Code generation models have achieved impressive performance. However, they tend to be brittle as slight edits to a prompt could lead to very different generations; these robustness properties, critical for user experience when deployed in real-life applications, are not well understood. Most existing works on robustness in text or code tasks have focused on classification, while robustness in generation tasks is an uncharted area and to date there is no comprehensive benchmark for robustness in code generation. In this paper, we propose ReCode, a comprehensive robustness evaluation benchmark for code generation models. We customize over 30 transformations specifically for code on docstrings, function and variable names, code syntax, and code format. They are carefully designed to be natural in real-life coding practice, preserve the original semantic meaning, and thus provide multifaceted assessments of a model's robustness performance. With human annotators, we verified that over 90% of the perturbed prompts do not alter the semantic meaning of the original prompt. In addition, we define robustness metrics for code generation models considering the worst-case behavior under each type of perturbation, taking advantage of the fact that executing the generated code can serve as objective evaluation. We demonstrate ReCode on SOTA models using HumanEval, MBPP, as well as function completion tasks derived from them. Interesting observations include: better robustness for CodeGen over InCoder and GPT-J; models are most sensitive to syntax perturbations; more challenging robustness evaluation on MBPP over HumanEval.

数据增强是自然语言处理（NLP）模型的鲁棒性评估的重要组成部分，以及增强他们培训的数据的多样性。在本文中，我们呈现NL-Cogmenter，这是一种新的参与式Python的自然语言增强框架，它支持创建两个转换（对数据的修改）和过滤器（根据特定功能的数据拆分）。我们描述了框架和初始的117个变换和23个过滤器，用于各种自然语言任务。我们通过使用其几个转换来分析流行自然语言模型的鲁棒性来证明NL-Upmenter的功效。基础架构，Datacards和稳健性分析结果在NL-Augmenter存储库上公开可用（\ url {https://github.com/gem-benchmark/nl-augmenter}）。

To extend the scope of coding queries to more realistic settings, we propose ODEX, the first open-domain execution-based natural language (NL) to code generation dataset. ODEX has 945 NL-Code pairs spanning 79 diverse libraries, along with 1,707 human-written test cases for execution. Our NL-Code pairs are harvested from StackOverflow forums to encourage natural and practical coding queries, which are then carefully rephrased to ensure intent clarity and prevent potential data memorization. Moreover, ODEX supports four natural languages as intents, in English, Spanish, Japanese, and Russian. ODEX unveils intriguing behavioral differences between top-performing Code LMs: Codex performs better on open-domain queries, yet CodeGen captures a better balance between open- and closed-domain. ODEX corroborates the merits of execution-based evaluation over metrics without execution but also unveils their complementary effects. Powerful models such as CodeGen-6B only achieve an 11.96 pass rate at top-1 prediction, suggesting plenty of headroom for improvement. We release ODEX to facilitate research into open-domain problems for the code generation community.

大型语言模型已经证明了能够在自然语言和编程语言文本上进行条件和生成的能力。这样的模型打开了多语言代码生成的可能性：代码生成模型是否可以将知识从一种语言推广到另一种语言？尽管当代代码生成模型可以生成语义上正确的Python代码，但对它们使用其他语言的能力知之甚少。我们通过提出Multipl-E来促进该主题的探索，这是自然语言到代码生成的第一个多语言平行基准。 Multipl-E扩展了HumaneVal基准（Chen等，2021），以支持另外18种编程语言，涵盖了一系列编程范式和受欢迎程度。我们在Multipl-E：Codex和Incoder上评估了两个最先进的代码生成模型。我们发现，在几种语言上，法典匹配，甚至超过了其在Python上的性能。在多型E中表示的编程语言范围使我们能够探索语言频率和语言功能对模型性能的影响。最后，将代码生成基准分配给新编程语言的多重方法既可扩展又可扩展。我们描述了一种通用方法，可以轻松地增加对新基准和语言的支持。

关于NLP模型的最先进攻击缺乏对成功攻击的共享定义。我们将思考从过去的工作蒸馏成统一的框架：一个成功的自然语言对抗性示例是欺骗模型并遵循一些语言限制的扰动。然后，我们分析了两个最先进的同义词替换攻击的产出。我们发现他们的扰动通常不会保留语义，38％引入语法错误。人类调查显示，为了成功保留语义，我们需要大大增加交换词语的嵌入和原始和扰动句子的句子编码之间的最小余弦相似之处。与更好的保留语义和语法性，攻击成功率下降超过70个百分点。

The robustness of Text-to-SQL parsers against adversarial perturbations plays a crucial role in delivering highly reliable applications. Previous studies along this line primarily focused on perturbations in the natural language question side, neglecting the variability of tables. Motivated by this, we propose the Adversarial Table Perturbation (ATP) as a new attacking paradigm to measure the robustness of Text-to-SQL models. Following this proposition, we curate ADVETA, the first robustness evaluation benchmark featuring natural and realistic ATPs. All tested state-of-the-art models experience dramatic performance drops on ADVETA, revealing models' vulnerability in real-world practices. To defend against ATP, we build a systematic adversarial training example generation framework tailored for better contextualization of tabular data. Experiments show that our approach not only brings the best robustness improvement against table-side perturbations but also substantially empowers models against NL-side perturbations. We release our benchmark and code at: https://github.com/microsoft/ContextualSP.

大规模的预训练语言模型在广泛的自然语言理解（NLU）任务中取得了巨大的成功，甚至超过人类性能。然而，最近的研究表明，这些模型的稳健性可能受到精心制作的文本对抗例子的挑战。虽然已经提出了几个单独的数据集来评估模型稳健性，但仍缺少原则和全面的基准。在本文中，我们呈现对抗性胶水（AdvGlue），这是一个新的多任务基准，以定量和彻底探索和评估各种对抗攻击下现代大规模语言模型的脆弱性。特别是，我们系统地应用14种文本对抗的攻击方法来构建一个粘合的援助，这是由人类进一步验证的可靠注释。我们的调查结果总结如下。 （i）大多数现有的对抗性攻击算法容易发生无效或暧昧的对手示例，其中大约90％的含量改变原始语义含义或误导性的人的注册人。因此，我们执行仔细的过滤过程来策划高质量的基准。 （ii）我们测试的所有语言模型和强大的培训方法在AdvGlue上表现不佳，差价远远落后于良性准确性。我们希望我们的工作能够激励开发新的对抗攻击，这些攻击更加隐身，更加统一，以及针对复杂的对抗性攻击的新强大语言模型。 Advglue在https://adversarialglue.github.io提供。

当前的语言模型可以产生高质量的文本。他们只是复制他们之前看到的文本，或者他们学习了普遍的语言抽象吗？要取笑这些可能性，我们介绍了乌鸦，这是一套评估生成文本的新颖性，专注于顺序结构（n-gram）和句法结构。我们将这些分析应用于四种神经语言模型（LSTM，变压器，变换器-XL和GPT-2）。对于本地结构 - 例如，单个依赖性 - 模型生成的文本比来自每个模型的测试集的人类生成文本的基线显着不那么新颖。对于大规模结构 - 例如，总句结构 - 模型生成的文本与人生成的基线一样新颖甚至更新颖，但模型仍然有时复制，在某些情况下，在训练集中重复超过1000字超过1,000字的通道。我们还表现了广泛的手动分析，表明GPT-2的新文本通常在形态学和语法中形成良好，但具有合理的语义问题（例如，是自相矛盾）。

Computational notebooks, such as Jupyter notebooks, are interactive computing environments that are ubiquitous among data scientists to perform data wrangling and analytic tasks. To measure the performance of AI pair programmers that automatically synthesize programs for those tasks given natural language (NL) intents from users, we build ARCADE, a benchmark of 1082 code generation problems using the pandas data analysis framework in data science notebooks. ARCADE features multiple rounds of NL-to-code problems from the same notebook. It requires a model to understand rich multi-modal contexts, such as existing notebook cells and their execution states as well as previous turns of interaction. To establish a strong baseline on this challenging task, we develop PaChiNCo, a 62B code language model (LM) for Python computational notebooks, which significantly outperforms public code LMs. Finally, we explore few-shot prompting strategies to elicit better code with step-by-step decomposition and NL explanation, showing the potential to improve the diversity and explainability of model predictions.

Pre-trained programming language (PL) models (such as CodeT5, CodeBERT, GraphCodeBERT, etc.,) have the potential to automate software engineering tasks involving code understanding and code generation. However, these models operate in the natural channel of code, i.e., they are primarily concerned with the human understanding of the code. They are not robust to changes in the input and thus, are potentially susceptible to adversarial attacks in the natural channel. We propose, CodeAttack, a simple yet effective black-box attack model that uses code structure to generate effective, efficient, and imperceptible adversarial code samples and demonstrates the vulnerabilities of the state-of-the-art PL models to code-specific adversarial attacks. We evaluate the transferability of CodeAttack on several code-code (translation and repair) and code-NL (summarization) tasks across different programming languages. CodeAttack outperforms state-of-the-art adversarial NLP attack models to achieve the best overall drop in performance while being more efficient, imperceptible, consistent, and fluent. The code can be found at https://github.com/reddy-lab-code-research/CodeAttack.

数据增强是通过转换为机器学习的人工创建数据的人工创建，是一个跨机器学习学科的研究领域。尽管它对于增加模型的概括功能很有用，但它还可以解决许多其他挑战和问题，从克服有限的培训数据到正规化目标到限制用于保护隐私的数据的数量。基于对数据扩展的目标和应用的精确描述以及现有作品的分类法，该调查涉及用于文本分类的数据增强方法，并旨在为研究人员和从业者提供简洁而全面的概述。我们将100多种方法划分为12种不同的分组，并提供最先进的参考文献来阐述哪种方法可以通过将它们相互关联，从而阐述了哪种方法。最后，提供可能构成未来工作的基础的研究观点。

Adversarial attacks in NLP challenge the way we look at language models. The goal of this kind of adversarial attack is to modify the input text to fool a classifier while maintaining the original meaning of the text. Although most existing adversarial attacks claim to fulfill the constraint of semantics preservation, careful scrutiny shows otherwise. We show that the problem lies in the text encoders used to determine the similarity of adversarial examples, specifically in the way they are trained. Unsupervised training methods make these encoders more susceptible to problems with antonym recognition. To overcome this, we introduce a simple, fully supervised sentence embedding technique called Semantics-Preserving-Encoder (SPE). The results show that our solution minimizes the variation in the meaning of the adversarial examples generated. It also significantly improves the overall quality of adversarial examples, as confirmed by human evaluators. Furthermore, it can be used as a component in any existing attack to speed up its execution while maintaining similar attack success.

程序合成或代码生成旨在生成满足问题规范的程序。使用大规模预处理的语言模型（LMS）的最新方法显示出令人鼓舞的结果，但它们有一些关键的局限性。特别是，他们经常遵循标准监督的微调程序，仅从对自然语言问题描述和基础真相计划对培训代码生成模型。这种范式在很大程度上忽略了问题规范中的一些重要但潜在的信号，例如单位测试，因此在求解复杂的看不见的编码任务时通常会导致性能差。为了解决这些局限性，我们提出了“ Coderl”，这是通过验证的LMS和深入强化学习（RL）实现程序合成任务的新框架。具体而言，在培训期间，我们将代码生成的LM视为参与者网络，并引入批评网络，该网络经过培训，以预测生成的程序的功能正确性，并为演员提供密集的反馈信号。在推理期间，我们引入了一种新一代程序，具有关键的抽样策略，该过程允许模型根据示例单位测试和评论家分数的反馈自动重新生成程序。对于模型骨架，我们扩展了Codet5的编码器架构，具有增强的学习目标，更大的模型大小和更好的预处理数据。我们的方法不仅在具有挑战性的应用程序基准上实现了新的SOTA结果，而且还显示出强大的零弹性传输能力，并在简单的MBPP基准上具有新的SOTA结果。

最近的自然语言处理（NLP）技术在基准数据集中实现了高性能，主要原因是由于深度学习性能的显着改善。研究界的进步导致了最先进的NLP任务的生产系统的巨大增强，例如虚拟助理，语音识别和情感分析。然而，随着对抗性攻击测试时，这种NLP系统仍然仍然失败。初始缺乏稳健性暴露于当前模型的语言理解能力中的令人不安的差距，当NLP系统部署在现实生活中时，会产生问题。在本文中，我们通过以各种维度的系统方式概述文献来展示了NLP稳健性研究的结构化概述。然后，我们深入了解稳健性的各种维度，跨技术，指标，嵌入和基准。最后，我们认为，鲁棒性应该是多维的，提供对当前研究的见解，确定文学中的差距，以建议值得追求这些差距的方向。

大规模的，预训练的语言模型几乎没有学习的方法是回答有关代码问题的有力方法，例如，如何完成给定的代码示例，甚至从头开始生成代码段。这些模型的成功提出了一个问题，它们是否可以作为构建广泛代码生成工具的基础。传统上，此类工具是为每个任务手动和单独构建的。取而代之的是，只需提供一些示例或对预期工具行为的自然语言描述，就可以从单个预训练的语言模型中获取不同的工具。本文研究了代码的最先进的，预先训练的代码模型，Codex可能会达到此目的。我们考虑通过一系列传统工具针对的三个代码操纵和代码生成任务：（i）代码突变； （ii）从自然语言文档中测试甲骨文的生成； （iii）测试案例生成。对于每个任务，我们将几杆学习与手动构建的工具进行比较。我们的结果表明，基于模型的工具补充（代码突变），在PAR上（测试Oracle生成），甚至超越了其各自的传统构建的工具（测试案例生成），同时施加了开发它们的努力。通过比较基于模型的工具的不同变体的有效性，我们提供了有关如何将适当输入（“提示”）设计到模型以及模型大小的影响的见解。例如，我们发现，提供对代码生成任务的小型自然语言描述是改善预测的一种简单方法。总体而言，我们得出的结论是，很少有语言模型令人惊讶地有效，但是还有更多的工作要做，例如探索更多样化的方式来促使和解决更多有关任务。

Machine learning algorithms are often vulnerable to adversarial examples that have imperceptible alterations from the original counterparts but can fool the state-of-the-art models. It is helpful to evaluate or even improve the robustness of these models by exposing the maliciously crafted adversarial examples. In this paper, we present TEXTFOOLER, a simple but strong baseline to generate adversarial text. By applying it to two fundamental natural language tasks, text classification and textual entailment, we successfully attacked three target models, including the powerful pre-trained BERT, and the widely used convolutional and recurrent neural networks. We demonstrate three advantages of this framework:(1) effective-it outperforms previous attacks by success rate and perturbation rate, (2) utility-preserving-it preserves semantic content, grammaticality, and correct types classified by humans, and (3) efficient-it generates adversarial text with computational complexity linear to the text length. 1

基于文本的对抗攻击变得越来越普遍，通用互联网用户可以访问。随着这些攻击的繁殖，解决模型鲁棒性中差距的需求即将变得迫在眉睫。在对抗数据上进行重新培训可能会提高性能，但这些模型在该模型中仍有一类其他角色级攻击。此外，重新培训模型的过程是时间和资源密集型，创造了对轻巧，可重复使用的防御的需求。在这项工作中，我们提出了对抗性文本标准器，这是一种新颖的方法，可恢复具有低计算开销的攻击内容上的基线性能。我们评估了标准级化合物在容易发生攻击的两个问题领域的功效，即仇恨言论和自然语言推断。我们发现，文本归一化提供了针对角色级攻击的任务不足的防御，该攻击可以对对抗性再培训解决方案进行补充，这更适合语义改变。

我们表明，在将直接转换应用到数据集之后，自回归语言模型可以学会填充文本，这简单地将文本的跨度从文档的中间移动到了其末尾。虽然近年来这种数据增强引起了人们的极大兴趣，但我们提供了广泛的证据，表明以这种方式转换的数据很大一部分并不会损害原始的左右生成能力，这是通过困惑和抽样评估来衡量的广泛的尺度。鉴于培训模型对中间的有用性，简单性和效率（FIM），我们建议默认情况下使用FIM培训未来的自回归语言模型。为此，我们在关键的超参数上运行一系列消融，例如数据转换频率，转换的结构以及选择填充跨度的方法。我们使用这些消融来规定强大的默认设置和最佳实践来训练FIM模型。我们发布了最佳的填充模型，该模型在API中培训了最佳实践，并发布了我们的填充基准，以帮助未来的研究。

近年来，文本的风格特性吸引了计算语言学研究人员。具体来说，研究人员研究了文本样式转移（TST）任务，该任务旨在在保留其样式独立内容的同时改变文本的风格属性。在过去的几年中，已经开发了许多新颖的TST算法，而该行业利用这些算法来实现令人兴奋的TST应用程序。由于这种共生，TST研究领域迅速发展。本文旨在对有关文本样式转移的最新研究工作进行全面审查。更具体地说，我们创建了一种分类法来组织TST模型，并提供有关最新技术状况的全面摘要。我们回顾了针对TST任务的现有评估方法，并进行了大规模的可重复性研究，我们在两个公开可用的数据集上实验基准了19个最先进的TST TST算法。最后，我们扩展了当前趋势，并就TST领域的新开发发展提供了新的观点。

Grammatical Error Correction (GEC) is the task of automatically detecting and correcting errors in text. The task not only includes the correction of grammatical errors, such as missing prepositions and mismatched subject-verb agreement, but also orthographic and semantic errors, such as misspellings and word choice errors respectively. The field has seen significant progress in the last decade, motivated in part by a series of five shared tasks, which drove the development of rule-based methods, statistical classifiers, statistical machine translation, and finally neural machine translation systems which represent the current dominant state of the art. In this survey paper, we condense the field into a single article and first outline some of the linguistic challenges of the task, introduce the most popular datasets that are available to researchers (for both English and other languages), and summarise the various methods and techniques that have been developed with a particular focus on artificial error generation. We next describe the many different approaches to evaluation as well as concerns surrounding metric reliability, especially in relation to subjective human judgements, before concluding with an overview of recent progress and suggestions for future work and remaining challenges. We hope that this survey will serve as comprehensive resource for researchers who are new to the field or who want to be kept apprised of recent developments.