Footprints in Local Reasoning

Local reasoning about programs exploits the natural local behaviour common in programs by focussing on the footprint - that part of the resource accessed by the program. We address the problem of formally characterising and analysing the footprint notion for abstract local functions introduced by Calcagno, O Hearn and Yang. With our definition, we prove that the footprints are the only essential elements required for a complete specification of a local function. We formalise the notion of small specifications in local reasoning and show that for well-founded resource models, a smallest specification always exists that only includes the footprints, and also present results for the non-well-founded case. Finally, we use this theory of footprints to investigate the conditions under which the footprints correspond to the smallest safe states. We present a new model of RAM in which, unlike the standard model, the footprints of every program correspond to the smallest safe states, and we also identify a general condition on the primitive commands of a programming language which guarantees this property for arbitrary models.

💡 Research Summary

The paper tackles a fundamental issue in local reasoning: how to precisely capture the part of the resource that a program actually accesses, known as its “footprint”. Building on the abstract local functions introduced by Calcagno, O’Hearn, and Yang, the authors first give a rigorous definition of a footprint. Formally, for a local function f, a resource s₀ is a footprint if for every resource s where f(s) is defined, s₀ is the minimal element (with respect to the resource ordering) that is included in s, and any sub‑resource s′ ⊑ s that also contains s₀ makes f(s′) defined. This definition isolates the essential resource fragment required for the function’s definition and aligns naturally with the frame rule of separation logic.

With this notion in hand, the authors prove two central theorems. The first, a completeness theorem, shows that a specification consisting solely of the footprints of a function is sufficient to describe all of its behavior. The proof proceeds by demonstrating that any larger specification can be reduced to the footprint‑only one without loss of information, using the locality property and the frame rule. The second theorem establishes the existence of a smallest specification—one that contains only the footprints—provided the underlying resource model is well‑founded (i.e., its partial order admits no infinite descending chains). By applying Zorn’s Lemma, the authors show that under well‑foundedness the minimal specification is unique; they also present counter‑examples for non‑well‑founded models where a minimal specification may not exist.

The paper then investigates the relationship between footprints and the “smallest safe states” (the minimal resources that guarantee safe execution). In the standard RAM model, allocation and deallocation introduce side‑effects that can cause a program’s footprint (the set of memory cells it reads or writes) to differ from its smallest safe state. To resolve this mismatch, the authors propose a new RAM model that treats memory blocks as ownership tokens. Each primitive command requires a specific token set, and tokens are non‑overlapping; a state lacking the required tokens is unsafe. In this model, the footprint of any command coincides exactly with its smallest safe state, eliminating the discrepancy observed in the traditional model.

Finally, the authors abstract this insight to arbitrary programming languages. They identify a general condition—“footprint preservation”—that guarantees the alignment of footprints with smallest safe states in any resource model. The condition requires that (1) every primitive command has a fixed minimal resource requirement (its footprint) and (2) execution never modifies resources outside that footprint. When a language satisfies these constraints, the footprint alone suffices for a complete, minimal specification, regardless of the underlying resource algebra.

Overall, the work provides a clean, mathematically grounded theory of footprints, shows that they are the only essential elements needed for a full specification of local functions, and demonstrates how to design resource models and language primitives so that footprints automatically correspond to the smallest safe states. This advances the practicality of local reasoning, simplifies specification generation, and offers concrete guidance for the design of verification tools based on separation logic.