[SystemSafety] MC/DC handling of conditional operators

Derek M Jones derek at knosof.co.uk
Thu Oct 31 13:33:38 CET 2024 

Ian,

> I have not seen an analysis of MC/DC that involves conditional operators in if-statement conditions
> We (Rapita Systems) treat conditional operators like this in a Boolean context as MC/DC conditions. This is mentioned in DOT/FAA/AR-06/54 (4.3.2) and has been supported by RapiCover for a long time now.

Thanks for this reference.

"4.3.2 Expressions With Short-Circuit Operators (Issue 9)."
Does cover this construct.  It uses the notation:

(A and then B), or else C

instead of the C/C++/etc:

(A ? B : C)

Calling this usage "Short-Circuit Operators" is somewhat
confusing, but perhaps I am biased by the terminology
of the languages I know most about.

> It would be interesting to run the Sqlite tests through RapiCover, but we have not tried.

While the source of SQLite is Open source, the test cases needed
to achieve 100% MC/DC is proprietary and is licensed.
https://www.sqlite.org/th3.html

SQLite             155.8 KSLOC of C code
MC/DC test code 92,053.1 KSLOC

> Ian
> 
> 
>    1.
> The conditional operator within an "if" gives rise to 2 conditions in the decision and only partial coverage achieved with c=0.
> 
> test_func_1:
> [cid:0801db3a-1d18-4818-8542-bd012c7cde5b]
> 
> 
> 
>    1.
> The source code (red or yellow shows incomplete MC/DC coverage) for 2 similar functions.
> 
> [cid:0c2091cd-05d1-4aeb-a2cb-720b8360ff04]
> 
> 2. test_func_2 list of decisions, for comparison.
> [cid:776869f1-a5a8-4665-9993-2d2ffd6d0f21]
> 
> 
>    1.
> Only when we have test cases where c is 0 and non-zero, we can achieve full coverage.
> 
> [cid:0bf35888-ef79-4f67-b016-f568eac779f7]
> 
> 
> --
> 
> Dr Ian Broster
> Chief Operating Officer - Rapita Systems Ltd (UK) / S.L.(Spain)
> 
> +44 7963 469 090
> 
> 
> 
> ________________________________
> From: systemsafety <systemsafety-bounces at lists.techfak.uni-bielefeld.de> on behalf of Derek M Jones <derek at knosof.co.uk>
> Sent: Wednesday, October 30, 2024 12:10
> To: systemsafety at lists.techfak.uni-bielefeld.de <systemsafety at lists.techfak.uni-bielefeld.de>
> Subject: [SystemSafety] MC/DC handling of conditional operators
> 
> All,
> 
> I have not seen an analysis of MC/DC that involves
> conditional operators in if-statement conditions.
> 
> Why would anybody use conditional operators (also known as
> a ternary operator) in this context you ask?
> I thought the same until some recent analysis of
> if-statement conditions.
> 
> As its name suggests, the conditional operator involves a
> condition, and as such looks like it needs to be addressed
> by MC/DC (I have added parenthesis to the following examples
> to make things clear):
> 
> In: 1+(c!=0 ? x : y)
> if c is not equal to zero, the result is 1+x,
> otherwise the result is 1+y.
> 
> Now in C, C++ and other languages we can write:
> 
> if (1+(c!=0 ? x : y) == z)
>      foo=bar;
> 
> or we can write the longer equivalent code
> 
> if (c != 0)
>      {
>      if (1+x == z)
>         foo=bar;
>      }
> else
>      {
>      if (1+y == z)
>         foo=bar;
>      }
> 
> All the analysis of MC/DC that I have seen only involves
> logical AND and logical OR.
> 
> Is the behavior of conditional operator something that gets
> ignored?
> Is there an unwritten MC/DC rule that conditional operators
> not be used in if-statement conditions?
> 
> Shouldn't the conditional operator be part of the MC/DC
> analysis, i.e., required to be tested along both arms?
> 
> SQLite says they achieve 100% MC/DC
> https://www.sqlite.org/testing.html#mcdc
> 
> The SQLite source contains instances of the conditional
> operator if if-statement conditions
> https://shape-of-code.com/2024/10/13/if-statement-conditions-some-basic-measurements/
> 
> Does anybody know how SQLite+MC/DC deals with the
> conditional operator?
> 
> --
> Derek M. Jones           Evidence-based software engineering
> blog:https://shape-of-code.com
> 
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription: https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
> --
> 
> Book your place for DO-178C Multicore Training taking place on 6 and 7 November in Munich<https://www.rapitasystems.com/events/do-178c-multicore-person-training-munich?utm_source=rs_email_sig>
> 
> 
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription: https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety

-- 
Derek M. Jones           Evidence-based software engineering
blog:https://shape-of-code.com

More information about the systemsafety mailing list