## Why does TempDB spill happen even though statistics are correct?

I read a great article published by Brent Ozar and came up with some questions related to memory grant. I am unable to address my questions in the comment section of his article, so I thought to get any help from here.

1. Question: How much data is spilled into disk? 400 MB or 60 MB(7643KB*8)?

in the article he states:

And no matter how many times I update statistics, I’ll still get a ~400MB spill to disk.

I am kinda confused here(

1. Question: If everything is okay with estimates, stats are up to date, box has sufficient memory, and no queries were running at that time, then why does spill to disk happen?

look at the estimated number of rows versus the actual number of rows. They’re identical. The stats are fine.

I’m not using a small server, either: my virtual machine has 32GB RAM, and I’ve allocated 28GB of that to SQL Server. There are no other queries running at the same time – it’s just one lonely query, spilling to disk…

## Can this Lair Action restore all the lich’s 8th or lower spell slots even when there’s no combat or any of the lich’s enemies within?

One of the Lair Actions of a lich does the following:

The lich rolls a d8 and regains a spell slot of that level or lower. If it has no spent spell slots of that level or lower, nothing happens.

A lich decided to attack the party, using some of its spell slots in the process, and then retreat to its lair to recover and await the party.

If the party manage to find the lich’s lair within 8 hours (i.e. before the lich can long rest and recover its spell slots that way), would the above Lair Action have (likely1) restored all of the lich’s spent spell slots (excluding the 9th level spell slot, obviously)?

Or is there some reason this wouldn’t work, such as the Lair Actions only being "active" when there are enemies of the lich actually in the lair (i.e. during combat)?

1 I say "likely" because there’s a dice roll involved, so technically it could not roll the numbers it needs to actually recover all its spell slots, but let’s discount that possibility as I imagine an hour or so of rolling will almost definitely roll the numbers that it needs eventually.

## Popup alert even when a site deletes the alert function | bypass

A website fully filter the alert function from his website, and replace it with an empty string, but I want to bypass it and still popup an alert, I am trying to solve an XSS challenge, and I figure out that the site identify the double "l" char, and fully removes the string.

http://alertmywebsite.com/2.php?xss=<script>allert(1)</script>

the output is <script>allert(1)</script>, and when I remove the second "l", the output is <script></script>, Only the "l" is still showing the alert function, any other double char is fully removes the string How can I bypass it ?

## Algoritm to sample an even subgraph of a graph

In some problems related to the Ising model in physics and mathematics the following problem comes up:

Suppose I have a graph $$G$$. Then an even spanning subgraph of $$G$$ is a subgraph where you keep all the vertices and some of the edges such that each vertex has even degree.There is always at least one since the empty spanning subgraph is always even. Now, among all the even spanning subgraphs of $$G$$ I want to sample one uniformly at random.

Is there an fast and preferably easy to implement algoritm to do that?

Is this a well studied problem? If yes: could you point me to some references?

Some background: The space of even spanning subgraphs of a graph has some nice structure since if you have two of them then you can take their symmetric difference and it will still be an even spanning subgraph. This means that it is a vector space of the field $$\mathbb{F}_2$$ and you can pick a basis of that space – in particular this shows that the number of even spanning subgraphs is always a power of 2. I wonder how difficult it is to find the basis elements since if you have some you just flip coins for each and take the symmetric difference of all the graphs where you get head. Another point is that there might be a smart low-tech randomized way to do this.

## What is the break even point for using a level 1 spell slot for Divine Favor rather than for Divine Smite?

Divine Favor (from a level 1 spell slot) lasts for up to 10 rounds, and on a hit does 1d4 radiant damage.
On a critical hit it adds 2d4 radiant damage.
Divine Smite (from a level 1 spell slot) is good for 1 hit, but does 2d8 radiant damage.
If the hit was critical it does 4d8 radiant damage.

### Assumption 1: Combat lasts from 3-6 rounds

Why? a. That’s how long it tends to last with this particular group
b. For a two round fight divine smite is without question the better choice.

Case 1: hit Armor Class 14
Case 2: hit armor class 16

While I can see Divine Favor being a good use of a level 1 slot once the Paladin has two attacks per Attack Action at level 5, I am trying to nail down (in tier 1 play) how many rounds the combat needs to last for Divine Favor to be the better choice for a level one spell slot.

### Assumption: the paladin does not fail the concentration save if hit during this combat.

That’s to keep the question with a tight scope, but as I discuss this with my paladin player a separate risk assessment needs to be made vis a vis loss of concentration.

### Assumption 3: single class paladin, level 2, 3 or 4.

My back-of-the-napkin-math says “4 rounds” but I may not be setting the problem up correctly.

How many rounds does combat have to last to make divine favor the best choice?

My instinct is that agaisnt one big monster, use divine smite to nova the monster down; against a mob of small creatures use divine favor to whittle down a lot of targets – but that is a separate question/problem.

## Is $nHALT$ undecidable even if $M$ halts on input $w$ in finite steps

If we have the language

$$nHALT=\{;$$ $$M$$ halts on input $$w$$ in less than $$n$$ steps$$\}$$

Is this language also undecidable in the same way that $$HALT$$ is undecidable? And if so, $$nHALT\notin P$$, right?

## [ Politics ] Open Question : You know Donald Trump is in BIG trouble when even Lisa Murkowski won’t support him?

https://www.usatoday.com/story/news/politics/2020/06/04/lisa-murkowski-struggling-trump-mattis-comments/3144321001

## Is the empty string and some words of even length are elements of this set?

$$L = \{w \in \{a,b\}^*| \text{the first, the middle, and the last characters of w are identical}\}$$.

I have my answers, but I need confirmation:

Is the empty string $$\epsilon \in L$$? Yes. Reason: there is no first, middle, or last character to break the rule.

Words of even length, assuming the first and last characters of them are identical, again, must be in $$L$$, as there is no middle character to break the rule in such words.

This is in the context of theory of computation by the way.

## Why do tempdb spills still occur even with good row and data size estimates (better than actuals)?

We’re seeing tempdb DB spills for some hashing operations. If the estimates are indeed good as shown what would be the next thing(s) to look for? Looking for a generic answer without having to resort to the specifc query.

This is part of an SP. Just switched to 2019 version to see if it would auto adjust but still getting spills so far.

Microsoft SQL Server 2019 (RTM) – 15.0.2000.5 (X64)