Formal program synthesis uses logical specifications and automated reasoning to generate programs that provably satisfy those specifications. Unlike heuristic-based synthesis, formal synthesis couples logical specifications (expressed in first-order logic, temporal logic, or specialized languages) with solvers that search the program space. The dominant approach is syntax-guided synthesis (SyGuS): the user provides a grammar constraining the program shape (e.g., "linear arithmetic expressions," "recursive functions with two cases"), and an automated synthesizer finds a program matching that grammar and satisfying the logical specification. Counterexample-guided inductive synthesis (CEGIS) iteratively refines candidate programs by checking them against test cases, discarding programs that fail, and using failed tests to guide the search. This approach has produced real implementations of algorithms, data structure manipulation, and network packet filters.
Program synthesis aims to automatically generate programs from specifications. Heuristic approaches (neural synthesis, example-based generation) are powerful but lack guarantees. Formal program synthesis demands logical specifications and returns programs with proofs of correctness — the synthesizer doesn't just guess, it reasons.
The dominant paradigm is syntax-guided synthesis (SyGuS), formalized in the SyGuS competition (https://sygus.org/). The user provides: (1) a formal specification (a logical formula that the program must satisfy), (2) a context-free grammar describing the form of the desired program (e.g., "linear arithmetic," "recursive functions with two cases"). The synthesizer then searches for a program matching the grammar and provably satisfying the specification.
For example, a user might specify: "generate a function that computes the bitwise AND of two integers, using only bitwise shifts and XOR." The grammar limits candidates to expressions over shift and XOR operations, ruling out irrelevant programs. An SMT solver or SAT solver checks candidate programs against the specification (∀x, y. candidate(x, y) = x AND y), and the synthesizer uses feedback from failed candidates to guide its search.
Counterexample-guided inductive synthesis (CEGIS) is a practical instantiation of this idea. The approach has two phases:
1. Inductive phase: Given a set of test cases (input-output pairs), an inductive synthesizer finds a program matching the grammar and consistent with all tests.
2. Verification phase: A deductive verifier checks if the candidate program satisfies the full logical specification. If yes, we're done. If no, the verifier produces a counterexample — an input where the candidate gives the wrong answer.
The counterexample is added to the test set, and the loop repeats. Each iteration either finds a program that passes verification (success) or learns a new constraint (the failed test) that rules out a class of programs. CEGIS is effective because the inductive step is computationally cheap (finding programs consistent with tests is easier than full verification) and the verification step is expensive but rare (only checked on promising candidates).
Component-based synthesis is a variation where the program is constructed by composing existing library functions rather than generating new code. Given a library of pre-verified components (e.g., map, filter, fold for functional lists), the synthesizer searches for compositions of these components that satisfy the specification. The benefit is that you don't verify each synthesized program from scratch — the correctness of compositions of verified components is more tractable.
Practical applications have proven substantial:
The main limitations are the grammar constraint (you must anticipate the solution's form) and scalability (the search space can still be large even with grammar restrictions). Current research focuses on learning grammars from examples, integrating neural guidance with formal verification, and scaling to larger programs and more expressive specifications.
No topics depend on this one yet.