In defense of SELECT * in production code, in some limited cases?

SELECT * in listing 1 may not be covered whereas listing 2 could be easily made so.  However since the outer SELECT doesn't use the "extra" columns the optimizer may not even get them.  I didn't try it to see.

Other than that i agree.

Alex, agreed 100%. I use SELECT * like that all the time. See the Who is Active code for two or three examples :-)

Excellent point, Alex.  In a case like that, it really wouldn't make any difference.  Great tip!

Clarity is always better. I would use case 2 instead of case 1. It only saves a few keystrokes, and only once, why not spend the extra moment and make the code abundantly clear?

Listing 2 could also cause issues if the outer query gets removed. Imagine the code having an issue, so a developer copies the inner query and sends it in an email to a co-worker. The clarity of the outer query is now gone.

If anything, i'd say specify it in the inner query and use * in the outer query. being the inner query hit the TABLE, it should specify the COLUMN-list. But if the outer query merely pulls in information from the inner query, which is defined right there, the case can be made to use *. (I still wouldn't but because i'd apply it as a blanket rule, but not because it is inherently bad.)

The only time i (almost) used * in production code (outside of EXISTS and COUNT) was on 10 TABLEs with 1,000 COLUMNs each. Specifying the COLUMNs would have hurt more than it helped. In the end, we went with long instead of wide.

I would prefer explicitly listing the inside columns and using * in the outer select as they would have been previously limited. Basically flip listing 1. Just my preference.

I would still use explicit list of columns. Relying on the optimizer to be 'smart' is to much of a raincheck sometimes.

Also, in case of EXISTS I tend to type (select 1 from... ) rather than a *. Just looks better for me, even though there is no difference.

I see some people type select count(1) from.. in turn. I rather prefer count(*) this time, so I can't be called constant consistent :)

@Alexander Kuznetsov

I mean COLUMN-wise. There's no join, no manipulation, no changing. The COLUMN list would be right there in the inner query, and cannot be run without it. So, there's no chance of confusion.

Talking about a situation where Listing 2 is safer than Listing 1, what if someone adds a column named "rn" to "SomeTable"?

That being said, I tend to use Listing 1 more often than not.  I agree that it's shorter and more readable to list the columns once.

"Rules" are handy for people who don't understand or aren't interested in understanding exactly what they are doing.  

But when you *really* know what you are doing and why you are doing it you can always break the rules.

SQL developers seem to be overly obssessed with rules compared to other colleagues I work with who appear to be much more flexible in their approach.  

I particularly notice an abundance of blog posts labouring best practises.  Just get out there and code.  If it doesn't work re-factor.  Get agile :)

@AgileBI

>But when you *really* know what you are doing and why you are doing

>it you can always break the rules.

And make it how much harder for the maintenance programmer? Is it really worth saving a minute or two now, when the cost later is so much more?

>SQL developers seem to be overly obssessed with rules compared to

>other colleagues I work with who appear to be much more flexible

>in their approach.  

People who work with caustic acid are so much more paranoid about spills that all the cooks i work with, who are much more easy going.

>I particularly notice an abundance of blog posts labouring best

>practises.  Just get out there and code.  If it doesn't work

>re-factor.  Get agile :)

Remind me never to hire you. Not only are Agile and databases not compatible, it isn't even tempting. Agile is good for UI design. And the fad will pass in a few years like all the other shiny new methodologies.

Very interesting point.

However sometimes you need to make a functionality change, and the fix has to be made on the back-end without touching the front-end App code.

So the returning result set should keep the same structure.Then you would need to change the inner query select list. Solution in this case would be to replace the '*' with the explicit select from the different set of columns/tables and to alias it with the same names-then you can keep the aliases the same.

Example:

SELECT  Column1 ,

           Column2 ,

           Column3  ,

           Column4  ,

           Column5  ,

           Column6

   FROM    (  

   SELECT    Col1 AS Column1  ,

               Col2 AS Column2 ,

               Col3 AS Column3 ,

               Col4  AS Column4 ,

               Col5  AS Column5 ,

               Col6  AS Column6 ,          

               AS ROW_NUMBER() OVER ( PARTITION BY Column1  

           ORDER BY Column2 ) AS rn

       FROM      data.SomeTable2

   ) AS c

   WHERE   rn < 5

Not sure that SELECT * is really a good idea here either, because you're assuming in Listing 2 that the columns are the same.

In that case, then I don't suppose it makes much difference, but you did not state that in your post.

If the table in your subquery has many more columns, then you're pulling unnecessary data back, which if I play devil's advocate and say it has 1018 more columns, you're getting a lot of junk that you don't need, and should limit the set.

I think Lana probably meant to change some of the columns in the inner query?

something like:

IF OBJECT_ID('tempdb..#testData') IS NOT NULL

   BEGIN

       DROP TABLE #testData

   END

CREATE TABLE #testData

   (

     Column1 INT ,

     Column2 INT ,

     Column3 INT ,

     Column4 INT ,

     Column5 INT ,

     Column6 INT

   )

INSERT  INTO #testData

       SELECT  1 ,

               2 ,

               3 ,

               4 ,

               5 ,

               6

       UNION ALL

       SELECT  7 ,

               8 ,

               9 ,

               0 ,

               1 ,

               2

       UNION ALL

       SELECT  1 ,

               2 ,

               3 ,

               4 ,

               5 ,

               6

       UNION ALL

       SELECT  7 ,

               8 ,

               9 ,

               0 ,

               1 ,

               2

       UNION ALL

       SELECT  1 ,

               2 ,

               3 ,

               4 ,

               5 ,

               6

       UNION ALL

       SELECT  3 ,

               4 ,

               5 ,

               6 ,

               7 ,

               8

--SELECT * FROM #testData AS td

SELECT  c.rn ,

       Column1 ,

       Column2 ,

       Column3 ,

       Column4 ,

       Column5 ,

       Column6

FROM    (

         SELECT    c.* ,

                   ROW_NUMBER() OVER ( PARTITION BY Column1 ORDER BY Column2 ) AS rn

         FROM      #testData AS c

       ) AS c

WHERE   rn < 5

--Lana's example, swapping columns out in the inner query

SELECT  Column1 ,

       Column2 ,

       Column3 ,

       Column4 ,

       Column5 ,

       Column6

FROM    (

         SELECT    Column6 AS Column1 ,

                   Column5 AS Column2 ,

                   Column4 AS Column3 ,

                   Column3 AS Column4 ,

                   Column2 AS Column5 ,

                   Column1 AS Column6 ,

                   ROW_NUMBER() OVER ( PARTITION BY Column1 ORDER BY Column2 ) AS rn

         FROM      #testData

       ) AS c

WHERE   rn < 5

@Alexander Kuznetsov

>can you give us an example when this * really makes it "harder for

>the maintenance programmer? Is it really worth saving a minute or two

>now, when the cost later is so much more?"

That didn't mean SELECT * specifically, that was in response to the comment "But when you *really* know what you are doing and why you are doing it you can always break the rules."

SELECT * would be unlikely to cause confusion to the maintenance coder (even though the list is probably clearer).

>Not only are Agile and databases not compatible, it isn't even tempting. >Agile is good for UI design.

Couldn't disagree more, IMHO if you want to do for example BI/DWh successfully then SDLC just doesn't work you have to do agile short bursts of development... you just do it following an agreed high level design.

I'm in agreement that as db developers we're often too focussed on "rules", often the practical application of sound reasoning is more than enough. How many extra minutes do we invest in code to make it "best practice" that never breaks... ever... Thats also a cost to any business.

Have you tested whether the optimizer is smart enough to exclude columns from the inner query result that aren't used by the outer query?  For instance, if you had a Column7 varchar(max) on the table but it wasn't used by the outer query.

I consistently see exactly the same execution plan, no matter if I use * of if I expand * into the list of columns. Note, however, that I keep my queries short and simple, and I avoid big huge monster queries in my production. So, what I am observing in simple cases might not be true for more complex ones.

Of course, because in SQL Server the optimizer is not open source, we cannot see for ourselves the algorithm which makes such decisions, and all we can do is black box testing.

@Alexander Kuznetsov

>I lead a team of agile developers. Are you suggesting that we should

>stay away from databases

If it works for you, go ahead. Stay away from my databases though. Or, another way, don't ask me to help a team that uses Agile.

>Database development is development too. Why shouldn't we use in

>our database programming the approach that helps us succeed in OO

>programming?

Because programming is a set of rules that works together. Data Modeling is a single image that expresses a single idea. Put another way. Programming can be done in parts and then tied together. Data Modeling is done as a whole, then defines its smaller parts.

At least that's my approach. I'm usually called in to fix the problems caused by piecemeal modeling.

@Martin Norgrove

>you just do it following an agreed high level design.

There's an agreed design? Please, please convince our BAs of that!

>the practical application of sound reasoning is more than enough

In my experience, "sound reasoning" fails after about three months.

>How many extra minutes do we invest in code to make it "best

>practice" that never breaks... ever...

We must work in different universes. I am called in to other teams to fix problems because of exactly this.

Mike C

It's smart enough to only pull the columns you want. You can test this by creating a covering index on only the columns you want and see that it's performing an index scan rather than a table (Clustered Index) scan:

IF OBJECT_ID('tempdb..#so') IS NOT NULL DROP TABLE #so

GO

SELECT * INTO #so FROM sys.sysobjects

CREATE INDEX ix_so1 ON #so(name, id, xtype, uid, info, crdate)

GO

SELECT subQ.name, subq.id, subq.xtype, subq.uid, subQ.info, subQ.crdate, subQ.rn

FROM (SELECT *,

     ROW_NUMBER() OVER (ORDER BY crdate ) AS rn

     FROM #so) subQ

The concern is that a column [rn] could be added to [SomeTable] in the future and, withouth a full suite of test casese, we might not encounter it until our code hits production. At that point, we get an error:

Msg 8156, Level 16, State 1, Line 1

The column 'rn' was specified multiple times for 'subQ'.

Couldn't we get the best of both wolds by using an impossible-to-repeat column name such as a GUID?

SELECT  Column1 ,

       Column2 ,

       Column3  ,

       Column4  ,

       Column5  ,

       Column6

FROM    ( SELECT    c.* ,

                   ROW_NUMBER() OVER ( PARTITION BY Column1 ORDER BY Column2 ) AS [76E5FC36-A01E-4AC0-AE55-9C1D9A2C3616]

         FROM      data.SomeTable AS c

       ) AS c

WHERE   [76E5FC36-A01E-4AC0-AE55-9C1D9A2C3616] < 5

@Jared Ko

Excellent point.

Another solution would be to name the COLUMNs on the inner query and use the * on the outer one.

Jared,

When we use rn as column name for ROW_COUNT() in the inner subquery, we implicitly assume that column rn is not present in whatever we select from.

I would rather write an automated (unit) test to document this assumption, and keep my source code succinct. But maybe that's just me - I have a very powerful and easy-to-use unit testing harness, and I can benefit from it in multiple ways.

@Alex

The problem doesn't lie with whether [rn] currnetly exists but its potential to exist during the lifetime of the database. Applications tend to live on beyond the time that we're in charge of the development of said database.

The concern is that a new developer will come in a year from now and decide that all tables need row numbers and add [rn] to your table.

This is the same reason we prefix table names (or aliases) in front of all of our column names any time we do a join. We know that there is a risk of somebody adding a column with the same name to another table giving that dreaded "ambiguous column name" error.

You want to do everything possible (within reason) to future-proof your database. I believe that "SELECT *" can be reasonably expanded to column names (or using an impossible name) to reasonably future-proof your database.

Except for the fact that you don't want 'rn' in the outer query, I'd actually prefer to list the columns in the subquery and use 'select *' in the outer.

Reason being that on a subquery that has joins, I'm more likely to find that a * in there will break the query because someone puts a "modifieddate" on both tables, whereas if I've restricted my columns in a subquery, I'm almost always okay about using "select *" on the outside.

But I think there's a more controversial argument in place for whether you allow "select *" in environments that aren't using subqueries, which could potentially return extra columns if the tables beneath are modified... that's a very different discussion.

Rob

Agreed that unit tests should sniff out something like this prior to deployment. However, you'd have to have some pretty high code coverage metrics >80% to ensure that you weren't going to get bitten by this particular scenario. This is fine if you have a tight control over you team but I still believe it to be a bad practice.

I see a funny paradox, though. You're trying to save a little bit of time by using "SELECT *" but you're spending a great deal of time on test cases. At least, you'd have to spend a lot of time to get the adequate coverage levels to catch errors like this.

Would you choose to not put table prefixes in front of your column names if only one table in the JOIN condition had the column name? It seems like this would be doing the same thing.

BTW: Thanks for continuing to engage me on this debate. I'm enjoying the discussion and hope I'm not upsetting/offending you in my responses. It's hard to guage response when speaking with a stranger. :)

@Alexander,

There's a school of thought that says that going beyond a certain level of code coverage has an extremely high cost with a minimum payoff. I would assume that it takes you as much effort to get from 80% to 90% as it would take you to get from 0% to 80%.

I don't understand why you would go to all the trouble of hitting 100% coverage but not want to spend the extra effort to ensure that you're writing bulletproof code.  Surely you're losing less than a minute to actually type the column names (I personally just highlight over the object name, press ALT-F1, and copy the column names or take advantage of Intellisense).

Agreed that typing those column names three times (as you put in your most-recent example) is a very tedious process. Manually lining is up to make it readable (the same way that .net automatically does it) takes even more time.

All that being said, if have 100% coverage then you are truly an edge case and you're probably safe to use "SELECT *" if you're running those test cases with each build.

Thanks for the link on reproducing DB Errors. The introduction of a temporary constraint is an interesting concept that I never considered.

You didn't properly respond to my comment/question, though. I'm not asking why you have 100% coverage. I agree that that's a different topic.

It seems that if you were to go to such pains to reach high coverage numbers then it would be a no-brainer to expand the column names in your code. Arguably, you're taking about one extra minute of coding your stored procedure to ensure that you'd never have to go in and fix it (the column names) if one of your test cases failed.

I'm with Rob F. on this one - if I were going to do this I'd put the * in the outer query and explicitly name the columns in the subquery.  I like Jared's test, but I think I'd have to do more testing to be sure that the subquery was not returning more than it needed to the outer query (using different indexes, different combinations of columns, etc.)

Brian said:

>> ...Data Modeling is a single image that expresses a single idea.  Put another way.  Programming can be done in parts and then tied together.  Data Modeling is done as a whole, then defines its smaller parts.  At least that's my approach.  I'm usually called in to fix the problems caused by piecemeal modeling.

As someone with more than three decades training and experience with programming, data modeling, and database administration, I tend to agree with Brian.  I agree with the comment

>>"Rules" are handy for people who don't understand or aren't interested in understanding exactly what they are doing.  But when you *really* know what you are doing and why you are doing it you can always break the rules.

But, I see an incredible ignorance of the principles of data modeling on a lot of database administration resource sites.  Data modeling <> database programming <> database administration.  People tend to think that they know more than they really do...

Too much programming of any kind is done with little thought to maintainability or performance later.  But the principles of ease of maintenance and good performance are often in tension with each other, and not always are both, or sometimes even either, an issue.  However, I would say that to ignore maintainability is to tempt fate...