In this chapter, we extendedλ→syn to synthesize recursive programs and algebraic data types. We now compare our approach to other example-based systems that synthesize recursive functional programs.
5.4.1
Example Rewriting
The earliest example-based synthesis systems such as Thesys [Summers, 1976] took an analytical approach to example refinement where the examples were incrementally rewritten to a set of Lisp-like primitives and generalized to create a final program. Modern improvements on Thesys such as Igor2 [Kitzelmann, 2010b] and MagicHaskeller[Katayama, 2012] improve upon Thesys in a variety of ways, in particular, generalizing the rewriting of examples to arbitrary term- rewriting of constructors. This process finds the least general generalizationof the set of input/output examples through antiunification. This amounts to equating the parts of the examples that are the same and abstracting away the parts that are different as new synthesis sub-problems to solve. For example, for the following
example constructor values:
Cons(0,Nil) ⇒Cons(0,Cons(0,Nil))
Cons(1,Cons(0,Nil))⇒Cons(1,Cons(1,Cons(0,Cons(0,Nil))))
the least general generalization creates the following constructor value: Cons(x,l1)⇒Cons(x,Cons(x,l2))
Where the variable l2 is a synthesis sub-problem that must be solved.
This process of antiunification describes exactly the behavior of MLsyn’s I- refinement rules. In particular, you can think of the constructor peeling behavior of theirefine-base rule as performing one step of anti-unification on the top-most constructor value. Once I-refinement bottoms out,i.e.,irefine-baseorirefine-arr no longer apply, we resort to other means to complete the program, similarly to Igor2 and its related systems.
5.4.2
Examples and Generalization
For MLsyn, we must utilizeE-guessing to complete the program once I-refinement has been exhausted. In the case that we need to synthesize a recursive function call, we require that the examples are trace complete so that evaluation of the recursive call can be performed by the examples, realized now as a partial function. Other example-based synthesis systems also have variants of this requirement. Thesyscalls this relationship between examples differences, something that Igor2 also requires. Escher [Albarghouthi et al., 2013] also requires a similar sort of property of the examples to evaluate recursive function calls. However, rather than demand this property of the examples upfront, Escher queries the user for additional examples as synthesis demands it.
While MLsyn and Escher both enumerate arbitrary recursive function calls in a generate-and-test style, Thesys and its descendants maintain an analytical approach by recognizing a fixed set of recurrence patterns in the rewritten examples in order to generate recursive calls. The two approaches represent a trade-off in completeness and scalability. The assumption of a fixed set of patterns, similar to a fixed set of combinators [Feser et al., 2015], limits the search space significantly but means that certain patterns of recursive calls cannot be synthesized.
Chapter 6
The Metatheory of MLsyn
The simple type extensions to λ→syn that we explored in Chapter 4 did not change λ→syn’s metatheory. In particular, soundness and completeness followed from straightforward lemmas about the behavior of the new language features. However, the introduction of recursion in MLsyn is significant enough to reexamine whether the key properties we established in Chapter 3 hold and if not, why we lost them.
6.1
Auxiliary Lemmas
When proving soundness and completeness forλ→synand its extensions in Chapter 3 and Chapter 4, we required a number of auxiliary facts for each example-refinement function we introduced:
• Type preservation lemmas stating that the example-refinement function produced well-typed examples.
• Satisfaction soundness lemmas stating that if we had satisfying sub-expressions for examples produced by the example-refinement function, we could con- structor an overall satisfying expression for the original examples.
• Satisfaction preservation lemmas stating that if an expression satisfied some examples, then its sub-expressions satisfied the examples produced by the example-refinement function.
We state these lemmas here for MLsyn.
Lemma 6.1.1 (Type Preservation of apply (MLsyn)). If Σ;Γ ` σ 7→ vi ⇒χii<m : τ1 →τ2 thenΣ;x:τ1,Γ` apply(x,σ,vi ⇒ χii<m) : τ2.
Lemma 6.1.2 (Type Preservation of Example World Concatenation (MLsyn)). IfΣ;Γ` X : τ andΣ;Γ ` X0 : τ then Σ;Γ ` X++X0 : τ.
Lemma 6.1.3 (Satisfaction Soundness of apply (MLsyn)). If I X0thenfix f (x:τ1) : τ2 = I X where X0 =apply(f,x,σi 7→ρ1) ++. . .++apply(f,x,σn 7→ ρn).
Lemma 6.1.4 (Type Preservation of proj (MLsyn)). If X = σi7→ C(I1i, . . .,ki) i<n
, C : τ1∗. . .∗τk → T,Σ;Γ` X : T then Σ;Γ` Xj : τj
j<k
whereproj(X) = X1, . . .Xk.
Lemma 6.1.5 (Satisfaction Soundness of proj (MLsyn)). If Ij Xj j<k
then C(I1, . . .,Ik) X where proj(X) = X1, . . .,Xk.
Lemma 6.1.6 (Satisfaction Preservation of proj (MLsyn)). If C(I1, . . .,Ik) X then Ij Xjj<k whereproj(X) = X1, . . .,Xk.
Lemma 6.1.7 (Type Preservation of distribute (MLsyn)). IfΣ;Γ ` X: τ andΣ;Γ` E ⇒ T, then Σ;Γi,Γ ` Xi : τi
<m
where distribute(Σ,T,X,E) = (pi,Xi)i<m and
binders(Γ,E,pi) = Γi i<m
.
Lemma 6.1.8 (Satisfaction Soundness of distribute (MLsyn)). Let I be the expres- sion match Ewith | p1→ I1 . . . | pm → Im. If Ii Xi i<m
then I X wheredistribute(Σ,T,X,E) = (pi,Xi) i<m
.
Lemma 6.1.9 (Satisfaction Preservation of distribute (MLsyn)). Let I be the expres- sion
match Ewith
| p1→ I1 . . .
| pm → Im.
If I X then Ii Xii<m wheredistribute(Σ,T,X,E) = (pi,Xi)i<m.
Most of the proofs follow analogously from similar language features we explored in Chapter 3 and Chapter 4, so we do not restate them here. The exceptions to this rule are satisfaction soundness and preservation forapply. To see this, let’s follow the proof of satisfaction soundness for apply:
Consider a single example worldσ7→ vi ⇒χii<m ∈ X. Unfolding the definition of the satisfies judgment for I shows that:
Therefore, it suffices to show that fix f (x:τ1) : τ2 = σ(I1) ' vi ⇒χii<m. By
eq-fix-pf, this means that we must show that for alli∈ 1, . . .,m,
Iσvi −→ [Iσ/f][vi/x]σ(I1)−→
∗
v∧v 'χi
where Iσ =fix f (x:τ1) : τ2 =σ(I1). However, this follows directly from the fact that I1 X0 where each example world in X0 is of the form [vi/x]σ7→ χi.
At this point in the proof, we would appeal to the fact that I1 X0 from our inductive hypothesis. But expanding the definition apply, we find that we know that for each i∈ 1, . . .,m,
[ρ/f][vi/x]σ(I1) →∗ v∧v'χi.
This looks like what we want, but in our goal, we have that the recursive function is substituted for f whereas we know from the inductive hypothesis that ρ is substituted for f instead! However, we know substituting the recursive function for the partial function is sound because, by design of the synthesis algorithm, the recursive function agrees on all the behavior defined byρ. The reverse direction is more sketchy; we discuss it in Section 6.3.