DeepAudit icon indicating copy to clipboard operation
DeepAudit copied to clipboard
Published 1 week ago verified publisher icon lintsinghua

循环Bug

Open Hxnxe opened this issue 1 week ago • 12 comments

首先是 gemini 2.5 llm 连接测试为空,但其实能用,但是在跑的过程中一直循环。 image-20251219003405813

然后是openai 官方密钥官方接口 gpt 5.1 无法正常调用工具 image-20251219003328652 llm 启动的 minimax 也无法调用工具 image-20251219003531226 目前唯一跑下来能正常跑完全流程的是 qwen3-next,但是漏了很多关键漏洞,基本上只关注到了 sql

Hxnxe avatar Dec 18 '25 16:12 Hxnxe

收到,感谢反馈

lintsinghua avatar Dec 18 '25 16:12 lintsinghua

ReAct模式的Agent很吃模型,尽管已经做了很多提示词工程工作和循环检测。

lintsinghua avatar Dec 18 '25 17:12 lintsinghua

看来还得是工具调用是标准格式而且优化比较好的模型才行,gpt-5.1 目前好像还是聊天模型,claude 我也舍不得用,gemini2.5pro 上下文巨长,拿来跑代码审计应该是刚刚好,但是效果出乎意料的差,还不如 80b 的开源模型 qwen3-next。目前测试下来,可能还是直接接 qwen3 比较靠谱

Hxnxe avatar Dec 19 '25 02:12 Hxnxe

看来还得是工具调用是标准格式而且优化比较好的模型才行,gpt-5.1 目前好像还是聊天模型,claude 我也舍不得用,gemini2.5pro 上下文巨长,拿来跑代码审计应该是刚刚好,但是效果出乎意料的差,还不如 80b 的开源模型 qwen3-next。目前测试下来,可能还是直接接 qwen3 比较靠谱

我自己测试用的最轻的qwen-flash,速度和效果都不错

lintsinghua avatar Dec 19 '25 02:12 lintsinghua

有用户反馈,降低API参数top_q的值能有效降低循环率

lintsinghua avatar Dec 19 '25 02:12 lintsinghua

感觉还得针对某些模型单独优化,gemini2是循环,gpt和 minimax2 就是完全使用不了工具了。

Hxnxe avatar Dec 19 '25 02:12 Hxnxe

感觉还得针对某些模型单独优化,gemini2是循环,gpt和 minimax2 就是完全使用不了工具了。

肯定会做优化适配的,感谢反馈

lintsinghua avatar Dec 19 '25 02:12 lintsinghua

再补充一下,快速扫描模式。扫出来 1500+漏洞,导出直接失败了。 报错如下

backend-1       | ERROR:    Exception in ASGI application
backend-1       | Traceback (most recent call last):
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/uvicorn/protocols/http/httptools_impl.py", line 409, in run_asgi
backend-1       |     result = await app(  # type: ignore[func-returns-value]
backend-1       |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/uvicorn/middleware/proxy_headers.py", line 60, in __call__
backend-1       |     return await self.app(scope, receive, send)
backend-1       |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/fastapi/applications.py", line 1139, in __call__
backend-1       |     await super().__call__(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/applications.py", line 107, in __call__
backend-1       |     await self.middleware_stack(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/middleware/errors.py", line 186, in __call__
backend-1       |     raise exc
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/middleware/errors.py", line 164, in __call__
backend-1       |     await self.app(scope, receive, _send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/middleware/cors.py", line 85, in __call__
backend-1       |     await self.app(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/middleware/exceptions.py", line 63, in __call__
backend-1       |     await wrap_app_handling_exceptions(self.app, conn)(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/_exception_handler.py", line 53, in wrapped_app
backend-1       |     raise exc
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/_exception_handler.py", line 42, in wrapped_app
backend-1       |     await app(scope, receive, sender)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/fastapi/middleware/asyncexitstack.py", line 18, in __call__
backend-1       |     await self.app(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/routing.py", line 716, in __call__
backend-1       |     await self.middleware_stack(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/routing.py", line 736, in app
backend-1       |     await route.handle(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/routing.py", line 290, in handle
backend-1       |     await self.app(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/fastapi/routing.py", line 120, in app
backend-1       |     await wrap_app_handling_exceptions(app, request)(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/_exception_handler.py", line 53, in wrapped_app
backend-1       |     raise exc
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/_exception_handler.py", line 42, in wrapped_app
backend-1       |     await app(scope, receive, sender)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/fastapi/routing.py", line 106, in app
backend-1       |     response = await f(request)
backend-1       |                ^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/fastapi/routing.py", line 430, in app
backend-1       |     raw_response = await run_endpoint_function(
backend-1       |                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/fastapi/routing.py", line 316, in run_endpoint_function
backend-1       |     return await dependant.call(**values)
backend-1       |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/app/api/v1/endpoints/tasks.py", line 299, in export_task_report_pdf
backend-1       |     pdf_bytes = ReportGenerator.generate_task_report(task_dict, issues_list, project_name)
backend-1       |                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/app/services/report_generator.py", line 479, in generate_task_report
backend-1       |     return cls._render_pdf(context)
backend-1       |            ^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/app/services/report_generator.py", line 435, in _render_pdf
backend-1       |     HTML(string=html_content).write_pdf(
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/weasyprint/__init__.py", line 270, in write_pdf
backend-1       |     self.render(font_config, counter_style, color_profiles, **options)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/weasyprint/__init__.py", line 226, in render
backend-1       |     return Document._render(
backend-1       |            ^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/weasyprint/document.py", line 249, in _render
backend-1       |     context = cls._build_layout_context(
backend-1       |               ^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/weasyprint/document.py", line 225, in _build_layout_context
backend-1       |     style_for = get_all_computed_styles(
backend-1       |                 ^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/weasyprint/css/__init__.py", line 1803, in get_all_computed_styles
backend-1       |     for sheet in find_stylesheets(
backend-1       |                  ^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/weasyprint/css/__init__.py", line 268, in find_stylesheets
backend-1       |     for wrapper in wrapper_element.query_all('style', 'link'):
backend-1       |                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/cssselect2/tree.py", line 272, in <genexpr>
backend-1       |     if any(test(element) for test in tests))
backend-1       |        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/cssselect2/tree.py", line 272, in <genexpr>
backend-1       |     if any(test(element) for test in tests))
backend-1       |            ^^^^^^^^^^^^^
backend-1       |   File "<string>", line 1, in <lambda>
backend-1       |   File "/usr/local/lib/python3.12/functools.py", line 998, in __get__
backend-1       |     val = self.func(instance)
backend-1       |           ^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/cssselect2/tree.py", line 307, in local_name
backend-1       |     namespace_url, local_name = _split_etree_tag(self.etree_element.tag)
backend-1       |                                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/cssselect2/tree.py", line 377, in _split_etree_tag
backend-1       |     assert tag[0] == '{'
backend-1       |            ^^^^^^^^^^^^^
backend-1       | AssertionError
frontend-1      | 192.168.97.1 - - [19/Dec/2025:03:01:33 +0000] "GET /api/v1/tasks/72a44374-0041-4edc-aff5-2c37d48bdbea/report/pdf HTTP/1.1" 500 21 "http://localhost:3000/tasks/72a44374-0041-4edc-aff5-2c37d48bdbea" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" "-"
backend-1       | INFO:app.api.v1.endpoints.agent_tasks:🔢 嵌入进度: 20950/56746 (37%)
backend-1       | ERROR:    Exception in ASGI application
backend-1       | Traceback (most recent call last):
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/uvicorn/protocols/http/httptools_impl.py", line 409, in run_asgi
backend-1       |     result = await app(  # type: ignore[func-returns-value]
backend-1       |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/uvicorn/middleware/proxy_headers.py", line 60, in __call__
backend-1       |     return await self.app(scope, receive, send)
backend-1       |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/fastapi/applications.py", line 1139, in __call__
backend-1       |     await super().__call__(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/applications.py", line 107, in __call__
backend-1       |     await self.middleware_stack(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/middleware/errors.py", line 186, in __call__
backend-1       |     raise exc
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/middleware/errors.py", line 164, in __call__
backend-1       |     await self.app(scope, receive, _send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/middleware/cors.py", line 85, in __call__
backend-1       |     await self.app(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/middleware/exceptions.py", line 63, in __call__
backend-1       |     await wrap_app_handling_exceptions(self.app, conn)(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/_exception_handler.py", line 53, in wrapped_app
backend-1       |     raise exc
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/_exception_handler.py", line 42, in wrapped_app
backend-1       |     await app(scope, receive, sender)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/fastapi/middleware/asyncexitstack.py", line 18, in __call__
backend-1       |     await self.app(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/routing.py", line 716, in __call__
backend-1       |     await self.middleware_stack(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/routing.py", line 736, in app
backend-1       |     await route.handle(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/routing.py", line 290, in handle
backend-1       |     await self.app(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/fastapi/routing.py", line 120, in app
backend-1       |     await wrap_app_handling_exceptions(app, request)(scope, receive, send)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/_exception_handler.py", line 53, in wrapped_app
backend-1       |     raise exc
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/starlette/_exception_handler.py", line 42, in wrapped_app
backend-1       |     await app(scope, receive, sender)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/fastapi/routing.py", line 106, in app
backend-1       |     response = await f(request)
backend-1       |                ^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/fastapi/routing.py", line 430, in app
backend-1       |     raw_response = await run_endpoint_function(
backend-1       |                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/fastapi/routing.py", line 316, in run_endpoint_function
backend-1       |     return await dependant.call(**values)
backend-1       |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/app/api/v1/endpoints/tasks.py", line 299, in export_task_report_pdf
backend-1       |     pdf_bytes = ReportGenerator.generate_task_report(task_dict, issues_list, project_name)
backend-1       |                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/app/services/report_generator.py", line 479, in generate_task_report
backend-1       |     return cls._render_pdf(context)
backend-1       |            ^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/app/services/report_generator.py", line 435, in _render_pdf
backend-1       |     HTML(string=html_content).write_pdf(
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/weasyprint/__init__.py", line 270, in write_pdf
backend-1       |     self.render(font_config, counter_style, color_profiles, **options)
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/weasyprint/__init__.py", line 226, in render
backend-1       |     return Document._render(
backend-1       |            ^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/weasyprint/document.py", line 249, in _render
backend-1       |     context = cls._build_layout_context(
backend-1       |               ^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/weasyprint/document.py", line 225, in _build_layout_context
backend-1       |     style_for = get_all_computed_styles(
backend-1       |                 ^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/weasyprint/css/__init__.py", line 1803, in get_all_computed_styles
backend-1       |     for sheet in find_stylesheets(
backend-1       |                  ^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/weasyprint/css/__init__.py", line 268, in find_stylesheets
backend-1       |     for wrapper in wrapper_element.query_all('style', 'link'):
backend-1       |                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/cssselect2/tree.py", line 272, in <genexpr>
backend-1       |     if any(test(element) for test in tests))
backend-1       |        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/cssselect2/tree.py", line 272, in <genexpr>
backend-1       |     if any(test(element) for test in tests))
backend-1       |            ^^^^^^^^^^^^^
backend-1       |   File "<string>", line 1, in <lambda>
backend-1       |   File "/usr/local/lib/python3.12/functools.py", line 998, in __get__
backend-1       |     val = self.func(instance)
backend-1       |           ^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/cssselect2/tree.py", line 307, in local_name
backend-1       |     namespace_url, local_name = _split_etree_tag(self.etree_element.tag)
backend-1       |                                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
backend-1       |   File "/app/.venv/lib/python3.12/site-packages/cssselect2/tree.py", line 377, in _split_etree_tag
backend-1       |     assert tag[0] == '{'
backend-1       |            ^^^^^^^^^^^^^
backend-1       | AssertionError
frontend-1      | 192.168.97.1 - - [19/Dec/2025:03:01:37 +0000] "GET /api/v1/tasks/72a44374-0041-4edc-aff5-2c37d48bdbea/report/pdf HTTP/1.1" 500 21 "http://localhost:3000/tasks/72a44374-0041-4edc-aff5-2c37d48bdbea" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" "-"

Hxnxe avatar Dec 19 '25 03:12 Hxnxe

感谢反馈,会尽快修复

lintsinghua avatar Dec 19 '25 03:12 lintsinghua

您跑小项目或者单个文件的快速扫描模式能够导出报告吗?

lintsinghua avatar Dec 19 '25 03:12 lintsinghua

导出报告功能问题: 89ebd4d797cfc2b2c02bf3f5a5feb6c8c0ba5e23

lintsinghua avatar Dec 19 '25 03:12 lintsinghua

测试中没有发现“ gemini 2.5 llm 连接测试为空,但其实能用”这个问题。请问是否有详细的配置和截图说明。

lintsinghua avatar Dec 19 '25 03:12 lintsinghua