search

cmu-sei / redemption

Redemption is a tool that automatically repairs C/C++ code given a set of static-analysis alerts
Other
4 stars 1 forks source link

Codebase example-trouble generating alerts.json #5

Closed donaldmurf closed 1 month ago

donaldmurf commented 1 month ago

Tying to do some testing on the codebase example in "doc/examples/codebase/". Following along with the README inside codebase. Having an issue at the "Convert to Redemption Input" step where the alerts.json is created. My alerts.json only has a pair of square brackets. The clang-tidy.txt is roughly 11k lines, which makes me think that all the steps before creating the alerts.json are working as intended. I removed and installed the redemption/prereq container about 7/15. I was able to run the simple test with the same prereq container.

Do you mind trying to run the codebase example to see if your alerts.json is empty or if it's just my user error?

sei-dsvoboda commented 1 month ago

I have a hunch. When the docs say to run clang-tidy, use 'clang-tidy-16'. The 'clang-tidy' executable is normally clang-tidy-18, which uses a different output format. (This is a documentation bug which we have fixed internally, but not verified, so you still have the buggy instruction.)

donaldmurf commented 1 month ago

Here is a copy of the commands I ran, along with some output. codebase_results.txt

donaldmurf commented 1 month ago

I have a hunch. When the docs say to run clang-tidy, use 'clang-tidy-16'. The 'clang-tidy' executable is normally clang-tidy-18, which uses a different output format. (This is a documentation bug which we have fixed internally, but not verified, so you still have the buggy instruction.)

Is that in the "Static Analysis" section that has: grep --color=none '"file":' ../compile_commands.json | sed 's/"file"://; s/",/"/;' | sort -u | xargs clang-tidy -checks='*' > ../clang-tidy.txt change to: grep --color=none '"file":' ../compile_commands.json | sed 's/"file"://; s/",/"/;' | sort -u | xargs clang-tidy-16 -checks='*' > ../clang-tidy.txt

sei-dsvoboda commented 1 month ago

Right!

donaldmurf commented 1 month ago

xargs: clang-tidy-16: No such file or directory

sei-dsvoboda commented 1 month ago

Sigh. I was afraid of that. You can work around that by 'apt install clang-tidy-16'.

It seems the documentation bugfix is also accompanied by a Dockerfile bugfix too. So you'll get both fixes eventually, but they're not tested yet.

sei-dsvoboda commented 1 month ago

You'll be pleased to know that we have reviewed the bugfix and approved it, and it is now available on Github.

This means that the Dockerfile.prereq has been improved and now installs clang-tidy-16, and the instructions have been updated (and clarified) to specify this.

But if you've already installed clang-tidy-16 on your container as I suggested above, you should be fine using that.

donaldmurf commented 1 month ago

You'll be pleased to hear the codebase example worked with the new docker container following the new README.