USAN: division-by-zero in levinson durbin algorithm in WB TBE

Basic info

Commit SHA: fe197c3c

Bug description

Clang USAN sanitizer test in pipeline found an error:

lib_com/lpc_tools.c:149:23: runtime error: division by zero
SUMMARY: UndefinedBehaviorSanitizer: float-divide-by-zero lib_com/lpc_tools.c:149:23 in

This happens in frame 526 during application of the WB TBE (swb_tbe_enc.c:283):

    autocorr( hb_old_speech, R, LPC_SHB_ORDER_WB + 1, ( NS2SA( INT_FS_12k8, 5000000L ) + L_SUBFR + L_FRAME ) * 5 / 16, win_lpc_hb_wb, 0, 1, 1 );
    lev_dur( lpc_wb_temp, R, LPC_SHB_ORDER_WB, ervec_temp ); // <-------------

Inspecting the variables reveals that the array hb_old_speech only has zeros in it (moved from hBWE_TD->old_speech_wb in line 264). Consequently, the autocorrelation R comes out to all zero and finally at the line the USAN reports:

    rc[0] = ( -r[1] ) / r[0];

the division by zero happens.

Interestingly, the input high band signal to wb_tbe_enc() (ivas_core_enc.c:356), hb_speech, is also zero already. The signal in that frame consists only of very low background noise.

Link to test pipeline: https://forge.3gpp.org/rep/ivas-codec-pc/ivas-codec/-/jobs/284059

Ways to reproduce

Using the scripts:

python3 scripts/IvasBuildAndRunChecks.py --checks CLANG3 -m ISM4_b48_dtx_wb_cbr -p /path/to/my/local/ci_linux_ltv_local.json --usan_supp_file scripts/ubsan.supp --oc EXT

or directly:

make clean
make -j CLANG=3
UBSAN_OPTIONS=suppressions=scripts/ubsan.supp,report_error_type=1,log_path=usan_log_catchall ./IVAS_cod -dtx -ism 4 ltvISM1.csv ltvISM2.csv ltvISM3.csv ltvISM4.csv -max_band wb 48000 16 ltv16_4ISM.wav bit

Admin message

USAN: division-by-zero in levinson durbin algorithm in WB TBE

Basic info

Bug description

Ways to reproduce