1 /* 2 ** 2008 August 18 3 ** 4 ** The author disclaims copyright to this source code. In place of 5 ** a legal notice, here is a blessing: 6 ** 7 ** May you do good and not evil. 8 ** May you find forgiveness for yourself and forgive others. 9 ** May you share freely, never taking more than you give. 10 ** 11 ************************************************************************* 12 ** 13 ** This file contains routines used for walking the parser tree and 14 ** resolve all identifiers by associating them with a particular 15 ** table and column. 16 */ 17 #include "sqliteInt.h" 18 #include <stdlib.h> 19 #include <string.h> 20 21 /* 22 ** Walk the expression tree pExpr and increase the aggregate function 23 ** depth (the Expr.op2 field) by N on every TK_AGG_FUNCTION node. 24 ** This needs to occur when copying a TK_AGG_FUNCTION node from an 25 ** outer query into an inner subquery. 26 ** 27 ** incrAggFunctionDepth(pExpr,n) is the main routine. incrAggDepth(..) 28 ** is a helper function - a callback for the tree walker. 29 */ 30 static int incrAggDepth(Walker *pWalker, Expr *pExpr){ 31 if( pExpr->op==TK_AGG_FUNCTION ) pExpr->op2 += pWalker->u.i; 32 return WRC_Continue; 33 } 34 static void incrAggFunctionDepth(Expr *pExpr, int N){ 35 if( N>0 ){ 36 Walker w; 37 memset(&w, 0, sizeof(w)); 38 w.xExprCallback = incrAggDepth; 39 w.u.i = N; 40 sqlite3WalkExpr(&w, pExpr); 41 } 42 } 43 44 /* 45 ** Turn the pExpr expression into an alias for the iCol-th column of the 46 ** result set in pEList. 47 ** 48 ** If the result set column is a simple column reference, then this routine 49 ** makes an exact copy. But for any other kind of expression, this 50 ** routine make a copy of the result set column as the argument to the 51 ** TK_AS operator. The TK_AS operator causes the expression to be 52 ** evaluated just once and then reused for each alias. 53 ** 54 ** The reason for suppressing the TK_AS term when the expression is a simple 55 ** column reference is so that the column reference will be recognized as 56 ** usable by indices within the WHERE clause processing logic. 57 ** 58 ** The TK_AS operator is inhibited if zType[0]=='G'. This means 59 ** that in a GROUP BY clause, the expression is evaluated twice. Hence: 60 ** 61 ** SELECT random()%5 AS x, count(*) FROM tab GROUP BY x 62 ** 63 ** Is equivalent to: 64 ** 65 ** SELECT random()%5 AS x, count(*) FROM tab GROUP BY random()%5 66 ** 67 ** The result of random()%5 in the GROUP BY clause is probably different 68 ** from the result in the result-set. On the other hand Standard SQL does 69 ** not allow the GROUP BY clause to contain references to result-set columns. 70 ** So this should never come up in well-formed queries. 71 ** 72 ** If the reference is followed by a COLLATE operator, then make sure 73 ** the COLLATE operator is preserved. For example: 74 ** 75 ** SELECT a+b, c+d FROM t1 ORDER BY 1 COLLATE nocase; 76 ** 77 ** Should be transformed into: 78 ** 79 ** SELECT a+b, c+d FROM t1 ORDER BY (a+b) COLLATE nocase; 80 ** 81 ** The nSubquery parameter specifies how many levels of subquery the 82 ** alias is removed from the original expression. The usually value is 83 ** zero but it might be more if the alias is contained within a subquery 84 ** of the original expression. The Expr.op2 field of TK_AGG_FUNCTION 85 ** structures must be increased by the nSubquery amount. 86 */ 87 static void resolveAlias( 88 Parse *pParse, /* Parsing context */ 89 ExprList *pEList, /* A result set */ 90 int iCol, /* A column in the result set. 0..pEList->nExpr-1 */ 91 Expr *pExpr, /* Transform this into an alias to the result set */ 92 const char *zType, /* "GROUP" or "ORDER" or "" */ 93 int nSubquery /* Number of subqueries that the label is moving */ 94 ){ 95 Expr *pOrig; /* The iCol-th column of the result set */ 96 Expr *pDup; /* Copy of pOrig */ 97 sqlite3 *db; /* The database connection */ 98 99 assert( iCol>=0 && iCol<pEList->nExpr ); 100 pOrig = pEList->a[iCol].pExpr; 101 assert( pOrig!=0 ); 102 assert( pOrig->flags & EP_Resolved ); 103 db = pParse->db; 104 pDup = sqlite3ExprDup(db, pOrig, 0); 105 if( pDup==0 ) return; 106 if( pOrig->op!=TK_COLUMN && zType[0]!='G' ){ 107 incrAggFunctionDepth(pDup, nSubquery); 108 pDup = sqlite3PExpr(pParse, TK_AS, pDup, 0, 0); 109 if( pDup==0 ) return; 110 ExprSetProperty(pDup, EP_Skip); 111 if( pEList->a[iCol].u.x.iAlias==0 ){ 112 pEList->a[iCol].u.x.iAlias = (u16)(++pParse->nAlias); 113 } 114 pDup->iTable = pEList->a[iCol].u.x.iAlias; 115 } 116 if( pExpr->op==TK_COLLATE ){ 117 pDup = sqlite3ExprAddCollateString(pParse, pDup, pExpr->u.zToken); 118 } 119 120 /* Before calling sqlite3ExprDelete(), set the EP_Static flag. This 121 ** prevents ExprDelete() from deleting the Expr structure itself, 122 ** allowing it to be repopulated by the memcpy() on the following line. 123 ** The pExpr->u.zToken might point into memory that will be freed by the 124 ** sqlite3DbFree(db, pDup) on the last line of this block, so be sure to 125 ** make a copy of the token before doing the sqlite3DbFree(). 126 */ 127 ExprSetProperty(pExpr, EP_Static); 128 sqlite3ExprDelete(db, pExpr); 129 memcpy(pExpr, pDup, sizeof(*pExpr)); 130 if( !ExprHasProperty(pExpr, EP_IntValue) && pExpr->u.zToken!=0 ){ 131 assert( (pExpr->flags & (EP_Reduced|EP_TokenOnly))==0 ); 132 pExpr->u.zToken = sqlite3DbStrDup(db, pExpr->u.zToken); 133 pExpr->flags |= EP_MemToken; 134 } 135 sqlite3DbFree(db, pDup); 136 } 137 138 139 /* 140 ** Return TRUE if the name zCol occurs anywhere in the USING clause. 141 ** 142 ** Return FALSE if the USING clause is NULL or if it does not contain 143 ** zCol. 144 */ 145 static int nameInUsingClause(IdList *pUsing, const char *zCol){ 146 if( pUsing ){ 147 int k; 148 for(k=0; k<pUsing->nId; k++){ 149 if( sqlite3StrICmp(pUsing->a[k].zName, zCol)==0 ) return 1; 150 } 151 } 152 return 0; 153 } 154 155 /* 156 ** Subqueries stores the original database, table and column names for their 157 ** result sets in ExprList.a[].zSpan, in the form "DATABASE.TABLE.COLUMN". 158 ** Check to see if the zSpan given to this routine matches the zDb, zTab, 159 ** and zCol. If any of zDb, zTab, and zCol are NULL then those fields will 160 ** match anything. 161 */ 162 int sqlite3MatchSpanName( 163 const char *zSpan, 164 const char *zCol, 165 const char *zTab, 166 const char *zDb 167 ){ 168 int n; 169 for(n=0; ALWAYS(zSpan[n]) && zSpan[n]!='.'; n++){} 170 if( zDb && (sqlite3StrNICmp(zSpan, zDb, n)!=0 || zDb[n]!=0) ){ 171 return 0; 172 } 173 zSpan += n+1; 174 for(n=0; ALWAYS(zSpan[n]) && zSpan[n]!='.'; n++){} 175 if( zTab && (sqlite3StrNICmp(zSpan, zTab, n)!=0 || zTab[n]!=0) ){ 176 return 0; 177 } 178 zSpan += n+1; 179 if( zCol && sqlite3StrICmp(zSpan, zCol)!=0 ){ 180 return 0; 181 } 182 return 1; 183 } 184 185 /* 186 ** Given the name of a column of the form X.Y.Z or Y.Z or just Z, look up 187 ** that name in the set of source tables in pSrcList and make the pExpr 188 ** expression node refer back to that source column. The following changes 189 ** are made to pExpr: 190 ** 191 ** pExpr->iDb Set the index in db->aDb[] of the database X 192 ** (even if X is implied). 193 ** pExpr->iTable Set to the cursor number for the table obtained 194 ** from pSrcList. 195 ** pExpr->pTab Points to the Table structure of X.Y (even if 196 ** X and/or Y are implied.) 197 ** pExpr->iColumn Set to the column number within the table. 198 ** pExpr->op Set to TK_COLUMN. 199 ** pExpr->pLeft Any expression this points to is deleted 200 ** pExpr->pRight Any expression this points to is deleted. 201 ** 202 ** The zDb variable is the name of the database (the "X"). This value may be 203 ** NULL meaning that name is of the form Y.Z or Z. Any available database 204 ** can be used. The zTable variable is the name of the table (the "Y"). This 205 ** value can be NULL if zDb is also NULL. If zTable is NULL it 206 ** means that the form of the name is Z and that columns from any table 207 ** can be used. 208 ** 209 ** If the name cannot be resolved unambiguously, leave an error message 210 ** in pParse and return WRC_Abort. Return WRC_Prune on success. 211 */ 212 static int lookupName( 213 Parse *pParse, /* The parsing context */ 214 const char *zDb, /* Name of the database containing table, or NULL */ 215 const char *zTab, /* Name of table containing column, or NULL */ 216 const char *zCol, /* Name of the column. */ 217 NameContext *pNC, /* The name context used to resolve the name */ 218 Expr *pExpr /* Make this EXPR node point to the selected column */ 219 ){ 220 int i, j; /* Loop counters */ 221 int cnt = 0; /* Number of matching column names */ 222 int cntTab = 0; /* Number of matching table names */ 223 int nSubquery = 0; /* How many levels of subquery */ 224 sqlite3 *db = pParse->db; /* The database connection */ 225 struct SrcList_item *pItem; /* Use for looping over pSrcList items */ 226 struct SrcList_item *pMatch = 0; /* The matching pSrcList item */ 227 NameContext *pTopNC = pNC; /* First namecontext in the list */ 228 Schema *pSchema = 0; /* Schema of the expression */ 229 int isTrigger = 0; /* True if resolved to a trigger column */ 230 Table *pTab = 0; /* Table hold the row */ 231 Column *pCol; /* A column of pTab */ 232 233 assert( pNC ); /* the name context cannot be NULL. */ 234 assert( zCol ); /* The Z in X.Y.Z cannot be NULL */ 235 assert( !ExprHasProperty(pExpr, EP_TokenOnly|EP_Reduced) ); 236 237 /* Initialize the node to no-match */ 238 pExpr->iTable = -1; 239 pExpr->pTab = 0; 240 ExprSetVVAProperty(pExpr, EP_NoReduce); 241 242 /* Translate the schema name in zDb into a pointer to the corresponding 243 ** schema. If not found, pSchema will remain NULL and nothing will match 244 ** resulting in an appropriate error message toward the end of this routine 245 */ 246 if( zDb ){ 247 testcase( pNC->ncFlags & NC_PartIdx ); 248 testcase( pNC->ncFlags & NC_IsCheck ); 249 if( (pNC->ncFlags & (NC_PartIdx|NC_IsCheck))!=0 ){ 250 /* Silently ignore database qualifiers inside CHECK constraints and partial 251 ** indices. Do not raise errors because that might break legacy and 252 ** because it does not hurt anything to just ignore the database name. */ 253 zDb = 0; 254 }else{ 255 for(i=0; i<db->nDb; i++){ 256 assert( db->aDb[i].zName ); 257 if( sqlite3StrICmp(db->aDb[i].zName,zDb)==0 ){ 258 pSchema = db->aDb[i].pSchema; 259 break; 260 } 261 } 262 } 263 } 264 265 /* Start at the inner-most context and move outward until a match is found */ 266 while( pNC && cnt==0 ){ 267 ExprList *pEList; 268 SrcList *pSrcList = pNC->pSrcList; 269 270 if( pSrcList ){ 271 for(i=0, pItem=pSrcList->a; i<pSrcList->nSrc; i++, pItem++){ 272 pTab = pItem->pTab; 273 assert( pTab!=0 && pTab->zName!=0 ); 274 assert( pTab->nCol>0 ); 275 if( pItem->pSelect && (pItem->pSelect->selFlags & SF_NestedFrom)!=0 ){ 276 int hit = 0; 277 pEList = pItem->pSelect->pEList; 278 for(j=0; j<pEList->nExpr; j++){ 279 if( sqlite3MatchSpanName(pEList->a[j].zSpan, zCol, zTab, zDb) ){ 280 cnt++; 281 cntTab = 2; 282 pMatch = pItem; 283 pExpr->iColumn = j; 284 hit = 1; 285 } 286 } 287 if( hit || zTab==0 ) continue; 288 } 289 if( zDb && pTab->pSchema!=pSchema ){ 290 continue; 291 } 292 if( zTab ){ 293 const char *zTabName = pItem->zAlias ? pItem->zAlias : pTab->zName; 294 assert( zTabName!=0 ); 295 if( sqlite3StrICmp(zTabName, zTab)!=0 ){ 296 continue; 297 } 298 } 299 if( 0==(cntTab++) ){ 300 pMatch = pItem; 301 } 302 for(j=0, pCol=pTab->aCol; j<pTab->nCol; j++, pCol++){ 303 if( sqlite3StrICmp(pCol->zName, zCol)==0 ){ 304 /* If there has been exactly one prior match and this match 305 ** is for the right-hand table of a NATURAL JOIN or is in a 306 ** USING clause, then skip this match. 307 */ 308 if( cnt==1 ){ 309 if( pItem->jointype & JT_NATURAL ) continue; 310 if( nameInUsingClause(pItem->pUsing, zCol) ) continue; 311 } 312 cnt++; 313 pMatch = pItem; 314 /* Substitute the rowid (column -1) for the INTEGER PRIMARY KEY */ 315 pExpr->iColumn = j==pTab->iPKey ? -1 : (i16)j; 316 break; 317 } 318 } 319 } 320 if( pMatch ){ 321 pExpr->iTable = pMatch->iCursor; 322 pExpr->pTab = pMatch->pTab; 323 pSchema = pExpr->pTab->pSchema; 324 } 325 } /* if( pSrcList ) */ 326 327 #ifndef SQLITE_OMIT_TRIGGER 328 /* If we have not already resolved the name, then maybe 329 ** it is a new.* or old.* trigger argument reference 330 */ 331 if( zDb==0 && zTab!=0 && cntTab==0 && pParse->pTriggerTab!=0 ){ 332 int op = pParse->eTriggerOp; 333 assert( op==TK_DELETE || op==TK_UPDATE || op==TK_INSERT ); 334 if( op!=TK_DELETE && sqlite3StrICmp("new",zTab) == 0 ){ 335 pExpr->iTable = 1; 336 pTab = pParse->pTriggerTab; 337 }else if( op!=TK_INSERT && sqlite3StrICmp("old",zTab)==0 ){ 338 pExpr->iTable = 0; 339 pTab = pParse->pTriggerTab; 340 }else{ 341 pTab = 0; 342 } 343 344 if( pTab ){ 345 int iCol; 346 pSchema = pTab->pSchema; 347 cntTab++; 348 for(iCol=0, pCol=pTab->aCol; iCol<pTab->nCol; iCol++, pCol++){ 349 if( sqlite3StrICmp(pCol->zName, zCol)==0 ){ 350 if( iCol==pTab->iPKey ){ 351 iCol = -1; 352 } 353 break; 354 } 355 } 356 if( iCol>=pTab->nCol && sqlite3IsRowid(zCol) && HasRowid(pTab) ){ 357 /* IMP: R-51414-32910 */ 358 /* IMP: R-44911-55124 */ 359 iCol = -1; 360 } 361 if( iCol<pTab->nCol ){ 362 cnt++; 363 if( iCol<0 ){ 364 pExpr->affinity = SQLITE_AFF_INTEGER; 365 }else if( pExpr->iTable==0 ){ 366 testcase( iCol==31 ); 367 testcase( iCol==32 ); 368 pParse->oldmask |= (iCol>=32 ? 0xffffffff : (((u32)1)<<iCol)); 369 }else{ 370 testcase( iCol==31 ); 371 testcase( iCol==32 ); 372 pParse->newmask |= (iCol>=32 ? 0xffffffff : (((u32)1)<<iCol)); 373 } 374 pExpr->iColumn = (i16)iCol; 375 pExpr->pTab = pTab; 376 isTrigger = 1; 377 } 378 } 379 } 380 #endif /* !defined(SQLITE_OMIT_TRIGGER) */ 381 382 /* 383 ** Perhaps the name is a reference to the ROWID 384 */ 385 if( cnt==0 && cntTab==1 && pMatch && sqlite3IsRowid(zCol) 386 && HasRowid(pMatch->pTab) ){ 387 cnt = 1; 388 pExpr->iColumn = -1; /* IMP: R-44911-55124 */ 389 pExpr->affinity = SQLITE_AFF_INTEGER; 390 } 391 392 /* 393 ** If the input is of the form Z (not Y.Z or X.Y.Z) then the name Z 394 ** might refer to an result-set alias. This happens, for example, when 395 ** we are resolving names in the WHERE clause of the following command: 396 ** 397 ** SELECT a+b AS x FROM table WHERE x<10; 398 ** 399 ** In cases like this, replace pExpr with a copy of the expression that 400 ** forms the result set entry ("a+b" in the example) and return immediately. 401 ** Note that the expression in the result set should have already been 402 ** resolved by the time the WHERE clause is resolved. 403 ** 404 ** The ability to use an output result-set column in the WHERE, GROUP BY, 405 ** or HAVING clauses, or as part of a larger expression in the ORDRE BY 406 ** clause is not standard SQL. This is a (goofy) SQLite extension, that 407 ** is supported for backwards compatibility only. TO DO: Issue a warning 408 ** on sqlite3_log() whenever the capability is used. 409 */ 410 if( (pEList = pNC->pEList)!=0 411 && zTab==0 412 && cnt==0 413 ){ 414 for(j=0; j<pEList->nExpr; j++){ 415 char *zAs = pEList->a[j].zName; 416 if( zAs!=0 && sqlite3StrICmp(zAs, zCol)==0 ){ 417 Expr *pOrig; 418 assert( pExpr->pLeft==0 && pExpr->pRight==0 ); 419 assert( pExpr->x.pList==0 ); 420 assert( pExpr->x.pSelect==0 ); 421 pOrig = pEList->a[j].pExpr; 422 if( (pNC->ncFlags&NC_AllowAgg)==0 && ExprHasProperty(pOrig, EP_Agg) ){ 423 sqlite3ErrorMsg(pParse, "misuse of aliased aggregate %s", zAs); 424 return WRC_Abort; 425 } 426 resolveAlias(pParse, pEList, j, pExpr, "", nSubquery); 427 cnt = 1; 428 pMatch = 0; 429 assert( zTab==0 && zDb==0 ); 430 goto lookupname_end; 431 } 432 } 433 } 434 435 /* Advance to the next name context. The loop will exit when either 436 ** we have a match (cnt>0) or when we run out of name contexts. 437 */ 438 if( cnt==0 ){ 439 pNC = pNC->pNext; 440 nSubquery++; 441 } 442 } 443 444 /* 445 ** If X and Y are NULL (in other words if only the column name Z is 446 ** supplied) and the value of Z is enclosed in double-quotes, then 447 ** Z is a string literal if it doesn't match any column names. In that 448 ** case, we need to return right away and not make any changes to 449 ** pExpr. 450 ** 451 ** Because no reference was made to outer contexts, the pNC->nRef 452 ** fields are not changed in any context. 453 */ 454 if( cnt==0 && zTab==0 && ExprHasProperty(pExpr,EP_DblQuoted) ){ 455 pExpr->op = TK_STRING; 456 pExpr->pTab = 0; 457 return WRC_Prune; 458 } 459 460 /* 461 ** cnt==0 means there was not match. cnt>1 means there were two or 462 ** more matches. Either way, we have an error. 463 */ 464 if( cnt!=1 ){ 465 const char *zErr; 466 zErr = cnt==0 ? "no such column" : "ambiguous column name"; 467 if( zDb ){ 468 sqlite3ErrorMsg(pParse, "%s: %s.%s.%s", zErr, zDb, zTab, zCol); 469 }else if( zTab ){ 470 sqlite3ErrorMsg(pParse, "%s: %s.%s", zErr, zTab, zCol); 471 }else{ 472 sqlite3ErrorMsg(pParse, "%s: %s", zErr, zCol); 473 } 474 pParse->checkSchema = 1; 475 pTopNC->nErr++; 476 } 477 478 /* If a column from a table in pSrcList is referenced, then record 479 ** this fact in the pSrcList.a[].colUsed bitmask. Column 0 causes 480 ** bit 0 to be set. Column 1 sets bit 1. And so forth. If the 481 ** column number is greater than the number of bits in the bitmask 482 ** then set the high-order bit of the bitmask. 483 */ 484 if( pExpr->iColumn>=0 && pMatch!=0 ){ 485 int n = pExpr->iColumn; 486 testcase( n==BMS-1 ); 487 if( n>=BMS ){ 488 n = BMS-1; 489 } 490 assert( pMatch->iCursor==pExpr->iTable ); 491 pMatch->colUsed |= ((Bitmask)1)<<n; 492 } 493 494 /* Clean up and return 495 */ 496 sqlite3ExprDelete(db, pExpr->pLeft); 497 pExpr->pLeft = 0; 498 sqlite3ExprDelete(db, pExpr->pRight); 499 pExpr->pRight = 0; 500 pExpr->op = (isTrigger ? TK_TRIGGER : TK_COLUMN); 501 lookupname_end: 502 if( cnt==1 ){ 503 assert( pNC!=0 ); 504 if( pExpr->op!=TK_AS ){ 505 sqlite3AuthRead(pParse, pExpr, pSchema, pNC->pSrcList); 506 } 507 /* Increment the nRef value on all name contexts from TopNC up to 508 ** the point where the name matched. */ 509 for(;;){ 510 assert( pTopNC!=0 ); 511 pTopNC->nRef++; 512 if( pTopNC==pNC ) break; 513 pTopNC = pTopNC->pNext; 514 } 515 return WRC_Prune; 516 } else { 517 return WRC_Abort; 518 } 519 } 520 521 /* 522 ** Allocate and return a pointer to an expression to load the column iCol 523 ** from datasource iSrc in SrcList pSrc. 524 */ 525 Expr *sqlite3CreateColumnExpr(sqlite3 *db, SrcList *pSrc, int iSrc, int iCol){ 526 Expr *p = sqlite3ExprAlloc(db, TK_COLUMN, 0, 0); 527 if( p ){ 528 struct SrcList_item *pItem = &pSrc->a[iSrc]; 529 p->pTab = pItem->pTab; 530 p->iTable = pItem->iCursor; 531 if( p->pTab->iPKey==iCol ){ 532 p->iColumn = -1; 533 }else{ 534 p->iColumn = (ynVar)iCol; 535 testcase( iCol==BMS ); 536 testcase( iCol==BMS-1 ); 537 pItem->colUsed |= ((Bitmask)1)<<(iCol>=BMS ? BMS-1 : iCol); 538 } 539 ExprSetProperty(p, EP_Resolved); 540 } 541 return p; 542 } 543 544 /* 545 ** Report an error that an expression is not valid for a partial index WHERE 546 ** clause. 547 */ 548 static void notValidPartIdxWhere( 549 Parse *pParse, /* Leave error message here */ 550 NameContext *pNC, /* The name context */ 551 const char *zMsg /* Type of error */ 552 ){ 553 if( (pNC->ncFlags & NC_PartIdx)!=0 ){ 554 sqlite3ErrorMsg(pParse, "%s prohibited in partial index WHERE clauses", 555 zMsg); 556 } 557 } 558 559 #ifndef SQLITE_OMIT_CHECK 560 /* 561 ** Report an error that an expression is not valid for a CHECK constraint. 562 */ 563 static void notValidCheckConstraint( 564 Parse *pParse, /* Leave error message here */ 565 NameContext *pNC, /* The name context */ 566 const char *zMsg /* Type of error */ 567 ){ 568 if( (pNC->ncFlags & NC_IsCheck)!=0 ){ 569 sqlite3ErrorMsg(pParse,"%s prohibited in CHECK constraints", zMsg); 570 } 571 } 572 #else 573 # define notValidCheckConstraint(P,N,M) 574 #endif 575 576 /* 577 ** Expression p should encode a floating point value between 1.0 and 0.0. 578 ** Return 1024 times this value. Or return -1 if p is not a floating point 579 ** value between 1.0 and 0.0. 580 */ 581 static int exprProbability(Expr *p){ 582 double r = -1.0; 583 if( p->op!=TK_FLOAT ) return -1; 584 sqlite3AtoF(p->u.zToken, &r, sqlite3Strlen30(p->u.zToken), SQLITE_UTF8); 585 assert( r>=0.0 ); 586 if( r>1.0 ) return -1; 587 return (int)(r*1000.0); 588 } 589 590 /* 591 ** This routine is callback for sqlite3WalkExpr(). 592 ** 593 ** Resolve symbolic names into TK_COLUMN operators for the current 594 ** node in the expression tree. Return 0 to continue the search down 595 ** the tree or 2 to abort the tree walk. 596 ** 597 ** This routine also does error checking and name resolution for 598 ** function names. The operator for aggregate functions is changed 599 ** to TK_AGG_FUNCTION. 600 */ 601 static int resolveExprStep(Walker *pWalker, Expr *pExpr){ 602 NameContext *pNC; 603 Parse *pParse; 604 605 pNC = pWalker->u.pNC; 606 assert( pNC!=0 ); 607 pParse = pNC->pParse; 608 assert( pParse==pWalker->pParse ); 609 610 if( ExprHasProperty(pExpr, EP_Resolved) ) return WRC_Prune; 611 ExprSetProperty(pExpr, EP_Resolved); 612 #ifndef NDEBUG 613 if( pNC->pSrcList && pNC->pSrcList->nAlloc>0 ){ 614 SrcList *pSrcList = pNC->pSrcList; 615 int i; 616 for(i=0; i<pNC->pSrcList->nSrc; i++){ 617 assert( pSrcList->a[i].iCursor>=0 && pSrcList->a[i].iCursor<pParse->nTab); 618 } 619 } 620 #endif 621 switch( pExpr->op ){ 622 623 #if defined(SQLITE_ENABLE_UPDATE_DELETE_LIMIT) && !defined(SQLITE_OMIT_SUBQUERY) 624 /* The special operator TK_ROW means use the rowid for the first 625 ** column in the FROM clause. This is used by the LIMIT and ORDER BY 626 ** clause processing on UPDATE and DELETE statements. 627 */ 628 case TK_ROW: { 629 SrcList *pSrcList = pNC->pSrcList; 630 struct SrcList_item *pItem; 631 assert( pSrcList && pSrcList->nSrc==1 ); 632 pItem = pSrcList->a; 633 pExpr->op = TK_COLUMN; 634 pExpr->pTab = pItem->pTab; 635 pExpr->iTable = pItem->iCursor; 636 pExpr->iColumn = -1; 637 pExpr->affinity = SQLITE_AFF_INTEGER; 638 break; 639 } 640 #endif /* defined(SQLITE_ENABLE_UPDATE_DELETE_LIMIT) && !defined(SQLITE_OMIT_SUBQUERY) */ 641 642 /* A lone identifier is the name of a column. 643 */ 644 case TK_ID: { 645 return lookupName(pParse, 0, 0, pExpr->u.zToken, pNC, pExpr); 646 } 647 648 /* A table name and column name: ID.ID 649 ** Or a database, table and column: ID.ID.ID 650 */ 651 case TK_DOT: { 652 const char *zColumn; 653 const char *zTable; 654 const char *zDb; 655 Expr *pRight; 656 657 /* if( pSrcList==0 ) break; */ 658 pRight = pExpr->pRight; 659 if( pRight->op==TK_ID ){ 660 zDb = 0; 661 zTable = pExpr->pLeft->u.zToken; 662 zColumn = pRight->u.zToken; 663 }else{ 664 assert( pRight->op==TK_DOT ); 665 zDb = pExpr->pLeft->u.zToken; 666 zTable = pRight->pLeft->u.zToken; 667 zColumn = pRight->pRight->u.zToken; 668 } 669 return lookupName(pParse, zDb, zTable, zColumn, pNC, pExpr); 670 } 671 672 /* Resolve function names 673 */ 674 case TK_FUNCTION: { 675 ExprList *pList = pExpr->x.pList; /* The argument list */ 676 int n = pList ? pList->nExpr : 0; /* Number of arguments */ 677 int no_such_func = 0; /* True if no such function exists */ 678 int wrong_num_args = 0; /* True if wrong number of arguments */ 679 int is_agg = 0; /* True if is an aggregate function */ 680 int auth; /* Authorization to use the function */ 681 int nId; /* Number of characters in function name */ 682 const char *zId; /* The function name. */ 683 FuncDef *pDef; /* Information about the function */ 684 u8 enc = ENC(pParse->db); /* The database encoding */ 685 686 assert( !ExprHasProperty(pExpr, EP_xIsSelect) ); 687 notValidPartIdxWhere(pParse, pNC, "functions"); 688 zId = pExpr->u.zToken; 689 nId = sqlite3Strlen30(zId); 690 pDef = sqlite3FindFunction(pParse->db, zId, nId, n, enc, 0); 691 if( pDef==0 ){ 692 pDef = sqlite3FindFunction(pParse->db, zId, nId, -2, enc, 0); 693 if( pDef==0 ){ 694 no_such_func = 1; 695 }else{ 696 wrong_num_args = 1; 697 } 698 }else{ 699 is_agg = pDef->xFunc==0; 700 if( pDef->funcFlags & SQLITE_FUNC_UNLIKELY ){ 701 ExprSetProperty(pExpr, EP_Unlikely|EP_Skip); 702 if( n==2 ){ 703 pExpr->iTable = exprProbability(pList->a[1].pExpr); 704 if( pExpr->iTable<0 ){ 705 sqlite3ErrorMsg(pParse, "second argument to likelihood() must be a " 706 "constant between 0.0 and 1.0"); 707 pNC->nErr++; 708 } 709 }else{ 710 /* EVIDENCE-OF: R-61304-29449 The unlikely(X) function is equivalent to 711 ** likelihood(X, 0.0625). 712 ** EVIDENCE-OF: R-01283-11636 The unlikely(X) function is short-hand for 713 ** likelihood(X,0.0625). 714 ** EVIDENCE-OF: R-36850-34127 The likely(X) function is short-hand for 715 ** likelihood(X,0.9375). 716 ** EVIDENCE-OF: R-53436-40973 The likely(X) function is equivalent to 717 ** likelihood(X,0.9375). */ 718 /* TUNING: unlikely() probability is 0.0625. likely() is 0.9375 */ 719 pExpr->iTable = pDef->zName[0]=='u' ? 62 : 938; 720 } 721 } 722 } 723 #ifndef SQLITE_OMIT_AUTHORIZATION 724 if( pDef ){ 725 auth = sqlite3AuthCheck(pParse, SQLITE_FUNCTION, 0, pDef->zName, 0); 726 if( auth!=SQLITE_OK ){ 727 if( auth==SQLITE_DENY ){ 728 sqlite3ErrorMsg(pParse, "not authorized to use function: %s", 729 pDef->zName); 730 pNC->nErr++; 731 } 732 pExpr->op = TK_NULL; 733 return WRC_Prune; 734 } 735 if( pDef->funcFlags & SQLITE_FUNC_CONSTANT ) ExprSetProperty(pExpr,EP_Constant); 736 } 737 #endif 738 if( is_agg && (pNC->ncFlags & NC_AllowAgg)==0 ){ 739 sqlite3ErrorMsg(pParse, "misuse of aggregate function %.*s()", nId,zId); 740 pNC->nErr++; 741 is_agg = 0; 742 }else if( no_such_func && pParse->db->init.busy==0 ){ 743 sqlite3ErrorMsg(pParse, "no such function: %.*s", nId, zId); 744 pNC->nErr++; 745 }else if( wrong_num_args ){ 746 sqlite3ErrorMsg(pParse,"wrong number of arguments to function %.*s()", 747 nId, zId); 748 pNC->nErr++; 749 } 750 if( is_agg ) pNC->ncFlags &= ~NC_AllowAgg; 751 sqlite3WalkExprList(pWalker, pList); 752 if( is_agg ){ 753 NameContext *pNC2 = pNC; 754 pExpr->op = TK_AGG_FUNCTION; 755 pExpr->op2 = 0; 756 while( pNC2 && !sqlite3FunctionUsesThisSrc(pExpr, pNC2->pSrcList) ){ 757 pExpr->op2++; 758 pNC2 = pNC2->pNext; 759 } 760 if( pNC2 ) pNC2->ncFlags |= NC_HasAgg; 761 pNC->ncFlags |= NC_AllowAgg; 762 } 763 /* FIX ME: Compute pExpr->affinity based on the expected return 764 ** type of the function 765 */ 766 return WRC_Prune; 767 } 768 #ifndef SQLITE_OMIT_SUBQUERY 769 case TK_SELECT: 770 case TK_EXISTS: testcase( pExpr->op==TK_EXISTS ); 771 #endif 772 case TK_IN: { 773 testcase( pExpr->op==TK_IN ); 774 if( ExprHasProperty(pExpr, EP_xIsSelect) ){ 775 int nRef = pNC->nRef; 776 notValidCheckConstraint(pParse, pNC, "subqueries"); 777 notValidPartIdxWhere(pParse, pNC, "subqueries"); 778 sqlite3WalkSelect(pWalker, pExpr->x.pSelect); 779 assert( pNC->nRef>=nRef ); 780 if( nRef!=pNC->nRef ){ 781 ExprSetProperty(pExpr, EP_VarSelect); 782 } 783 } 784 break; 785 } 786 case TK_VARIABLE: { 787 notValidCheckConstraint(pParse, pNC, "parameters"); 788 notValidPartIdxWhere(pParse, pNC, "parameters"); 789 break; 790 } 791 } 792 return (pParse->nErr || pParse->db->mallocFailed) ? WRC_Abort : WRC_Continue; 793 } 794 795 /* 796 ** pEList is a list of expressions which are really the result set of the 797 ** a SELECT statement. pE is a term in an ORDER BY or GROUP BY clause. 798 ** This routine checks to see if pE is a simple identifier which corresponds 799 ** to the AS-name of one of the terms of the expression list. If it is, 800 ** this routine return an integer between 1 and N where N is the number of 801 ** elements in pEList, corresponding to the matching entry. If there is 802 ** no match, or if pE is not a simple identifier, then this routine 803 ** return 0. 804 ** 805 ** pEList has been resolved. pE has not. 806 */ 807 static int resolveAsName( 808 Parse *pParse, /* Parsing context for error messages */ 809 ExprList *pEList, /* List of expressions to scan */ 810 Expr *pE /* Expression we are trying to match */ 811 ){ 812 int i; /* Loop counter */ 813 814 UNUSED_PARAMETER(pParse); 815 816 if( pE->op==TK_ID ){ 817 char *zCol = pE->u.zToken; 818 for(i=0; i<pEList->nExpr; i++){ 819 char *zAs = pEList->a[i].zName; 820 if( zAs!=0 && sqlite3StrICmp(zAs, zCol)==0 ){ 821 return i+1; 822 } 823 } 824 } 825 return 0; 826 } 827 828 /* 829 ** pE is a pointer to an expression which is a single term in the 830 ** ORDER BY of a compound SELECT. The expression has not been 831 ** name resolved. 832 ** 833 ** At the point this routine is called, we already know that the 834 ** ORDER BY term is not an integer index into the result set. That 835 ** case is handled by the calling routine. 836 ** 837 ** Attempt to match pE against result set columns in the left-most 838 ** SELECT statement. Return the index i of the matching column, 839 ** as an indication to the caller that it should sort by the i-th column. 840 ** The left-most column is 1. In other words, the value returned is the 841 ** same integer value that would be used in the SQL statement to indicate 842 ** the column. 843 ** 844 ** If there is no match, return 0. Return -1 if an error occurs. 845 */ 846 static int resolveOrderByTermToExprList( 847 Parse *pParse, /* Parsing context for error messages */ 848 Select *pSelect, /* The SELECT statement with the ORDER BY clause */ 849 Expr *pE /* The specific ORDER BY term */ 850 ){ 851 int i; /* Loop counter */ 852 ExprList *pEList; /* The columns of the result set */ 853 NameContext nc; /* Name context for resolving pE */ 854 sqlite3 *db; /* Database connection */ 855 int rc; /* Return code from subprocedures */ 856 u8 savedSuppErr; /* Saved value of db->suppressErr */ 857 858 assert( sqlite3ExprIsInteger(pE, &i)==0 ); 859 pEList = pSelect->pEList; 860 861 /* Resolve all names in the ORDER BY term expression 862 */ 863 memset(&nc, 0, sizeof(nc)); 864 nc.pParse = pParse; 865 nc.pSrcList = pSelect->pSrc; 866 nc.pEList = pEList; 867 nc.ncFlags = NC_AllowAgg; 868 nc.nErr = 0; 869 db = pParse->db; 870 savedSuppErr = db->suppressErr; 871 db->suppressErr = 1; 872 rc = sqlite3ResolveExprNames(&nc, pE); 873 db->suppressErr = savedSuppErr; 874 if( rc ) return 0; 875 876 /* Try to match the ORDER BY expression against an expression 877 ** in the result set. Return an 1-based index of the matching 878 ** result-set entry. 879 */ 880 for(i=0; i<pEList->nExpr; i++){ 881 if( sqlite3ExprCompare(pEList->a[i].pExpr, pE, -1)<2 ){ 882 return i+1; 883 } 884 } 885 886 /* If no match, return 0. */ 887 return 0; 888 } 889 890 /* 891 ** Generate an ORDER BY or GROUP BY term out-of-range error. 892 */ 893 static void resolveOutOfRangeError( 894 Parse *pParse, /* The error context into which to write the error */ 895 const char *zType, /* "ORDER" or "GROUP" */ 896 int i, /* The index (1-based) of the term out of range */ 897 int mx /* Largest permissible value of i */ 898 ){ 899 sqlite3ErrorMsg(pParse, 900 "%r %s BY term out of range - should be " 901 "between 1 and %d", i, zType, mx); 902 } 903 904 /* 905 ** Analyze the ORDER BY clause in a compound SELECT statement. Modify 906 ** each term of the ORDER BY clause is a constant integer between 1 907 ** and N where N is the number of columns in the compound SELECT. 908 ** 909 ** ORDER BY terms that are already an integer between 1 and N are 910 ** unmodified. ORDER BY terms that are integers outside the range of 911 ** 1 through N generate an error. ORDER BY terms that are expressions 912 ** are matched against result set expressions of compound SELECT 913 ** beginning with the left-most SELECT and working toward the right. 914 ** At the first match, the ORDER BY expression is transformed into 915 ** the integer column number. 916 ** 917 ** Return the number of errors seen. 918 */ 919 static int resolveCompoundOrderBy( 920 Parse *pParse, /* Parsing context. Leave error messages here */ 921 Select *pSelect /* The SELECT statement containing the ORDER BY */ 922 ){ 923 int i; 924 ExprList *pOrderBy; 925 ExprList *pEList; 926 sqlite3 *db; 927 int moreToDo = 1; 928 929 pOrderBy = pSelect->pOrderBy; 930 if( pOrderBy==0 ) return 0; 931 db = pParse->db; 932 #if SQLITE_MAX_COLUMN 933 if( pOrderBy->nExpr>db->aLimit[SQLITE_LIMIT_COLUMN] ){ 934 sqlite3ErrorMsg(pParse, "too many terms in ORDER BY clause"); 935 return 1; 936 } 937 #endif 938 for(i=0; i<pOrderBy->nExpr; i++){ 939 pOrderBy->a[i].done = 0; 940 } 941 pSelect->pNext = 0; 942 while( pSelect->pPrior ){ 943 pSelect->pPrior->pNext = pSelect; 944 pSelect = pSelect->pPrior; 945 } 946 while( pSelect && moreToDo ){ 947 struct ExprList_item *pItem; 948 moreToDo = 0; 949 pEList = pSelect->pEList; 950 assert( pEList!=0 ); 951 for(i=0, pItem=pOrderBy->a; i<pOrderBy->nExpr; i++, pItem++){ 952 int iCol = -1; 953 Expr *pE, *pDup; 954 if( pItem->done ) continue; 955 pE = sqlite3ExprSkipCollate(pItem->pExpr); 956 if( sqlite3ExprIsInteger(pE, &iCol) ){ 957 if( iCol<=0 || iCol>pEList->nExpr ){ 958 resolveOutOfRangeError(pParse, "ORDER", i+1, pEList->nExpr); 959 return 1; 960 } 961 }else{ 962 iCol = resolveAsName(pParse, pEList, pE); 963 if( iCol==0 ){ 964 pDup = sqlite3ExprDup(db, pE, 0); 965 if( !db->mallocFailed ){ 966 assert(pDup); 967 iCol = resolveOrderByTermToExprList(pParse, pSelect, pDup); 968 } 969 sqlite3ExprDelete(db, pDup); 970 } 971 } 972 if( iCol>0 ){ 973 /* Convert the ORDER BY term into an integer column number iCol, 974 ** taking care to preserve the COLLATE clause if it exists */ 975 Expr *pNew = sqlite3Expr(db, TK_INTEGER, 0); 976 if( pNew==0 ) return 1; 977 pNew->flags |= EP_IntValue; 978 pNew->u.iValue = iCol; 979 if( pItem->pExpr==pE ){ 980 pItem->pExpr = pNew; 981 }else{ 982 assert( pItem->pExpr->op==TK_COLLATE ); 983 assert( pItem->pExpr->pLeft==pE ); 984 pItem->pExpr->pLeft = pNew; 985 } 986 sqlite3ExprDelete(db, pE); 987 pItem->u.x.iOrderByCol = (u16)iCol; 988 pItem->done = 1; 989 }else{ 990 moreToDo = 1; 991 } 992 } 993 pSelect = pSelect->pNext; 994 } 995 for(i=0; i<pOrderBy->nExpr; i++){ 996 if( pOrderBy->a[i].done==0 ){ 997 sqlite3ErrorMsg(pParse, "%r ORDER BY term does not match any " 998 "column in the result set", i+1); 999 return 1; 1000 } 1001 } 1002 return 0; 1003 } 1004 1005 /* 1006 ** Check every term in the ORDER BY or GROUP BY clause pOrderBy of 1007 ** the SELECT statement pSelect. If any term is reference to a 1008 ** result set expression (as determined by the ExprList.a.u.x.iOrderByCol 1009 ** field) then convert that term into a copy of the corresponding result set 1010 ** column. 1011 ** 1012 ** If any errors are detected, add an error message to pParse and 1013 ** return non-zero. Return zero if no errors are seen. 1014 */ 1015 int sqlite3ResolveOrderGroupBy( 1016 Parse *pParse, /* Parsing context. Leave error messages here */ 1017 Select *pSelect, /* The SELECT statement containing the clause */ 1018 ExprList *pOrderBy, /* The ORDER BY or GROUP BY clause to be processed */ 1019 const char *zType /* "ORDER" or "GROUP" */ 1020 ){ 1021 int i; 1022 sqlite3 *db = pParse->db; 1023 ExprList *pEList; 1024 struct ExprList_item *pItem; 1025 1026 if( pOrderBy==0 || pParse->db->mallocFailed ) return 0; 1027 #if SQLITE_MAX_COLUMN 1028 if( pOrderBy->nExpr>db->aLimit[SQLITE_LIMIT_COLUMN] ){ 1029 sqlite3ErrorMsg(pParse, "too many terms in %s BY clause", zType); 1030 return 1; 1031 } 1032 #endif 1033 pEList = pSelect->pEList; 1034 assert( pEList!=0 ); /* sqlite3SelectNew() guarantees this */ 1035 for(i=0, pItem=pOrderBy->a; i<pOrderBy->nExpr; i++, pItem++){ 1036 if( pItem->u.x.iOrderByCol ){ 1037 if( pItem->u.x.iOrderByCol>pEList->nExpr ){ 1038 resolveOutOfRangeError(pParse, zType, i+1, pEList->nExpr); 1039 return 1; 1040 } 1041 resolveAlias(pParse, pEList, pItem->u.x.iOrderByCol-1, pItem->pExpr, zType,0); 1042 } 1043 } 1044 return 0; 1045 } 1046 1047 /* 1048 ** pOrderBy is an ORDER BY or GROUP BY clause in SELECT statement pSelect. 1049 ** The Name context of the SELECT statement is pNC. zType is either 1050 ** "ORDER" or "GROUP" depending on which type of clause pOrderBy is. 1051 ** 1052 ** This routine resolves each term of the clause into an expression. 1053 ** If the order-by term is an integer I between 1 and N (where N is the 1054 ** number of columns in the result set of the SELECT) then the expression 1055 ** in the resolution is a copy of the I-th result-set expression. If 1056 ** the order-by term is an identifier that corresponds to the AS-name of 1057 ** a result-set expression, then the term resolves to a copy of the 1058 ** result-set expression. Otherwise, the expression is resolved in 1059 ** the usual way - using sqlite3ResolveExprNames(). 1060 ** 1061 ** This routine returns the number of errors. If errors occur, then 1062 ** an appropriate error message might be left in pParse. (OOM errors 1063 ** excepted.) 1064 */ 1065 static int resolveOrderGroupBy( 1066 NameContext *pNC, /* The name context of the SELECT statement */ 1067 Select *pSelect, /* The SELECT statement holding pOrderBy */ 1068 ExprList *pOrderBy, /* An ORDER BY or GROUP BY clause to resolve */ 1069 const char *zType /* Either "ORDER" or "GROUP", as appropriate */ 1070 ){ 1071 int i, j; /* Loop counters */ 1072 int iCol; /* Column number */ 1073 struct ExprList_item *pItem; /* A term of the ORDER BY clause */ 1074 Parse *pParse; /* Parsing context */ 1075 int nResult; /* Number of terms in the result set */ 1076 1077 if( pOrderBy==0 ) return 0; 1078 nResult = pSelect->pEList->nExpr; 1079 pParse = pNC->pParse; 1080 for(i=0, pItem=pOrderBy->a; i<pOrderBy->nExpr; i++, pItem++){ 1081 Expr *pE = pItem->pExpr; 1082 Expr *pE2 = sqlite3ExprSkipCollate(pE); 1083 if( zType[0]!='G' ){ 1084 iCol = resolveAsName(pParse, pSelect->pEList, pE2); 1085 if( iCol>0 ){ 1086 /* If an AS-name match is found, mark this ORDER BY column as being 1087 ** a copy of the iCol-th result-set column. The subsequent call to 1088 ** sqlite3ResolveOrderGroupBy() will convert the expression to a 1089 ** copy of the iCol-th result-set expression. */ 1090 pItem->u.x.iOrderByCol = (u16)iCol; 1091 continue; 1092 } 1093 } 1094 if( sqlite3ExprIsInteger(pE2, &iCol) ){ 1095 /* The ORDER BY term is an integer constant. Again, set the column 1096 ** number so that sqlite3ResolveOrderGroupBy() will convert the 1097 ** order-by term to a copy of the result-set expression */ 1098 if( iCol<1 || iCol>0xffff ){ 1099 resolveOutOfRangeError(pParse, zType, i+1, nResult); 1100 return 1; 1101 } 1102 pItem->u.x.iOrderByCol = (u16)iCol; 1103 continue; 1104 } 1105 1106 /* Otherwise, treat the ORDER BY term as an ordinary expression */ 1107 pItem->u.x.iOrderByCol = 0; 1108 if( sqlite3ResolveExprNames(pNC, pE) ){ 1109 return 1; 1110 } 1111 for(j=0; j<pSelect->pEList->nExpr; j++){ 1112 if( sqlite3ExprCompare(pE, pSelect->pEList->a[j].pExpr, -1)==0 ){ 1113 pItem->u.x.iOrderByCol = j+1; 1114 } 1115 } 1116 } 1117 return sqlite3ResolveOrderGroupBy(pParse, pSelect, pOrderBy, zType); 1118 } 1119 1120 /* 1121 ** Resolve names in the SELECT statement p and all of its descendents. 1122 */ 1123 static int resolveSelectStep(Walker *pWalker, Select *p){ 1124 NameContext *pOuterNC; /* Context that contains this SELECT */ 1125 NameContext sNC; /* Name context of this SELECT */ 1126 int isCompound; /* True if p is a compound select */ 1127 int nCompound; /* Number of compound terms processed so far */ 1128 Parse *pParse; /* Parsing context */ 1129 ExprList *pEList; /* Result set expression list */ 1130 int i; /* Loop counter */ 1131 ExprList *pGroupBy; /* The GROUP BY clause */ 1132 Select *pLeftmost; /* Left-most of SELECT of a compound */ 1133 sqlite3 *db; /* Database connection */ 1134 1135 1136 assert( p!=0 ); 1137 if( p->selFlags & SF_Resolved ){ 1138 return WRC_Prune; 1139 } 1140 pOuterNC = pWalker->u.pNC; 1141 pParse = pWalker->pParse; 1142 db = pParse->db; 1143 1144 /* Normally sqlite3SelectExpand() will be called first and will have 1145 ** already expanded this SELECT. However, if this is a subquery within 1146 ** an expression, sqlite3ResolveExprNames() will be called without a 1147 ** prior call to sqlite3SelectExpand(). When that happens, let 1148 ** sqlite3SelectPrep() do all of the processing for this SELECT. 1149 ** sqlite3SelectPrep() will invoke both sqlite3SelectExpand() and 1150 ** this routine in the correct order. 1151 */ 1152 if( (p->selFlags & SF_Expanded)==0 ){ 1153 sqlite3SelectPrep(pParse, p, pOuterNC); 1154 return (pParse->nErr || db->mallocFailed) ? WRC_Abort : WRC_Prune; 1155 } 1156 1157 isCompound = p->pPrior!=0; 1158 nCompound = 0; 1159 pLeftmost = p; 1160 while( p ){ 1161 assert( (p->selFlags & SF_Expanded)!=0 ); 1162 assert( (p->selFlags & SF_Resolved)==0 ); 1163 p->selFlags |= SF_Resolved; 1164 1165 /* Resolve the expressions in the LIMIT and OFFSET clauses. These 1166 ** are not allowed to refer to any names, so pass an empty NameContext. 1167 */ 1168 memset(&sNC, 0, sizeof(sNC)); 1169 sNC.pParse = pParse; 1170 if( sqlite3ResolveExprNames(&sNC, p->pLimit) || 1171 sqlite3ResolveExprNames(&sNC, p->pOffset) ){ 1172 return WRC_Abort; 1173 } 1174 1175 /* Recursively resolve names in all subqueries 1176 */ 1177 for(i=0; i<p->pSrc->nSrc; i++){ 1178 struct SrcList_item *pItem = &p->pSrc->a[i]; 1179 if( pItem->pSelect ){ 1180 NameContext *pNC; /* Used to iterate name contexts */ 1181 int nRef = 0; /* Refcount for pOuterNC and outer contexts */ 1182 const char *zSavedContext = pParse->zAuthContext; 1183 1184 /* Count the total number of references to pOuterNC and all of its 1185 ** parent contexts. After resolving references to expressions in 1186 ** pItem->pSelect, check if this value has changed. If so, then 1187 ** SELECT statement pItem->pSelect must be correlated. Set the 1188 ** pItem->isCorrelated flag if this is the case. */ 1189 for(pNC=pOuterNC; pNC; pNC=pNC->pNext) nRef += pNC->nRef; 1190 1191 if( pItem->zName ) pParse->zAuthContext = pItem->zName; 1192 sqlite3ResolveSelectNames(pParse, pItem->pSelect, pOuterNC); 1193 pParse->zAuthContext = zSavedContext; 1194 if( pParse->nErr || db->mallocFailed ) return WRC_Abort; 1195 1196 for(pNC=pOuterNC; pNC; pNC=pNC->pNext) nRef -= pNC->nRef; 1197 assert( pItem->isCorrelated==0 && nRef<=0 ); 1198 pItem->isCorrelated = (nRef!=0); 1199 } 1200 } 1201 1202 /* Set up the local name-context to pass to sqlite3ResolveExprNames() to 1203 ** resolve the result-set expression list. 1204 */ 1205 sNC.ncFlags = NC_AllowAgg; 1206 sNC.pSrcList = p->pSrc; 1207 sNC.pNext = pOuterNC; 1208 1209 /* Resolve names in the result set. */ 1210 pEList = p->pEList; 1211 assert( pEList!=0 ); 1212 for(i=0; i<pEList->nExpr; i++){ 1213 Expr *pX = pEList->a[i].pExpr; 1214 if( sqlite3ResolveExprNames(&sNC, pX) ){ 1215 return WRC_Abort; 1216 } 1217 } 1218 1219 /* If there are no aggregate functions in the result-set, and no GROUP BY 1220 ** expression, do not allow aggregates in any of the other expressions. 1221 */ 1222 assert( (p->selFlags & SF_Aggregate)==0 ); 1223 pGroupBy = p->pGroupBy; 1224 if( pGroupBy || (sNC.ncFlags & NC_HasAgg)!=0 ){ 1225 p->selFlags |= SF_Aggregate; 1226 }else{ 1227 sNC.ncFlags &= ~NC_AllowAgg; 1228 } 1229 1230 /* If a HAVING clause is present, then there must be a GROUP BY clause. 1231 */ 1232 if( p->pHaving && !pGroupBy ){ 1233 sqlite3ErrorMsg(pParse, "a GROUP BY clause is required before HAVING"); 1234 return WRC_Abort; 1235 } 1236 1237 /* Add the output column list to the name-context before parsing the 1238 ** other expressions in the SELECT statement. This is so that 1239 ** expressions in the WHERE clause (etc.) can refer to expressions by 1240 ** aliases in the result set. 1241 ** 1242 ** Minor point: If this is the case, then the expression will be 1243 ** re-evaluated for each reference to it. 1244 */ 1245 sNC.pEList = p->pEList; 1246 if( sqlite3ResolveExprNames(&sNC, p->pHaving) ) return WRC_Abort; 1247 if( sqlite3ResolveExprNames(&sNC, p->pWhere) ) return WRC_Abort; 1248 1249 /* The ORDER BY and GROUP BY clauses may not refer to terms in 1250 ** outer queries 1251 */ 1252 sNC.pNext = 0; 1253 sNC.ncFlags |= NC_AllowAgg; 1254 1255 /* Process the ORDER BY clause for singleton SELECT statements. 1256 ** The ORDER BY clause for compounds SELECT statements is handled 1257 ** below, after all of the result-sets for all of the elements of 1258 ** the compound have been resolved. 1259 */ 1260 if( !isCompound && resolveOrderGroupBy(&sNC, p, p->pOrderBy, "ORDER") ){ 1261 return WRC_Abort; 1262 } 1263 if( db->mallocFailed ){ 1264 return WRC_Abort; 1265 } 1266 1267 /* Resolve the GROUP BY clause. At the same time, make sure 1268 ** the GROUP BY clause does not contain aggregate functions. 1269 */ 1270 if( pGroupBy ){ 1271 struct ExprList_item *pItem; 1272 1273 if( resolveOrderGroupBy(&sNC, p, pGroupBy, "GROUP") || db->mallocFailed ){ 1274 return WRC_Abort; 1275 } 1276 for(i=0, pItem=pGroupBy->a; i<pGroupBy->nExpr; i++, pItem++){ 1277 if( ExprHasProperty(pItem->pExpr, EP_Agg) ){ 1278 sqlite3ErrorMsg(pParse, "aggregate functions are not allowed in " 1279 "the GROUP BY clause"); 1280 return WRC_Abort; 1281 } 1282 } 1283 } 1284 1285 /* Advance to the next term of the compound 1286 */ 1287 p = p->pPrior; 1288 nCompound++; 1289 } 1290 1291 /* Resolve the ORDER BY on a compound SELECT after all terms of 1292 ** the compound have been resolved. 1293 */ 1294 if( isCompound && resolveCompoundOrderBy(pParse, pLeftmost) ){ 1295 return WRC_Abort; 1296 } 1297 1298 return WRC_Prune; 1299 } 1300 1301 /* 1302 ** This routine walks an expression tree and resolves references to 1303 ** table columns and result-set columns. At the same time, do error 1304 ** checking on function usage and set a flag if any aggregate functions 1305 ** are seen. 1306 ** 1307 ** To resolve table columns references we look for nodes (or subtrees) of the 1308 ** form X.Y.Z or Y.Z or just Z where 1309 ** 1310 ** X: The name of a database. Ex: "main" or "temp" or 1311 ** the symbolic name assigned to an ATTACH-ed database. 1312 ** 1313 ** Y: The name of a table in a FROM clause. Or in a trigger 1314 ** one of the special names "old" or "new". 1315 ** 1316 ** Z: The name of a column in table Y. 1317 ** 1318 ** The node at the root of the subtree is modified as follows: 1319 ** 1320 ** Expr.op Changed to TK_COLUMN 1321 ** Expr.pTab Points to the Table object for X.Y 1322 ** Expr.iColumn The column index in X.Y. -1 for the rowid. 1323 ** Expr.iTable The VDBE cursor number for X.Y 1324 ** 1325 ** 1326 ** To resolve result-set references, look for expression nodes of the 1327 ** form Z (with no X and Y prefix) where the Z matches the right-hand 1328 ** size of an AS clause in the result-set of a SELECT. The Z expression 1329 ** is replaced by a copy of the left-hand side of the result-set expression. 1330 ** Table-name and function resolution occurs on the substituted expression 1331 ** tree. For example, in: 1332 ** 1333 ** SELECT a+b AS x, c+d AS y FROM t1 ORDER BY x; 1334 ** 1335 ** The "x" term of the order by is replaced by "a+b" to render: 1336 ** 1337 ** SELECT a+b AS x, c+d AS y FROM t1 ORDER BY a+b; 1338 ** 1339 ** Function calls are checked to make sure that the function is 1340 ** defined and that the correct number of arguments are specified. 1341 ** If the function is an aggregate function, then the NC_HasAgg flag is 1342 ** set and the opcode is changed from TK_FUNCTION to TK_AGG_FUNCTION. 1343 ** If an expression contains aggregate functions then the EP_Agg 1344 ** property on the expression is set. 1345 ** 1346 ** An error message is left in pParse if anything is amiss. The number 1347 ** if errors is returned. 1348 */ 1349 int sqlite3ResolveExprNames( 1350 NameContext *pNC, /* Namespace to resolve expressions in. */ 1351 Expr *pExpr /* The expression to be analyzed. */ 1352 ){ 1353 u8 savedHasAgg; 1354 Walker w; 1355 1356 if( pExpr==0 ) return 0; 1357 #if SQLITE_MAX_EXPR_DEPTH>0 1358 { 1359 Parse *pParse = pNC->pParse; 1360 if( sqlite3ExprCheckHeight(pParse, pExpr->nHeight+pNC->pParse->nHeight) ){ 1361 return 1; 1362 } 1363 pParse->nHeight += pExpr->nHeight; 1364 } 1365 #endif 1366 savedHasAgg = pNC->ncFlags & NC_HasAgg; 1367 pNC->ncFlags &= ~NC_HasAgg; 1368 memset(&w, 0, sizeof(w)); 1369 w.xExprCallback = resolveExprStep; 1370 w.xSelectCallback = resolveSelectStep; 1371 w.pParse = pNC->pParse; 1372 w.u.pNC = pNC; 1373 sqlite3WalkExpr(&w, pExpr); 1374 #if SQLITE_MAX_EXPR_DEPTH>0 1375 pNC->pParse->nHeight -= pExpr->nHeight; 1376 #endif 1377 if( pNC->nErr>0 || w.pParse->nErr>0 ){ 1378 ExprSetProperty(pExpr, EP_Error); 1379 } 1380 if( pNC->ncFlags & NC_HasAgg ){ 1381 ExprSetProperty(pExpr, EP_Agg); 1382 }else if( savedHasAgg ){ 1383 pNC->ncFlags |= NC_HasAgg; 1384 } 1385 return ExprHasProperty(pExpr, EP_Error); 1386 } 1387 1388 1389 /* 1390 ** Resolve all names in all expressions of a SELECT and in all 1391 ** decendents of the SELECT, including compounds off of p->pPrior, 1392 ** subqueries in expressions, and subqueries used as FROM clause 1393 ** terms. 1394 ** 1395 ** See sqlite3ResolveExprNames() for a description of the kinds of 1396 ** transformations that occur. 1397 ** 1398 ** All SELECT statements should have been expanded using 1399 ** sqlite3SelectExpand() prior to invoking this routine. 1400 */ 1401 void sqlite3ResolveSelectNames( 1402 Parse *pParse, /* The parser context */ 1403 Select *p, /* The SELECT statement being coded. */ 1404 NameContext *pOuterNC /* Name context for parent SELECT statement */ 1405 ){ 1406 Walker w; 1407 1408 assert( p!=0 ); 1409 memset(&w, 0, sizeof(w)); 1410 w.xExprCallback = resolveExprStep; 1411 w.xSelectCallback = resolveSelectStep; 1412 w.pParse = pParse; 1413 w.u.pNC = pOuterNC; 1414 sqlite3WalkSelect(&w, p); 1415 } 1416 1417 /* 1418 ** Resolve names in expressions that can only reference a single table: 1419 ** 1420 ** * CHECK constraints 1421 ** * WHERE clauses on partial indices 1422 ** 1423 ** The Expr.iTable value for Expr.op==TK_COLUMN nodes of the expression 1424 ** is set to -1 and the Expr.iColumn value is set to the column number. 1425 ** 1426 ** Any errors cause an error message to be set in pParse. 1427 */ 1428 void sqlite3ResolveSelfReference( 1429 Parse *pParse, /* Parsing context */ 1430 Table *pTab, /* The table being referenced */ 1431 int type, /* NC_IsCheck or NC_PartIdx */ 1432 Expr *pExpr, /* Expression to resolve. May be NULL. */ 1433 ExprList *pList /* Expression list to resolve. May be NUL. */ 1434 ){ 1435 SrcList sSrc; /* Fake SrcList for pParse->pNewTable */ 1436 NameContext sNC; /* Name context for pParse->pNewTable */ 1437 int i; /* Loop counter */ 1438 1439 assert( type==NC_IsCheck || type==NC_PartIdx ); 1440 memset(&sNC, 0, sizeof(sNC)); 1441 memset(&sSrc, 0, sizeof(sSrc)); 1442 sSrc.nSrc = 1; 1443 sSrc.a[0].zName = pTab->zName; 1444 sSrc.a[0].pTab = pTab; 1445 sSrc.a[0].iCursor = -1; 1446 sNC.pParse = pParse; 1447 sNC.pSrcList = &sSrc; 1448 sNC.ncFlags = type; 1449 if( sqlite3ResolveExprNames(&sNC, pExpr) ) return; 1450 if( pList ){ 1451 for(i=0; i<pList->nExpr; i++){ 1452 if( sqlite3ResolveExprNames(&sNC, pList->a[i].pExpr) ){ 1453 return; 1454 } 1455 } 1456 } 1457 } 1458