Towards Path-Aware Coverage-Guided Fuzzing (CGO 2026 - Main Conference)

Sat 31 January - Wed 4 February 2026 Sydney, Australia

co-located with HPCA/CGO/PPoPP/CC 2026

Who

Giacomo Priamo, Daniele Cono D'Elia, Mathias Payer, Leonardo Querzoni

Track

CGO 2026 Main Conference

Time Zone

The program is currently displayed in (GMT+11:00) Hobart.

Use conference time zone: (GMT+11:00) HobartSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Mon 2 Feb 2026 12:10 - 12:30 at Balmoral - Security Chair(s): Michael Franz

Abstract

Automated fuzz testing is now standard practice, yet key blind spots persist. Coverage-guided fuzzers typically rely on edge coverage as a lightweight proxy for program behavior. However, this metric captures path variations only weakly: it cannot differentiate executions that follow distinct control-flow paths but traverse the same edges—causing many path-dependent bugs to go undetected.
Path awareness would offer a richer coverage view but has been considered too costly for fuzzing.

We introduce a lightweight method for tracking intra-procedural execution paths, enabling efficient path-aware feedback. This enhances the fuzzer’s ability to detect subtle bugs, even in well-tested software. To counter the resulting seed explosion, we evaluate two strategies—culling and opportunistic path-aware fuzzing—that balance precision and throughput. Our findings show that path-aware fuzzing, when properly guided, uncovers more bugs and reveals untapped potential in fuzzing research.

Link to Preprint

https://www.conference-publishing.com/Proc/CGO26/cgo26/cgo26main-p50-p

Giacomo Priamo

Sapienza University of Rome

Italy

Daniele Cono D'Elia

Sapienza University of Rome

Italy

Mathias Payer

EPFL

Switzerland

Leonardo Querzoni

Sapienza University Rome

Italy

Media

Time Zone

The program is currently displayed in (GMT+11:00) Hobart.

Use conference time zone: (GMT+11:00) HobartSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Mon 2 Feb
Displayed time zone: Hobart change

11:30 - 12:50	SecurityMain Conference at Balmoral Chair(s): Michael Franz University of California, Irvine

11:30 20m Talk		PriTran: Privacy-Preserving Inference for Transformer-Based Language Models under Fully Homomorphic Encryption Main Conference Yuechen Mu UNSW, Guangli Li Institute of Computing Technology, Chinese Academy of Sciences, Shiping Chen Data61 at CSIRO, Australia / UNSW, Australia, Jingling Xue UNSW Sydney Pre-print
11:50 20m Talk		FHEFusion: Enabling Operator Fusion in FHE Compilers for Depth-Efficient DNN Inference Main Conference Tianxiang Sui Ant Group, Jianxin Lai Ant Group, Long Li Ant Group, Peng Yuan Ant Group, Yan Liu Ant Group, Qing Zhu Ant Group, Xiaojing Zhang Ant Group, Linjie Xiao Ant Group, Mingzhe Zhang Ant Group, Jingling Xue UNSW Sydney Pre-print Media Attached
12:10 20m Talk		Towards Path-Aware Coverage-Guided Fuzzing Main Conference Giacomo Priamo Sapienza University of Rome, Daniele Cono D'Elia Sapienza University of Rome, Mathias Payer EPFL, Leonardo Querzoni Sapienza University Rome Pre-print Media Attached
12:30 20m Talk		SecSwift, a Compiler-Based Framework for Software Countermeasures in Cybersecurity Main Conference François de Ferrière STMICROELECTRONICS, Yves Janin STMICROELECTRONICS, Sirine Mechmech Grenoble INP Pre-print