The proliferation of large language models for code (CodeLMs) and open-source contributions has heightened concerns over unauthorized use of source code datasets. While watermarking provides a viable protection mechanism by embedding ownership signals, existing methods rely on detectable trigger-target patterns and are limited to source-code tasks, overlooking other scenarios such as decompilation tasks. In this paper, we propose DuCodeMark, a stealthy and robust dual-purpose watermarking method for code datasets that generalizes across both source-code tasks and decompilation tasks. DuCodeMark parses each code sample into an abstract syntax tree (AST), applies language-specific style transformations to construct stealthy trigger-target pairs, and injects repressible poisoned features into a subset of return-typed samples to enhance robustness against watermark removal or evasion. These features remain inactive during normal training but are activated upon watermark removal, degrading model performance. For verification, DuCodeMark employs a black-box method based on the independent-samples $t$-test. We conduct a comprehensive evaluation of DuCodeMark across 72 settings spanning two code tasks, two programming languages, three CodeLMs, and six decoding temperatures. The results demonstrate that it consistently achieves strong verifiability ($p < 0.05$), high stealthiness (suspicion rate $\leq$ 0.36), robustness against both watermark and poisoning attacks (recall $\leq$ 0.57), and a substantial drop in model performance upon watermark removal (Pass@1 drops by 28.6%), underscoring its practicality and resilience.

翻译：[translated abstract in Chinese] 代码大型语言模型（CodeLMs）和开源贡献的普及加剧了对源代码数据集未经授权使用的担忧。虽然水印技术通过嵌入所有权信号提供了一种可行的保护机制，但现有方法依赖于可检测的触发-目标模式，且局限于源代码任务，忽略了反编译等其他场景。本文提出DuCodeMark，一种隐蔽且鲁棒的双用途代码数据集水印方法，可同时适用于源代码任务和反编译任务。DuCodeMark将每个代码样本解析为抽象语法树（AST），应用语言特定的风格变换构建隐蔽的触发-目标对，并对部分具有返回类型的样本注入可抑制的毒化特征，以增强对水印移除或规避的鲁棒性。这些特征在正常训练期间保持非激活状态，但在水印被移除时激活，导致模型性能下降。在验证阶段，DuCodeMark采用基于独立样本t检验的黑盒方法。我们在涵盖两种代码任务、两种编程语言、三种CodeLM及六种解码温度的72种设置下对DuCodeMark进行了全面评估。结果表明，该方法始终表现出强可验证性（p < 0.05）、高隐蔽性（怀疑率 ≤ 0.36）、对水印攻击和毒化攻击的鲁棒性（召回率 ≤ 0.57），以及水印移除后模型性能的显著下降（Pass@1下降28.6%），彰显了其实用性和鲁棒性。