From 917ffe5ccceb4dcc662a479ed5a978c360f307f0 Mon Sep 17 00:00:00 2001
From: giles <giles.bradshaw@rose-ash.com>
Date: Mon, 11 May 2026 08:07:40 +0000
Subject: [PATCH] datalog: comparison ops require same-type operands
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Type-mixed comparisons were silently inconsistent:

  <("hello", 5)  =>  no result, no error  (silent false)
  <(a, 5)        =>  raises "Expected number, got symbol"

Both should fail loudly with a comprehensible message. Added
dl-compare-typeok?: <, <=, >, >= now require both operands to share
a primitive type (both numbers or both strings) and raise a clear
"comparison <op> requires same-type operands" error otherwise.

`!=` is exempted because it's the polymorphic inequality test
built on dl-tuple-equal? — cross-type pairs are legitimately unequal
and the existing semantics for that case match user intuition.

2 new regression tests; conformance 267/267.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 lib/datalog/builtins.sx       | 19 +++++++++++++++++++
 lib/datalog/scoreboard.json   |  8 ++++----
 lib/datalog/scoreboard.md     |  4 ++--
 lib/datalog/tests/builtins.sx | 24 +++++++++++++++++++++++-
 plans/datalog-on-sx.md        | 11 ++++++++++-
 5 files changed, 58 insertions(+), 8 deletions(-)

diff --git a/lib/datalog/builtins.sx b/lib/datalog/builtins.sx
index 720a8025..90d5faed 100644
--- a/lib/datalog/builtins.sx
+++ b/lib/datalog/builtins.sx
@@ -82,6 +82,20 @@
                     (else (error (str "datalog arith: unknown op " rel)))))))))
         (else (error (str "datalog arith: not a number — " w)))))))
 
+;; Comparable types — both operands must be the same primitive type
+;; (both numbers, both strings). `!=` is the exception: it's defined
+;; for any pair (returns true iff not equal) since dl-tuple-equal?
+;; handles type-mixed comparisons.
+(define
+  dl-compare-typeok?
+  (fn
+    (rel a b)
+    (cond
+      ((= rel "!=") true)
+      ((and (number? a) (number? b)) true)
+      ((and (string? a) (string? b)) true)
+      (else false))))
+
 (define
   dl-eval-compare
   (fn
@@ -98,6 +112,11 @@
               rel
               " has unbound argument; "
               "ensure prior body literal binds the variable")))
+        ((not (dl-compare-typeok? rel a b))
+          (error
+            (str "datalog: comparison " rel " requires same-type "
+                 "operands (both numbers or both strings), got "
+                 a " and " b)))
         (else
           (let
             ((ok (cond ((= rel "<") (< a b)) ((= rel "<=") (<= a b)) ((= rel ">") (> a b)) ((= rel ">=") (>= a b)) ((= rel "!=") (not (dl-tuple-equal? a b))) (else (error (str "datalog: unknown compare " rel))))))
diff --git a/lib/datalog/scoreboard.json b/lib/datalog/scoreboard.json
index 8d8671c0..9c394d50 100644
--- a/lib/datalog/scoreboard.json
+++ b/lib/datalog/scoreboard.json
@@ -1,14 +1,14 @@
 {
   "lang": "datalog",
-  "total_passed": 265,
+  "total_passed": 267,
   "total_failed": 0,
-  "total": 265,
+  "total": 267,
   "suites": [
     {"name":"tokenize","passed":30,"failed":0,"total":30},
     {"name":"parse","passed":22,"failed":0,"total":22},
     {"name":"unify","passed":29,"failed":0,"total":29},
     {"name":"eval","passed":40,"failed":0,"total":40},
-    {"name":"builtins","passed":24,"failed":0,"total":24},
+    {"name":"builtins","passed":26,"failed":0,"total":26},
     {"name":"semi_naive","passed":8,"failed":0,"total":8},
     {"name":"negation","passed":10,"failed":0,"total":10},
     {"name":"aggregates","passed":23,"failed":0,"total":23},
@@ -16,5 +16,5 @@
     {"name":"magic","passed":36,"failed":0,"total":36},
     {"name":"demo","passed":21,"failed":0,"total":21}
   ],
-  "generated": "2026-05-11T08:03:45+00:00"
+  "generated": "2026-05-11T08:07:23+00:00"
 }
diff --git a/lib/datalog/scoreboard.md b/lib/datalog/scoreboard.md
index 21c23323..89a66d4e 100644
--- a/lib/datalog/scoreboard.md
+++ b/lib/datalog/scoreboard.md
@@ -1,6 +1,6 @@
 # datalog scoreboard
 
-**265 / 265 passing** (0 failure(s)).
+**267 / 267 passing** (0 failure(s)).
 
 | Suite | Passed | Total | Status |
 |-------|--------|-------|--------|
@@ -8,7 +8,7 @@
 | parse | 22 | 22 | ok |
 | unify | 29 | 29 | ok |
 | eval | 40 | 40 | ok |
-| builtins | 24 | 24 | ok |
+| builtins | 26 | 26 | ok |
 | semi_naive | 8 | 8 | ok |
 | negation | 10 | 10 | ok |
 | aggregates | 23 | 23 | ok |
diff --git a/lib/datalog/tests/builtins.sx b/lib/datalog/tests/builtins.sx
index b7398fb8..13bb2709 100644
--- a/lib/datalog/tests/builtins.sx
+++ b/lib/datalog/tests/builtins.sx
@@ -249,7 +249,29 @@
         (dl-bt-throws?
           (fn ()
             (dl-eval "p(10). q(R) :- p(X), is(R, /(X, 0))." "?- q(R).")))
-        true))))
+        true)
+
+      ;; Comparison ops `<`, `<=`, `>`, `>=` require both operands to
+      ;; have the same primitive type. Cross-type comparisons used to
+      ;; silently return false (for some pairs) or raise a confusing
+      ;; host-level error (for others) — now they all raise with a
+      ;; message that names the offending values.
+      (dl-bt-test!
+        "comparison — string vs number raises"
+        (dl-bt-throws?
+          (fn ()
+            (dl-eval "p(\"hello\"). q(X) :- p(X), <(X, 5)." "?- q(X).")))
+        true)
+
+      ;; `!=` is the exception — it's a polymorphic inequality test
+      ;; (uses dl-tuple-equal? underneath) so cross-type pairs are
+      ;; legitimate (and trivially unequal).
+      (dl-bt-test-set! "!= works across types"
+        (dl-query
+          (dl-program
+            "p(1). p(\"1\"). q(X) :- p(X), !=(X, 1).")
+          (quote (q X)))
+        (list {:X "1"})))))
 
 (define
   dl-builtins-tests-run!
diff --git a/plans/datalog-on-sx.md b/plans/datalog-on-sx.md
index 44f2cd32..a07670c2 100644
--- a/plans/datalog-on-sx.md
+++ b/plans/datalog-on-sx.md
@@ -15,7 +15,7 @@ for rose-ash data (e.g. federation graph, content relationships).
 
 ## Status (rolling)
 
-`bash lib/datalog/conformance.sh` → **265/265 across 11 suites**
+`bash lib/datalog/conformance.sh` → **267/267 across 11 suites**
 (tokenize, parse, unify, eval, builtins, semi_naive, negation, aggregates,
 api, magic, demo). Source is ~3100 LOC, tests ~2900 LOC, public API
 documented in `lib/datalog/datalog.sx`.
@@ -320,6 +320,15 @@ large graphs.
 
 _Newest first._
 
+- 2026-05-11 — Type-mixed comparisons were silently inconsistent:
+  `<(X, 5)` with `X` bound to a string returned `()` (no result, no
+  error), while `X` bound to a symbol raised "Expected number, got
+  symbol". Both should fail loudly. Added `dl-compare-typeok?` —
+  `<`, `<=`, `>`, `>=` now require both operands to share a primitive
+  type (both numbers or both strings) and raise otherwise. `!=` is
+  exempted since it's a polymorphic inequality test built on
+  `dl-tuple-equal?`. 2 new regression tests; 267/267.
+
 - 2026-05-11 — Body literal shape validation in
   `dl-rule-check-safety`: a dict that isn't `{:neg ...}` (e.g. typo'd
   `{:negs ...}`) used to silently fall through every dispatch clause,