GNAT DAS: AI Automated Fuzz Testing Workflows

Internship

AdaCore

Bristol, UK

AdaCore: Helping Developers Build Software that Matters

Everything we do at AdaCore is centered around helping developers build safe, secure and reliable software.

For 30 years, we've partnered with global leaders in aerospace & defense, air traffic management, space, railway and financial services. We've developed tools and services simplifying high-integrity software development through a subscription-based model. As demand for secure applications grows in industries like automotive, medical, energy, and IoT, we're adapting our proven technologies to assist a new generation of developers.

Our 150 global experts based in the US, France, Germany, the UK, and Estonia, collectively develop cutting-edge technologies to address the challenges of high-grade software development.

Joining AdaCore is about joining a culture of innovation, openness, collaboration and dependability, which defines how we work together, with our customers and partners.

Context

Developed at AdaCore, the GNAT DAS tool suite () includes GNATfuzz (), an advanced fuzz testing solution for Ada applications. GNATfuzz was designed to utilize multiple backend fuzz testing solutions, including AFL , and includes advanced branch-solving algorithms like RedQueen and Symbolic Execution. GNATfuzz targets and finds bugs in Ada applications and linked C and C++ libraries. GNATfuzz for C is also in development, and GNATfuzz for C++ will follow shortly after. As we start to round out our target programming language support, the next phase in the evolution of this state-of-the-art automated software testing solution is to explore the benefits of AI and LLMs to provide users with powerful insights and automated workflows, and ultimately help them find bugs in their software faster.

The key component of this internship is utilizing AI; AdaCore would like to understand better AI's benefits over more traditional forms of static analysis. Candidates for this position should have a strong interest in automated dynamic analysis verification and a good understanding of large language models (LLMs) and other AI components. A good working knowledge of Ada, C, and Python is essential. Experience with static parsing language tools like Libclang is highly beneficial.

Goals

The internship goal is to advance the state of the art in automated fuzz testing by integrating AI components into AdaCore's fuzz testing solution: GNATfuzz. This is then split into 2 phases (goal 1 and goal 2)-a research phase and an integration/implementation phase; the number of applicable activities for both goal 1 and goal 2 will depend on the length of the internship and the results of goal 1.

Goal 1: Rapid Prototyping of AI integration and assessment

• Investigate the benefits of corpus generation via AI. Multiple directions can be taken here, including:
• Perform a benchmark comparison of AI vs compiler-generated objects
• Generation of interesting values for solving complex branch conditions, which are better at reaching complex code paths and therefore increasing coverage
• Investigate the benefits of using AI to provide insights into a function signature for a C application.
• Identification of pointers to scalar objects and pointers to buffers
• Grouping of buffer pointers and size components
• Investigate the benefits of using AI to develop an advanced automated project fuzzing workflow.
• Understanding control flow graphs (statically generated via tools like CLANG)
• Using the information to dynamically identify the next best subprogram for fuzzing.
• Identification of subprograms with high complexity
• Identification of components not applicable for fuzzing (blocking calls to external components, infinite main loops as seen in embedded systems, etc.)

Goal 2: Targeted feature integration

• Following the rapid prototyping/proof of concept phase, multiple directions can be taken depending on the results of goal 1 to integrate the most interesting/beneficial feature into the GNATfuzz product
• AI Corpus Generation: Use an LLM to generate a diverse set of valid and boundary-case inputs for a target application based on its function signatures and documentation (if available).
• Intelligent Fuzzing Workflow Automation with AI: This project tackles the advanced workflow automation aspect of Goal 1. The goal is to move beyond fuzzing a single program and to create an intelligent system that can analyze large projects and decide what subprograms to fuzz and in what order.
• AI-Assisted Function Signature Analysis for C/C++: This project uses AI to interpret C/C++ function signatures to make fuzzing more effective. Fuzzing C/C++ code can be tricky because of pointers and complex data structures. An AI could help GNATfuzz understand these more clearly.

Skills required/nice to have:

• Experience/interest in fuzz testing or other forms of dynamic analysis and/or compilation (GCC or LLVM)
• Good programming skills in Python and C (or Ada)
• Experience/interest in language interfaces (i.e., libclang)
• Solid understanding and interest in LLMs and other primary aspects of AI

Timeframe & Location:

During 2026 - 6 to 9 months - Bristol office

Beyond the job

We're a global organization driven by diverse backgrounds, fostering innovation through an open exchange of ideas. We welcome applicants of all backgrounds, celebrating diversity in ethnicity, nationality, gender, age, religion, abilities, sexual orientation, veteran or marital status.

Our commitment is to help our teammates, wherever they are based, feel comfortable and satisfied, by encouraging flexibility to ensure them a healthy work-life balance. Additionally, we prioritize individual development by offering continuous training from day one with a personalized onboarding plan.