Contextual processing and post-training based code large model robustness enhancement method

By constructing adversarial perturbation samples and conducting targeted training based on context processing and post-training robustness enhancement methods, the problem of insufficient robustness of large language models in code generation tasks is solved, and the stability and consistency of the model in the face of input perturbations are improved. It is applicable to a variety of programming languages ​​and model types.

CN122173097APending Publication Date: 2026-06-09NANJING UNIV

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
NANJING UNIV
Filing Date
2026-03-25
Publication Date
2026-06-09

Smart Images

  • Figure CN122173097A_ABST
    Figure CN122173097A_ABST
Patent Text Reader

Abstract

This invention discloses a robustness enhancement method for large-scale code models based on context processing and post-training, selecting the enhancement method according to the type of model to be enhanced. For post-training enhancement, adversarial perturbation samples are first generated from the given source code using equivalence semantic transformation, greedy search, and simulated annealing. These perturbation samples are then input into the post-training framework to fine-tune the target large-scale language model. For context enhancement, a backup dataset is generated using backup code. The optimal subset of examples most semantically similar to the current problem is selected by calculating similarity. Dead code is then normalized, and the optimal subset of examples is adaptively selected. Contextual prompts are dynamically adjusted based on task complexity and input into the target large-scale language model. Finally, evaluation metrics and the robustly enhanced target large-scale language model are output. This invention supports multiple mainstream programming languages ​​and both open-source and closed-source models, exhibiting good versatility and scalability.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to a method for enhancing the robustness of large code models based on context processing and post-training, belonging to the fields of deep learning, code generation, and software engineering. Background Technology

[0002] Deep learning, as one of the core technologies in the field of artificial intelligence, has been widely applied in computer vision, natural language processing, speech recognition, and autonomous driving, achieving remarkable results in these areas. Its core method utilizes deep neural networks to automatically extract features from massive amounts of data and classify, recognize, or predict these features according to specific tasks. Common neural network structures include Multilayer Perceptrons (MLPs), Convolutional Neural Networks (CNNs), and Recurrent Neural Networks (RNNs). During model training, the backpropagation algorithm is typically used. Training data is first input into the network, and the prediction results are obtained through forward propagation. Then, the prediction results are compared with the true labels, and the error value (Loss) is calculated using a selected loss function. Next, in the backpropagation phase, the gradient of the parameters with respect to the loss is calculated layer by layer from the output layer to the input layer, and the model parameters are updated in conjunction with the learning rate, thereby continuously reducing the loss and improving model performance.

[0003] The development of artificial intelligence models has evolved from specialized deep networks to general-purpose large models. Convolutional neural networks, represented by AlexNet, achieved breakthroughs in image recognition tasks, marking the rise of deep learning in computer vision. Subsequently, transfer learning emerged, significantly reducing reliance on labeled data and computational resources and improving model generalization ability by transferring models pre-trained on large-scale datasets to downstream tasks. In natural language processing, the introduction of the Transformer architecture based on attention mechanisms revolutionized sequence modeling, enabling models to more efficiently capture long-distance dependencies. Building on this, pre-trained language models such as BERT achieved deep understanding of context through bidirectional encoding, significantly improving the performance of various NLP tasks. Further development saw generative models, represented by the GPT series, emphasizing autoregressive generation capabilities and performing exceptionally well in text generation and dialogue tasks. In recent years, dialogue systems such as ChatGPT, optimized based on large-scale pre-training and human feedback, have propelled language models into a new stage of practical application, enabling artificial intelligence to reach new heights in interactivity, practicality, and versatility. Language models that have undergone large-scale pre-training are referred to as large language models. The large language models based on pre-trained model technology have been widely used in actual production processes, especially in areas such as code generation that can actually improve human work efficiency.

[0004] While large language models (such as GPT and its derivative ChatGPT) have demonstrated exceptional capabilities in code generation tasks, fulfilling diverse needs ranging from simple function completion to complex program construction, their robustness in code generation scenarios still lacks systematic verification, particularly regarding their stability and resistance to input perturbations. Input perturbations include not only paraphrasing, word order rearrangement, and redundant information insertion in natural language descriptions, but also changes in prompt word format, variable name substitution, and even minor syntactic or semantic noise. These semantically equivalent or nearly equivalent transformations should theoretically not have a substantial impact on the model output, but in practice, they can lead to significant fluctuations in the correctness, executability, or style of the generated code. Furthermore, current models often exhibit inconsistencies when faced with semantic-preserving transformations: the same problem, expressed in different forms, may result in logical deviations, missing boundary conditions, or unstable implementations. This phenomenon reflects a vulnerability in the model's semantic understanding; its internal representation has not yet fully abstracted the essence of the task, relying to some extent on surface pattern matching. Furthermore, the model's performance under adversarial perturbations is also noteworthy. For example, deliberately designed cue perturbations can induce the model to generate errors or low-quality code, which further exposes its lack of robustness.

[0005] Therefore, systematically evaluating and improving the robustness of large language models in code generation has become an important research direction. On the one hand, it is necessary to construct evaluation benchmarks covering multiple equivalent semantic transformations to quantify the performance fluctuations of the model under different perturbations. On the other hand, methods such as data augmentation, adversarial training, cue optimization, and structured constraints can also be used to improve the model's adaptability to input changes. Only when the model output remains stable and reliable while ensuring semantic consistency can its application in high-reliability scenarios such as software engineering be truly promoted. Summary of the Invention

[0006] The summary section of this application is intended to provide a brief overview of the concepts, which will be described in detail in the detailed description section below. This summary section is not intended to identify key or essential features of the claimed technical solutions, nor is it intended to limit the scope of the claimed technical solutions.

[0007] To address the problems and shortcomings of existing technologies, this invention provides a robustness enhancement method for large-scale code models based on context processing and post-training. Different robustness enhancement methods can be selected for different models. Since closed-source models cannot be retrained, only context processing-based robustness enhancement methods can be used. For open-source models, the retraining method and context processing robustness enhancement method can be freely chosen based on computational resources. For different programming languages, adversarial perturbation systems based on equivalent semantic transformation have different application scenarios. The code robustness evaluation system can perform robustness evaluations on any open-source or closed-source model, and the format of the generated dataset is not limited. For models requiring post-training, the system estimates the GPU resources for post-training and adjusts the number of GPUs. For context processing methods, it selects and sorts the number and order of examples in context learning. This addresses the problems mentioned in the background technology.

[0008] To achieve the above objectives, the present invention provides the following technical solution: As a first aspect of this application, the present invention discloses a method for enhancing the robustness of large code models based on context processing and post-training, comprising the following steps: Step 1: Select the enhancement method according to the type of model to be enhanced. If it is a closed-source model, use context processing enhancement; if it is an open-source model, use context processing enhancement or post-training enhancement. Step 2: When performing post-training enhancement, first convert the given source code into perturbation code based on equivalent semantics, then generate adversarial perturbation samples based on greedy search and simulated annealing, and input the adversarial perturbation samples into the post-training framework to fine-tune the target large language model. Step 3: When performing context enhancement, a backup dataset is generated using backup code. The optimal subset of examples that is semantically closest to the current problem is selected by calculating similarity. The number of optimal subsets is adaptively selected. The optimal subset of examples is concatenated with the current input to form contextual prompts for input into the target large language model. Step 4: Input the source code dataset generated from the source code and the perturbation dataset generated from the perturbation code into the target large language model, perform quantitative evaluation, and output evaluation metrics; Step 5: After the post-training or context processing enhancement, the final output is the target large language model with enhanced code robustness.

[0009] Preferably, in step 2, the given source code is converted into perturbation code based on equivalent semantics. First, the given source code is segmented, lexical analyzed, and syntactic analyzed to obtain an abstract syntax tree. Then, the abstract syntax tree is converted into code based on code format, code identifier, code expression, code statement, insertion and deletion, and iterative perturbation. A unified interface is set to obtain the perturbation code after the equivalent semantics conversion.

[0010] Preferably, in step 2, generating adversarial perturbation samples based on greedy search and simulated annealing further includes the following steps: Step 2.1: Using the relevant inputs of the code generation task and the code generation language model, the language model is required to generate code; Step 2.2: After obtaining the language model code generation result, execute it with the corresponding test case. If the execution fails, discard the sample; if the execution succeeds, proceed to the next step. Step 2.3: The input is perturbed by the perturbation code based on equivalent semantic perturbation and then re-inputted into the code generation language model; Step 2.4: Re-execute with the corresponding test case. If the execution fails, collect the perturbation and input it as an adversarial perturbation sample and continue to generate the next adversarial perturbation sample. If the execution succeeds, simulated annealing search is performed using a method guided by code similarity. Step 2.5: Repeat steps 2.3 and 2.4 until the maximum number of iterations is reached or an adversarial perturbation sample is successfully obtained.

[0011] Preferably, in step 2, the anti-perturbation samples need to be cleaned, deduplicated, and formatted to form an adversarial sample training dataset. After inputting the adversarial sample training dataset, the training framework performs reinforcement learning adversarial training on the target large language model based on supervised fine-tuning and direct preference optimization. During the training process, the required GPU resources are dynamically estimated based on the model parameter size and model parameter accuracy training algorithm and the training data size. The number of GPUs required for training, memory usage, and training time can be dynamically adjusted according to the actual hardware conditions to achieve the best training effect under the constraints of computing resources.

[0012] Preferably, in step 3, the optimal subset of examples that is most semantically similar to the current problem is selected by calculating similarity and the optimal number of example subsets is adaptively selected. The similarity calculation method supports two code similarity metrics based on n-grams and sets: CodeBLEU and Jaccard. The optimal number of example subsets is selected adaptively to use no less than 5 examples for models with a small number of parameters and no more than 3 examples for models with a large number of parameters.

[0013] Preferably, in step 3, the dead code in the backup dataset is also normalized, including dead code analysis, constant propagation processing, and code indentation, blank lines, and identifier normalization. The dead code analysis involves first dividing the source code into basic blocks and constructing corresponding control flow graphs. By traversing the control flow graphs, unreachable basic blocks are detected and identified as dead code, which are then removed from the source code without affecting the program's semantics. The constant propagation process involves performing data flow analysis on the source code to identify variables defined as constants or that remain unchanged during execution. The code indentation, blank lines, and identifier standardization are based on general coding standards to detect non-standard indentation, blank lines, and formatting issues in the source code, and then perform unified standardization and replacement.

[0014] Preferably, in step 4, the robustness evaluation metrics support both static CodeBLEU metrics and dynamic metrics. Indicators, and based on and Two robustness metrics are used to quantitatively evaluate the stability of the model output and output the evaluation results; The indicator is expressed as follows:

[0015] in, Indicates the result after code equivalence semantic perturbation index, The metric is used to represent the percentage decrease in model performance before and after the perturbation; The indicator is expressed as follows:

[0016] in, Indicates the total number of evaluation samples. This represents the number of samples that passed the test cases under the original input, but failed after undergoing equivalent semantic perturbation. This represents the number of samples that initially failed but passed after perturbation. Used to measure the proportion of changes in model prediction results before and after code semantic equivalence transformation.

[0017] As a second aspect of this application, the present invention also discloses a click-through rate prediction system based on representation learning and deep retrieval of structured data, comprising: The equivalence semantics adversarial perturbation module is used to convert a given source code into perturbation code based on equivalence semantics. The adversarial perturbation sample generation module is used to generate adversarial perturbation samples using perturbation code based on a greedy exploration and simulated annealing adversarial attack method. The code normalization module is used to perform dead code analysis, constant propagation processing, and code indentation, blank lines, and identifier normalization on the backup dataset. The post-training robust enhancement module is used to input the adversarial perturbation samples into the post-training framework to perform reinforcement learning adversarial training on the target large language model based on supervised fine-tuning and direct preference optimization. The context robustness enhancement module is used to concatenate the optimal subset of examples with the current input to form contextual prompts for inputting the target large language model; The robustness evaluation module is used to input the source code dataset and the perturbation dataset generated by the perturbation code into the target large language model to quantitatively evaluate and output robustness evaluation metrics.

[0018] As a third aspect of this application, the present invention also discloses an electronic device comprising: At least one processor, and a memory communicatively connected to said at least one processor; The memory stores instructions that can be executed by the at least one processor, which enable the at least one processor to perform the steps described above in the method for enhancing the robustness of large code models based on context processing and post-training.

[0019] As a fourth aspect of this application, the present invention also discloses a computer storage medium having a computer program stored thereon, characterized in that the computer program, when executed by a processor, implements the steps of the above-described method for enhancing the robustness of large code models based on context processing and post-training.

[0020] Compared with the prior art, the beneficial effects of the present invention are as follows: This invention discloses a robustness enhancement method for large code models based on context processing and post-training. It employs an adversarial perturbation method based on equivalent semantic transformation, which can construct diverse input perturbations without altering the semantics of the source code. This effectively reveals the robustness deficiencies of large language models in code generation tasks, offering a more targeted and systematic approach compared to traditional random perturbation or simple rewriting methods. The method is implemented based on real test cases. The system employs metrics to quantitatively evaluate model robustness from a functional correctness perspective. Compared to evaluation methods based solely on text similarity, this approach is closer to real-world application scenarios. Combining greedy search and simulated annealing algorithms, it efficiently generates high-quality adversarial perturbation samples without accessing the model's internal parameters, significantly reducing computational overhead and enhancing the ability to search for the global optimum. A post-training robustness enhancement method combining supervised fine-tuning of SFT and direct preference optimization of DPO is proposed. Targeted training using adversarial perturbation samples enhances the model's stability and generalization ability in the face of input perturbations, achieving better robustness improvement compared to single training methods. A context-based input enhancement mechanism retrieves relevant examples through code similarity and introduces context, effectively improving the model's understanding of complex tasks and generation stability. Furthermore, a static analysis-based code normalization process is introduced, including dead code elimination, constant propagation, and code style normalization. This unifies the input distribution without altering the program's semantics, reducing irrelevant noise interference and further improving model robustness. This invention's overall solution covers the complete closed-loop process of "perturbation construction—robustness evaluation—adversarial perturbation sample generation—model training—input augmentation," which can systematically improve the anti-interference ability and practical application reliability of large language models in code generation tasks. It also supports multiple mainstream programming languages ​​(including Python, C++, Java, and JavaScript) as well as open-source and closed-source models, exhibiting good versatility and scalability, and is applicable to various practical engineering scenarios. Attached Figure Description

[0021] The accompanying drawings, which form part of this application, are used to provide a further understanding of the application and to make other features, objects, and advantages of the application more apparent. The illustrative embodiments and descriptions of this application are used to explain the application and do not constitute an undue limitation of the application.

[0022] In the attached diagram: Figure 1 This is a flowchart illustrating the steps of the robustness enhancement method for large code models based on context processing and post-training in an embodiment of the present invention. Figure 2 This is a flowchart of a method for enhancing the robustness of large code models based on context processing and post-training, as described in an embodiment of the present invention. Detailed Implementation

[0023] Embodiments of this disclosure will now be described in more detail with reference to the accompanying drawings. While some embodiments of this disclosure are shown in the drawings, it should be understood that this disclosure can be implemented in various forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided to provide a more thorough and complete understanding of this disclosure. It should be understood that the accompanying drawings and embodiments of this disclosure are for illustrative purposes only and are not intended to limit the scope of protection of this disclosure.

[0024] It should also be noted that, for ease of description, only the parts relevant to the invention are shown in the accompanying drawings. Unless otherwise specified, the embodiments and features described in this disclosure can be combined with each other.

[0025] Example This invention discloses a method for enhancing the robustness of large code models based on context processing and post-training. The following will describe this disclosure in detail with reference to the accompanying drawings and embodiments. (Refer to...) Figure 1 and Figure 2 As shown, the present invention mainly includes the following steps: Step 1: Select the enhancement method according to the type of model to be enhanced. If it is a closed-source model, use context processing enhancement; if it is an open-source model, use context processing enhancement or post-training enhancement. Step 2: When performing post-training enhancement, the given source code is first converted into perturbation code based on equivalent semantic perturbation. Then, adversarial perturbation samples are generated based on greedy search and simulated annealing. The adversarial perturbation samples are input into the post-training framework to fine-tune the target large language model. Step 3: When performing context enhancement, a backup dataset is generated using backup code. The optimal subset of examples that is semantically closest to the current problem is selected by calculating similarity. The number of optimal subsets is adaptively selected. The optimal subset of examples is concatenated with the current input to form a context-sensitive input target large language model. Step 4: Input the source code dataset generated from the source code and the perturbation dataset generated from the perturbation code into the target large language model, perform quantitative evaluation, and output evaluation metrics. Step 5: After post-training or contextual processing enhancement, the final output code is the target large language model with enhanced robustness.

[0026] This invention applies to both open-source and closed-source models, and enables model inference through API calls or local deployment. Specifically, the target large language model in this embodiment is a plain text single-modal large language model. For the target large language model, an API call interface for commercial closed-source models is provided for input and output processing. A local deployment method for open-source models is also provided for input and output processing. For locally deployed models, this invention provides a high-throughput deployment system based on PagedAttention (vLLM), improving the code generation speed of actual large language models and meeting the needs of high-throughput scenarios.

[0027] For step 1, the enhancement method is selected based on the type of model to be enhanced. For closed-source models, context processing enhancement is used; for open-source models, either context processing enhancement or post-training enhancement is chosen. Different code robustness enhancement methods can be selected for different model types. For closed-source models, since retraining is not possible, only context processing-based code robustness enhancement can be used. For open-source models, depending on computing resources, professionals can freely choose between post-training-based or context processing-based robustness enhancement. Post-training requires significant GPU computing resources but offers better code robustness enhancement. Context processing-based methods only require CPU resources but tend to alleviate some of the code robustness enhancement issues.

[0028] Regarding step 2, when performing post-training enhancement, the given source code is first converted into perturbation code based on equivalence semantics. Then, adversarial perturbation samples are generated based on greedy search and simulated annealing. These perturbation samples are input into the post-training framework to fine-tune the target large language model. Specifically, the given source code is first segmented, lexically analyzed, and syntactically analyzed to obtain an abstract syntax tree (AST). The AST is then subjected to equivalence semantic transformation based on code format, code identifiers, code expressions, code statements, insertions and deletions, and iterative perturbations. A unified interface is set up to obtain the perturbation code after the equivalence semantic transformation. After extracting the source code into an AST, perturbations can be performed on the nodes of the AST, such as replacing the identifier names of leaf nodes or replacing a for loop with a while loop in an equivalent form. Such replacements do not affect the semantics of the source code, hence the term equivalence semantic transformation. It supports four mainstream programming languages: Python, C++, Java, and JavaScript. The given source code must be organized in function form, meaning perturbations are performed at the function level. It also supports 28 equivalent semantic perturbation methods, which are used for format replacement, identifier replacement, expression replacement, statement replacement, and insertion / deletion in the source code. These methods involve various control structures in the source code, such as for / while loops and if statements. However, due to the different syntax of different programming languages, these perturbation methods have different application scenarios.

[0029] After equivalent semantic transformation, the input perturbation is applied to the specified model to be enhanced until the model changes from correct prediction to incorrect prediction, thus obtaining the input of the corresponding model to obtain adversarial perturbation samples. The model to be enhanced is the large language model that responds to adversarial attacks. Training with adversarial perturbation samples obtained from the same model usually yields better results. To support both commercial closed-source and open-source models, this adversarial perturbation sample generation design is a generation method oriented towards black-box models. To reduce the computational overhead of the model caused by black-box models, this invention designs an adversarial perturbation sample generation method based on greedy search and simulated annealing, which can help guide effective information during the adversarial perturbation sample generation process and more effectively escape local optima to search for global optima. Specifically, the adversarial perturbation sample generation method based on greedy search and simulated annealing also includes the following steps: Step 2.1: Using the relevant inputs of the code generation task and the code generation language model, the language model is required to generate code; Step 2.2: After obtaining the language model code generation result, execute it with the corresponding test case. If the execution fails, discard the sample; if the execution succeeds, proceed to the next step. Step 2.3: The input is perturbed by the adversarial perturbation code based on equivalent semantic perturbation and then re-inputted into the code generation language model; Step 2.4: Re-execute with the corresponding test case. If the execution fails, collect the perturbation and input it as an adversarial perturbation sample and continue to generate the next adversarial perturbation sample. If the execution succeeds, simulated annealing search is performed using a method guided by code similarity. Step 2.5: Repeat steps 2.3 and 2.4 until the maximum number of iterations is reached or an adversarial perturbation sample is successfully obtained.

[0030] Adversarial example generation employs a black-box attack approach, generating adversarial examples through multi-round perturbation search without accessing the model's internal parameters. During generation, a greedy search is used for selecting local optima, combined with simulated annealing to escape local optima, thus improving both efficiency and quality. Post-training robustness enhancements are only performed on trainable open-source large language models; for non-trainable closed-source models, only context processing is used for robustness enhancement. Finally, the generated adversarial perturbation examples undergo cleaning, deduplication, and formatting to form the adversarial example training dataset for the post-training framework. By combining greedy search and simulated annealing, high-quality adversarial perturbation examples are generated efficiently without accessing the model's internal parameters, significantly reducing computational overhead and improving the ability to search for global optima.

[0031] After inputting the adversarial example training dataset, the training framework fine-tunes the target large language model. During training, the required GPU resources are estimated and adjusted in real time to achieve optimal training results. The framework utilizes the adversarial example training dataset for reinforcement learning adversarial training based on supervised fine-tuning of SFT and direct preference optimization of DPO to improve the robustness of the target large language model code. During training, the required GPU resources are dynamically estimated based on the model parameter size and accuracy, the training algorithm, and the training data size. The number of GPUs required, memory usage, and training time can be dynamically adjusted according to actual hardware conditions to achieve optimal training results under computational resource constraints. Specifically, adjustments are made based on model parameter size, parameter accuracy, and the training algorithm. After training, the resulting model is returned to a robustness evaluation system for evaluation. Post-training can be performed by organizing the training data according to instructions and then running the model training program via script.

[0032] For step 3, when context enhancement is used, a backup code dataset is generated to select the optimal subset of examples that are semantically closest to the current question by calculating similarity. The number of optimal example subsets is adaptively selected, and the optimal example subset is concatenated with the current input to form a contextual prompt input target large language model. Specifically, starting from the backup code dataset, the similarity calculation methods CodeBLEU and Jaccard are used to calculate and rank the candidate examples and the target question, thereby selecting the optimal example subset. Several code fragments that are semantically closest to the current question are retrieved from the backup dataset and concatenated as examples into the model input to enhance the model's context learning ability. Code similarity calculation supports two code similarity metrics based on n-grams and sets: CodeBLEU and Jaccard. The selection of context learning examples is based on the code similarity calculation results.

[0033] In addition, dead code in the backup dataset is normalized, including dead code analysis, constant propagation processing, and code indentation, blank lines, and identifier normalization. By detecting and removing dead code in the dataset, and performing constant propagation optimization and code format detection, the code quality and standardization of the context examples are ensured. Dead code analysis involves first dividing the source code into basic blocks and constructing corresponding control flow graphs. By traversing the control flow graph, unreachable basic blocks are identified as dead code and removed from the source code without affecting the program's semantics, thus simplifying the code structure. Constant propagation processing involves performing data flow analysis on the source code to identify variables defined as constants or that remain unchanged during execution. These constant values ​​are propagated along the control flow path to their usage locations, and related expressions are replaced and simplified, such as directly folding constant expressions into calculation results, thereby reducing redundant calculations and improving code readability and consistency. Code indentation, blank lines, and identifier normalization are based on common coding standards (such as Google Code Style Guide), detecting non-compliant indentation, blank lines, and formatting issues in the source code, and performing unified formatting processing. Identifiers (such as variable names and function names) in the source code that do not conform to naming conventions are detected and replaced in accordance with the target language conventions (such as the snake case or camel case in specific scenarios recommended in Python) to improve code style consistency and maintainability.

[0034] The system adaptively selects the number of examples (shots) and dynamically adjusts the example combination strategy according to different task complexities to construct a high-quality context-hinted input target large language model. This effectively mitigates and improves the robustness of the model code without requiring retraining. The system adaptively selects the number of examples (shots) in context learning; models with fewer parameters are weaker and require more shots, while those with more parameters require fewer. Models with fewer than 7 bytes of parameters can automatically select more shots (5 or more), while models with more parameters can select fewer shots (3 or less). Candidate examples are sorted and filtered based on code similarity to maximize information utilization efficiency under limited context length. Furthermore, the system dynamically adjusts the example combination strategy according to different task complexities to further improve the stability and consistency of the model-generated code.

[0035] For step 4, the source code dataset generated from the source code and the perturbation dataset generated from the perturbation dataset are input into the target large-scale language model for quantitative evaluation and output of evaluation metrics. Specifically, the robustness evaluation uses the given source code dataset as input, generates a perturbation dataset through equivalent semantic perturbations (28 types of perturbations), and then feeds the source code dataset and the perturbation dataset into the target large-scale language model for code generation inference. The performance difference of the target large-scale language model before and after the conversion is analyzed, and the robustness evaluation metric of the model is calculated. Both static CodeBLEU metrics and dynamic... Indicators, and based on and Two robustness metrics are used to quantitatively evaluate the stability of the model output, and the final evaluation results are output to complete a comprehensive evaluation of the robustness of the target model code.

[0036] For robustness evaluation metrics, this invention primarily uses test case execution-based methods. Metrics, specifically measuring whether the code generated by the large language model can pass real-world test cases. (Targeting...) The evaluation includes robustness metrics. and Two evaluation metrics, the former explaining The degree of decrease, the latter indicating the conversion between positive and negative samples caused by code transformation. This is represented as...

[0037] in, Indicates the result after code equivalence semantic perturbation Indicators, usually Smaller than the original This reflects the degree to which the model's performance deteriorates under input perturbations. This percentage decrease is defined as... It is used to characterize the overall robustness degradation range of the model. The metric is used to represent the percentage decrease in model performance before and after the perturbation.

[0038] ; in, Indicates the total number of evaluation samples. This represents the number of samples that passed the test cases under the original input, but failed after undergoing equivalent semantic perturbation. This represents the number of samples that initially failed but passed after perturbation. It is used to measure the proportion of changes in model prediction results before and after code semantic equivalence transformation, reflecting the stability of model output.

[0039] Regarding step 5, after post-training or context processing enhancement, the final output is a target large language model with enhanced code robustness. This model, after the post-training or context processing process, exhibits stronger output stability and consistency when facing equivalent semantic perturbation inputs, and can be applied to real-world code generation tasks.

[0040] To implement the above embodiments, this application also proposes a system, including an equivalence semantic adversarial perturbation module for converting given source code into perturbation code based on equivalence semantics; an adversarial perturbation sample generation module for generating adversarial perturbation samples using the perturbation code based on a greedy exploration and simulated annealing adversarial attack method; a code normalization module for processing dead code in the backup dataset, including dead code analysis, constant propagation processing, and code indentation, blank lines, and identifier normalization; a post-training robustness enhancement module for inputting the adversarial perturbation samples into a post-training framework to perform reinforcement learning adversarial training on the target large language model based on supervised fine-tuning and direct preference optimization; a context robustness enhancement module for dynamically adjusting and constructing high-quality contextual prompts based on the optimal example subset according to task complexity and inputting them into the target large language model; and a robustness evaluation module for inputting the source code dataset and the perturbation dataset generated by the perturbation code into the target large language model to quantitatively evaluate and output robustness evaluation metrics.

[0041] To implement the above embodiments, this application also discloses an electronic device. The electronic device may include a processing unit (e.g., a central processing unit, a graphics processing unit, etc.) that can perform various appropriate actions and processes according to a program stored in a read-only memory (ROM) or a program loaded from a storage device into a random access memory (RAM). Various programs and data required for the operation of the electronic device are also stored in the RAM. The processing unit, ROM, and RAM are interconnected via a bus. An input / output (I / O) interface is also connected to the bus. Typically, the following devices can be connected to the I / O interface: input devices including, for example, a touchscreen, touchpad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; output devices including, for example, a liquid crystal display (LCD), speaker, vibrator, etc.; storage devices including, for example, magnetic tape, hard disk, etc.; and communication devices. The communication device allows the electronic device to communicate wirelessly or wiredly with other devices to exchange data. Although electronic devices with various devices are shown, it should be understood that it is not required to implement or possess all of the shown devices. More or fewer devices may be implemented or possessed alternatively.

[0042] In particular, according to some embodiments of this disclosure, the processes described above with reference to the flowcharts can be implemented as computer software programs. For example, some embodiments of this disclosure include a computer program product comprising a computer program carried on a computer storage medium, the computer program containing program code for performing the methods shown in the flowcharts. In such embodiments, the computer program can be downloaded and installed from a network via a communication device, or installed from a storage device, or installed from a ROM. When the computer program is executed by a processing device, it performs the functions defined above in the methods of some embodiments of this disclosure.

[0043] It should be noted that the computer storage medium in some embodiments of this disclosure may be a computer-readable signal medium or a computer-readable storage medium, or any combination thereof. A computer-readable storage medium may be, for example, but not limited to, an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples of a computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer disk, a hard disk, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination thereof.

[0044] In some embodiments of this disclosure, a computer-readable storage medium can be any tangible medium that contains or stores a program that can be used by or in connection with an instruction execution system, apparatus, or device. In some embodiments of this disclosure, a computer-readable signal medium can include a data signal propagated in baseband or as part of a carrier wave, carrying computer-readable program code. Such propagated data signals can take various forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination thereof. A computer-readable signal medium can also be any computer storage medium other than a computer-readable storage medium, which can send, propagate, or transmit a program for use by or in connection with an instruction execution system, apparatus, or device. The program code contained on the computer storage medium can be transmitted using any suitable medium, including but not limited to: wires, optical fibers, RF (radio frequency), etc., or any suitable combination thereof.

[0045] In other implementations, clients and servers may communicate using any currently known or future-developed network protocol such as HTTP (Hypertext Transfer Protocol), and may interconnect with digital data communication (e.g., communication networks) of any form or medium. Examples of communication networks include local area networks (“LANs”), wide area networks (“WANs”), the Internet (e.g., the Internet of Things), and end-to-end networks (e.g., ad hoc end-to-end networks), as well as any currently known or future-developed networks.

[0046] The aforementioned computer storage medium may be included within the aforementioned electronic device, or it may exist independently and not assembled into the electronic device. The aforementioned computer storage medium carries one or more programs that, when executed by the electronic device, enable the electronic device to implement a robustness enhancement method for large code models based on context processing and post-training.

[0047] Computer program code for performing operations of some embodiments of this disclosure can be written in one or more programming languages ​​or a combination thereof, including object-oriented programming languages ​​such as Java, Smalltalk, and C++, as well as conventional procedural programming languages ​​such as the "C" language or similar programming languages. The program code can be executed entirely on the user's computer, partially on the user's computer, as a standalone software package, partially on the user's computer and partially on a remote computer, or entirely on a remote computer or server. In cases involving remote computers, the remote computer can be connected to the user's computer via any type of network—including a local area network (LAN) or a wide area network (WAN)—or can be connected to an external computer (e.g., via the Internet using an Internet service provider).

[0048] The flowcharts and block diagrams in the accompanying drawings illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of the present disclosure. In this regard, each block in a flowchart or block diagram may represent a module, segment, or portion of code containing one or more executable instructions for implementing a specified logical function. It should also be noted that in some alternative implementations, the functions indicated in the blocks may occur in a different order than those indicated in the drawings. Each block in the block diagrams and / or flowcharts, and combinations of blocks in the block diagrams and / or flowcharts, may be implemented using a dedicated hardware-based system that performs the specified function or operation, or using a combination of dedicated hardware and computer instructions. Units described in some embodiments of the present disclosure may be implemented in software or hardware. The described units may also be located in a processor, and the names of these units do not necessarily constitute a limitation on the unit itself.

[0049] The functions described above in this document can be performed, at least in part, by one or more hardware logic components. For example, exemplary types of hardware logic components that can be used, without limitation, include: Field Programmable Gate Arrays (FPGAs), Application-Specific Integrated Circuits (ASICs), Application Standard Products (ASSPs), System-on-Chip (SoCs), Complex Programmable Logic Devices (CPLDs), and so on.

[0050] All technologies not described in detail in this invention are existing technologies. The above descriptions are merely some preferred embodiments of this disclosure and explanations of the technical principles employed. Those skilled in the art should understand that the scope of the invention involved in the embodiments of this disclosure is not limited to technical solutions formed by specific combinations of the above-described technical features, but should also cover other technical solutions formed by arbitrary combinations of the above-described technical features or their equivalent features without departing from the above-described inventive concept. For example, technical solutions formed by substituting the above-described features with (but not limited to) technical features with similar functions disclosed in the embodiments of this disclosure.

Claims

1. A code large model robustness enhancement method based on context processing and post-training, characterized in that, Includes the following steps: Step 1: Select the enhancement method according to the type of model to be enhanced. If it is a closed-source model, use context processing enhancement; if it is an open-source model, use context processing enhancement or post-training enhancement. Step 2: When performing post-training enhancement, first convert the given source code into perturbation code based on equivalent semantics, then generate adversarial perturbation samples based on greedy search and simulated annealing, and input the adversarial perturbation samples into the post-training framework to fine-tune the target large language model. Step 3: When performing context enhancement, a backup dataset is generated using backup code. The optimal subset of examples that is semantically closest to the current problem is selected by calculating similarity. The number of optimal subsets is adaptively selected. The optimal subset of examples is concatenated with the current input to form contextual prompts for input into the target large language model. Step 4: Input the source code dataset generated from the source code and the perturbation dataset generated from the perturbation code into the target large language model, perform quantitative evaluation, and output evaluation metrics; Step 5: After the post-training or context processing enhancement, the final output is the target large language model with enhanced code robustness.

2. The code large model robustness enhancement method based on context processing and post-training according to claim 1, characterized in that: In step 2, the given source code is converted into perturbation code based on equivalent semantics. First, the given source code is segmented, lexical analyzed, and syntactic analyzed to obtain an abstract syntax tree. The abstract syntax tree is then converted into code equivalent semantics based on code format, code identifier, code expression, code statement, insertion and deletion, and iterative perturbation. A unified interface is set to obtain the perturbation code after the equivalent semantics conversion.

3. The method for enhancing the robustness of large code models based on context processing and post-training as described in claim 2, characterized in that: Step 2, which generates adversarial perturbation samples based on greedy search and simulated annealing, also includes the following steps: Step 2.1: Using the relevant inputs of the code generation task and the code generation language model, the language model is required to generate code; Step 2.2: After obtaining the language model code generation result, execute it with the corresponding test case. If the execution fails, discard the sample; if the execution succeeds, proceed to the next step. Step 2.3: The input is perturbed by the perturbation code based on equivalent semantic perturbation and then re-inputted into the code generation language model; Step 2.4: Re-execute with the corresponding test case. If the execution fails, collect the perturbation and input it as an adversarial perturbation sample and continue to generate the next adversarial perturbation sample. If the execution succeeds, simulated annealing search is performed using a method guided by code similarity. Step 2.5: Repeat steps 2.3 and 2.4 until the maximum number of iterations is reached or an adversarial perturbation sample is successfully obtained.

4. The method for enhancing the robustness of large code models based on context processing and post-training as described in claim 3, characterized in that: In step 2, the anti-perturbation samples need to be cleaned, deduplicated, and formatted to form an adversarial sample training dataset. After inputting the adversarial sample training dataset, the training framework performs reinforcement learning adversarial training on the target large language model based on supervised fine-tuning SFT and direct preference optimization DPO. During training, the required GPU resources are dynamically estimated based on the model parameter size and accuracy, as well as the training data size. The number of GPUs required for training, memory usage, and training time can be dynamically adjusted according to actual hardware conditions to achieve optimal training results under computational resource constraints.

5. The method for enhancing the robustness of large code models based on context processing and post-training as described in claim 4, characterized in that: In step 3, the optimal subset of examples that is most similar to the current problem semantically is selected by calculating similarity and the optimal number of example subsets is adaptively selected. The similarity calculation method supports two code similarity indicators based on n-gram and set: CodeBLEU and Jaccard. The optimal number of example subsets is selected adaptively to use no less than 5 examples for models with a small number of parameters and no more than 3 examples for models with a large number of parameters.

6. The method for enhancing the robustness of large code models based on context processing and post-training as described in claim 5, characterized in that: In step 3, the dead code in the backup dataset is also normalized, including dead code analysis, constant propagation processing, and code indentation, blank lines, and identifier normalization. The dead code analysis involves first dividing the source code into basic blocks and constructing corresponding control flow graphs. By traversing the control flow graphs, unreachable basic blocks are detected and identified as dead code, which are then removed from the source code without affecting the program's semantics. The constant propagation process involves performing data flow analysis on the source code to identify variables defined as constants or that remain unchanged during execution. The code indentation, blank lines, and identifier standardization are based on general coding standards to detect non-standard indentation, blank lines, and formatting issues in the source code, and then perform unified standardization and replacement.

7. The method for enhancing the robustness of large code models based on context processing and post-training as described in claim 6, characterized in that: In step 4, robustness evaluation metrics support both static CodeBLEU metrics and dynamic metrics. Indicators, and based on and Two robustness metrics are used to quantitatively evaluate the stability of the model output and output the evaluation results; The indicator is expressed as follows: in, Indicates the result after code equivalence semantic perturbation index, The metric is used to represent the percentage decrease in model performance before and after the perturbation; The indicator is expressed as follows: in, Indicates the total number of evaluation samples. This represents the number of samples that passed the test cases under the original input, but failed after undergoing equivalent semantic perturbation. This represents the number of samples that initially failed but passed after perturbation. Used to measure the proportion of changes in model prediction results before and after code semantic equivalence transformation.

8. A robustness enhancement system for large code models based on context processing and post-training, characterized in that, include: The equivalence semantics adversarial perturbation module is used to convert a given source code into perturbation code based on equivalence semantics. The adversarial perturbation sample generation module is used to generate adversarial perturbation samples using perturbation code based on a greedy exploration and simulated annealing adversarial attack method. The code normalization module is used to perform dead code analysis, constant propagation processing, and code indentation, blank lines, and identifier normalization on the backup dataset. The post-training robust enhancement module is used to input the adversarial perturbation samples into the post-training framework to perform reinforcement learning adversarial training on the target large language model based on supervised fine-tuning and direct preference optimization. The context robustness enhancement module is used to concatenate the optimal subset of examples with the current input to form contextual prompts for inputting the target large language model; The robustness evaluation module is used to input the source code dataset and the perturbation dataset generated by the perturbation code into the target large language model to quantitatively evaluate and output robustness evaluation metrics.

9. An electronic device, characterized in that, include: At least one processor, and a memory communicatively connected to said at least one processor; The memory stores instructions that can be executed by the at least one processor to enable the at least one processor to perform the steps of the method according to any one of claims 1 to 7.

10. A computer storage medium storing a computer program thereon, characterized in that: When the computer program is executed by the processor, it performs the steps as described in any one of claims 1 to 7.