Tomas Vondra <tomas.von...@enterprisedb.com> writes: > I guess the idea was to add a sentinel only when there already is space > for it, but perhaps that's a bad tradeoff limiting the benefits. Either > we add the sentinel fairly often (and then why not just add it all the > time - it'll need a bit more space), or we do it only very rarely (and > then it's a matter of luck if it catches an issue).
I'm fairly sure that when we made that decision originally, a top-of-mind case was ListCells, which are plentiful, small, power-of-2-sized, and not used in a way likely to have buffer overruns. But since the List rewrite a couple years back we no longer palloc individual ListCells. So maybe we should revisit the question. It'd be worth collecting some stats about how much extra space would be needed if we force there to be room for a sentinel. regards, tom lane