Skip to content

NameError: chain_prompt is not defined in FullyDeterminer.analyze_trace_with_deepseek #2

Description

@BACMiao

Summary

In LLM-assisted_Validation/ds_llm_fully_determine_mul.py, the method FullyDeterminer.analyze_trace_with_deepseek references a local variable chain_prompt that is never defined anywhere in the file. As a result the final, chain-level verdict step raises NameError, which is caught by the surrounding try/except and silently replaced with a hard-coded is_vulnerability: False. So the per-trace propagation verdict produced by stage-3 is never actually computed by the model.

Where

try:                                                                                                                                                                                                                                 
    final_response = self.llm_client.chat_completion(                                                                                                                                                                                
        messages=[                                                                                                                                                                                                                   
            {                                                                                                                                                                                                                        
                "role": "user",                                                                                                                                                                                                      
                "content": chain_prompt + "\n请务必以严格的JSON格式返回结果,..."                                                                                                                                                    
            }                                                                                                                                                                                                                        
        ],                                                                                                                                                                                                                           
        temperature=0,                                                                                                                                                                                                               
        ...                                                                                                                                                                                                                          
    )                                                                                                                                                                                                                                
    ...                                                                                                                                                                                                                              
except Exception as e:                                                                                                                                                                                                               
    print(f"调用 DeepSeek 进行综合分析时出错: {str(e)}")                                                                                                                                                                             
    final_analysis = {                                                                                                                                                                                                               
        "issue_number": ...,                                                                                                                                                                                                         
        "is_vulnerability": False,            # <- every trace ends up here                                                                                                                                                          
        "reason": f"DeepSeek API调用错误: {str(e)}",                                                                                                                                                                                 
        ...                                                                                                                                                                                                                          
    }                                                                                                                                                                                                                                

Question

Could you confirm whether a chain_prompt = ... assignment was meant to be included here? If so, sharing that snippet would let us reproduce the intended stage-3 verdicts. Thanks for releasing the code!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions