View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0010406ardourbugspublic2026-06-15 10:292026-06-15 10:29
Reporterantono Assigned To 
PrioritynormalSeveritycrashReproducibilityalways
Status newResolutionopen 
PlatformGNUOSLinuxOS Version(any)
Product Version9.7 
Summary0010406: SIGFPE (integer divide-by-zero) in Editor::set_snapped_cursor_position when opening an existing session by double-click
DescriptionArdour crashes reliably with a `Floating point exception (SIGFPE)` when opening
an existing session via **double-click** in the Session selector. The crash is an
integer divide-by-zero in `Editor::set_snapped_cursor_position()`, triggered by a
mouse-motion event delivered to the editor canvas while the editor is still being
initialized (zoom / `samples_per_pixel` == 0).

It is 100% reproducible on this machine (5 consecutive core dumps, identical stack).
Steps To Reproduce1. Launch Ardour.
2. In the Session selector, **double-click an existing session** in the recent/file
   list (rather than selecting it and pressing Open).
3. Let the Audio/MIDI setup proceed, while the mouse pointer is over the editor area.

=> Crash: `Floating point exception (core dumped)`.

Note: the pointer being over the editor canvas while the startup/engine sequence
completes appears to be the trigger. Keeping the pointer off the canvas (or
confirming dialogs via keyboard without moving the mouse) avoids the crash.
Additional Information
Faulting instruction is `div %r14` inside libgcc `__divti3` (128-bit signed integer
division). At the crash the 128-bit denominator (registers `rdx:rcx`) is `0:0`, i.e.
a genuine integer divide-by-zero.

`Editor::set_snapped_cursor_position()` converts a time position to a pixel position,
which divides by the editor zoom (`samples_per_pixel`). That value is still 0 because
the editor has not finished initializing its zoom when a queued mouse-motion event is
delivered through the nested event loop run by `ARDOUR_UI::gui_idle_handler()` during
the Session/StartupFSM response handling.

This is an init-ordering / event-reentrancy race, not session-file corruption:
the loaded session files have valid `sample-rate="48000"` and non-zero saved zoom in
`instant.xml`.

## Backtrace (from core dump)

```
#0 __divti3 (libgcc_s.so.1) <-- div by zero
0000001 Editor::set_snapped_cursor_position(Temporal::timepos_t const&)
#2 Editor::motion_handler(ArdourCanvas::Item*, _GdkEvent*, bool)
#3 ArdourCanvas::GtkCanvas::deliver_event(_GdkEvent*)
0000004 ArdourCanvas::GtkCanvas::on_motion_notify_event(_GdkEventMotion*)
0000005 Gtk::Widget_Class::motion_notify_event_callback(_GtkWidget*, _GdkEventMotion*)
... (GTK signal emission)
0000019 gtk_main_iteration
0000020 ARDOUR_UI::gui_idle_handler() <-- nested event loop
0000021 AbstractUI<Gtkmm2ext::UIRequest>::call_slot(...)
0000022 PBD::SignalWithCombiner<...>::compositor(...)
0000025 ArdourDialog::on_response(int)
0000026 Gtk::Dialog_Class::response_callback(_GtkDialog*, int)
0000032 StartupFSM::start_audio_midi_setup()
0000033 (anonymous namespace)::Dialog_signal_response_callback(_GtkDialog*, int, void*)
0000039 SessionDialog::existing_file_activated() <-- double-click open
... (GTK tree-view row activation)
0000049 list_row_activated
0000055 gtk_tree_view_button_press
...
0000069 gtk_main
0000070 Gtkmm2ext::UI::run(Receiver&)
0000071 main
```

## Notes

- A closely related divide-by-zero in the snapped-cursor path was fixed in Ardour 8.6;
  this looks like a recurrence via a different entry path (double-click session open ->
  StartupFSM -> nested idle pump -> motion handler before editor zoom is set).
- Suggested guard: have `Editor::set_snapped_cursor_position()` (or the underlying
  sample->pixel conversion) bail out / treat `samples_per_pixel == 0` as a no-op, and/or
  avoid delivering canvas motion events before the editor zoom is initialized.
TagsNo tags attached.

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2026-06-15 10:29 antono New Issue