Sound Automation of Magic Wands

Abstract

AbstractThe magic wand$$\mathbin {-\!\!*}$$-∗(also called separating implication) is a separation logic connective commonly used to specify properties of partial data structures, for instance during iterative traversals. Afootprintof a magic wand formula "Equation missing"is a state that, combined with any state in whichAholds, yields a state in whichBholds. The key challenge of proving a magic wand (also calledpackaginga wand) is to find such a footprint. Existing package algorithms either have a high annotation overhead or, as we show in this paper, are unsound.We present a formal framework that precisely characterises a wide design space of possible package algorithms applicable to a large class of separation logics. We prove in Isabelle/HOL that our formal framework is sound and complete, and use it to develop a novel package algorithm that offers competitive automation and is sound. Moreover, we present a novel, restricted definition of wands and prove in Isabelle/HOL that it is possible to soundly combine fractions of such wands, which is not the case for arbitrary wands. We have implemented our techniques for the Viper language, and demonstrate that they are effective in practice.