Helper utilities for ensuring that musli is safe to use and behaves as expected.

This does include a fairly sophisticated benchmarking suite.

To run the benchmarks included in this crate, use the separate tools crate.

cargo run -p tools -- --bench --force

Note: --force will overwriting existing violing plots.

This will ensure that only crates with comparable feature sets are grouped together, and at the end generate a benchmarks-new/index.md report.

This comes with the fuzz binary which can do the following things:

Run serialization for a long time against a lot of random data. Both with and without miri. When run with miri, the size of the datasets is drastically reduced.

cargo run --bin fuzz --features musli-wire
cargo +nightly miri run --bin fuzz --features musli-wire

Run deserialization against randomly generated bytes. Both with and without miri. When run with miri, the --features musli-wire size of the datasets is drastically reduced.

cargo run --bin fuzz --features musli-wire -- --random
cargo +nightly miri run --bin fuzz --features musli-wire -- --random

Note you can add the running of optional crates by enabling its corresponding feature, such as --features bincode.

To select which framework(s) to fuzz, enabled their corresponding features. If you just want to fuzz serde_json, you'd run:

cargo run --bin fuzz --features serde_json

Just beware that enabling certain dependencies limits the models being used.

• dlhn: Allocating and initializing large arrays based on untrusted input (DoS): dlhn#11.
• rkyv: Undefined Behavior: stacked borrows violation rkyv#436.

To perform a size comparison of a bunch of generated structures:

cargo run --bin fuzz -- --size

This reports all the sizings as a JSON, which is intended to be consumed by the benchmarking tools crate.