Let us introduce you to Fuzzlyn
In the Language-Based Security course, the students this year worked on a number of individual projects. One of these projects is Fuzzlyn – a tool for detecting bugs in the .NET platform.
Fuzzlyn, developed by computer science students Jakob Botsch Nielsen, Christoffer Schmidt, and Jonas Larsen, is a fuzzer that utilizes the Roslyn compiler framework to generate random C# programs. It runs these programs on .NET core and ensures that they give the same results when compiled in debug and release mode. Using Fuzzlyn, several bugs have been found and reported in RyuJIT used both by .NET Core and the full .NET framework. A (harmless) bug was also found and reported in Roslyn. Associate professor Aslan Askarov, who teaches the Language-Based Security course, is excited about the project, and believes it will have a significant practical impact.
Find more information about how to use Fuzzlyn for finding bugs and reducing programs at https://github.com/jakobbotsch/Fuzzlyn