Re: Source code not required
ML is vulnerable to fuzz-testing as much as human-written code. That's not surprising.
In fact, some of the best ways to find bugs are by not trying to read the code (which includes certain assumptions that may not be true in reality, e.g. Rowhammer, compiler constraints, etc.) but by just throwing random but vaguely-valid code at everything you possibly can and seeing if there are any unintentional side-effects.