coop/rose-ash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

datalog: anonymous _ in negation is existential, not unbound
Some checks failed
Test, Build, and Deploy / test-build-deploy (push) Failing after 23s
Details

Browse Source 
The canonical Datalog idiom for "no X has any Y":

  orphan(X) :- person(X), not(parent(X, _)).

was rejected by the safety check with "negation refers to unbound
variable(s) (\"_anon1\")". The parser renames each anonymous `_`
to a fresh `_anon*` symbol so multiple `_` occurrences don't unify
with each other, and the negation safety walk then demanded all
free vars in the negated lit be bound by an earlier positive body
lit — including the renamed anonymous vars.

Anonymous vars in a negation are existentially quantified within
the negation, not requirements from outside. Added dl-non-anon-vars
to strip `_anon*` names from the `needed` set before the binding
check in dl-process-neg!. Real vars (like `X` in the orphan idiom)
still must be bound by an earlier positive body lit, just as before.

2 new regression tests (orphan idiom + multi-anon "solo" pattern);
conformance 273/273.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
giles
2026-05-11 08:49:20 +00:00
parent 6bae94bae1
commit 66aa003461
5 changed files with 69 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
lib/datalog/builtins.sx
View File

@@ -179,6 +179,27 @@
vs) vs)
out)))) out))))
;; Filter a list of variable-name strings to exclude anonymous-renamed
;; vars (`_` in source → `_anon*` by dl-rename-anon-term). Used by
;; the negation safety check, where anonymous vars are existential
;; within the negated literal.
(define
dl-non-anon-vars
(fn
(vs)
(let
((out (list)))
(do
(for-each
(fn
(v)
(when
(not (and (>= (len v) 5)
(= (slice v 0 5) "_anon")))
(append! out v)))
vs)
out))))
(define (define
dl-rule-check-safety dl-rule-check-safety
(fn (fn
@@ -282,8 +303,14 @@
((and (list? inner) (> (len inner) 0)) ((and (list? inner) (> (len inner) 0))
(dl-rel-name inner)) (dl-rel-name inner))
(else nil))) (else nil)))
(needed (dl-vars-of inner)) ;; Anonymous variables (`_` in source → `_anon*` after
(missing (dl-vars-not-in (dl-vars-of inner) bound))) ;; renaming) are existentially quantified within the
;; negated literal — they don't need to be bound by
;; an earlier body lit, since `not p(X, _)` is a
;; valid idiom for "no Y exists s.t. p(X, Y)". Filter
;; them out of the safety check.
(needed (dl-non-anon-vars (dl-vars-of inner)))
(missing (dl-vars-not-in needed bound)))
(cond (cond
((and (not (nil? inner-rn)) (dl-reserved-rel? inner-rn)) ((and (not (nil? inner-rn)) (dl-reserved-rel? inner-rn))
(set! err (set! err

8
lib/datalog/scoreboard.json
View File

@@ -1,8 +1,8 @@
{ {
"lang": "datalog", "lang": "datalog",
"total_passed": 271, "total_passed": 273,
"total_failed": 0, "total_failed": 0,
"total": 271, "total": 273,
"suites": [ "suites": [
{"name":"tokenize","passed":31,"failed":0,"total":31}, {"name":"tokenize","passed":31,"failed":0,"total":31},
{"name":"parse","passed":23,"failed":0,"total":23}, {"name":"parse","passed":23,"failed":0,"total":23},
@@ -10,11 +10,11 @@
{"name":"eval","passed":42,"failed":0,"total":42}, {"name":"eval","passed":42,"failed":0,"total":42},
{"name":"builtins","passed":26,"failed":0,"total":26}, {"name":"builtins","passed":26,"failed":0,"total":26},
{"name":"semi_naive","passed":8,"failed":0,"total":8}, {"name":"semi_naive","passed":8,"failed":0,"total":8},
{"name":"negation","passed":10,"failed":0,"total":10}, {"name":"negation","passed":12,"failed":0,"total":12},
{"name":"aggregates","passed":23,"failed":0,"total":23}, {"name":"aggregates","passed":23,"failed":0,"total":23},
{"name":"api","passed":22,"failed":0,"total":22}, {"name":"api","passed":22,"failed":0,"total":22},
{"name":"magic","passed":36,"failed":0,"total":36}, {"name":"magic","passed":36,"failed":0,"total":36},
{"name":"demo","passed":21,"failed":0,"total":21} {"name":"demo","passed":21,"failed":0,"total":21}
], ],
"generated": "2026-05-11T08:44:12+00:00" "generated": "2026-05-11T08:49:02+00:00"
} }

4
lib/datalog/scoreboard.md
View File

@@ -1,6 +1,6 @@
# datalog scoreboard # datalog scoreboard
**271 / 271 passing** (0 failure(s)). **273 / 273 passing** (0 failure(s)).
| Suite | Passed | Total | Status | | Suite | Passed | Total | Status |
|-------|--------|-------|--------| |-------|--------|-------|--------|
@@ -10,7 +10,7 @@
| eval | 42 | 42 | ok | | eval | 42 | 42 | ok |
| builtins | 26 | 26 | ok | | builtins | 26 | 26 | ok |
| semi_naive | 8 | 8 | ok | | semi_naive | 8 | 8 | ok |
| negation | 10 | 10 | ok | | negation | 12 | 12 | ok |
| aggregates | 23 | 23 | ok | | aggregates | 23 | 23 | ok |
| api | 22 | 22 | ok | | api | 22 | 22 | ok |
| magic | 36 | 36 | ok | | magic | 36 | 36 | ok |

21
lib/datalog/tests/negation.sx
View File

@@ -169,6 +169,27 @@
(list (quote q) (quote X))) (list (quote q) (quote X)))
(list)) (list))
;; Anonymous `_` in a negated literal is existentially quantified
;; — it doesn't need to be bound by an earlier body lit. Without
;; this exemption the safety check would reject the common idiom
;; `orphan(X) :- person(X), not(parent(X, _))`.
(dl-nt-test-set! "negation with anonymous var — orphan idiom"
(dl-query
(dl-program
"person(a). person(b). person(c). parent(a, b).
orphan(X) :- person(X), not(parent(X, _)).")
(list (quote orphan) (quote X)))
(list {:X (quote b)} {:X (quote c)}))
;; Multiple anonymous vars are each independently existential.
(dl-nt-test-set! "negation with multiple anonymous vars"
(dl-query
(dl-program
"u(a). u(b). u(c). edge(a, x). edge(b, y).
solo(X) :- u(X), not(edge(X, _)).")
(list (quote solo) (quote X)))
(list {:X (quote c)}))
;; Stratifiability checks. ;; Stratifiability checks.
(dl-nt-test! "non-stratifiable rejected" (dl-nt-test! "non-stratifiable rejected"
(dl-nt-throws? (dl-nt-throws?

14
plans/datalog-on-sx.md
View File

@@ -15,7 +15,7 @@ for rose-ash data (e.g. federation graph, content relationships).
## Status (rolling) ## Status (rolling)
`bash lib/datalog/conformance.sh`**271/271 across 11 suites** `bash lib/datalog/conformance.sh`**273/273 across 11 suites**
(tokenize, parse, unify, eval, builtins, semi_naive, negation, aggregates, (tokenize, parse, unify, eval, builtins, semi_naive, negation, aggregates,
api, magic, demo). Source is ~3100 LOC, tests ~2900 LOC, public API api, magic, demo). Source is ~3100 LOC, tests ~2900 LOC, public API
documented in `lib/datalog/datalog.sx`. documented in `lib/datalog/datalog.sx`.
@@ -320,6 +320,18 @@ large graphs.
_Newest first._ _Newest first._
- 2026-05-11 — Anonymous `_` in a negated literal was incorrectly
flagged by the safety check. The canonical idiom
`orphan(X) :- person(X), not(parent(X, _))` was rejected with
"negation refers to unbound variable(s) (\"_anon1\")" because the
parser renames each `_` to a fresh `_anon*` symbol and the negation
safety walk demanded all vars in the negated lit be bound by an
earlier positive body literal. Anonymous vars in negation are
existentially quantified — they shouldn't need outer binding.
Added `dl-non-anon-vars` filter; `dl-process-neg!` now strips
`_anon*` names from `needed` before the binding check. 2 new
regression tests; 273/273.
- 2026-05-11 — Compound terms in fact-arg / rule-head positions were - 2026-05-11 — Compound terms in fact-arg / rule-head positions were
silently stored as unreduced expressions. `p(+(1, 2)).` resulted silently stored as unreduced expressions. `p(+(1, 2)).` resulted
in a tuple `(p (+ 1 2))` (dl-ground? sees no free variables, so it in a tuple `(p (+ 1 2))` (dl-ground? sees no free variables, so it