116 /* 1117 ** Resolve names in the SELECT statement p and all of its descendents. 1118 */ 1119 static int resolveSelectStep(Walker *pWalker, Select *p){ 1120 NameContext *pOuterNC; /* Context that contains this SELECT */ 1121 NameContext sNC; /* Name context of this SELECT */ 1122 int isCompound; /* True if p is a compound select */ 1123 int nCompound; /* Number of compound terms processed so far */ 1124 Parse *pParse; /* Parsing context */ 1125 ExprList *pEList; /* Result set expression list */ 1126 int i; /* Loop counter */ 1127 ExprList *pGroupBy; /* The GROUP BY clause */ 1128 Select *pLeftmost; /* Left-most of SELECT of a compound */ 1129 sqlite3 *db; /* Database connection */ 1130 1131 1132 assert( p!=0 ); 1133 if( p->selFlags & SF_Resolved ){ 1134 return WRC_Prune; 1135 } 1136 pOuterNC = pWalker->u.pNC; 1137 pParse = pWalker->pParse; 1138 db = pParse->db; 1139 1140 /* Normally sqlite3SelectExpand() will be called first and will have 1141 ** already expanded this SELECT. However, if this is a subquery within 1142 ** an expression, sqlite3ResolveExprNames() will be called without a 1143 ** prior call to sqlite3SelectExpand(). When that happens, let 1144 ** sqlite3SelectPrep() do all of the processing for this SELECT. 1145 ** sqlite3SelectPrep() will invoke both sqlite3SelectExpand() and 1146 ** this routine in the correct order. 1147 */ 1148 if( (p->selFlags & SF_Expanded)==0 ){ 1149 sqlite3SelectPrep(pParse, p, pOuterNC); 1150 return (pParse->nErr || db->mallocFailed) ? WRC_Abort : WRC_Prune; 1151 } 1152 1153 isCompound = p->pPrior!=0; 1154 nCompound = 0; 1155 pLeftmost = p; 1156 while( p ){ 1157 assert( (p->selFlags & SF_Expanded)!=0 ); 1158 assert( (p->selFlags & SF_Resolved)==0 ); 1159 p->selFlags |= SF_Resolved; 1160 1161 /* Resolve the expressions in the LIMIT and OFFSET clauses. These 1162 ** are not allowed to refer to any names, so pass an empty NameContext. 1163 */ 1164 memset(&sNC, 0, sizeof(sNC)); 1165 sNC.pParse = pParse; 1166 if( sqlite3ResolveExprNames(&sNC, p->pLimit) || 1167 sqlite3ResolveExprNames(&sNC, p->pOffset) ){ 1168 return WRC_Abort; 1169 } 1170 1171 /* Recursively resolve names in all subqueries 1172 */ 1173 for(i=0; i<p->pSrc->nSrc; i++){ 1174 struct SrcList_item *pItem = &p->pSrc->a[i]; 1175 if( pItem->pSelect ){ 1176 NameContext *pNC; /* Used to iterate name contexts */ 1177 int nRef = 0; /* Refcount for pOuterNC and outer contexts */ 1178 const char *zSavedContext = pParse->zAuthContext; 1179 1180 /* Count the total number of references to pOuterNC and all of its 1181 ** parent contexts. After resolving references to expressions in 1182 ** pItem->pSelect, check if this value has changed. If so, then 1183 ** SELECT statement pItem->pSelect must be correlated. Set the 1184 ** pItem->isCorrelated flag if this is the case. */ 1185 for(pNC=pOuterNC; pNC; pNC=pNC->pNext) nRef += pNC->nRef; 1186 1187 if( pItem->zName ) pParse->zAuthContext = pItem->zName; 1188 sqlite3ResolveSelectNames(pParse, pItem->pSelect, pOuterNC); 1189 pParse->zAuthContext = zSavedContext; 1190 if( pParse->nErr || db->mallocFailed ) return WRC_Abort; 1191 1192 for(pNC=pOuterNC; pNC; pNC=pNC->pNext) nRef -= pNC->nRef; 1193 assert( pItem->isCorrelated==0 && nRef<=0 ); 1194 pItem->isCorrelated = (nRef!=0); 1195 } 1196 } 1197 1198 /* Set up the local name-context to pass to sqlite3ResolveExprNames() to 1199 ** resolve the result-set expression list. 1200 */ 1201 sNC.ncFlags = NC_AllowAgg; 1202 sNC.pSrcList = p->pSrc; 1203 sNC.pNext = pOuterNC; 1204 1205 /* Resolve names in the result set. */ 1206 pEList = p->pEList; 1207 assert( pEList!=0 ); 1208 for(i=0; i<pEList->nExpr; i++){ 1209 Expr *pX = pEList->a[i].pExpr; 1210 if( sqlite3ResolveExprNames(&sNC, pX) ){ 1211 return WRC_Abort; 1212 } 1213 } 1214 1215 /* If there are no aggregate functions in the result-set, and no GROUP BY 1216 ** expression, do not allow aggregates in any of the other expressions. 1217 */ 1218 assert( (p->selFlags & SF_Aggregate)==0 ); 1219 pGroupBy = p->pGroupBy; 1220 if( pGroupBy || (sNC.ncFlags & NC_HasAgg)!=0 ){ 1221 p->selFlags |= SF_Aggregate; 1222 }else{ 1223 sNC.ncFlags &= ~NC_AllowAgg; 1224 } 1225 1226 /* If a HAVING clause is present, then there must be a GROUP BY clause. 1227 */ 1228 if( p->pHaving && !pGroupBy ){ 1229 sqlite3ErrorMsg(pParse, "a GROUP BY clause is required before HAVING"); 1230 return WRC_Abort; 1231 } 1232 1233 /* Add the output column list to the name-context before parsing the 1234 ** other expressions in the SELECT statement. This is so that 1235 ** expressions in the WHERE clause (etc.) can refer to expressions by 1236 ** aliases in the result set. 1237 ** 1238 ** Minor point: If this is the case, then the expression will be 1239 ** re-evaluated for each reference to it. 1240 */ 1241 sNC.pEList = p->pEList; 1242 if( sqlite3ResolveExprNames(&sNC, p->pHaving) ) return WRC_Abort; 1243 if( sqlite3ResolveExprNames(&sNC, p->pWhere) ) return WRC_Abort; 1244 1245 /* The ORDER BY and GROUP BY clauses may not refer to terms in 1246 ** outer queries 1247 */ 1248 sNC.pNext = 0; 1249 sNC.ncFlags |= NC_AllowAgg; 1250 1251 /* Process the ORDER BY clause for singleton SELECT statements. 1252 ** The ORDER BY clause for compounds SELECT statements is handled 1253 ** below, after all of the result-sets for all of the elements of 1254 ** the compound have been resolved. 1255 */ 1256 if( !isCompound && resolveOrderGroupBy(&sNC, p, p->pOrderBy, "ORDER") ){ 1257 return WRC_Abort; 1258 } 1259 if( db->mallocFailed ){ 1260 return WRC_Abort; 1261 } 1262 1263 /* Resolve the GROUP BY clause. At the same time, make sure 1264 ** the GROUP BY clause does not contain aggregate functions. 1265 */ 1266 if( pGroupBy ){ 1267 struct ExprList_item *pItem; 1268 1269 if( resolveOrderGroupBy(&sNC, p, pGroupBy, "GROUP") || db->mallocFailed ){ 1270 return WRC_Abort; 1271 } 1272 for(i=0, pItem=pGroupBy->a; i<pGroupBy->nExpr; i++, pItem++){ 1273 if( ExprHasProperty(pItem->pExpr, EP_Agg) ){ 1274 sqlite3ErrorMsg(pParse, "aggregate functions are not allowed in " 1275 "the GROUP BY clause"); 1276 return WRC_Abort; 1277 } 1278 } 1279 } 1280 1281 /* Advance to the next term of the compound 1282 */ 1283 p = p->pPrior; 1284 nCompound++; 1285 } 1286 1287 /* Resolve the ORDER BY on a compound SELECT after all terms of 1288 ** the compound have been resolved. 1289 */ 1290 if( isCompound && resolveCompoundOrderBy(pParse, pLeftmost) ){ 1291 return WRC_Abort; 1292 } 1293 1294 return WRC_Prune; 1295 } 1296 1297 /* 1298 ** This routine walks an expression tree and resolves references to 1299 ** table columns and result-set columns. At the same time, do error 1300 ** checking on function usage and set a flag if any aggregate functions 1301 ** are seen. 1302 ** 1303 ** To resolve table columns references we look for nodes (or subtrees) of the 1304 ** form X.Y.Z or Y.Z or just Z where 1305 ** 1306 ** X: The name of a database. Ex: "main" or "temp" or 1307 ** the symbolic name assigned to an ATTACH-ed database. 1308 ** 1309 ** Y: The name of a table in a FROM clause. Or in a trigger 1310 ** one of the special names "old" or "new". 1311 ** 1312 ** Z: The name of a column in table Y. 1313 ** 1314 ** The node at the root of the subtree is modified as follows: 1315 ** 1316 ** Expr.op Changed to TK_COLUMN 1317 ** Expr.pTab Points to the Table object for X.Y 1318 ** Expr.iColumn The column index in X.Y. -1 for the rowid. 1319 ** Expr.iTable The VDBE cursor number for X.Y 1320 ** 1321 ** 1322 ** To resolve result-set references, look for expression nodes of the 1323 ** form Z (with no X and Y prefix) where the Z matches the right-hand 1324 ** size of an AS clause in the result-set of a SELECT. The Z expression 1325 ** is replaced by a copy of the left-hand side of the result-set expression. 1326 ** Table-name and function resolution occurs on the substituted expression 1327 ** tree. For example, in: 1328 ** 1329 ** SELECT a+b AS x, c+d AS y FROM t1 ORDER BY x; 1330 ** 1331 ** The "x" term of the order by is replaced by "a+b" to render: 1332 ** 1333 ** SELECT a+b AS x, c+d AS y FROM t1 ORDER BY a+b; 1334 ** 1335 ** Function calls are checked to make sure that the function is 1336 ** defined and that the correct number of arguments are specified. 1337 ** If the function is an aggregate function, then the NC_HasAgg flag is 1338 ** set and the opcode is changed from TK_FUNCTION to TK_AGG_FUNCTION. 1339 ** If an expression contains aggregate functions then the EP_Agg 1340 ** property on the expression is set. 1341 ** 1342 ** An error message is left in pParse if anything is amiss. The number 1343 ** if errors is returned. 1344 */ 1345 int sqlite3ResolveExprNames( 1346 NameContext *pNC, /* Namespace to resolve expressions in. */ 1347 Expr *pExpr /* The expression to be analyzed. */ 1348 ){ 1349 u8 savedHasAgg; 1350 Walker w; 1351 1352 if( pExpr==0 ) return 0; 1353 #if SQLITE_MAX_EXPR_DEPTH>0 1354 { 1355 Parse *pParse = pNC->pParse; 1356 if( sqlite3ExprCheckHeight(pParse, pExpr->nHeight+pNC->pParse->nHeight) ){ 1357 return 1; 1358 } 1359 pParse->nHeight += pExpr->nHeight; 1360 } 1361 #endif 1362 savedHasAgg = pNC->ncFlags & NC_HasAgg; 1363 pNC->ncFlags &= ~NC_HasAgg; 1364 memset(&w, 0, sizeof(w)); 1365 w.xExprCallback = resolveExprStep; 1366 w.xSelectCallback = resolveSelectStep; 1367 w.pParse = pNC->pParse; 1368 w.u.pNC = pNC; 1369 sqlite3WalkExpr(&w, pExpr); 1370 #if SQLITE_MAX_EXPR_DEPTH>0 1371 pNC->pParse->nHeight -= pExpr->nHeight; 1372 #endif 1373 if( pNC->nErr>0 || w.pParse->nErr>0 ){ 1374 ExprSetProperty(pExpr, EP_Error); 1375 } 1376 if( pNC->ncFlags & NC_HasAgg ){ 1377 ExprSetProperty(pExpr, EP_Agg); 1378 }else if( savedHasAgg ){ 1379 pNC->ncFlags |= NC_HasAgg; 1380 } 1381 return ExprHasProperty(pExpr, EP_Error); 1382 } 1383 1384 1385 /* 1386 ** Resolve all names in all expressions of a SELECT and in all 1387 ** decendents of the SELECT, including compounds off of p->pPrior, 1388 ** subqueries in expressions, and subqueries used as FROM clause 1389 ** terms. 1390 ** 1391 ** See sqlite3ResolveExprNames() for a description of the kinds of 1392 ** transformations that occur. 1393 ** 1394 ** All SELECT statements should have been expanded using 1395 ** sqlite3SelectExpand() prior to invoking this routine. 1396 */ 1397 void sqlite3ResolveSelectNames( 1398 Parse *pParse, /* The parser context */ 1399 Select *p, /* The SELECT statement being coded. */ 1400 NameContext *pOuterNC /* Name context for parent SELECT statement */ 1401 ){ 1402 Walker w; 1403 1404 assert( p!=0 ); 1405 memset(&w, 0, sizeof(w)); 1406 w.xExprCallback = resolveExprStep; 1407 w.xSelectCallback = resolveSelectStep; 1408 w.pParse = pParse; 1409 w.u.pNC = pOuterNC; 1410 sqlite3WalkSelect(&w, p); 1411 } 1412 1413 /* 1414 ** Resolve names in expressions that can only reference a single table: 1415 ** 1416 ** * CHECK constraints 1417 ** * WHERE clauses on partial indices 1418 ** 1419 ** The Expr.iTable value for Expr.op==TK_COLUMN nodes of the expression 1420 ** is set to -1 and the Expr.iColumn value is set to the column number. 1421 ** 1422 ** Any errors cause an error message to be set in pParse. 1423 */ 1424 void sqlite3ResolveSelfReference( 1425 Parse *pParse, /* Parsing context */ 1426 Table *pTab, /* The table being referenced */ 1427 int type, /* NC_IsCheck or NC_PartIdx */ 1428 Expr *pExpr, /* Expression to resolve. May be NULL. */ 1429 ExprList *pList /* Expression list to resolve. May be NUL. */ 1430 ){ 1431 SrcList sSrc; /* Fake SrcList for pParse->pNewTable */ 1432 NameContext sNC; /* Name context for pParse->pNewTable */ 1433 int i; /* Loop counter */ 1434 1435 assert( type==NC_IsCheck || type==NC_PartIdx ); 1436 memset(&sNC, 0, sizeof(sNC)); 1437 memset(&sSrc, 0, sizeof(sSrc)); 1438 sSrc.nSrc = 1; 1439 sSrc.a[0].zName = pTab->zName; 1440 sSrc.a[0].pTab = pTab; 1441 sSrc.a[0].iCursor = -1; 1442 sNC.pParse = pParse; 1443 sNC.pSrcList = &sSrc; 1444 sNC.ncFlags = type; 1445 if( sqlite3ResolveExprNames(&sNC, pExpr) ) return; 1446 if( pList ){ 1447 for(i=0; i<pList->nExpr; i++){ 1448 if( sqlite3ResolveExprNames(&sNC, pList->a[i].pExpr) ){ 1449 return; 1450 } 1451 } 1452 } 1453 } 1454