File Coverage

expr.c

Criterion	Covered	Total	%
statement	356	812	43.8
branch	222	552	40.2
condition			n/a
subroutine			n/a
pod			n/a
total	578	1364	42.3

line	stmt	bran	code
1			/*
2			** 2001 September 15
3			**
4			** The author disclaims copyright to this source code. In place of
5			** a legal notice, here is a blessing:
6			**
7			** May you do good and not evil.
8			** May you find forgiveness for yourself and forgive others.
9			** May you share freely, never taking more than you give.
10			**
11			*************************************************************************
12			** This file contains routines used for analyzing expressions and
13			** for generating VDBE code that evaluates expressions in SQLite.
14			**
15			** $Id: expr.c,v 1.1.1.1 2004/08/08 15:03:57 matt Exp $
16			*/
17			#include "sqliteInt.h"
18			#include
19
20			/*
21			** Construct a new expression node and return a pointer to it. Memory
22			** for this node is obtained from sqliteMalloc(). The calling function
23			** is responsible for making sure the node eventually gets freed.
24			*/
25	701		Expr sqliteExpr(int op, Expr pLeft, Expr pRight, Token pToken){
26			Expr *pNew;
27	701		pNew = sqliteMalloc( sizeof(Expr) );
28	701	50	if( pNew==0 ){
29			/* When malloc fails, we leak memory from pLeft and pRight */
30	0		return 0;
31			}
32	701		pNew->op = op;
33	701		pNew->pLeft = pLeft;
34	701		pNew->pRight = pRight;
35	701	100	if( pToken ){
36			assert( pToken->dyn==0 );
37	554		pNew->token = *pToken;
38	554		pNew->span = *pToken;
39			}else{
40			assert( pNew->token.dyn==0 );
41			assert( pNew->token.z==0 );
42			assert( pNew->token.n==0 );
43	147	100	if( pLeft && pRight ){
		100
44	34		sqliteExprSpan(pNew, &pLeft->span, &pRight->span);
45			}else{
46	113		pNew->span = pNew->token;
47			}
48			}
49	701		return pNew;
50			}
51
52			/*
53			** Set the Expr.span field of the given expression to span all
54			** text between the two given tokens.
55			*/
56	83		void sqliteExprSpan(Expr pExpr, Token pLeft, Token *pRight){
57			assert( pRight!=0 );
58			assert( pLeft!=0 );
59			/* Note: pExpr might be NULL due to a prior malloc failure */
60	83	50	if( pExpr && pRight->z && pLeft->z ){
		100
		50
61	82	50	if( pLeft->dyn==0 && pRight->dyn==0 ){
		50
62	82		pExpr->span.z = pLeft->z;
63	82		pExpr->span.n = pRight->n + Addr(pRight->z) - Addr(pLeft->z);
64			}else{
65	0		pExpr->span.z = 0;
66			}
67			}
68	83		}
69
70			/*
71			** Construct a new expression node for a function with multiple
72			** arguments.
73			*/
74	39		Expr sqliteExprFunction(ExprList pList, Token *pToken){
75			Expr *pNew;
76	39		pNew = sqliteMalloc( sizeof(Expr) );
77	39	50	if( pNew==0 ){
78			/* sqliteExprListDelete(pList); // Leak pList when malloc fails */
79	0		return 0;
80			}
81	39		pNew->op = TK_FUNCTION;
82	39		pNew->pList = pList;
83	39	100	if( pToken ){
84			assert( pToken->dyn==0 );
85	36		pNew->token = *pToken;
86			}else{
87	3		pNew->token.z = 0;
88			}
89	39		pNew->span = pNew->token;
90	39		return pNew;
91			}
92
93			/*
94			** Recursively delete an expression tree.
95			*/
96	3340		void sqliteExprDelete(Expr *p){
97	3340	100	if( p==0 ) return;
98	740	100	if( p->span.dyn ) sqliteFree((char*)p->span.z);
99	740	100	if( p->token.dyn ) sqliteFree((char*)p->token.z);
100	740		sqliteExprDelete(p->pLeft);
101	740		sqliteExprDelete(p->pRight);
102	740		sqliteExprListDelete(p->pList);
103	740		sqliteSelectDelete(p->pSelect);
104	740		sqliteFree(p);
105			}
106
107
108			/*
109			** The following group of routines make deep copies of expressions,
110			** expression lists, ID lists, and select statements. The copies can
111			** be deleted (by being passed to their respective ...Delete() routines)
112			** without effecting the originals.
113			**
114			** The expression list, ID, and source lists return by sqliteExprListDup(),
115			** sqliteIdListDup(), and sqliteSrcListDup() can not be further expanded
116			** by subsequent calls to sqlite*ListAppend() routines.
117			**
118			** Any tables that the SrcList might point to are not duplicated.
119			*/
120	60		Expr sqliteExprDup(Expr p){
121			Expr *pNew;
122	60	50	if( p==0 ) return 0;
123	0		pNew = sqliteMallocRaw( sizeof(*p) );
124	0	0	if( pNew==0 ) return 0;
125	0		memcpy(pNew, p, sizeof(*pNew));
126	0	0	if( p->token.z!=0 ){
127	0		pNew->token.z = sqliteStrDup(p->token.z);
128	0		pNew->token.dyn = 1;
129			}else{
130			assert( pNew->token.z==0 );
131			}
132	0		pNew->span.z = 0;
133	0		pNew->pLeft = sqliteExprDup(p->pLeft);
134	0		pNew->pRight = sqliteExprDup(p->pRight);
135	0		pNew->pList = sqliteExprListDup(p->pList);
136	0		pNew->pSelect = sqliteSelectDup(p->pSelect);
137	0		return pNew;
138			}
139	60		void sqliteTokenCopy(Token pTo, Token pFrom){
140	60	50	if( pTo->dyn ) sqliteFree((char*)pTo->z);
141	60	50	if( pFrom->z ){
142	60		pTo->n = pFrom->n;
143	60		pTo->z = sqliteStrNDup(pFrom->z, pFrom->n);
144	60		pTo->dyn = 1;
145			}else{
146	0		pTo->z = 0;
147			}
148	60		}
149	30		ExprList sqliteExprListDup(ExprList p){
150			ExprList *pNew;
151			struct ExprList_item *pItem;
152			int i;
153	30	50	if( p==0 ) return 0;
154	0		pNew = sqliteMalloc( sizeof(*pNew) );
155	0	0	if( pNew==0 ) return 0;
156	0		pNew->nExpr = pNew->nAlloc = p->nExpr;
157	0		pNew->a = pItem = sqliteMalloc( p->nExpr*sizeof(p->a[0]) );
158	0	0	if( pItem==0 ){
159	0		sqliteFree(pNew);
160	0		return 0;
161			}
162	0	0	for(i=0; inExpr; i++, pItem++){
163			Expr pNewExpr, pOldExpr;
164	0		pItem->pExpr = pNewExpr = sqliteExprDup(pOldExpr = p->a[i].pExpr);
165	0	0	if( pOldExpr->span.z!=0 && pNewExpr ){
		0
166			/* Always make a copy of the span for top-level expressions in the
167			** expression list. The logic in SELECT processing that determines
168			** the names of columns in the result set needs this information */
169	0		sqliteTokenCopy(&pNewExpr->span, &pOldExpr->span);
170			}
171			assert( pNewExpr==0 \|\| pNewExpr->span.z!=0
172			\|\| pOldExpr->span.z==0 \|\| sqlite_malloc_failed );
173	0		pItem->zName = sqliteStrDup(p->a[i].zName);
174	0		pItem->sortOrder = p->a[i].sortOrder;
175	0		pItem->isAgg = p->a[i].isAgg;
176	0		pItem->done = 0;
177			}
178	0		return pNew;
179			}
180	0		SrcList sqliteSrcListDup(SrcList p){
181			SrcList *pNew;
182			int i;
183			int nByte;
184	0	0	if( p==0 ) return 0;
185	0	0	nByte = sizeof(p) + (p->nSrc>0 ? sizeof(p->a[0]) (p->nSrc-1) : 0);
186	0		pNew = sqliteMallocRaw( nByte );
187	0	0	if( pNew==0 ) return 0;
188	0		pNew->nSrc = pNew->nAlloc = p->nSrc;
189	0	0	for(i=0; inSrc; i++){
190	0		struct SrcList_item *pNewItem = &pNew->a[i];
191	0		struct SrcList_item *pOldItem = &p->a[i];
192	0		pNewItem->zDatabase = sqliteStrDup(pOldItem->zDatabase);
193	0		pNewItem->zName = sqliteStrDup(pOldItem->zName);
194	0		pNewItem->zAlias = sqliteStrDup(pOldItem->zAlias);
195	0		pNewItem->jointype = pOldItem->jointype;
196	0		pNewItem->iCursor = pOldItem->iCursor;
197	0		pNewItem->pTab = 0;
198	0		pNewItem->pSelect = sqliteSelectDup(pOldItem->pSelect);
199	0		pNewItem->pOn = sqliteExprDup(pOldItem->pOn);
200	0		pNewItem->pUsing = sqliteIdListDup(pOldItem->pUsing);
201			}
202	0		return pNew;
203			}
204	0		IdList sqliteIdListDup(IdList p){
205			IdList *pNew;
206			int i;
207	0	0	if( p==0 ) return 0;
208	0		pNew = sqliteMallocRaw( sizeof(*pNew) );
209	0	0	if( pNew==0 ) return 0;
210	0		pNew->nId = pNew->nAlloc = p->nId;
211	0		pNew->a = sqliteMallocRaw( p->nId*sizeof(p->a[0]) );
212	0	0	if( pNew->a==0 ) return 0;
213	0	0	for(i=0; inId; i++){
214	0		struct IdList_item *pNewItem = &pNew->a[i];
215	0		struct IdList_item *pOldItem = &p->a[i];
216	0		pNewItem->zName = sqliteStrDup(pOldItem->zName);
217	0		pNewItem->idx = pOldItem->idx;
218			}
219	0		return pNew;
220			}
221	0		Select sqliteSelectDup(Select p){
222			Select *pNew;
223	0	0	if( p==0 ) return 0;
224	0		pNew = sqliteMallocRaw( sizeof(*p) );
225	0	0	if( pNew==0 ) return 0;
226	0		pNew->isDistinct = p->isDistinct;
227	0		pNew->pEList = sqliteExprListDup(p->pEList);
228	0		pNew->pSrc = sqliteSrcListDup(p->pSrc);
229	0		pNew->pWhere = sqliteExprDup(p->pWhere);
230	0		pNew->pGroupBy = sqliteExprListDup(p->pGroupBy);
231	0		pNew->pHaving = sqliteExprDup(p->pHaving);
232	0		pNew->pOrderBy = sqliteExprListDup(p->pOrderBy);
233	0		pNew->op = p->op;
234	0		pNew->pPrior = sqliteSelectDup(p->pPrior);
235	0		pNew->nLimit = p->nLimit;
236	0		pNew->nOffset = p->nOffset;
237	0		pNew->zSelect = 0;
238	0		pNew->iLimit = -1;
239	0		pNew->iOffset = -1;
240	0		return pNew;
241			}
242
243
244			/*
245			** Add a new element to the end of an expression list. If pList is
246			** initially NULL, then create a new expression list.
247			*/
248	645		ExprList sqliteExprListAppend(ExprList pList, Expr pExpr, Token pName){
249	645	100	if( pList==0 ){
250	262		pList = sqliteMalloc( sizeof(ExprList) );
251	262	50	if( pList==0 ){
252			/* sqliteExprDelete(pExpr); // Leak memory if malloc fails */
253	0		return 0;
254			}
255			assert( pList->nAlloc==0 );
256			}
257	645	100	if( pList->nAlloc<=pList->nExpr ){
258	322		pList->nAlloc = pList->nAlloc*2 + 4;
259	322		pList->a = sqliteRealloc(pList->a, pList->nAlloc*sizeof(pList->a[0]));
260	322	50	if( pList->a==0 ){
261			/* sqliteExprDelete(pExpr); // Leak memory if malloc fails */
262	0		pList->nExpr = pList->nAlloc = 0;
263	0		return pList;
264			}
265			}
266			assert( pList->a!=0 );
267	645	100	if( pExpr \|\| pName ){
		50
268	630		struct ExprList_item *pItem = &pList->a[pList->nExpr++];
269	630		memset(pItem, 0, sizeof(*pItem));
270	630		pItem->pExpr = pExpr;
271	630	100	if( pName ){
272	42		sqliteSetNString(&pItem->zName, pName->z, pName->n, 0);
273	42		sqliteDequote(pItem->zName);
274			}
275			}
276	645		return pList;
277			}
278
279			/*
280			** Delete an entire expression list.
281			*/
282	1226		void sqliteExprListDelete(ExprList *pList){
283			int i;
284	1226	100	if( pList==0 ) return;
285			assert( pList->a!=0 \|\| (pList->nExpr==0 && pList->nAlloc==0) );
286			assert( pList->nExpr<=pList->nAlloc );
287	892	100	for(i=0; inExpr; i++){
288	630		sqliteExprDelete(pList->a[i].pExpr);
289	630		sqliteFree(pList->a[i].zName);
290			}
291	262		sqliteFree(pList->a);
292	262		sqliteFree(pList);
293			}
294
295			/*
296			** Walk an expression tree. Return 1 if the expression is constant
297			** and 0 if it involves variables.
298			**
299			** For the purposes of this function, a double-quoted string (ex: "abc")
300			** is considered a variable but a single-quoted string (ex: 'abc') is
301			** a constant.
302			*/
303	97		int sqliteExprIsConstant(Expr *p){
304	97		switch( p->op ){
305			case TK_ID:
306			case TK_COLUMN:
307			case TK_DOT:
308			case TK_FUNCTION:
309	46		return 0;
310			case TK_NULL:
311			case TK_STRING:
312			case TK_INTEGER:
313			case TK_FLOAT:
314			case TK_VARIABLE:
315	15		return 1;
316			default: {
317	36	100	if( p->pLeft && !sqliteExprIsConstant(p->pLeft) ) return 0;
		50
318	3	50	if( p->pRight && !sqliteExprIsConstant(p->pRight) ) return 0;
		0
319	3	50	if( p->pList ){
320			int i;
321	6	50	for(i=0; ipList->nExpr; i++){
322	6	100	if( !sqliteExprIsConstant(p->pList->a[i].pExpr) ) return 0;
323			}
324			}
325	0	0	return p->pLeft!=0 \|\| p->pRight!=0 \|\| (p->pList && p->pList->nExpr>0);
		0
		0
		0
326			}
327			}
328			return 0;
329			}
330
331			/*
332			** If the given expression codes a constant integer that is small enough
333			** to fit in a 32-bit integer, return 1 and put the value of the integer
334			** in *pValue. If the expression is not an integer or if it is too big
335			** to fit in a signed 32-bit integer, return 0 and leave *pValue unchanged.
336			*/
337	13		int sqliteExprIsInteger(Expr p, int pValue){
338	13		switch( p->op ){
339			case TK_INTEGER: {
340	0	0	if( sqliteFitsIn32Bits(p->token.z) ){
341	0		*pValue = atoi(p->token.z);
342	0		return 1;
343			}
344	0		break;
345			}
346			case TK_STRING: {
347	0		const char *z = p->token.z;
348	0		int n = p->token.n;
349	0	0	if( n>0 && z[0]=='-' ){ z++; n--; }
		0
350	0	0	while( n>0 && z && isdigit(z) ){ z++; n--; }
		0
		0
351	0	0	if( n==0 && sqliteFitsIn32Bits(p->token.z) ){
		0
352	0		*pValue = atoi(p->token.z);
353	0		return 1;
354			}
355	0		break;
356			}
357			case TK_UPLUS: {
358	0		return sqliteExprIsInteger(p->pLeft, pValue);
359			}
360			case TK_UMINUS: {
361			int v;
362	0	0	if( sqliteExprIsInteger(p->pLeft, &v) ){
363	0		*pValue = -v;
364	0		return 1;
365			}
366	0		break;
367			}
368	13		default: break;
369			}
370	13		return 0;
371			}
372
373			/*
374			** Return TRUE if the given string is a row-id column name.
375			*/
376	0		int sqliteIsRowid(const char *z){
377	0	0	if( sqliteStrICmp(z, "_ROWID_")==0 ) return 1;
378	0	0	if( sqliteStrICmp(z, "ROWID")==0 ) return 1;
379	0	0	if( sqliteStrICmp(z, "OID")==0 ) return 1;
380	0		return 0;
381			}
382
383			/*
384			** Given the name of a column of the form X.Y.Z or Y.Z or just Z, look up
385			** that name in the set of source tables in pSrcList and make the pExpr
386			** expression node refer back to that source column. The following changes
387			** are made to pExpr:
388			**
389			** pExpr->iDb Set the index in db->aDb[] of the database holding
390			** the table.
391			** pExpr->iTable Set to the cursor number for the table obtained
392			** from pSrcList.
393			** pExpr->iColumn Set to the column number within the table.
394			** pExpr->dataType Set to the appropriate data type for the column.
395			** pExpr->op Set to TK_COLUMN.
396			** pExpr->pLeft Any expression this points to is deleted
397			** pExpr->pRight Any expression this points to is deleted.
398			**
399			** The pDbToken is the name of the database (the "X"). This value may be
400			** NULL meaning that name is of the form Y.Z or Z. Any available database
401			** can be used. The pTableToken is the name of the table (the "Y"). This
402			** value can be NULL if pDbToken is also NULL. If pTableToken is NULL it
403			** means that the form of the name is Z and that columns from any table
404			** can be used.
405			**
406			** If the name cannot be resolved unambiguously, leave an error message
407			** in pParse and return non-zero. Return zero on success.
408			*/
409	389		static int lookupName(
410			Parse pParse, / The parsing context */
411			Token pDbToken, / Name of the database containing table, or NULL */
412			Token pTableToken, / Name of table containing column, or NULL */
413			Token pColumnToken, / Name of the column. */
414			SrcList pSrcList, / List of tables used to resolve column names */
415			ExprList pEList, / List of expressions used to resolve "AS" */
416			Expr pExpr / Make this EXPR node point to the selected column */
417			){
418	389		char zDb = 0; / Name of the database. The "X" in X.Y.Z */
419	389		char zTab = 0; / Name of the table. The "Y" in X.Y.Z or Y.Z */
420	389		char zCol = 0; / Name of the column. The "Z" */
421			int i, j; /* Loop counters */
422	389		int cnt = 0; /* Number of matching column names */
423	389		int cntTab = 0; /* Number of matching table names */
424	389		sqlite db = pParse->db; / The database */
425
426			assert( pColumnToken && pColumnToken->z ); /* The Z in X.Y.Z cannot be NULL */
427	389	50	if( pDbToken && pDbToken->z ){
		0
428	0		zDb = sqliteStrNDup(pDbToken->z, pDbToken->n);
429	0		sqliteDequote(zDb);
430			}else{
431	389		zDb = 0;
432			}
433	389	100	if( pTableToken && pTableToken->z ){
		50
434	7		zTab = sqliteStrNDup(pTableToken->z, pTableToken->n);
435	7		sqliteDequote(zTab);
436			}else{
437			assert( zDb==0 );
438	382		zTab = 0;
439			}
440	389		zCol = sqliteStrNDup(pColumnToken->z, pColumnToken->n);
441	389		sqliteDequote(zCol);
442	389	50	if( sqlite_malloc_failed ){
443	0		return 1; /* Leak memory (zDb and zTab) if malloc fails */
444			}
445			assert( zTab==0 \|\| pEList==0 );
446
447	389		pExpr->iTable = -1;
448	785	100	for(i=0; inSrc; i++){
449	396		struct SrcList_item *pItem = &pSrcList->a[i];
450	396		Table *pTab = pItem->pTab;
451			Column *pCol;
452
453	396	50	if( pTab==0 ) continue;
454			assert( pTab->nCol>0 );
455	396	100	if( zTab ){
456	13	50	if( pItem->zAlias ){
457	0		char *zTabName = pItem->zAlias;
458	0	0	if( sqliteStrICmp(zTabName, zTab)!=0 ) continue;
459			}else{
460	13		char *zTabName = pTab->zName;
461	13	50	if( zTabName==0 \|\| sqliteStrICmp(zTabName, zTab)!=0 ) continue;
		100
462	7	50	if( zDb!=0 && sqliteStrICmp(db->aDb[pTab->iDb].zName, zDb)!=0 ){
		0
463	0		continue;
464			}
465			}
466			}
467	390	100	if( 0==(cntTab++) ){
468	389		pExpr->iTable = pItem->iCursor;
469	389		pExpr->iDb = pTab->iDb;
470			}
471	997	100	for(j=0, pCol=pTab->aCol; jnCol; j++, pCol++){
472	996	100	if( sqliteStrICmp(pCol->zName, zCol)==0 ){
473	389		cnt++;
474	389		pExpr->iTable = pItem->iCursor;
475	389		pExpr->iDb = pTab->iDb;
476			/* Substitute the rowid (column -1) for the INTEGER PRIMARY KEY */
477	389	50	pExpr->iColumn = j==pTab->iPKey ? -1 : j;
478	389		pExpr->dataType = pCol->sortOrder & SQLITE_SO_TYPEMASK;
479	389		break;
480			}
481			}
482			}
483
484			/* If we have not already resolved the name, then maybe
485			** it is a new.* or old.* trigger argument reference
486			*/
487	389	50	if( zDb==0 && zTab!=0 && cnt==0 && pParse->trigStack!=0 ){
		100
		50
		0
488	0		TriggerStack *pTriggerStack = pParse->trigStack;
489	0		Table *pTab = 0;
490	0	0	if( pTriggerStack->newIdx != -1 && sqliteStrICmp("new", zTab) == 0 ){
		0
491	0		pExpr->iTable = pTriggerStack->newIdx;
492			assert( pTriggerStack->pTab );
493	0		pTab = pTriggerStack->pTab;
494	0	0	}else if( pTriggerStack->oldIdx != -1 && sqliteStrICmp("old", zTab) == 0 ){
		0
495	0		pExpr->iTable = pTriggerStack->oldIdx;
496			assert( pTriggerStack->pTab );
497	0		pTab = pTriggerStack->pTab;
498			}
499
500	0	0	if( pTab ){
501			int j;
502	0		Column *pCol = pTab->aCol;
503
504	0		pExpr->iDb = pTab->iDb;
505	0		cntTab++;
506	0	0	for(j=0; j < pTab->nCol; j++, pCol++) {
507	0	0	if( sqliteStrICmp(pCol->zName, zCol)==0 ){
508	0		cnt++;
509	0	0	pExpr->iColumn = j==pTab->iPKey ? -1 : j;
510	0		pExpr->dataType = pCol->sortOrder & SQLITE_SO_TYPEMASK;
511	0		break;
512			}
513			}
514			}
515			}
516
517			/*
518			** Perhaps the name is a reference to the ROWID
519			*/
520	389	50	if( cnt==0 && cntTab==1 && sqliteIsRowid(zCol) ){
		0
		0
521	0		cnt = 1;
522	0		pExpr->iColumn = -1;
523	0		pExpr->dataType = SQLITE_SO_NUM;
524			}
525
526			/*
527			** If the input is of the form Z (not Y.Z or X.Y.Z) then the name Z
528			** might refer to an result-set alias. This happens, for example, when
529			** we are resolving names in the WHERE clause of the following command:
530			**
531			** SELECT a+b AS x FROM table WHERE x<10;
532			**
533			** In cases like this, replace pExpr with a copy of the expression that
534			** forms the result set entry ("a+b" in the example) and return immediately.
535			** Note that the expression in the result set should have already been
536			** resolved by the time the WHERE clause is resolved.
537			*/
538	389	50	if( cnt==0 && pEList!=0 ){
		0
539	0	0	for(j=0; jnExpr; j++){
540	0		char *zAs = pEList->a[j].zName;
541	0	0	if( zAs!=0 && sqliteStrICmp(zAs, zCol)==0 ){
		0
542			assert( pExpr->pLeft==0 && pExpr->pRight==0 );
543	0		pExpr->op = TK_AS;
544	0		pExpr->iColumn = j;
545	0		pExpr->pLeft = sqliteExprDup(pEList->a[j].pExpr);
546	0		sqliteFree(zCol);
547			assert( zTab==0 && zDb==0 );
548	0		return 0;
549			}
550			}
551			}
552
553			/*
554			** If X and Y are NULL (in other words if only the column name Z is
555			** supplied) and the value of Z is enclosed in double-quotes, then
556			** Z is a string literal if it doesn't match any column names. In that
557			** case, we need to return right away and not make any changes to
558			** pExpr.
559			*/
560	389	50	if( cnt==0 && zTab==0 && pColumnToken->z[0]=='"' ){
		0
		0
561	0		sqliteFree(zCol);
562	0		return 0;
563			}
564
565			/*
566			** cnt==0 means there was not match. cnt>1 means there were two or
567			** more matches. Either way, we have an error.
568			*/
569	389	50	if( cnt!=1 ){
570	0		char *z = 0;
571			char *zErr;
572	0	0	zErr = cnt==0 ? "no such column: %s" : "ambiguous column name: %s";
573	0	0	if( zDb ){
574	0		sqliteSetString(&z, zDb, ".", zTab, ".", zCol, 0);
575	0	0	}else if( zTab ){
576	0		sqliteSetString(&z, zTab, ".", zCol, 0);
577			}else{
578	0		z = sqliteStrDup(zCol);
579			}
580	0		sqliteErrorMsg(pParse, zErr, z);
581	0		sqliteFree(z);
582			}
583
584			/* Clean up and return
585			*/
586	389		sqliteFree(zDb);
587	389		sqliteFree(zTab);
588	389		sqliteFree(zCol);
589	389		sqliteExprDelete(pExpr->pLeft);
590	389		pExpr->pLeft = 0;
591	389		sqliteExprDelete(pExpr->pRight);
592	389		pExpr->pRight = 0;
593	389		pExpr->op = TK_COLUMN;
594	389		sqliteAuthRead(pParse, pExpr, pSrcList);
595	389		return cnt!=1;
596			}
597
598			/*
599			** This routine walks an expression tree and resolves references to
600			** table columns. Nodes of the form ID.ID or ID resolve into an
601			** index to the table in the table list and a column offset. The
602			** Expr.opcode for such nodes is changed to TK_COLUMN. The Expr.iTable
603			** value is changed to the index of the referenced table in pTabList
604			** plus the "base" value. The base value will ultimately become the
605			** VDBE cursor number for a cursor that is pointing into the referenced
606			** table. The Expr.iColumn value is changed to the index of the column
607			** of the referenced table. The Expr.iColumn value for the special
608			** ROWID column is -1. Any INTEGER PRIMARY KEY column is tried as an
609			** alias for ROWID.
610			**
611			** We also check for instances of the IN operator. IN comes in two
612			** forms:
613			**
614			** expr IN (exprlist)
615			** and
616			** expr IN (SELECT ...)
617			**
618			** The first form is handled by creating a set holding the list
619			** of allowed values. The second form causes the SELECT to generate
620			** a temporary table.
621			**
622			** This routine also looks for scalar SELECTs that are part of an expression.
623			** If it finds any, it generates code to write the value of that select
624			** into a memory cell.
625			**
626			** Unknown columns or tables provoke an error. The function returns
627			** the number of errors seen and leaves an error message on pParse->zErrMsg.
628			*/
629	684		int sqliteExprResolveIds(
630			Parse pParse, / The parser context */
631			SrcList pSrcList, / List of tables used to resolve column names */
632			ExprList pEList, / List of expressions used to resolve "AS" */
633			Expr pExpr / The expression to be analyzed. */
634			){
635			int i;
636
637	684	50	if( pExpr==0 \|\| pSrcList==0 ) return 0;
		50
638	1231	100	for(i=0; inSrc; i++){
639			assert( pSrcList->a[i].iCursor>=0 && pSrcList->a[i].iCursornTab );
640			}
641	684		switch( pExpr->op ){
642			/* Double-quoted strings (ex: "abc") are used as identifiers if
643			** possible. Otherwise they remain as strings. Single-quoted
644			** strings (ex: 'abc') are always string literals.
645			*/
646			case TK_STRING: {
647	77	50	if( pExpr->token.z[0]=='\'' ) break;
648			/* Fall thru into the TK_ID case if this is a double-quoted string */
649			}
650			/* A lone identifier is the name of a columnd.
651			*/
652			case TK_ID: {
653	382	50	if( lookupName(pParse, 0, 0, &pExpr->token, pSrcList, pEList, pExpr) ){
654	0		return 1;
655			}
656	382		break;
657			}
658
659			/* A table name and column name: ID.ID
660			** Or a database, table and column: ID.ID.ID
661			*/
662			case TK_DOT: {
663			Token *pColumn;
664			Token *pTable;
665			Token *pDb;
666			Expr *pRight;
667
668	7		pRight = pExpr->pRight;
669	7	50	if( pRight->op==TK_ID ){
670	7		pDb = 0;
671	7		pTable = &pExpr->pLeft->token;
672	7		pColumn = &pRight->token;
673			}else{
674			assert( pRight->op==TK_DOT );
675	0		pDb = &pExpr->pLeft->token;
676	0		pTable = &pRight->pLeft->token;
677	0		pColumn = &pRight->pRight->token;
678			}
679	7	50	if( lookupName(pParse, pDb, pTable, pColumn, pSrcList, 0, pExpr) ){
680	0		return 1;
681			}
682	7		break;
683			}
684
685			case TK_IN: {
686	6		Vdbe *v = sqliteGetVdbe(pParse);
687	6	50	if( v==0 ) return 1;
688	6	50	if( sqliteExprResolveIds(pParse, pSrcList, pEList, pExpr->pLeft) ){
689	0		return 1;
690			}
691	6	50	if( pExpr->pSelect ){
692			/* Case 1: expr IN (SELECT ...)
693			**
694			** Generate code to write the results of the select into a temporary
695			** table. The cursor number of the temporary table has already
696			** been put in iTable by sqliteExprResolveInSelect().
697			*/
698	0		pExpr->iTable = pParse->nTab++;
699	0		sqliteVdbeAddOp(v, OP_OpenTemp, pExpr->iTable, 1);
700	0		sqliteSelect(pParse, pExpr->pSelect, SRT_Set, pExpr->iTable, 0,0,0);
701	6	50	}else if( pExpr->pList ){
702			/* Case 2: expr IN (exprlist)
703			**
704			** Create a set to put the exprlist values in. The Set id is stored
705			** in iTable.
706			*/
707			int i, iSet;
708	18	100	for(i=0; ipList->nExpr; i++){
709	12		Expr *pE2 = pExpr->pList->a[i].pExpr;
710	12	50	if( !sqliteExprIsConstant(pE2) ){
711	0		sqliteErrorMsg(pParse,
712			"right-hand side of IN operator must be constant");
713	0		return 1;
714			}
715	12	50	if( sqliteExprCheck(pParse, pE2, 0, 0) ){
716	0		return 1;
717			}
718			}
719	6		iSet = pExpr->iTable = pParse->nSet++;
720	18	100	for(i=0; ipList->nExpr; i++){
721	12		Expr *pE2 = pExpr->pList->a[i].pExpr;
722	12	50	switch( pE2->op ){
723			case TK_FLOAT:
724			case TK_INTEGER:
725			case TK_STRING: {
726			int addr;
727			assert( pE2->token.z );
728	12		addr = sqliteVdbeOp3(v, OP_SetInsert, iSet, 0,
729	12		pE2->token.z, pE2->token.n);
730	12		sqliteVdbeDequoteP3(v, addr);
731	12		break;
732			}
733			default: {
734	0		sqliteExprCode(pParse, pE2);
735	0		sqliteVdbeAddOp(v, OP_SetInsert, iSet, 0);
736	0		break;
737			}
738			}
739			}
740			}
741	6		break;
742			}
743
744			case TK_SELECT: {
745			/* This has to be a scalar SELECT. Generate code to put the
746			** value of this select in a memory cell and record the number
747			** of the memory cell in iColumn.
748			*/
749	0		pExpr->iColumn = pParse->nMem++;
750	0	0	if( sqliteSelect(pParse, pExpr->pSelect, SRT_Mem, pExpr->iColumn,0,0,0) ){
751	0		return 1;
752			}
753	0		break;
754			}
755
756			/* For all else, just recursively walk the tree */
757			default: {
758	212	100	if( pExpr->pLeft
759	30	50	&& sqliteExprResolveIds(pParse, pSrcList, pEList, pExpr->pLeft) ){
760	0		return 1;
761			}
762	212	100	if( pExpr->pRight
763	26	50	&& sqliteExprResolveIds(pParse, pSrcList, pEList, pExpr->pRight) ){
764	0		return 1;
765			}
766	212	100	if( pExpr->pList ){
767			int i;
768	39		ExprList *pList = pExpr->pList;
769	71	100	for(i=0; inExpr; i++){
770	32		Expr *pArg = pList->a[i].pExpr;
771	32	50	if( sqliteExprResolveIds(pParse, pSrcList, pEList, pArg) ){
772	0		return 1;
773			}
774			}
775			}
776			}
777			}
778	684		return 0;
779			}
780
781			/*
782			** pExpr is a node that defines a function of some kind. It might
783			** be a syntactic function like "count(x)" or it might be a function
784			** that implements an operator, like "a LIKE b".
785			**
786			** This routine makes *pzName point to the name of the function and
787			** *pnName hold the number of characters in the function name.
788			*/
789	63		static void getFunctionName(Expr pExpr, const char pzName, int pnName){
790	63		switch( pExpr->op ){
791			case TK_FUNCTION: {
792	57		*pzName = pExpr->token.z;
793	57		*pnName = pExpr->token.n;
794	57		break;
795			}
796			case TK_LIKE: {
797	6		*pzName = "like";
798	6		*pnName = 4;
799	6		break;
800			}
801			case TK_GLOB: {
802	0		*pzName = "glob";
803	0		*pnName = 4;
804	0		break;
805			}
806			default: {
807	0		*pzName = "can't happen";
808	0		*pnName = 12;
809	0		break;
810			}
811			}
812	63		}
813
814			/*
815			** Error check the functions in an expression. Make sure all
816			** function names are recognized and all functions have the correct
817			** number of arguments. Leave an error message in pParse->zErrMsg
818			** if anything is amiss. Return the number of errors.
819			**
820			** if pIsAgg is not null and this expression is an aggregate function
821			** (like count() or max(value)) then write a 1 into pIsAgg.
822			*/
823	740		int sqliteExprCheck(Parse pParse, Expr pExpr, int allowAgg, int *pIsAgg){
824	740		int nErr = 0;
825	740	50	if( pExpr==0 ) return 0;
826	740	100	switch( pExpr->op ){
827			case TK_GLOB:
828			case TK_LIKE:
829			case TK_FUNCTION: {
830	39	50	int n = pExpr->pList ? pExpr->pList->nExpr : 0; /* Number of arguments */
831	39		int no_such_func = 0; /* True if no such function exists */
832	39		int wrong_num_args = 0; /* True if wrong number of arguments */
833	39		int is_agg = 0; /* True if is an aggregate function */
834			int i;
835			int nId; /* Number of characters in function name */
836			const char zId; / The function name. */
837			FuncDef *pDef;
838
839	39		getFunctionName(pExpr, &zId, &nId);
840	39		pDef = sqliteFindFunction(pParse->db, zId, nId, n, 0);
841	39	50	if( pDef==0 ){
842	0		pDef = sqliteFindFunction(pParse->db, zId, nId, -1, 0);
843	0	0	if( pDef==0 ){
844	0		no_such_func = 1;
845			}else{
846	0		wrong_num_args = 1;
847			}
848			}else{
849	39		is_agg = pDef->xFunc==0;
850			}
851	39	100	if( is_agg && !allowAgg ){
		50
852	0		sqliteErrorMsg(pParse, "misuse of aggregate function %.*s()", nId, zId);
853	0		nErr++;
854	0		is_agg = 0;
855	39	50	}else if( no_such_func ){
856	0		sqliteErrorMsg(pParse, "no such function: %.*s", nId, zId);
857	0		nErr++;
858	39	50	}else if( wrong_num_args ){
859	0		sqliteErrorMsg(pParse,"wrong number of arguments to function %.*s()",
860			nId, zId);
861	0		nErr++;
862			}
863	39	100	if( is_agg ){
864	15		pExpr->op = TK_AGG_FUNCTION;
865	15	50	if( pIsAgg ) *pIsAgg = 1;
866			}
867	71	50	for(i=0; nErr==0 && i
		100
868	32	100	nErr = sqliteExprCheck(pParse, pExpr->pList->a[i].pExpr,
		100
869			allowAgg && !is_agg, pIsAgg);
870			}
871	39	50	if( pDef==0 ){
872			/* Already reported an error */
873	39	50	}else if( pDef->dataType>=0 ){
874	0	0	if( pDef->dataType
875	0		pExpr->dataType =
876	0		sqliteExprType(pExpr->pList->a[pDef->dataType].pExpr);
877			}else{
878	0		pExpr->dataType = SQLITE_SO_NUM;
879			}
880	39	50	}else if( pDef->dataType==SQLITE_ARGS ){
881	0		pDef->dataType = SQLITE_SO_TEXT;
882	0	0	for(i=0; i
883	0	0	if( sqliteExprType(pExpr->pList->a[i].pExpr)==SQLITE_SO_NUM ){
884	0		pExpr->dataType = SQLITE_SO_NUM;
885	0		break;
886			}
887			}
888	39	100	}else if( pDef->dataType==SQLITE_NUMERIC ){
889	36		pExpr->dataType = SQLITE_SO_NUM;
890			}else{
891	39		pExpr->dataType = SQLITE_SO_TEXT;
892			}
893			}
894			default: {
895	740	100	if( pExpr->pLeft ){
896	36		nErr = sqliteExprCheck(pParse, pExpr->pLeft, allowAgg, pIsAgg);
897			}
898	740	50	if( nErr==0 && pExpr->pRight ){
		100
899	26		nErr = sqliteExprCheck(pParse, pExpr->pRight, allowAgg, pIsAgg);
900			}
901	740	50	if( nErr==0 && pExpr->pList ){
		100
902	45		int n = pExpr->pList->nExpr;
903			int i;
904	89	50	for(i=0; nErr==0 && i
		100
905	44		Expr *pE2 = pExpr->pList->a[i].pExpr;
906	44		nErr = sqliteExprCheck(pParse, pE2, allowAgg, pIsAgg);
907			}
908			}
909	740		break;
910			}
911			}
912	740		return nErr;
913			}
914
915			/*
916			** Return either SQLITE_SO_NUM or SQLITE_SO_TEXT to indicate whether the
917			** given expression should sort as numeric values or as text.
918			**
919			** The sqliteExprResolveIds() and sqliteExprCheck() routines must have
920			** both been called on the expression before it is passed to this routine.
921			*/
922	155		int sqliteExprType(Expr *p){
923	155	50	if( p==0 ) return SQLITE_SO_NUM;
924	156	50	while( p ) switch( p->op ){
925			case TK_PLUS:
926			case TK_MINUS:
927			case TK_STAR:
928			case TK_SLASH:
929			case TK_AND:
930			case TK_OR:
931			case TK_ISNULL:
932			case TK_NOTNULL:
933			case TK_NOT:
934			case TK_UMINUS:
935			case TK_UPLUS:
936			case TK_BITAND:
937			case TK_BITOR:
938			case TK_BITNOT:
939			case TK_LSHIFT:
940			case TK_RSHIFT:
941			case TK_REM:
942			case TK_INTEGER:
943			case TK_FLOAT:
944			case TK_IN:
945			case TK_BETWEEN:
946			case TK_GLOB:
947			case TK_LIKE:
948	54		return SQLITE_SO_NUM;
949
950			case TK_STRING:
951			case TK_NULL:
952			case TK_CONCAT:
953			case TK_VARIABLE:
954	13		return SQLITE_SO_TEXT;
955
956			case TK_LT:
957			case TK_LE:
958			case TK_GT:
959			case TK_GE:
960			case TK_NE:
961			case TK_EQ:
962	23	100	if( sqliteExprType(p->pLeft)==SQLITE_SO_NUM ){
963	22		return SQLITE_SO_NUM;
964			}
965	1		p = p->pRight;
966	1		break;
967
968			case TK_AS:
969	0		p = p->pLeft;
970	0		break;
971
972			case TK_COLUMN:
973			case TK_FUNCTION:
974			case TK_AGG_FUNCTION:
975	66		return p->dataType;
976
977			case TK_SELECT:
978			assert( p->pSelect );
979			assert( p->pSelect->pEList );
980			assert( p->pSelect->pEList->nExpr>0 );
981	0		p = p->pSelect->pEList->a[0].pExpr;
982	0		break;
983
984			case TK_CASE: {
985	0	0	if( p->pRight && sqliteExprType(p->pRight)==SQLITE_SO_NUM ){
		0
986	0		return SQLITE_SO_NUM;
987			}
988	0	0	if( p->pList ){
989			int i;
990	0		ExprList *pList = p->pList;
991	0	0	for(i=1; inExpr; i+=2){
992	0	0	if( sqliteExprType(pList->a[i].pExpr)==SQLITE_SO_NUM ){
993	0		return SQLITE_SO_NUM;
994			}
995			}
996			}
997	0		return SQLITE_SO_TEXT;
998			}
999
1000			default:
1001			assert( p->op==TK_ABORT ); /* Can't Happen */
1002	0		break;
1003			}
1004	0		return SQLITE_SO_NUM;
1005			}
1006
1007			/*
1008			** Generate code into the current Vdbe to evaluate the given
1009			** expression and leave the result on the top of stack.
1010			*/
1011	633		void sqliteExprCode(Parse pParse, Expr pExpr){
1012	633		Vdbe *v = pParse->pVdbe;
1013			int op;
1014	633	50	if( v==0 \|\| pExpr==0 ) return;
		50
1015	633		switch( pExpr->op ){
1016	0		case TK_PLUS: op = OP_Add; break;
1017	0		case TK_MINUS: op = OP_Subtract; break;
1018	0		case TK_STAR: op = OP_Multiply; break;
1019	0		case TK_SLASH: op = OP_Divide; break;
1020	0		case TK_AND: op = OP_And; break;
1021	0		case TK_OR: op = OP_Or; break;
1022	0		case TK_LT: op = OP_Lt; break;
1023	0		case TK_LE: op = OP_Le; break;
1024	0		case TK_GT: op = OP_Gt; break;
1025	0		case TK_GE: op = OP_Ge; break;
1026	0		case TK_NE: op = OP_Ne; break;
1027	0		case TK_EQ: op = OP_Eq; break;
1028	0		case TK_ISNULL: op = OP_IsNull; break;
1029	0		case TK_NOTNULL: op = OP_NotNull; break;
1030	0		case TK_NOT: op = OP_Not; break;
1031	0		case TK_UMINUS: op = OP_Negative; break;
1032	0		case TK_BITAND: op = OP_BitAnd; break;
1033	0		case TK_BITOR: op = OP_BitOr; break;
1034	0		case TK_BITNOT: op = OP_BitNot; break;
1035	0		case TK_LSHIFT: op = OP_ShiftLeft; break;
1036	0		case TK_RSHIFT: op = OP_ShiftRight; break;
1037	0		case TK_REM: op = OP_Remainder; break;
1038	633		default: break;
1039			}
1040	633		switch( pExpr->op ){
1041			case TK_COLUMN: {
1042	371	100	if( pParse->useAgg ){
1043	3		sqliteVdbeAddOp(v, OP_AggGet, 0, pExpr->iAgg);
1044	368	50	}else if( pExpr->iColumn>=0 ){
1045	368		sqliteVdbeAddOp(v, OP_Column, pExpr->iTable, pExpr->iColumn);
1046			}else{
1047	0		sqliteVdbeAddOp(v, OP_Recno, pExpr->iTable, 0);
1048			}
1049	371		break;
1050			}
1051			case TK_STRING:
1052			case TK_FLOAT:
1053			case TK_INTEGER: {
1054	197	100	if( pExpr->op==TK_INTEGER && sqliteFitsIn32Bits(pExpr->token.z) ){
		50
1055	119		sqliteVdbeAddOp(v, OP_Integer, atoi(pExpr->token.z), 0);
1056			}else{
1057	78		sqliteVdbeAddOp(v, OP_String, 0, 0);
1058			}
1059			assert( pExpr->token.z );
1060	197		sqliteVdbeChangeP3(v, -1, pExpr->token.z, pExpr->token.n);
1061	197		sqliteVdbeDequoteP3(v, -1);
1062	197		break;
1063			}
1064			case TK_NULL: {
1065	26		sqliteVdbeAddOp(v, OP_String, 0, 0);
1066	26		break;
1067			}
1068			case TK_VARIABLE: {
1069	0		sqliteVdbeAddOp(v, OP_Variable, pExpr->iTable, 0);
1070	0		break;
1071			}
1072			case TK_LT:
1073			case TK_LE:
1074			case TK_GT:
1075			case TK_GE:
1076			case TK_NE:
1077			case TK_EQ: {
1078	0	0	if( pParse->db->file_format>=4 && sqliteExprType(pExpr)==SQLITE_SO_TEXT ){
		0
1079	0		op += 6; /* Convert numeric opcodes to text opcodes */
1080			}
1081			/* Fall through into the next case */
1082			}
1083			case TK_AND:
1084			case TK_OR:
1085			case TK_PLUS:
1086			case TK_STAR:
1087			case TK_MINUS:
1088			case TK_REM:
1089			case TK_BITAND:
1090			case TK_BITOR:
1091			case TK_SLASH: {
1092	0		sqliteExprCode(pParse, pExpr->pLeft);
1093	0		sqliteExprCode(pParse, pExpr->pRight);
1094	0		sqliteVdbeAddOp(v, op, 0, 0);
1095	0		break;
1096			}
1097			case TK_LSHIFT:
1098			case TK_RSHIFT: {
1099	0		sqliteExprCode(pParse, pExpr->pRight);
1100	0		sqliteExprCode(pParse, pExpr->pLeft);
1101	0		sqliteVdbeAddOp(v, op, 0, 0);
1102	0		break;
1103			}
1104			case TK_CONCAT: {
1105	0		sqliteExprCode(pParse, pExpr->pLeft);
1106	0		sqliteExprCode(pParse, pExpr->pRight);
1107	0		sqliteVdbeAddOp(v, OP_Concat, 2, 0);
1108	0		break;
1109			}
1110			case TK_UMINUS: {
1111			assert( pExpr->pLeft );
1112	0	0	if( pExpr->pLeft->op==TK_FLOAT \|\| pExpr->pLeft->op==TK_INTEGER ){
		0
1113	0		Token *p = &pExpr->pLeft->token;
1114	0		char *z = sqliteMalloc( p->n + 2 );
1115	0		sprintf(z, "-%.*s", p->n, p->z);
1116	0	0	if( pExpr->pLeft->op==TK_INTEGER && sqliteFitsIn32Bits(z) ){
		0
1117	0		sqliteVdbeAddOp(v, OP_Integer, atoi(z), 0);
1118			}else{
1119	0		sqliteVdbeAddOp(v, OP_String, 0, 0);
1120			}
1121	0		sqliteVdbeChangeP3(v, -1, z, p->n+1);
1122	0		sqliteFree(z);
1123	0		break;
1124			}
1125			/* Fall through into TK_NOT */
1126			}
1127			case TK_BITNOT:
1128			case TK_NOT: {
1129	0		sqliteExprCode(pParse, pExpr->pLeft);
1130	0		sqliteVdbeAddOp(v, op, 0, 0);
1131	0		break;
1132			}
1133			case TK_ISNULL:
1134			case TK_NOTNULL: {
1135			int dest;
1136	0		sqliteVdbeAddOp(v, OP_Integer, 1, 0);
1137	0		sqliteExprCode(pParse, pExpr->pLeft);
1138	0		dest = sqliteVdbeCurrentAddr(v) + 2;
1139	0		sqliteVdbeAddOp(v, op, 1, dest);
1140	0		sqliteVdbeAddOp(v, OP_AddImm, -1, 0);
1141	0		break;
1142			}
1143			case TK_AGG_FUNCTION: {
1144	15		sqliteVdbeAddOp(v, OP_AggGet, 0, pExpr->iAgg);
1145	15		break;
1146			}
1147			case TK_GLOB:
1148			case TK_LIKE:
1149			case TK_FUNCTION: {
1150	24		ExprList *pList = pExpr->pList;
1151	24	50	int nExpr = pList ? pList->nExpr : 0;
1152			FuncDef *pDef;
1153			int nId;
1154			const char *zId;
1155	24		getFunctionName(pExpr, &zId, &nId);
1156	24		pDef = sqliteFindFunction(pParse->db, zId, nId, nExpr, 0);
1157			assert( pDef!=0 );
1158	24		nExpr = sqliteExprCodeExprList(pParse, pList, pDef->includeTypes);
1159	24		sqliteVdbeOp3(v, OP_Function, nExpr, 0, (char*)pDef, P3_POINTER);
1160	24		break;
1161			}
1162			case TK_SELECT: {
1163	0		sqliteVdbeAddOp(v, OP_MemLoad, pExpr->iColumn, 0);
1164	0		break;
1165			}
1166			case TK_IN: {
1167			int addr;
1168	0		sqliteVdbeAddOp(v, OP_Integer, 1, 0);
1169	0		sqliteExprCode(pParse, pExpr->pLeft);
1170	0		addr = sqliteVdbeCurrentAddr(v);
1171	0		sqliteVdbeAddOp(v, OP_NotNull, -1, addr+4);
1172	0		sqliteVdbeAddOp(v, OP_Pop, 2, 0);
1173	0		sqliteVdbeAddOp(v, OP_String, 0, 0);
1174	0		sqliteVdbeAddOp(v, OP_Goto, 0, addr+6);
1175	0	0	if( pExpr->pSelect ){
1176	0		sqliteVdbeAddOp(v, OP_Found, pExpr->iTable, addr+6);
1177			}else{
1178	0		sqliteVdbeAddOp(v, OP_SetFound, pExpr->iTable, addr+6);
1179			}
1180	0		sqliteVdbeAddOp(v, OP_AddImm, -1, 0);
1181	0		break;
1182			}
1183			case TK_BETWEEN: {
1184	0		sqliteExprCode(pParse, pExpr->pLeft);
1185	0		sqliteVdbeAddOp(v, OP_Dup, 0, 0);
1186	0		sqliteExprCode(pParse, pExpr->pList->a[0].pExpr);
1187	0		sqliteVdbeAddOp(v, OP_Ge, 0, 0);
1188	0		sqliteVdbeAddOp(v, OP_Pull, 1, 0);
1189	0		sqliteExprCode(pParse, pExpr->pList->a[1].pExpr);
1190	0		sqliteVdbeAddOp(v, OP_Le, 0, 0);
1191	0		sqliteVdbeAddOp(v, OP_And, 0, 0);
1192	0		break;
1193			}
1194			case TK_UPLUS:
1195			case TK_AS: {
1196	0		sqliteExprCode(pParse, pExpr->pLeft);
1197	0		break;
1198			}
1199			case TK_CASE: {
1200			int expr_end_label;
1201			int jumpInst;
1202			int addr;
1203			int nExpr;
1204			int i;
1205
1206			assert(pExpr->pList);
1207			assert((pExpr->pList->nExpr % 2) == 0);
1208			assert(pExpr->pList->nExpr > 0);
1209	0		nExpr = pExpr->pList->nExpr;
1210	0		expr_end_label = sqliteVdbeMakeLabel(v);
1211	0	0	if( pExpr->pLeft ){
1212	0		sqliteExprCode(pParse, pExpr->pLeft);
1213			}
1214	0	0	for(i=0; i
1215	0		sqliteExprCode(pParse, pExpr->pList->a[i].pExpr);
1216	0	0	if( pExpr->pLeft ){
1217	0		sqliteVdbeAddOp(v, OP_Dup, 1, 1);
1218	0		jumpInst = sqliteVdbeAddOp(v, OP_Ne, 1, 0);
1219	0		sqliteVdbeAddOp(v, OP_Pop, 1, 0);
1220			}else{
1221	0		jumpInst = sqliteVdbeAddOp(v, OP_IfNot, 1, 0);
1222			}
1223	0		sqliteExprCode(pParse, pExpr->pList->a[i+1].pExpr);
1224	0		sqliteVdbeAddOp(v, OP_Goto, 0, expr_end_label);
1225	0		addr = sqliteVdbeCurrentAddr(v);
1226	0		sqliteVdbeChangeP2(v, jumpInst, addr);
1227			}
1228	0	0	if( pExpr->pLeft ){
1229	0		sqliteVdbeAddOp(v, OP_Pop, 1, 0);
1230			}
1231	0	0	if( pExpr->pRight ){
1232	0		sqliteExprCode(pParse, pExpr->pRight);
1233			}else{
1234	0		sqliteVdbeAddOp(v, OP_String, 0, 0);
1235			}
1236	0		sqliteVdbeResolveLabel(v, expr_end_label);
1237	0		break;
1238			}
1239			case TK_RAISE: {
1240	0	0	if( !pParse->trigStack ){
1241	0		sqliteErrorMsg(pParse,
1242			"RAISE() may only be used within a trigger-program");
1243	0		pParse->nErr++;
1244	0		return;
1245			}
1246	0	0	if( pExpr->iColumn == OE_Rollback \|\|
		0
1247	0	0	pExpr->iColumn == OE_Abort \|\|
1248	0		pExpr->iColumn == OE_Fail ){
1249	0		sqliteVdbeOp3(v, OP_Halt, SQLITE_CONSTRAINT, pExpr->iColumn,
1250	0		pExpr->token.z, pExpr->token.n);
1251	0		sqliteVdbeDequoteP3(v, -1);
1252			} else {
1253			assert( pExpr->iColumn == OE_Ignore );
1254	0		sqliteVdbeOp3(v, OP_Goto, 0, pParse->trigStack->ignoreJump,
1255			"(IGNORE jump)", 0);
1256			}
1257			}
1258	0		break;
1259			}
1260			}
1261
1262			/*
1263			** Generate code that pushes the value of every element of the given
1264			** expression list onto the stack. If the includeTypes flag is true,
1265			** then also push a string that is the datatype of each element onto
1266			** the stack after the value.
1267			**
1268			** Return the number of elements pushed onto the stack.
1269			*/
1270	39		int sqliteExprCodeExprList(
1271			Parse pParse, / Parsing context */
1272			ExprList pList, / The expression list to be coded */
1273			int includeTypes /* TRUE to put datatypes on the stack too */
1274			){
1275			struct ExprList_item *pItem;
1276			int i, n;
1277			Vdbe *v;
1278	39	50	if( pList==0 ) return 0;
1279	39		v = sqliteGetVdbe(pParse);
1280	39		n = pList->nExpr;
1281	71	100	for(pItem=pList->a, i=0; i
1282	32		sqliteExprCode(pParse, pItem->pExpr);
1283	32	50	if( includeTypes ){
1284	0	0	sqliteVdbeOp3(v, OP_String, 0, 0,
1285	0		sqliteExprType(pItem->pExpr)==SQLITE_SO_NUM ? "numeric" : "text",
1286			P3_STATIC);
1287			}
1288			}
1289	39	50	return includeTypes ? n*2 : n;
1290			}
1291
1292			/*
1293			** Generate code for a boolean expression such that a jump is made
1294			** to the label "dest" if the expression is true but execution
1295			** continues straight thru if the expression is false.
1296			**
1297			** If the expression evaluates to NULL (neither true nor false), then
1298			** take the jump if the jumpIfNull flag is true.
1299			*/
1300	0		void sqliteExprIfTrue(Parse pParse, Expr pExpr, int dest, int jumpIfNull){
1301	0		Vdbe *v = pParse->pVdbe;
1302	0		int op = 0;
1303	0	0	if( v==0 \|\| pExpr==0 ) return;
		0
1304	0		switch( pExpr->op ){
1305	0		case TK_LT: op = OP_Lt; break;
1306	0		case TK_LE: op = OP_Le; break;
1307	0		case TK_GT: op = OP_Gt; break;
1308	0		case TK_GE: op = OP_Ge; break;
1309	0		case TK_NE: op = OP_Ne; break;
1310	0		case TK_EQ: op = OP_Eq; break;
1311	0		case TK_ISNULL: op = OP_IsNull; break;
1312	0		case TK_NOTNULL: op = OP_NotNull; break;
1313	0		default: break;
1314			}
1315	0		switch( pExpr->op ){
1316			case TK_AND: {
1317	0		int d2 = sqliteVdbeMakeLabel(v);
1318	0		sqliteExprIfFalse(pParse, pExpr->pLeft, d2, !jumpIfNull);
1319	0		sqliteExprIfTrue(pParse, pExpr->pRight, dest, jumpIfNull);
1320	0		sqliteVdbeResolveLabel(v, d2);
1321	0		break;
1322			}
1323			case TK_OR: {
1324	0		sqliteExprIfTrue(pParse, pExpr->pLeft, dest, jumpIfNull);
1325	0		sqliteExprIfTrue(pParse, pExpr->pRight, dest, jumpIfNull);
1326	0		break;
1327			}
1328			case TK_NOT: {
1329	0		sqliteExprIfFalse(pParse, pExpr->pLeft, dest, jumpIfNull);
1330	0		break;
1331			}
1332			case TK_LT:
1333			case TK_LE:
1334			case TK_GT:
1335			case TK_GE:
1336			case TK_NE:
1337			case TK_EQ: {
1338	0		sqliteExprCode(pParse, pExpr->pLeft);
1339	0		sqliteExprCode(pParse, pExpr->pRight);
1340	0	0	if( pParse->db->file_format>=4 && sqliteExprType(pExpr)==SQLITE_SO_TEXT ){
		0
1341	0		op += 6; /* Convert numeric opcodes to text opcodes */
1342			}
1343	0		sqliteVdbeAddOp(v, op, jumpIfNull, dest);
1344	0		break;
1345			}
1346			case TK_ISNULL:
1347			case TK_NOTNULL: {
1348	0		sqliteExprCode(pParse, pExpr->pLeft);
1349	0		sqliteVdbeAddOp(v, op, 1, dest);
1350	0		break;
1351			}
1352			case TK_IN: {
1353			int addr;
1354	0		sqliteExprCode(pParse, pExpr->pLeft);
1355	0		addr = sqliteVdbeCurrentAddr(v);
1356	0		sqliteVdbeAddOp(v, OP_NotNull, -1, addr+3);
1357	0		sqliteVdbeAddOp(v, OP_Pop, 1, 0);
1358	0	0	sqliteVdbeAddOp(v, OP_Goto, 0, jumpIfNull ? dest : addr+4);
1359	0	0	if( pExpr->pSelect ){
1360	0		sqliteVdbeAddOp(v, OP_Found, pExpr->iTable, dest);
1361			}else{
1362	0		sqliteVdbeAddOp(v, OP_SetFound, pExpr->iTable, dest);
1363			}
1364	0		break;
1365			}
1366			case TK_BETWEEN: {
1367			int addr;
1368	0		sqliteExprCode(pParse, pExpr->pLeft);
1369	0		sqliteVdbeAddOp(v, OP_Dup, 0, 0);
1370	0		sqliteExprCode(pParse, pExpr->pList->a[0].pExpr);
1371	0		addr = sqliteVdbeAddOp(v, OP_Lt, !jumpIfNull, 0);
1372	0		sqliteExprCode(pParse, pExpr->pList->a[1].pExpr);
1373	0		sqliteVdbeAddOp(v, OP_Le, jumpIfNull, dest);
1374	0		sqliteVdbeAddOp(v, OP_Integer, 0, 0);
1375	0		sqliteVdbeChangeP2(v, addr, sqliteVdbeCurrentAddr(v));
1376	0		sqliteVdbeAddOp(v, OP_Pop, 1, 0);
1377	0		break;
1378			}
1379			default: {
1380	0		sqliteExprCode(pParse, pExpr);
1381	0		sqliteVdbeAddOp(v, OP_If, jumpIfNull, dest);
1382	0		break;
1383			}
1384			}
1385			}
1386
1387			/*
1388			** Generate code for a boolean expression such that a jump is made
1389			** to the label "dest" if the expression is false but execution
1390			** continues straight thru if the expression is true.
1391			**
1392			** If the expression evaluates to NULL (neither true nor false) then
1393			** jump if jumpIfNull is true or fall through if jumpIfNull is false.
1394			*/
1395	36		void sqliteExprIfFalse(Parse pParse, Expr pExpr, int dest, int jumpIfNull){
1396	36		Vdbe *v = pParse->pVdbe;
1397	36		int op = 0;
1398	36	50	if( v==0 \|\| pExpr==0 ) return;
		50
1399	36		switch( pExpr->op ){
1400	0		case TK_LT: op = OP_Ge; break;
1401	0		case TK_LE: op = OP_Gt; break;
1402	0		case TK_GT: op = OP_Le; break;
1403	2		case TK_GE: op = OP_Lt; break;
1404	0		case TK_NE: op = OP_Eq; break;
1405	21		case TK_EQ: op = OP_Ne; break;
1406	4		case TK_ISNULL: op = OP_NotNull; break;
1407	0		case TK_NOTNULL: op = OP_IsNull; break;
1408	9		default: break;
1409			}
1410	36		switch( pExpr->op ){
1411			case TK_AND: {
1412	0		sqliteExprIfFalse(pParse, pExpr->pLeft, dest, jumpIfNull);
1413	0		sqliteExprIfFalse(pParse, pExpr->pRight, dest, jumpIfNull);
1414	0		break;
1415			}
1416			case TK_OR: {
1417	0		int d2 = sqliteVdbeMakeLabel(v);
1418	0		sqliteExprIfTrue(pParse, pExpr->pLeft, d2, !jumpIfNull);
1419	0		sqliteExprIfFalse(pParse, pExpr->pRight, dest, jumpIfNull);
1420	0		sqliteVdbeResolveLabel(v, d2);
1421	0		break;
1422			}
1423			case TK_NOT: {
1424	0		sqliteExprIfTrue(pParse, pExpr->pLeft, dest, jumpIfNull);
1425	0		break;
1426			}
1427			case TK_LT:
1428			case TK_LE:
1429			case TK_GT:
1430			case TK_GE:
1431			case TK_NE:
1432			case TK_EQ: {
1433	23	50	if( pParse->db->file_format>=4 && sqliteExprType(pExpr)==SQLITE_SO_TEXT ){
		100
1434			/* Convert numeric comparison opcodes into text comparison opcodes.
1435			** This step depends on the fact that the text comparision opcodes are
1436			** always 6 greater than their corresponding numeric comparison
1437			** opcodes.
1438			*/
1439			assert( OP_Eq+6 == OP_StrEq );
1440	1		op += 6;
1441			}
1442	23		sqliteExprCode(pParse, pExpr->pLeft);
1443	23		sqliteExprCode(pParse, pExpr->pRight);
1444	23		sqliteVdbeAddOp(v, op, jumpIfNull, dest);
1445	23		break;
1446			}
1447			case TK_ISNULL:
1448			case TK_NOTNULL: {
1449	4		sqliteExprCode(pParse, pExpr->pLeft);
1450	4		sqliteVdbeAddOp(v, op, 1, dest);
1451	4		break;
1452			}
1453			case TK_IN: {
1454			int addr;
1455	6		sqliteExprCode(pParse, pExpr->pLeft);
1456	6		addr = sqliteVdbeCurrentAddr(v);
1457	6		sqliteVdbeAddOp(v, OP_NotNull, -1, addr+3);
1458	6		sqliteVdbeAddOp(v, OP_Pop, 1, 0);
1459	6	50	sqliteVdbeAddOp(v, OP_Goto, 0, jumpIfNull ? dest : addr+4);
1460	6	50	if( pExpr->pSelect ){
1461	0		sqliteVdbeAddOp(v, OP_NotFound, pExpr->iTable, dest);
1462			}else{
1463	6		sqliteVdbeAddOp(v, OP_SetNotFound, pExpr->iTable, dest);
1464			}
1465	6		break;
1466			}
1467			case TK_BETWEEN: {
1468			int addr;
1469	0		sqliteExprCode(pParse, pExpr->pLeft);
1470	0		sqliteVdbeAddOp(v, OP_Dup, 0, 0);
1471	0		sqliteExprCode(pParse, pExpr->pList->a[0].pExpr);
1472	0		addr = sqliteVdbeCurrentAddr(v);
1473	0		sqliteVdbeAddOp(v, OP_Ge, !jumpIfNull, addr+3);
1474	0		sqliteVdbeAddOp(v, OP_Pop, 1, 0);
1475	0		sqliteVdbeAddOp(v, OP_Goto, 0, dest);
1476	0		sqliteExprCode(pParse, pExpr->pList->a[1].pExpr);
1477	0		sqliteVdbeAddOp(v, OP_Gt, jumpIfNull, dest);
1478	0		break;
1479			}
1480			default: {
1481	3		sqliteExprCode(pParse, pExpr);
1482	3		sqliteVdbeAddOp(v, OP_IfNot, jumpIfNull, dest);
1483	3		break;
1484			}
1485			}
1486			}
1487
1488			/*
1489			** Do a deep comparison of two expression trees. Return TRUE (non-zero)
1490			** if they are identical and return FALSE if they differ in any way.
1491			*/
1492	0		int sqliteExprCompare(Expr pA, Expr pB){
1493			int i;
1494	0	0	if( pA==0 ){
1495	0		return pB==0;
1496	0	0	}else if( pB==0 ){
1497	0		return 0;
1498			}
1499	0	0	if( pA->op!=pB->op ) return 0;
1500	0	0	if( !sqliteExprCompare(pA->pLeft, pB->pLeft) ) return 0;
1501	0	0	if( !sqliteExprCompare(pA->pRight, pB->pRight) ) return 0;
1502	0	0	if( pA->pList ){
1503	0	0	if( pB->pList==0 ) return 0;
1504	0	0	if( pA->pList->nExpr!=pB->pList->nExpr ) return 0;
1505	0	0	for(i=0; ipList->nExpr; i++){
1506	0	0	if( !sqliteExprCompare(pA->pList->a[i].pExpr, pB->pList->a[i].pExpr) ){
1507	0		return 0;
1508			}
1509			}
1510	0	0	}else if( pB->pList ){
1511	0		return 0;
1512			}
1513	0	0	if( pA->pSelect \|\| pB->pSelect ) return 0;
		0
1514	0	0	if( pA->iTable!=pB->iTable \|\| pA->iColumn!=pB->iColumn ) return 0;
		0
1515	0	0	if( pA->token.z ){
1516	0	0	if( pB->token.z==0 ) return 0;
1517	0	0	if( pB->token.n!=pA->token.n ) return 0;
1518	0	0	if( sqliteStrNICmp(pA->token.z, pB->token.z, pB->token.n)!=0 ) return 0;
1519			}
1520	0		return 1;
1521			}
1522
1523			/*
1524			** Add a new element to the pParse->aAgg[] array and return its index.
1525			*/
1526	18		static int appendAggInfo(Parse *pParse){
1527	18	100	if( (pParse->nAgg & 0x7)==0 ){
1528	15		int amt = pParse->nAgg + 8;
1529	15		AggExpr aAgg = sqliteRealloc(pParse->aAgg, amtsizeof(pParse->aAgg[0]));
1530	15	50	if( aAgg==0 ){
1531	0		return -1;
1532			}
1533	15		pParse->aAgg = aAgg;
1534			}
1535	18		memset(&pParse->aAgg[pParse->nAgg], 0, sizeof(pParse->aAgg[0]));
1536	18		return pParse->nAgg++;
1537			}
1538
1539			/*
1540			** Analyze the given expression looking for aggregate functions and
1541			** for variables that need to be added to the pParse->aAgg[] array.
1542			** Make additional entries to the pParse->aAgg[] array as necessary.
1543			**
1544			** This routine should only be called after the expression has been
1545			** analyzed by sqliteExprResolveIds() and sqliteExprCheck().
1546			**
1547			** If errors are seen, leave an error message in zErrMsg and return
1548			** the number of errors.
1549			*/
1550	20		int sqliteExprAnalyzeAggregates(Parse pParse, Expr pExpr){
1551			int i;
1552			AggExpr *aAgg;
1553	20		int nErr = 0;
1554
1555	20	50	if( pExpr==0 ) return 0;
1556	20		switch( pExpr->op ){
1557			case TK_COLUMN: {
1558	5		aAgg = pParse->aAgg;
1559	7	100	for(i=0; inAgg; i++){
1560	4	100	if( aAgg[i].isAgg ) continue;
1561	3	100	if( aAgg[i].pExpr->iTable==pExpr->iTable
1562	2	50	&& aAgg[i].pExpr->iColumn==pExpr->iColumn ){
1563	2		break;
1564			}
1565			}
1566	5	100	if( i>=pParse->nAgg ){
1567	3		i = appendAggInfo(pParse);
1568	3	50	if( i<0 ) return 1;
1569	3		pParse->aAgg[i].isAgg = 0;
1570	3		pParse->aAgg[i].pExpr = pExpr;
1571			}
1572	5		pExpr->iAgg = i;
1573	5		break;
1574			}
1575			case TK_AGG_FUNCTION: {
1576	15		aAgg = pParse->aAgg;
1577	17	100	for(i=0; inAgg; i++){
1578	2	50	if( !aAgg[i].isAgg ) continue;
1579	0	0	if( sqliteExprCompare(aAgg[i].pExpr, pExpr) ){
1580	0		break;
1581			}
1582			}
1583	15	50	if( i>=pParse->nAgg ){
1584	15		i = appendAggInfo(pParse);
1585	15	50	if( i<0 ) return 1;
1586	15		pParse->aAgg[i].isAgg = 1;
1587	15		pParse->aAgg[i].pExpr = pExpr;
1588	15	50	pParse->aAgg[i].pFunc = sqliteFindFunction(pParse->db,
1589	15		pExpr->token.z, pExpr->token.n,
1590	30		pExpr->pList ? pExpr->pList->nExpr : 0, 0);
1591			}
1592	15		pExpr->iAgg = i;
1593	15		break;
1594			}
1595			default: {
1596	0	0	if( pExpr->pLeft ){
1597	0		nErr = sqliteExprAnalyzeAggregates(pParse, pExpr->pLeft);
1598			}
1599	0	0	if( nErr==0 && pExpr->pRight ){
		0
1600	0		nErr = sqliteExprAnalyzeAggregates(pParse, pExpr->pRight);
1601			}
1602	0	0	if( nErr==0 && pExpr->pList ){
		0
1603	0		int n = pExpr->pList->nExpr;
1604			int i;
1605	0	0	for(i=0; nErr==0 && i
		0
1606	0		nErr = sqliteExprAnalyzeAggregates(pParse, pExpr->pList->a[i].pExpr);
1607			}
1608			}
1609	0		break;
1610			}
1611			}
1612	20		return nErr;
1613			}
1614
1615			/*
1616			** Locate a user function given a name and a number of arguments.
1617			** Return a pointer to the FuncDef structure that defines that
1618			** function, or return NULL if the function does not exist.
1619			**
1620			** If the createFlag argument is true, then a new (blank) FuncDef
1621			** structure is created and liked into the "db" structure if a
1622			** no matching function previously existed. When createFlag is true
1623			** and the nArg parameter is -1, then only a function that accepts
1624			** any number of arguments will be returned.
1625			**
1626			** If createFlag is false and nArg is -1, then the first valid
1627			** function found is returned. A function is valid if either xFunc
1628			** or xStep is non-zero.
1629			*/
1630	995		FuncDef *sqliteFindFunction(
1631			sqlite db, / An open database */
1632			const char zName, / Name of the function. Not null-terminated */
1633			int nName, /* Number of characters in the name */
1634			int nArg, /* Number of arguments. -1 means any number */
1635			int createFlag /* Create new entry if true and does not otherwise exist */
1636			){
1637			FuncDef pFirst, p, *pMaybe;
1638	995		pFirst = p = (FuncDef*)sqliteHashFind(&db->aFunc, zName, nName);
1639	995	100	if( p && !createFlag && nArg<0 ){
		100
		50
1640	0	0	while( p && p->xFunc==0 && p->xStep==0 ){ p = p->pNext; }
		0
		0
1641	0		return p;
1642			}
1643	995		pMaybe = 0;
1644	1292	100	while( p && p->nArg!=nArg ){
		100
1645	297	100	if( p->nArg<0 && !createFlag && (p->xFunc \|\| p->xStep) ) pMaybe = p;
		100
		100
		50
1646	297		p = p->pNext;
1647			}
1648	995	100	if( p && !createFlag && p->xFunc==0 && p->xStep==0 ){
		50
		100
		50
1649	0		return 0;
1650			}
1651	995	100	if( p==0 && pMaybe ){
		100
1652			assert( createFlag==0 );
1653	22		return pMaybe;
1654			}
1655	973	100	if( p==0 && createFlag && (p = sqliteMalloc(sizeof(*p)))!=0 ){
		50
		50
1656	917		p->nArg = nArg;
1657	917		p->pNext = pFirst;
1658	917	100	p->dataType = pFirst ? pFirst->dataType : SQLITE_NUMERIC;
1659	917		sqliteHashInsert(&db->aFunc, zName, nName, (void*)p);
1660			}
1661	973		return p;
1662			}