Dice Question Streamline Icon: https://streamlinehq.com

Relationship between code coverage and bug detection rate in continuous fuzzing

Establish the relationship between code coverage and the fuzzing bug detection rate during continuous fuzzing sessions.

Information Square Streamline Icon: https://streamlinehq.com

Background

Modern greybox fuzzers used by OSS-Fuzz are coverage-guided, suggesting a link between higher coverage and increased bug findings. While this correlation has been reported in traditional fuzzing settings, its form and strength under continuous fuzzing’s short, iterative sessions has not been characterized.

The authors therefore pose clarifying the coverage–bug detection relationship in continuous fuzzing as an open question.

References

However, despite the central role of coverage in modern fuzzing strategies, the relationship between coverage and the bug detection rate remains unclear.

Large-Scale Empirical Analysis of Continuous Fuzzing: Insights from 1 Million Fuzzing Sessions (2510.16433 - Shirai et al., 18 Oct 2025) in Section 3 (Research Questions), paragraph preceding RQ3