Occam Learning Meets Synthesis Through Unification

In this paper, we focus on designing an Occam solver for PBE tasks. As mentioned before, an Occam solver should synthesize programs whose size is polynomial to the size of the target program and sub-linear to the number of provided examples with high probability. Since the target program is unknown, an Occam solver should satisfy this requirement when the target program is the smallest valid program (programs consistent with the given input-output examples), and thus prefer smaller programs to larger programs.

We first show that Eusolver (Alur et al., 2017) may return unnecessarily large programs and thus is unlikely to be an Occam solver. We shall formally prove that Eusolver is not an Occam solver in Section 5.3. Eusolver follows the STUN framework and provides a term solver and an unifier. The term solver is responsible for synthesizing a term set that jointly covers all the given examples. In our example, one valid term set is $\{x+1,y+1,z+1\}$. A unifier is responsible for synthesizing a set of conditions to unify the term set into a program with nested if-then-else operators. In our example, the conditions are $\{x+y\geq 1,x+z\geq 1,y+z\geq 1\}$.

Similar to Occam learning, Eusolver also tries to return small programs. To achieve this, Eusolver enumerates the terms and the conditions from small to large, and then tries to combine the enumerated terms and conditions into a complete program. Though this approach controls the sizes of individual terms and conditions, it fails to control the number of the terms and the conditions, and thus may lead to unnecessarily large programs.

The term solver of Eusolver enumerates the terms from small to large, and includes a term in the term set when the set of examples covered by this term (i.e., the term is correct on these examples) is different from all smaller terms. The term set is complete when all examples are covered. As a result, this strategy may unnecessarily include many small terms, each covering only a few examples. In our motivating example, if constants such as $-1,\dots,5$ are available, $\mathcal{T}_{E}$ will return set $\{-1,\dots,5\}$ instead of $\{x+1,y+1,z+1\}$. Though such terms are small, the number of the terms grows with the number of examples.

The unifier of Eusolver builds a decision tree using the ID3 algorithms. Here the terms are considered as labels, the enumerated if-conditions are considered as conditions, and a term is a valid label for an example if it covers the example. However, ID3 is designed for fuzzy classification problems, uses information gain to select conditions, and may select conditions that negatively contribute to program synthesis. For example, $x\geq 0$ will have good information gain for this example. In the original sets the three labels $x+1$, $y+1$ and $z+1$ are evenly distributed. Predicate $x\geq 0$ divides the examples into two sets where the distribution become uneven: in one set 50% of the examples are labelled with $x+1$, and in the other set only 20% of the examples are labelled $x+1$. However, in both sets the three labels still exist, and we still have to find conditions to distinguish them. As a result, selecting $x>0$ roughly doubles the size of the synthesized program.

To synthesize small programs, PolyGen controls not only the size of individual terms and conditions but also the number of conditions and terms. The structure of PolyGen is shown as Figure 1(a). As we can see in the figure, PolyGen is built of a set of sub-solvers, each responsible for synthesizing part of the program. Figure 1(b) lists a program PolyGen synthesizes, and the colored rectangles show the parts of the program synthesized by the sub-solver with the same color. In the following we shall illustrate how PolyGen works.

The problem of programming-by-example (PBE) is usually discussed above an underlying domain $\mathbb{D}=(\mathbb{P},\mathbb{I},\mathbb{O},\llbracket{.}\rrbracket_{\mathbb{D}})$, where $\mathbb{P},\mathbb{I},\mathbb{O}$ represent a program space, an input space, and an output space respectively, $\llbracket{.}\rrbracket_{\mathbb{D}}$ is an oracle function that associates a program $p\in\mathbb{P}$ and an input $I\in\mathbb{I}$ with an output in $\mathbb{O}$, denoted as $\llbracket{p}\rrbracket_{\mathbb{D}}(I)$. The domain limits the ranges of possibly used programs and concerned inputs and provides the semantics of these programs.

For simplicity, we make two assumptions on the domain: (1) There is a universal oracle function $\llbracket{.}\rrbracket$ for any domains; (2) The output space $\mathbb{O}$ is always induced by the program space $\mathbb{P}$, the input space $\mathbb{I}$, and the oracle function $\llbracket{.}\rrbracket$, i.e., $\mathbb{O}=\{\llbracket{p}\rrbracket(I)\ |\ p\in\mathbb{P},I\in\mathbb{I}\}$. In the remainder of this paper, we abbreviate a domain as a pair $(\mathbb{P},\mathbb{I})$ of a program space and an input space. We shall use notation $\mathcal{F}$ to represent a family of domains, and thus discuss general properties of domains.

PBE (Shaw et al., 1975) is a subproblem of program synthesis where the solver is required to learn a program from a set of given input-output examples. As this paper focuses on the generalizability of PBE solvers, we assume that there is at least a program satisfying all given examples: The problem of determining whether there is a valid program is another domain of program synthesis, namely unrealizability (Hu et al., 2020; Kim et al., 2021), and is out of the scope of our paper.

In computational learning theory, Occam Learning (Blumer et al., 1987) is proposed to explain the effectiveness of the principle of Occam’s Razor. In PBE, an Occam solver guarantees that the size of the synthesized program is at most polynomially larger than the size of the target program.

We assume the program domain is defined by a context-free grammar. At this time, a program can be represented by its left-most derivation and can be encoded as a sequence of grammar rules.

The size provides a logarithmic upper bound on the number of programs no larger than $p$.

Blumer et al. (1987) analysizes Occam solvers under the probably approximately correct (PAC) learnability framework, and proves that the generalizability of Occam solvers is always guaranteed.

Due to space limit, we move all proofs to Appendix B.

When $\epsilon$ and $\delta$ are fixed, Theorem 4.6 implies that an $(\alpha,\beta)-$Occam solver can find a program similar to the target $p^{*}$ with only $O\left(\text{size}(p^{*})^{\alpha/(1-\beta)}\right)$ examples. Such a bound matches the principle of Occam’s Razor, as it increases monotonically when the size of the target program increases.

The class of Occam solvers can reflect the practical generalizability of PBE solvers. Let us take two primitive solvers $\mathcal{S}_{\text{min}}$ and $\mathcal{S}_{\text{rand}}$ as an example. For any PBE task $T$, let $\mathbb{P}(T)\subseteq\mathbb{P}$ be the set of programs that are consistent with examples in $T$:

• •

  $\mathcal{S}_{\text{rand}}$ is the most trivial synthesizer that has no guarantee on the quality of the result: It just uniformly returns a program from $\mathbb{P}(T)$: $\forall p\in\mathbb{P}(T),\Pr\left[\mathcal{S}_{\text{rand}}(T)=p\right]=|\mathbb{P}(T)|^{-1}$.

• •

  $\mathcal{S}_{\text{min}}$ regards a PBE task as an optimization problem, and always returns the syntactically smallest program in $\mathbb{P}(T)$: $\mathcal{S}_{\text{min}}(T)\coloneqq\arg\min_{p\in\mathbb{P}(T)}\text{size}(p)$.

In practice, it is usually believed that $\mathcal{S}_{\text{min}}$ has better generalizability than $\mathcal{S}_{\text{rand}}$. We prove that the class of Occam solvers can discover this advantage, as $\mathcal{S}_{\text{min}}$ is an Occam solver but $\mathcal{S}_{\text{rand}}$ is not.

The framework of synthesis through unification (STUN) focuses on synthesis tasks for programs with nested if-then-else operators. Formally, STUN assumes that the program space can be decomposed into two subspaces, for if-conditions and if-terms respectively.

We use pair $(\mathbb{P}_{t},\mathbb{P}_{c})$ to denote a conditional program space derived from term space $\mathbb{P}_{t}$ and condition space $\mathbb{P}_{c}$. Besides, we call a domain $\mathbb{D}$ conditional if the program space in $\mathbb{D}$ is conditional.

A STUN solver synthesizes programs in two steps:

1. (1)

   A term solver is invoked to synthesize a set of programs $P\subseteq\mathbb{P}_{t}$ such that for any example, there is always a consistent program in $P$.

2. (2)

   A unifier is invoked to synthesize a valid program from conditional program space $(P,\mathbb{P}_{c})$.

In this paper, we only consider the specialized version of the STUN framework on PBE tasks.

A STUN solver consists of a term solver $\mathcal{T}$ and a unifier $\mathcal{U}$. Given a PBE task $T$, the solver returns $\mathcal{U}(\mathcal{T}(T))(T)$ as the synthesis result. Alur et al. (2015) proves that such a combination is complete when the conditional domain is if-closed. For other domains, STUN can be extended to be complete by backtracking to the term solver when the unifier fails (Alur et al., 2015, 2017).

Please note that any conditional domain with equality is if-closed, as $c$ can be constructed by testing the equality between the outputs of $p_{1}$ and $p_{2}$. In the rest of the paper, we assume the conditional program space is if-closed, and use $\mathcal{F}_{C}$ to denote a family of if-closed domains.

Eusolver (Alur et al., 2017) is a state-of-the-art solver following the STUN framework. It takes efficiency and generalizability as its design purposes, and makes a trade-off between them.

The term solver $\mathcal{T}_{E}$ in Eusolver is motivated by $\mathcal{S}_{\text{min}}$. $\mathcal{T}_{E}$ enumerates terms in $\mathbb{P}_{t}$ in the increasing order of the size. For each term $t$, if there is no smaller term that performs the same with $p$ on examples, $t$ will be included in the result. $\mathcal{T}_{E}$ returns when the result is enough to cover all examples.

The unifier $\mathcal{U}_{E}$ in Eusolver regards nested if-then-else operators as a decision tree, and uses ID3 (Quinlan, 1986), a standard decision-tree learning algorithm, to unify the terms. $\mathcal{U}_{E}$ learns a decision tree recursively: In each recursion, it first tries to use a term to cover all remaining examples. If there is no such term, $\mathcal{U}_{E}$ will heuristically pick up a condition $c$ from $\mathbb{P}_{c}$ as the if-condition. According to the semantics of $c$, the examples will be divided into two parts, which will be used to synthesize the then-branch and the else-branch respectively.

In this section, we study the generalizability of the STUN framework. To start, we extend the concept of Occam solvers to term solvers and unifiers: For an Occam term solver, there should be a polynomial bound on the total size of synthesized terms, and for an Occam unifier, the induced PBE solver should always be an Occam solver for any possible term set. These definitions will be used to guide our design of PolyGen later.

In Definition 5.6, besides the size of the target program, the bound also refers to the total size of $P$. Such relaxation allows the unifier to use more examples when a large term set is provided.

Based on the above definitions, we prove that under some conditions, an STUN solver comprised of an Occam term solver and an Occam unifier is also an Occam solver.

In this section, we analyze the generalizability of Eusolver and prove that Eusolver is not an Occam solver. We start from the term solver $\mathcal{T}_{E}$. As $\mathcal{T}_{E}$ enumerates terms in the increasing order of the size, $\mathcal{T}_{E}$ guarantees that all synthesized terms are small. However, the main problem of $\mathcal{T}_{E}$ is that it does not control the total number of synthesized terms. Therefore, the total size of the term set returned by $\mathcal{T}_{E}$ can be extremely large, as shown in Example 5.8.

The following fact comes from Example 5.8 immediately.

The generalizability of $\mathcal{U}_{E}$ is related to the underlying decision-tree learning algorithm ID3. Hancock et al. (1995) proves that there is no polynomial-time algorithm for learning decision trees that generalizes within a polynomial number of examples unless $\mathsf{NP}=\mathsf{RP}$, where $\mathsf{RP}$ represents the class of polynomial-time random algorithms with one-side error. Combining with Theorem 4.6, we obtain the following lemma, which implies that $\mathcal{U}_{E}$ is unlikely to be an Occam unifier.

These results indicate that (1) Eusolver itself is not an Occam solver, and (2) if we would like to design an Occam solver following Theorem 5.7, neither $\mathcal{T}_{E}$ nor $\mathcal{U}_{E}$ can be reused.

For an Occam term solver, the total size of returned terms should be bounded. Therefore, a term solver must be an Occam solver if (1) the number of returned terms is bounded, and (2) the maximal size of returned terms is bounded.

In Lemma 6.1, the first condition has a form similar to the guarantee provided by an Occam solver. Motivated by this point, we design $\mathcal{T}_{\text{poly}}$ as a meta-solver that takes an Occam solver $\mathcal{S}_{t}$ on the term space as an input. To solve a term finding task, $\mathcal{T}_{\text{poly}}$ firstly decomposes it into several standard PBE tasks and then invokes $\mathcal{S}_{t}$ to synthesize terms with bounded sizes.

One challenge is that, in a term finding task, different examples correspond to different target terms, i.e., if-terms used in the target program. To find a target term using $\mathcal{S}_{t}$, $\mathcal{T}$ should pick up enough examples that correspond to the same target term. To do so, we utilize the fact that there must be a target term that covers a considerable portion of all examples, as shown in Lemma 6.2.

Given a term finding task $T$ where $P^{*}$ is the set of target terms, let $t^{*}\in P^{*}$ be the term that covers the most examples. According to Lemma 6.2, if we randomly select $n_{t}$ examples from $T$, term $t^{*}$ will be consistent with all selected examples with a probability of at least $|P^{*}|^{-n_{t}}$. Therefore, $\mathcal{T}_{\text{poly}}$ repeatedly invokes $\mathcal{S}_{t}$ on a small set of random examples drawn from $T$: When the generalizability of $\mathcal{S}_{t}$ is guaranteed on term space $\mathbb{P}_{t}$, the number of examples and the number of turns are large enough, $\mathcal{T}_{\text{poly}}$ would find a term semantically similar with $t^{*}$ with a high probability.

For the second condition, $\mathcal{T}_{\text{poly}}$ assumes that there is an upper bound $k$, and searches among term sets with at most $k$ terms. If the search process guarantees to find a valid term set with a high probability when $k$ is larger than a small bound, which is polynomial to the size of the target program and sub-linear to the number of examples, the second condition of Lemma 6.2 can be satisfied by iteratively trying all possible $k$.

The pseudo-code of $\mathcal{T}_{\text{poly}}$ is shown as Algorithm 1. $\mathcal{T}_{\text{poly}}$ is configured by a domain solver $\mathcal{S}_{t}$, which is used to synthesize terms, and a constant $c$, which is used to configure bounds used in $\mathcal{T}_{\text{poly}}$. We assume that $\mathcal{S}_{t}$ can discover the case where there is no valid solution, and returns $\bot$ at this time.

The algorithm of $\mathcal{T}_{\text{poly}}$ is comprised of three parts. The first part implements the random sampling discussed previously, as function GetCandidatePrograms() (abbreviated as Get()). Get() takes four inputs: examples is a set of input-output examples, $k$ is an upper bound on the number of terms, $n_{t}$ is the number of examples provided to $\mathcal{S}_{t}$ and $s$ is an upper bound on the size of terms. Guided by Lemma 6.2, Get() returns a set of programs that covers at least $k^{-1}$ portion of examples. The body of Get() is a repeated sampling process (Line 3). In each turn, $n_{t}$ examples are sampled (Line 4), and solver $\mathcal{S}_{t}$ is invoked to synthesize a program from these sampled examples (Line 5). Get() collects all valid results (Line 7) and returns them to Search() (Line 10).

Note that Get() only considers those programs of which the sizes are at most $cs^{\alpha}n_{t}^{\beta}$ (Line 6). This bound comes from the definition of Occam solvers (Definition 4.2): When all examples provided to $\mathcal{S}_{t}$ corresponds to the same target term and the size of this term is at most $s$, with a high probability, the term found by $\mathcal{S}_{t}$ will be no larger than $cs^{\alpha}n_{t}^{\beta}$. However, in other cases, the selected examples may happen to correspond to some other unwanted terms: At this time, the term found by $\mathcal{S}_{t}$ may be much larger than the target term. Therefore, $\mathcal{T}_{\text{poly}}$ sets a limitation on the size and rejects those programs that are too large. This bound can be safely replaced by any function that is polynomial to $s$ and sub-linear to $n_{t}$ without affecting $\mathcal{T}_{\text{poly}}$ to be an Occam term solver.

The second part implements the backtracking as function Search() (Lines 11-18). Given a set of examples examples and size limit $k$, Search() searches for a set of at most $k$ terms that covers all examples. Search() invokes function Get() to obtain a set of possible terms (Line 14), and then recursively tries each of them until a valid term set is found (Lines 15-16).

The third part of $\mathcal{T}_{\text{poly}}$ selects proper values for $k,n_{t}$ and $s$ iteratively (Lines 19-29). In each turn, $\mathcal{T}_{\text{poly}}$ considers the case where the number of target terms and their sizes are all $O(s)$ and select proper values for $n_{t}$ and $k$ in the following ways:

• •

  By Theorem 4.6, when the size of the target term is $O(s)$, $\mathcal{S}_{t}$ requires $O(s^{\alpha/(1-\beta)})$ examples to guarantee the accuracy. Therefore, $\mathcal{T}_{\text{poly}}$ sets the upper bound of $n_{t}$ to $cs^{\alpha/(1-\beta)}$.

• •

  Also by Theorem 4.6, when $n_{t}$ is set to $cs^{\alpha/(1-\beta)}$, the term syntehsized by $\mathcal{S}_{t}$ may still differ with the target term on a constant portion of inputs. As a result, $\mathcal{T}_{\text{poly}}$ may use $O(\ln n)$ times more terms to cover all examples in $T$. Therefore, $\mathcal{T}_{\text{poly}}$ sets the upper bound of $k$ to $cs\ln n$.

As the time cost of Get() and Search() grows rapidly when $k$ and $n_{t}$ increases, $\mathcal{T}_{\text{poly}}$ tries all values of $k$ and $n_{t}$ from small to large (Lines 22-27), instead of directly using the largest possible $k$ and $n_{t}$. The iteration ends immediately when a valid term set is found (Line 25).

In this section, we discuss the properties of $\mathcal{T}_{\text{poly}}$. As a meta solver, $\mathcal{T}_{\text{poly}}$ guarantees to be an Occam term solver when $\mathcal{S}_{t}$ is an Occam solver on the term space.

Then, we discuss the time cost of $\mathcal{T}_{\text{poly}}$. With a high probability, $\mathcal{T}_{\text{poly}}$ invokes Search() only polynomial times, but the time cost of Search() may not be polynomial. By Algorithm 1, an invocation of Search() of depth $i$ on the recursion tree samples $n_{t}(k-i)^{n_{t}}$ times. In the worst case, $\mathcal{S}_{t}$ successfully synthesizes programs for all these samples, and the results are all different. At this time, Search() will recurse into $n_{t}(k-i)^{n_{t}}$ different branches. Therefore, for each $n_{t},k$, domain solver $\mathcal{S}_{t}$ will be invoked $n_{t}^{k}(k!)^{n_{t}}$ times in the worst case.

However, in practice, $\mathcal{T}_{\text{poly}}$ is usually much faster than the worst-case because:

• •

  The domain solver $\mathcal{S}_{t}$ usually fails when the random examples correspond to different target terms, as the expressive ability of term domain $\mathbb{P}_{t}$ is usually limited.

• •

  For those incorrect terms that happen to be synthesized, they seldom satisfy the requirement on the size and the number of covered examples (Line 6 in Algorithm 1).

In the best case where Get() never returns a term that is not used by the target program, $\mathcal{S}_{t}$ will be invoked at most $n_{t}2^{k}k^{n_{t}}$ times: Such a bound is much smaller than the worst case.

$\mathcal{U}_{\text{poly}}$ unifies terms into a decision list, a structure proposed by Rivest (1987) for compactly representing decision procedures. $\mathcal{U}_{\text{poly}}$ unifies a term set $P=\{p_{1},\dots,p_{m}\}$ into the following form:

where $c_{1},\dots,c_{m-1}$ belong to $\text{DNF}(\mathbb{P}_{c})$, the disjuctive normal form comprised of conditions in $\mathbb{P}_{c}$. $\text{DNF}(\mathbb{P}_{c})$ is defined together with another two sets $\text{L}(\mathbb{P}_{c})$ and $\text{CL}(\mathbb{P}_{c})$, where the set of literals $\text{L}(\mathbb{P}_{c})$ includes conditions in $\mathbb{P}_{c}$ and their negations, the set of clauses $\text{CL}(\mathbb{P}_{c})$ includes the conjunctions of subsets of $\text{L}(\mathbb{P}_{c})$, and the set of DNF formulas $\text{DNF}(\mathbb{P}_{c})$ includes disjunctions of subsets of $\text{CL}(\mathbb{P}_{c})$.

We use notation $(\mathbb{P}_{t},\mathbb{P}_{c})_{\text{DL}}$ to denote the set of decision lists where if-terms and if-conditions are from $\mathbb{P}_{t}$ and $\text{DNF}(\mathbb{P}_{c})$ respectively. In the following lemma, we show that $(\mathbb{P}_{t},\mathbb{P}_{c})_{\text{DL}}$ is a suitable normal from for designing an Occam unifier, because for any program in $(\mathbb{P}_{t},\mathbb{P}_{c})$, there is always a semantically equivalent program in $(\mathbb{P}_{t},\mathbb{P}_{c})_{\text{DL}}$ with a close size.

$\mathcal{U}_{\text{poly}}$ decomposes the unification task into $m-1$ PBE tasks for $c_{1},\dots,c_{m-1}$ respectively. Algorithm 3 shows the framework of $\mathcal{U}_{\text{poly}}$, which synthesizes conditions in order (Lines 2-7). For each term $p_{i}$ and each remaining example $e=(I,O)$, there are three possible cases:

• •

  If $p_{i}$ is not consistent with $e$, the value of if-condition $c_{i}$ must be False on input $I$ (Line 3).

• •

  If $p_{i}$ is the only program in $p_{i},\dots,p_{n}$ that is consistent with $e$, the value of $c_{i}$ must be True on input $I$ (Line 4).

• •

  Otherwise, the value of $c_{i}$ does not matter, as $p_{i}$ is not the last choice. Therefore, $\mathcal{U}_{\text{poly}}$ ignores this example: If the synthesized $c_{i}$ is false on input $I$, $e$ will be left to subsequent terms.

In this way, $\mathcal{U}_{\text{poly}}$ obtains a PBE task for $c_{i}$, and it invokes a DNF solver $\mathcal{C}$ to solve it (Line 5). Then, $\mathcal{U}_{\text{poly}}$ excludes all examples covered by $c_{i}$ (Line 6) and moves to the next term. At last, $\mathcal{U}_{\text{poly}}$ unifies all terms and conditions into a complete program (Lines 8-11).

Just like $\mathcal{T}_{\text{poly}}$, unifier $\mathcal{U}_{\text{poly}}$ is an Occam unifier when $\mathcal{C}$ is an Occam solver on $\text{DNF}(\mathbb{P}_{c})$.

By Lemma 7.2, the only problem remaining is to design an Occam solver for $\text{DNF}(\mathcal{F}_{C})$. We shall gradually build such a condition solver in the following two subsections.

For the sake of simplicity, we start by introducing some useful notations:

• •

  We regard a DNF formula $d$ as a set of clauses and regard a clause $c$ as a set of literals. We use notation $p_{c}(c)$ and $p_{d}(d)$ to represent their corresponding program respectively.

• •

  For an input space $\mathbb{I}$ and a condition $p$, we use $P(\mathbb{I},p)$ and $N(\mathbb{I},p)$ to denote the set of inputs where $p$ is evaluated to true and false respectively.

• •

  For a PBE task $T$, we use $\mathbb{I}(T)$, $\mathbb{I}_{P}(T)$ and $\mathbb{I}_{N}(T)$ to denote the inputs of examples, positive examples and negative examples in $T$ respectively, i.e.:

  $$\mathbb{I}(T)\coloneqq\{I\ |\ (I,O)\in T\}\ \ \ \mathbb{I}_{P}(T)\coloneqq\{I\ |\ (I,\texttt{true})\in T\}\ \ \ \mathbb{I}_{N}(T)\coloneqq\{I\ |\ (I,\texttt{false})\in T\}$$

For a PBE task $T$ on domain $(\text{DNF}(\mathbb{P}_{c}),\mathbb{I})$, a valid condition $p$ should satisfy the following two conditions: (1) $p$ takes true on all positive examples in $T$, i.e., $\mathbb{I}_{P}(T)\subseteq P(\mathbb{I}(T),p)$; (2) $p$ takes false on all negative examples in $T$, i.e., $\mathbb{I}_{N}(T)\subseteq N(\mathbb{I}(T),p)$. In this section, we build solver $\mathcal{C}_{\text{CL}}$ for the subproblem where the target condition is assumed to be a single clause.