Adds fuzzer for the residual echo detector.

This is a robustness test for the residual echo detector, that can help to detect numerical issues. BUG=b/38014838 Review-Url: https://codereview.webrtc.org/2877803002 Cr-Commit-Position: refs/heads/master@{#18165}
2017-05-16 06:50:11 -07:00 · 2017-05-16 06:50:11 -07:00 · 860249ec62
commit 860249ec62
parent 52775841f0
5 changed files with 85 additions and 0 deletions
--- a/webrtc/modules/audio_processing/echo_detector/mean_variance_estimator.cc
+++ b/webrtc/modules/audio_processing/echo_detector/mean_variance_estimator.cc
@ -26,6 +26,8 @@ void MeanVarianceEstimator::Update(float value) {
  mean_ = (1.f - kAlpha) * mean_ + kAlpha * value;
  variance_ =
      (1.f - kAlpha) * variance_ + kAlpha * (value - mean_) * (value - mean_);
+  RTC_DCHECK(isfinite(mean_));
+  RTC_DCHECK(isfinite(variance_));
 }

 float MeanVarianceEstimator::std_deviation() const {
--- a/webrtc/modules/audio_processing/echo_detector/normalized_covariance_estimator.cc
+++ b/webrtc/modules/audio_processing/echo_detector/normalized_covariance_estimator.cc
@ -10,6 +10,10 @@

 #include "webrtc/modules/audio_processing/echo_detector/normalized_covariance_estimator.h"

+#include <math.h>
+
+#include "webrtc/base/checks.h"
+
 namespace webrtc {
 namespace {

@ -27,6 +31,8 @@ void NormalizedCovarianceEstimator::Update(float x,
  covariance_ =
      (1.f - kAlpha) * covariance_ + kAlpha * (x - x_mean) * (y - y_mean);
  normalized_cross_correlation_ = covariance_ / (x_sigma * y_sigma + .0001f);
+  RTC_DCHECK(isfinite(covariance_));
+  RTC_DCHECK(isfinite(normalized_cross_correlation_));
 }

 void NormalizedCovarianceEstimator::Clear() {
--- a/webrtc/modules/audio_processing/residual_echo_detector.cc
+++ b/webrtc/modules/audio_processing/residual_echo_detector.cc
@ -124,6 +124,7 @@ void ResidualEchoDetector::AnalyzeCaptureAudio(
    echo_likelihood_ = std::max(
        echo_likelihood_, covariances_[delay].normalized_cross_correlation());
  }
+  RTC_DCHECK_LT(echo_likelihood_, 1.1f);
  reliability_ = (1.0f - kAlpha) * reliability_ + kAlpha * 1.0f;
  echo_likelihood_ *= reliability_;
  // This is a temporary fix to prevent echo likelihood values > 1.0.
--- a/webrtc/test/fuzzers/BUILD.gn
+++ b/webrtc/test/fuzzers/BUILD.gn
@ -266,6 +266,16 @@ webrtc_fuzzer_test("neteq_rtp_fuzzer") {
  ]
 }

+webrtc_fuzzer_test("residual_echo_detector_fuzzer") {
+  sources = [
+    "residual_echo_detector_fuzzer.cc",
+  ]
+  deps = [
+    "../../base:rtc_base_approved",
+    "../../modules/audio_processing:audio_processing",
+  ]
+}
+
 webrtc_fuzzer_test("sdp_parser_fuzzer") {
  sources = [
    "sdp_parser_fuzzer.cc",
--- a/webrtc/test/fuzzers/residual_echo_detector_fuzzer.cc
+++ b/webrtc/test/fuzzers/residual_echo_detector_fuzzer.cc
@ -0,0 +1,66 @@
+/*
+ *  Copyright (c) 2017 The WebRTC project authors. All Rights Reserved.
+ *
+ *  Use of this source code is governed by a BSD-style license
+ *  that can be found in the LICENSE file in the root of the source
+ *  tree. An additional intellectual property rights grant can be found
+ *  in the file PATENTS.  All contributing project authors may
+ *  be found in the AUTHORS file in the root of the source tree.
+ */
+
+#include <math.h>
+#include <string.h>
+
+#include <algorithm>
+#include <bitset>
+#include <vector>
+
+#include "webrtc/base/checks.h"
+#include "webrtc/modules/audio_processing/residual_echo_detector.h"
+
+namespace webrtc {
+
+void FuzzOneInput(const uint8_t* data, size_t size) {
+  // Number of times to update the echo detector.
+  constexpr size_t kNrOfUpdates = 7;
+  // Each round of updates requires a call to both AnalyzeRender and
+  // AnalyzeCapture, so the amount of needed input bytes doubles. Also, two
+  // bytes are used to set the call order.
+  constexpr size_t kNrOfNeededInputBytes = 2 * kNrOfUpdates * sizeof(float) + 2;
+  // The maximum audio energy that an audio frame can have is equal to the
+  // number of samples in the frame multiplied by 2^30. We use a single sample
+  // to represent an audio frame in this test, so it should have a maximum value
+  // equal to the square root of that value.
+  const float maxFuzzedValue = sqrtf(20 * 48) * 32768;
+  if (size < kNrOfNeededInputBytes) {
+    return;
+  }
+  size_t read_idx = 0;
+  // Use the first two bytes to choose the call order.
+  uint16_t call_order_int;
+  memcpy(&call_order_int, &data[read_idx], 2);
+  read_idx += 2;
+  std::bitset<16> call_order(call_order_int);
+
+  ResidualEchoDetector echo_detector;
+  std::vector<float> input(1);
+  // Call AnalyzeCaptureAudio once to prevent the flushing of the buffer.
+  echo_detector.AnalyzeCaptureAudio(input);
+  for (size_t i = 0; i < 2 * kNrOfUpdates; ++i) {
+    // Convert 4 input bytes to a float.
+    RTC_DCHECK_LE(read_idx + sizeof(float), size);
+    memcpy(input.data(), &data[read_idx], sizeof(float));
+    read_idx += sizeof(float);
+    if (!isfinite(input[0]) || fabs(input[0]) > maxFuzzedValue) {
+      // Ignore infinity, nan values and values that are unrealistically large.
+      continue;
+    }
+    if (call_order[i]) {
+      echo_detector.AnalyzeRenderAudio(input);
+    } else {
+      echo_detector.AnalyzeCaptureAudio(input);
+    }
+  }
+}
+
+}  // namespace webrtc