AI Alignment Forum

The paper that killed deep learning theory

I like this post and the "theory of deep learning" posts. But I think I still haven't figured out how to model your view, especially the specifics of the pessimism here. Maybe we should discuss in person. In particular I'm not sure what "deep learning theory" encompasses. My sense of mechinterp theory is that it's similar to pre- standard model physics. Heuristically, here's a thought experiment. Suppose we're worried about the sun destroying the earth and want to understand as much as possible about the physics of solar plasmas and supernovas; but we currently only have (a vaguely historical pastiche of) pre-WW2 physics. Physics then roughly had the following components: 1. idealized heuristics: if we view a big object in space as a classical blackbody, we get a good heuristic on some parts of its emission spectrum 2. new behaviors: there's a consistent way that emission spectra aren't classical blackbodies, in that they're quantized. We have only a rough understanding of how and why, and in fact this observation spawned the discovery of quantum mechanics. 3. small toy examples: we can understand the hydrogen atom relatively well. There are some weird factors of 2 and corrections that we can only explain kind of heuristically, but except for these we have a clean, exact quantized spectrum. We see this spectrum in real life materials - but we also see that most of what comprises real materials isn't hydrogen, and is much more complicated. Some stuff still looks roughly like they could be atomic spectra for other atoms or small molecules, but metal conducting bands are dominated by weird and clearly non-localized behaviors that we don't understand (and the sun similarly has weird spectral phenomena). 4. limits. There's a limit where the world is Newtonian, which is sometimes useful, but very inaccurate when modeling the sun. There's a limit where the world is relativistic. This gives directionally good corrections for some stellar phenomena (e.g. redshift) but is not nearly enough. It seems that there are maybe other limits (like we can mostly blackbox nuclear phenomena at earth temperatures but not at solar temperatures). Most of our understanding comes from sloppily combining together different phenomena coming from the various limits of importance. 5. experimental tools: looking at emission spectra is a really low-bandwidth way to interact with behaviors of interest. While it gives interesting info that points to new phenomena, it at best tells us something about a very limited class of behaviors (photon absorption and emission). In order to understand "how QM works" we have to figure out new tools (maybe vacuum chambers and primitive colliders), and new ways to interpret the output of existing tools. In our world, iterating on these techniques gave us the standard model (and we understood solar plasma and some basics of supernovas before this). I think the promise of theory is that analogs of these techniques (maybe: SAE, large-N limits, toys like mod-add) will give us robust mechanism-finding tools. I think a lot of criticism of theory sounds to me like someone who in that world is saying "none of the current tools explain the sun even approximately, so we're on the wrong track" - but that's not how theory works (until you've found a "critical mass" of the standard model, or at least all parts of it relevant in a field of interest, you'll only be explaining tiny fractions of the observations). I know you're not making this criticism, but I feel like currently you are flattening the different components above into one notion of "theory good vs. theory bad". I'd guess that you're skeptical about whether the analogs of 1-5 in ML theory are actually useful for "making progress towards the standard model", but I'm not sure from your post which of these you think is most lacking (or if this picture is even compatible with your criticism). My guess is that your issue is wrt something like my #1: certain heuristics that people were excited about and hoped would explain generalization turned out to be more complicated. My view is that in modern theory, VC dimension is considered largely defunct in models with nontrivially interesting data (even as simple as mod-add), but I'm not sure why this is the important thing about theory. If you take a more modern theory like mean field or even NTK, it has a non-VC notion of generalization: e.g. NTK/ Gaussian processes can replicate generalization in mnist (related to some data spectrum properties), and mean field theory can (currently only on the Bayesian level - this is unpublished work with Kaarel) explain generalization on polynomially many samples of any mechanism that can be encoded in a small (algorithms) circuit. It's of course not guaranteed to converge to the same mechanism, but has the same notion of learnable vs. un-learnable on a polynomial-vs-exponential complexity theory level. It also does replicate the correct modular addition generalizing algorithm (NTK does not).

Sam Marks11d*507

Current AIs seem pretty misaligned to me

This is one of my favorite LessWrong posts ever (strong upvoted). Nevertheless, in this comment I'll provide some pushback; not to any the particular claims made, but around a sort of "missing mood" that I think a stronger version of this post could have addressed. (For context, I'm probably one of the lab employees who sometimes says things like "Current AIs are pretty aligned"—i.e. one of the people that Ryan is arguing against here, though I might not be a very central example.) For me, the value of this post was the following: 1. Articulating a specific way that current AIs are "misaligned." Namely: 2. 1. They follow heuristics that are well-tuned for strong task performance in easy-to-verify settings, but only try superficially at difficult-to-evaluate tasks. 2. They communicate in ways that misrepresent how much they've accomplished: punching up their successes while omitting or downplaying failures, and sometimes outright lying about what they did. But they don't seem to do this strategically or persistently, instead following simple heuristics that result in these sorts of misrepresentations. 3. The overall result is that they underperform their potential at difficult-to-evaluate tasks while misleading users about what they've actually accomplished. 4. I say "misaligned" in quotes, because many traditional notions of misalignment wouldn't have covered the above, especially 1(a). This will be relevant later. 3. Providing concrete examples and a sense of how prevalent the above issues are. I want to be clear that (2) was an update for me. I think the way that you (Ryan) use LLMs more reliably elicits the sort of misalignment you name, relative to most use cases I've personally seen. (Namely, it seems like you try to use LLMs to autonomously complete very difficult tasks using scaffolds that rely extensively on self-critique.) So after reading your post, I now think that current AIs are more misaligned (in the sense you describe) than I previously thought. That said, this update was more quantitative in nature than qualitative. I was certainly aware that current AIs sometimes display the behaviors you describe, even if I thought they were somewhat rarer than I now believe. And I don't think that I personally underrated the importance of these behaviors. (Though it's possible that others did.) [ETA: After thinking about this more, I think I probably was underestimating the importance of these behaviors before reading an early draft of Ryan's post.] Given that, what could I possibly mean when I call current AIs "pretty aligned"? I think there's a hypothetical dual post to yours someone could write titled "Current AIs seem pretty aligned to me." This post would name a bunch of types of misalignment that, a few years ago, seemed could plausibly occur in AIs as capable as current ones. For instance, it seems to me that: 1. Current AIs do not training-game, i.e. actively model the training process and take actions that result in high reward (including in training environments very different from ones they've previously encountered). 2. Current AIs do persistently and coherently pursue malign goals across many contexts, e.g. strategically seeking power. 3. Current AIs do not scheme, i.e. strategically subvert their training process, pre-deployment audits, and other types of oversight. 4. Current AIs do not strategically take steps to cover up their mistakes, and will generally admit to them when asked directly. 5. Current AIs generally don't try to strategically influence things in the real world beyond assisting with (or refusing) the task directly presented to them. E.g. they don't sneakily try to funnel money to causes or people they like by influencing unrelated conversations. Instead, I think the most important way that current AIs are misaligned is the way you describe in your post, Notably, I think the type of misalignment described in your post is "less scary" than the types I list above. The misalignment happens on the "learned heuristics" level, rather than on the "active"/"strategic"/"explicit" level. As a result, it's easier to detect and measure, and less likely to cause harms besides "making the AIs less useful than they could be for certain types of tasks." A related point is that the way that current AIs are misaligned is less "adversarial" than the sorts of misalignment I list above. When I speak to the people who IMO are extremely thoughtful about AI safety, they acknowledge something like "Yeah, TBH a few years ago, I thought that AIs as capable as current ones would be misaligned in some of those ways. There's a real positive update here." But people who are merely "quite" thoughtful sometimes instead: * argue that maybe current AIs are misaligned in some of these ways and we just can't tell * * I'm very skeptical of this! Anyone who thinks this should be trying really hard to produce compelling evidence in current models. * munge definitions to try to count the "misaligned heuristics" types of misalignment as one of these more "coherent" types * claim that they never expected AIs as capable as current ones to be misaligned in these ways * * I'm typically skeptical of this, though I believe it for some people. (A related point that I know how to state more vividly: Sometimes, people like to point at clear alignment issues in frontier models—for instance, sycophancy, AI psychosis, or whatever happened with Sydney/Bing chat—as being negative updates about alignment. But they don't like to count absence of these sorts of alignment issues as being positive updates. In other words, if it hypothetically ended up that AI psychosis were somehow a total media hoax, would the the people who updated negatively on it instead say "Nevermind! Actually, the absence of AI psychosis is a positive update on alignment." Are they currently saying this about the ways that current AIs are not misaligned but could have been?) Overall, my point is that I think current AIs are not misaligned in many of the ways that I—and I think many others—expected them to be. I also think that many people I talk to have not grappled with this observation sufficiently and updated their world models and prioritization accordingly. For instance, I think that the AI safety community is overinvested in scheming research relative to scalable oversight research. (TBC I've believed this for some years now, but I now believe it more confidently and think it's more clear that others should agree with me.) I also think that the AI safety community is underinvested in work on directly automating alignment research. (This is a place where I've changed my mind.) I'll close by emphasizing some things that I do not believe and don't mean to claim in this comment: 1. I don't think that the recent overall evidence has clearly been positive about misalignment risk. For instance, timelines are looking quite short now, which IMO is the main negative update to counteract the positive one I discuss in this comment. 2. I don't think these "scarier" types of misalignment are very unlikely to eventually arise in more capable AIs. Though I do think that we should update that they'll first arise in more capable AIs than we previously thought. This makes it more likely that we'll have human-level or superhuman automated alignment researchers prior to these "scarier" types of misalignment. 3. I don't think that the type of misalignment you name in your post is "not a big deal." In particular, I'm quite worried that "we"(=AI developers or humanity as a whole) bungle the situation because we failed to make AIs capable at difficult-to-evaluate tasks like alignment research or advising us about how to handle things during a rapid intelligence explosion. One possible way we could bungle the situation is to train more capable AIs that are misaligned in some of the "scarier" ways I listed (or in other ways I didn't list). 4. I don't think that current AIs are aligned enough to automate alignment research. (An earlier draft of your post operationalized "pretty misaligned" in this way, which I preferred.)

TsviBT13d1532

You can only build safe ASI if ASI is globally banned

Recent Discussion

Joseph Bloom's Shortform

Joseph Bloom

The other paper that killed deep learning theory

LawrenceC

Yesterday, I wrote about the state of deep learning theory circa 2016,^[1] as well as the bombshell 2016 paper by Zhang et al. that arguably signaled its demise. Today, I cover the aftermath, and the 2019 paper that devastated deep learning theory again.

As a brief summary, I argued that the rise of deep learning posed an existential challenge to the dominant theoretical paradigm of statistical learning theory, because neural networks have a lot of complexity. The response from the field was to attempt to quantify other ways in which the hypothesis class of neural networks in practice was simple, using alternative metrics of complexity. Zhang et al. 2016 showed that the standard neural network architectures trained with standard training methods could memorize large quantities of random labelled data,...

(Continue Reading - 2164 more words)

2DanielFilan14h

Re: uniform convergence bounds, you say [...] I'm confused - aren't properties of h different from properties of the data?

LawrenceC11h20

Yeah, good question. I think the word "data-dependent" has different connotations (even if it is standard terminology).

Using the sketch definition

With high probability over possible training sets S, for all h in the hypothesis class, we have |expected test error of hypothesis h - empirical error of h on S| <= (Some bound involving the size of the training data and high level properties of h).^[2]

You're right that properties of h are, in general different from properties of the data. The "data-dependent"... (read more)

The paper that killed deep learning theory

LawrenceC

Around 10 years ago, a paper came out that arguably killed classical deep learning theory: Zhang et al.'s aptly titled Understanding deep learning requires rethinking generalization.

Of course, this is a bit of an exaggeration. No single paper ever kills a field of research on its own, and deep learning theory was not exactly the most productive and healthy field at the time this was published. And the paper didn't come close to addressing all theoretical approaches to understanding aspects of deep learning. But if I had to point to a single paper that shattered the feeling of optimism at the time, it would be Zhang et al. 2016.^[1]

...

(Continue Reading - 1624 more words)

9Dmitry Vaintrob5d

11LawrenceC4d

Hm. I'm going to first nitpick your specific example of pre-standard model physics and the sun, then respond to the overall point. My impression is that pre-WW2 physics had a lot more wins re: the sun than either deep learning theory circa 2016 or even current learning mechanics (as used in the Simon et al paper) has for current mech interp. (I'm not familiar with your unpublished mean field theory work, and I also haven't been keeping up to date on Singular Learning Theory work. 1. From the spectrum lines we knew that the sun was made of hydrogen and helium by the late 1920s at the very latest: helium was first discovered in the sun in the late 1800s via its spectral lines, and Cecilia Payne-Gaposchkin's PhD thesis Stellar Atmospheres that established the sun's atmospheric composition was published in 1925. 2. Aston had built the mass spectrograph by 1920, which allowed him to measure the mass of helium and hydrogen nuclei. It turns out that four hydrogen nuclei (that is, 4 protons) weighed a statistically significantly amount more than a helium nuclei (Google tells me ~0.7%, though idk how precise their measurements were at the time). In the 1920s, Eddington argued that this mass defect was the source of energy for the sun (though he didn't understand how the sun fused hydrogen into helium). 3. The Hertzprung and Russell diagram was plotted by the early 1900s. Perhaps a naive interpretation says that stars would move left and up along this diagram over time, though, Eddington's 1920s work (and the existence of the mass-luminosity relationship between stars) suggested that the main sequence was a result of stars having different masses and not a thing they'd move along. 4. We had observations of white dwarfs by the 1920s, we knew they were held up by electron degeneracy pressure by the late 1926 (Pauli's exclusion principle was published in 1925), and Chandrasekhar did the relativistic corrections to get the mass limit on white dwarves by 1930. 5. Chandrasek

1Dmitry Vaintrob4d

Very good nitpicks. I definitely don't know my physics history well (but even with my limited knowledge, I was gesturing at a cartoon level of understanding that mixed different early-20th-century pictures on different phenomena). Re mean field - it's not higher order, but lower order. Mean field is to NTK what classical mechanics is to quantum mechanics (in particular NTK + higher order corrections still has most of the bad generalization properties of NTK). The new insight is that while the expansion in NTK is always around a trivial classical theory, nontrivial classical theories also exist and are better-behaved from a complexity viewpoint

LawrenceC1d65

For future reference, after speaking more with Dmitry + reading more of the papers linked in the Simon et al "Scientific Theory of Deep Learning" paper, I've become (slightly) more positive on deep learning theory, at least the mean-field line of work he mentioned in his comments.

I wrote up a bit of the history of that line of work, and why I've become more optimistic on deep learning theory in the past few days: https://www.lesswrong.com/posts/6SRq7mZ97Dwuavwb6/maybe-i-was-too-harsh-on-deep-learning-theory-three-days-ago

Charlie Griffin's Shortform

Charlie Griffin

18Charlie Griffin3d

Automating alignment may be harder than automating capabilities, because of ‘unsafe to verify’ tasks This was a note I wrote for my colleagues on UK AISI's Alignment Team. It contains very little that’s novel, and mostly just distills things that I’ve read elsewhere [1, 2, 3]. Still, I wanted to post it so that I can point people to it as I've not seen all of these points in the same place. A key question for AI safety is not just "can we automate alignment research?" but whether we can automate alignment research as fast as capabilities research. [1][2], I think a key factor that could make automating alignment research harder is the potential absence of tasks with safe-ish outcome-based feedback. This might be one component of what makes a "fuzzy task".[3] Tasks with safe outcome-based feedback let you try something, observe the outcome, and update. But, in many cases, there's a trade-off between directness and safety of feedback. At one extreme, you roll out the full effect and measure the outcome directly. This is very informative, but potentially catastrophic (the patient is already dead if the drug fails). At the other extreme, you rely entirely on upstream proxies that are safe, but may not track what you care about (e.g. petri dish experiments). Both ‘alignment’ research and ‘capabilities’ research will have tasks along a frontier, but their shapes might be different. Capabilities for productivity have some safe-ish feedback. Consider three potential training methods for economically productive AI: 1. Maximise the value of a virtual trading wallet. 2. Maximise the value of a real trading wallet. 3. Maximise the valuation of a company by any (legal) means. There is a tradeoff here of increasing directness, but also financial and legal risk. But, the gradient is potentially smooth, and in even the last case, an irresponsible company might in practice be able to get several bits of feedback. Sometimes, it's hard to get feedback on “fuzzy tasks” (e.g.

Daniel Kokotajlo1d54

I was already impressed by UK AISI but I keep reading things that make my opinion of y'all rise still further. Keep on doing whatever it is that you are doing!

Research Sabotage in ML Codebases

egan, Vivek Hebbar, Julian Stastny

One of the main hopes for AI safety is using AIs to automate AI safety research. However, if models are misaligned, then they may sabotage the safety research. For example, misaligned AIs may try to:

Perform sloppy research in order to slow down the rate of research progress
Make AI systems appear safer than they are
Train a successor model to be misaligned

Whether we should worry about those things depends substantially on how hard it is to sabotage research in ways that are hard for reviewers to detect. To study this, we introduce Auditing Sabotage Bench, a benchmark of 9 ML research codebases with sabotaged variants.

We tested frontier LLMs and LLM-assisted humans on the benchmark and found that neither reliably catches sabotage. Our best auditor, Gemini 3.1 Pro, achieved an...

(Continue Reading - 1656 more words)

8johnswentworth

In a field like alignment or embedded agency, it's useful to keep a list of one or two dozen ideas which seem like they should fit neatly into a full theory, although it's not yet clear how. When working on a theoretical framework, you regularly revisit each of those ideas, and think about how it fits in. Every once in a while, a piece will click, and another large chunk of the puzzle will come together. Selection vs control is one of those ideas. It seems like it should fit neatly into a full theory, but it's not yet clear what that will look like. I revisit the idea pretty regularly (maybe once every 3-4 months) to see how it fits with my current thinking. It has not yet had its time, but I expect it will (that's why it's on the list, after all). Bearing in mind that the puzzle piece has not yet properly clicked, here are some current thoughts on how it might connect to other pieces: * Selection and control have different type signatures. * A selection process optimizes for the values of variables in some model, which may or may not correspond anything in the real world. Human values seem to be like this - see Human Values Are A Function Of Humans' Latent Variables. * A control process, on the other hand, directly optimizes things in its environment. A thermostat, for instance, does not necessarily contain any model of the temperature a few minutes in the future; it just directly optimizes the value of the temperature a few minutes in the future. * The post basically says it, but it's worth emphasizing: reinforcement learning is a control process, expected utility maximization is a selection process. The difference in type signatures between RL and EU maximization is the same as the difference in type signatures between selection and control. * Inner and outer optimizers can have different type signatures: an outer controller (e.g. RL) can learn an inner selector (e.g. utility maximizer), or an outer selector (e.g. a human) can build an inner controller (e

AI Alignment Posts

Popular Comments

AI Alignment Posts

Popular Comments

Recent Discussion