cpython icon indicating copy to clipboard operation
cpython copied to clipboard
Published 6 days ago verified publisher icon python

IDLE: Performance issue processing config-extensions.def

Open kexinoh opened this issue 6 months ago • 4 comments

Bug report

Bug description:

Bug Description: A series of performance issues related to quadratic complexity has been identified in IDLE's editor. On files with very long lines, this can cause the editor to freeze or hang.

Vulnerability Locations:

  • 1 (Fixed): https://github.com/python/cpython/blob/5ab66a882d1b5e44ec50b25df116ab209d65863f/Lib/idlelib/editor.py#L1206
  • 2 (Not need fix): https://github.com/python/cpython/blob/5ab66a882d1b5e44ec50b25df116ab209d65863f/Lib/idlelib/editor.py#L1373

Repair Status:

  • Issues 1 have been fixed by @johnzhou721.
  • https://github.com/python/cpython/pull/134874

CPython versions tested on:

CPython main branch

Operating systems tested on:

Linux

Linked PRs

  • gh-134874

kexinoh avatar Jun 28 '25 08:06 kexinoh

@kexinoh Bug 2 is invalid because "anyone who can edit files or get code files loaded can do much worse than than make IDLE hang on hitting" (Reedy 2025).

In addition:

Any such [refactoring] project [of the block of code in bug 2] must begin with a separate issue and an detailed analysis of current versus desired behavior, and it must consider the entire block of relevant code. This is lines 1365-1385, which begin with the comment

It may require inserting spaces if we back up over a tab character! This is written to be clear, not fast.

REFERENCES https://github.com/python/cpython/pull/134874

johnzhou721 avatar Jun 28 '25 13:06 johnzhou721

I modified the content about this part in the issue

kexinoh avatar Jun 28 '25 14:06 kexinoh

@kexinoh Thanks!

johnzhou721 avatar Jun 28 '25 18:06 johnzhou721

Item 1 does not involves processing lines in the editor. It is only about processing lines in idlelib/config-extensions.def. This code could be moved to a function in config.py. I changed the title accordingly.

This is not much of a bug either. Users do not normally change that file. But if they download and install an IDLE extension, its installer must add lines to the file. The code executed when the extension is invoked is more of a danger.

However, updating and improving the 2000 code with a feature added in 2002, which I am glad to do, also fixes the possible vulnerability.

As previously noted the 'quadratic' loop in item 2 does indicate problematic code. The complexity comes from trying to handle situations that either cannot or should not occur. Simplifying the function specification should allow elimination of that loop.

terryjreedy avatar Jun 28 '25 22:06 terryjreedy

#136556 tracks item 2 as needing simplification instead of a quadratic vulnerability.

johnzhou721 avatar Jul 11 '25 18:07 johnzhou721