Adds fuzzer for the residual echo detector.

webrtc/test/fuzzers/residual_echo_detector_fuzzer.cc

Index: webrtc/test/fuzzers/residual_echo_detector_fuzzer.cc
diff --git a/webrtc/test/fuzzers/residual_echo_detector_fuzzer.cc b/webrtc/test/fuzzers/residual_echo_detector_fuzzer.cc
new file mode 100644
index 0000000000000000000000000000000000000000..1d8f6efba82da8d82515ed97c3a6a2ebaf720072
--- /dev/null
+++ b/webrtc/test/fuzzers/residual_echo_detector_fuzzer.cc
@@ -0,0 +1,63 @@
+/*
+ *  Copyright (c) 2017 The WebRTC project authors. All Rights Reserved.
+ *
+ *  Use of this source code is governed by a BSD-style license
+ *  that can be found in the LICENSE file in the root of the source
+ *  tree. An additional intellectual property rights grant can be found
+ *  in the file PATENTS.  All contributing project authors may
+ *  be found in the AUTHORS file in the root of the source tree.
+ */
+
+#include <math.h>
+#include <string.h>
+
+#include <algorithm>
+#include <bitset>
+#include <vector>
+
+#include "webrtc/base/checks.h"
+#include "webrtc/modules/audio_processing/residual_echo_detector.h"
+
+namespace webrtc {
+
+void FuzzOneInput(const uint8_t* data, size_t size) {
+  RTC_DCHECK_EQ(sizeof(float), sizeof(unsigned int));

[hlundin-webrtc, 2017/05/12 07:32:31]

Make this a static_assert.

And, do you want to make sure the size is equal to that of an unsigned int
(which in itself may vary), or do you want to compare to a fixed-width type
(e.g., uint32_t)?

[ivoc, 2017/05/12 09:43:22]

Good question. I added this DCHECK earlier when I used a different way to
convert from the bytes to float, but I think I don't need it anymore now. I'll
just remove it.

[hlundin-webrtc, 2017/05/12 11:39:48]

Acknowledged.

+  // Number of times to update the echo detector.
+  constexpr size_t kNrOfUpdates = 7;
+  // Each round of updates requires a call to both AnalyzeRender and
+  // AnalyzeCapture, so the amount of needed input bytes doubles. Also, two
+  // bytes are used to set the call order.
+  constexpr size_t kNrOfNeededInputBytes = 2 * kNrOfUpdates * sizeof(float) + 2;
+  // The maximum audio energy that an audio frame can have is equal to the
+  // number of samples in the frame multiplied by 2^30. We use a single sample
+  // to represent an audio frame in this test, so it should have a maximum value
+  // equal to the square root of that value.
+  const float maxFuzzedValue = sqrtf(20 * 48) * 32768;
+  if (size < kNrOfNeededInputBytes) {
+    return;
+  }
+  // Use the first two bytes to choose the call order.
+  uint16_t call_order_int;
+  memcpy(&call_order_int, &data[0], 2);

[hlundin-webrtc, 2017/05/12 07:32:31]

I would like to see either a read index (size_t) or a read ptr (uint8_t*) and
keep updating that throughout this function.

size_t read_ix = 0;
memcpy(&call_order_int, &data[read_ix], 2);
read_ix += 2;

- or -

uint8_t* read_ptr = data;
memcpy(&call_order_int, read_ptr, 2);
read_ptr += 2;


And then in the loop below:

memcpy(input.data(), &data[read_ix], 4);
read_ix += 4;

- or -
memcpy(input.data(), read_ptr, 4);
read_ptr += 4;

[ivoc, 2017/05/12 09:43:22]

Good idea, I updated the code to use a read_ix.

+  std::bitset<16> call_order(call_order_int);
+
+  ResidualEchoDetector echo_detector;
+  std::vector<float> input(1);
+  // Call AnalyzeCaptureAudio once to prevent the flushing of the buffer.
+  echo_detector.AnalyzeCaptureAudio(input);
+  for (size_t i = 0; i < 2 * kNrOfUpdates; ++i) {
+    // Convert 4 input bytes to a float.
+    memcpy(input.data(), &data[i * 4 + 2], 4);

[hlundin-webrtc, 2017/05/12 07:32:31]

Add a DCHECK that you are not reading outside of the array.

[ivoc, 2017/05/12 09:43:22]

Done.

+    if (!isfinite(input[0]) || fabs(input[0]) > maxFuzzedValue) {
+      // Ignore infinity, nan values and values that are unrealistically large.
+      continue;
+    }
+    if (call_order[i]) {
+      echo_detector.AnalyzeRenderAudio(input);
+    } else {
+      echo_detector.AnalyzeCaptureAudio(input);
+    }
+  }
+}
+
+}  // namespace webrtc