C++ Tips
TotW #1:
string_viewTotW #3: String Concatenation and
operator+vs.StrCat()TotW #3: String Concatenation and operator+ vs. StrCat()
TotW #5: Disappearing Act
TotW #5: Disappearing Act
Performance TotW #7: Optimizing for application productivity
Performance TotW #9: Optimizations past their prime
TotW #10: Splitting Strings, not Hairs
TotW #11: Return Policy
TotW #18: String Formatting with Substitute
Performance TotW #21: Improving the efficiency of your regular expressions
TotW #24: Copies, Abbrv.
TotW #36: New Join API
Performance TotW #39: Beware microbenchmarks bearing gifts
TotW #42: Prefer Factory Functions to Initializer Methods
TotW #45: Avoid Flags, Especially in Library Code
TotW #49: Argument-Dependent Lookup
Performance TotW #52: Configuration knobs considered harmful
Performance TotW #53: Precise C++ benchmark measurements with Hardware Performance Counters
TotW #55: Name Counting and unique_ptr
TotW #59: Joining Tuples
Performance TotW #60: In-process profiling: lessons learned
TotW #61: Default Member Initializers
Performance TotW #64: More Moore with better API design
TotW #64: Raw String Literals
TotW #65: Putting Things in their Place
Performance TotW #70: Defining and measuring optimization success
Performance TotW #74: Avoid sweeping street lights under rugs
TotW #74: Delegating and Inheriting Constructors
Performance TotW #75: How to microbenchmark
TotW #76: Use
absl::StatusTotW #77: Temporaries, Moves, and Copies
TotW #86: Enumerating with Class
TotW #88: Initialization: =, (), and {}
TotW #90: Retired Flags
TotW #93: using absl::Span
TotW #94: Callsite Readability and bool Parameters
TotW #99: Nonmember Interface Etiquette
TotW #101: Return Values, References, and Lifetimes
TotW #103: Flags Are Globals
TotW #107: Reference Lifetime Extension
TotW #108: Avoid
std::bindTotW #109: Meaningful `const` in Function Declarations
TotW #112: emplace vs. push_back
TotW #116: Keeping References on Arguments
TotW #117: Copy Elision and Pass-by-value
TotW #119: Using-declarations and namespace aliases
TotW #120: Return Values are Untouchable
TotW #122: Test Fixtures, Clarity, and Dataflow
TotW #123:
absl::optionalandstd::unique_ptrTotW #124:
absl::StrFormat()TotW #126: `make_unique` is the new `new`
TotW #130: Namespace Naming
TotW #131: Special Member Functions and `= default`
TotW #134:
make_uniqueandprivateConstructors.TotW #135: Test the Contract, not the Implementation
TotW #136: Unordered Containers
TotW #140: Constants: Safe Idioms
TotW #141: Beware Implicit Conversions to
boolTotW #142: Multi-parameter Constructors and
explicitTotW #143: C++11 Deleted Functions (
= delete)TotW #144: Heterogeneous Lookup in Associative Containers
TotW #146: Default vs Value Initialization
TotW #147: Use Exhaustive
switchStatements ResponsiblyTotW #148: Overload Sets
TotW #149: Object Lifetimes vs.
= deleteTotW #152:
AbslHashValueand YouTotW #153: Don't Use using-directives
TotW #158: Abseil Associative containers and
contains()TotW #161: Good Locals and Bad Locals
TotW #163: Passing
std::optionalparametersTotW #165:
ifandswitchstatements with initializersTotW #166: When a Copy is not a Copy
TotW #168:
inlineVariablesTotW #171: Avoid Sentinel Values
TotW #172: Designated Initializers
TotW #173: Wrapping Arguments in Option Structs
TotW #175: Changes to Literal Constants in C++14 and C++17.
TotW #176: Prefer Return Values to Output Parameters
TotW #177: Assignability vs. Data Member Types
TotW #180: Avoiding Dangling References
TotW #181: Accessing the value of a StatusOr<T>
TotW #182: Initialize Your Ints!
TotW #186: Prefer to Put Functions in the Unnamed Namespace
TotW #187:
std::unique_ptrMust Be MovedTotW #188: Be Careful With Smart-Pointer Function Parameters
TotW #198: Tag Types
TotW #215: Stringifying Custom Types with
AbslStringify()TotW #218: Designing Extension Points With FTADLE
TotW #224: Avoid
vector.at()TotW #227: Be Careful with Empty Containers and Unsigned Arithmetic
TotW #229: Ranked Overloads for Template Metaprogramming
Tip of the Week #135: Test the Contract, not the Implementation
Originally posted as TotW #135 on June 5, 2017
Updated 2020-04-06
Quicklink: abseil.io/tips/135
“If you have one true friend you have more than your share.” — Thomas Fuller
C++ has a somewhat elaborate access control mechanism using public,
protected, private, and friend. Test code has its own rules of etiquette
for using those facilities, and GoogleTest augments them with its own
FRIEND_TEST macro. Use of FRIEND_TEST should be a last resort, not a
preferred choice.
Test the Contract
We write tests to find bugs in the implementation of a component’s contract, or to give us sufficient confidence that there are no such bugs. When using test-driven development (TDD), we also write tests to help us to design that contract. Tests that depend on unspecified aspects of a component are brittle, and prone to reporting failures even when the production code is working correctly.
Prefer to test via the public interface of a component. More generally, tests should verify the contract of a component and, just as with any other client, should not make assumptions beyond what’s guaranteed.
Techniques for Providing Access from Tests
A number of techniques can be used to allow test code the access needed to do its job. Some are enumerated here, roughly arranged from best to worst.
Augmenting the Public API for Tests
Sometimes it’s hard to get sufficient coverage when testing via a minimal
interface. If your component is implementing a very narrow interface specified
by a base class (e.g., one with only a ProcessItem virtual function) and it’s
impractical to gain sufficient confidence from a test that uses only that
interface, consider creating a new, testable component containing the
implementation details. Then the class containing the virtual function can be so
simple that it needs only minimal testing. BUILD visibility can be used to
restrict use of your implementation class (if needed and if your build system
supports it).
If a test depends on just one or two private functions, consider making those
functions part of the public interface. This isn’t so bad: you’ll need them to
have a clearly documented interface anyway, and other clients (not just the
test) might find them useful. If, after consideration, you decide that a
function really is only for tests, then it should be documented as such, and
maybe named with a ForTesting suffix.
Using Peers to Avoid Exposing Implementation
If the test still needs to have access to private implementation details, create
a test peer (sometimes called a test spouse). A test peer is a friend class
of the class under test, often defined in the _test.cc file (though some
prefer to define it in the same file as the class that befriends it), and used
to provide controlled access to the class under test to the test code. The test
peer won’t be able to live in an anonymous namespace as its exact name needs to
match the friend declaration, but the rest of the test code can be in an
anonymous namespace as usual. The name of a test peer class typically ends in
Peer.
(Avoid) Using FRIEND_TEST
While common in older code, FRIEND_TEST should not be used in new code. It
introduces reverse coupling, making the production header file depend on details
of the associated unit test. It forces the tests to move out of the anonymous
namespace. Every FRIEND_TEST grants a test function unrestricted access to the
class under test; in long test functions it can be hard to see where the test
modifies the state of the class under test. It requires use of an unusual header
file provided by GoogleTest for
inclusion in production code, whereas almost all of GoogleTest is intended only
for use in tests. And finally it scales badly, requiring new FRIEND_TEST uses
to be added to the production header when new tests are added. In practice this
often results in header files having lengthy blocks of FRIEND_TEST lines.
(Don’t) Make the Entire Test Fixture a friend
Making the entire test fixture a friend of the class under test (with friend
class MyClassTest;) is strongly discouraged. Compared to the options above, it
allows the entire test fixture (but not the tests themselves, which are
sub-classes of the fixture) unrestricted and unannotated access to every member
of the class under test, meaning that readers of the test code have no visual
clue of when the test is breaking encapsulation. It also forces the test fixture
to be outside of the anonymous namespace. Compared to a friend fixture, a test
peer makes the code much more self-documenting for readers, and costs just a
little extra work for code authors.
Summary of Recommendations
- Prefer to test the client interface of a component, and keep tests independent of private implementation details.
- Factor out a testable, possibly test-only subcomponent if the client interface isn’t sufficient to thoroughly exercise the unit under test.
- Sometimes it’s reasonable to add to the public interface in order to make a component testable.
- If necessary, access private members from tests using a test peer rather
than using
FRIEND_TEST. - Do not befriend an entire test fixture. Use one of the more targeted approaches described above.
