Skip to main content

Bug Tracker

Side navigation

#3905 closed bug (duplicate)

Opened January 18, 2009 05:55AM UTC

Closed January 20, 2009 08:13PM UTC

Last modified March 15, 2012 02:58PM UTC

Infinite loop with selector expression "*:not(.ELEM-CLASS) .SUBELEM-CLASS1"

Reported by: jlongster Owned by: john
Priority: major Milestone: 1.3.1
Component: selector Version: 1.3
Keywords: Cc:
Blocked by: Blocking:
Description

I recently upgraded from jQuery 1.2.6 to jQuery 1.3 and one of my plugins broke the site. Looking into it further, it turns out to be an issue with a selector expression it used, meaning the bug lies within jQuery (or Sizzle).

The bug causes an infinite loop when executing a specific selector expression. Here's how to reproduce it.

Take the following HTML:

<div class="ELEM-CLASS">

<div class="SUBELEM-CLASS1">CLASS1</div>

</div>

And execute this javascript:

jQuery('*:not(.ELEM-CLASS) .SUBELEM-CLASS1');

And an infinite loop should occur. I've debugged this quite a bit, but I have no experience with jQuery's internals, especially Sizzle, so I got a bit lost. Here's what I found so far though.

The infinite loop occurs in selector.js on line 376 with the following statement (arrow points to the line):

TAG: function(match, curLoop){

for ( var i = 0; !curLoop[i]; i++ ){} <-----

return isXML(curLoop[i]) ? match[1] : match[1].toUpperCase();

},

If you remove the nested div with the class SUBELEM-CLASS1, it runs fine. This works in 1.2.6, but obviously the whole selector engine has been rewritten in 1.3. I wish I could give better debugging info, but I could only go so far in the selector source without spending an inordinate amount of time.

Attachments (0)
Change History (1)

Changed January 20, 2009 08:13PM UTC by john comment:1

resolution: → duplicate
status: newclosed

This is a duplicate of #3837.