Zu-Ming Jiang (江祖铭)

Final-year Ph.D. student at ETH Zurich
Advised by Prof. Zhendong Su
Advanced Software Technologies (AST) Lab
Department of Computer Science

Address: CNB H 103.1, Universitätstrasse 6, 8092 Zürich, Switzerland
Email: zuming.jiang@inf.ethz.ch
Google Scholar | GitHub


I will be joining the Department of Computer Science at the University of Hong Kong (HKU) as a tenure-track Assistant Professor in Spring 2026. I have multiple fully-funded positions for PhD students, Postdoc, and RA in the areas of Systems, Security, Databases, and their interdisciplinary applications with AI. If you are excited about conducting research and interested in working with me, please send me an email (jzuming.hku@gmail.com) with your CV and a brief statement of your research interests or plans. I am looking forward to hearing from you!

HKU CS PhD admission is open. HKU offers generous scholarships to PhD students (HKU Postgraduate Scholarship). In addition, exceptional candidates will be nominated for prestigious awards, including HKU Presidential PhD Scholarship (HKU-PS) and Hong Kong PhD Fellowship (HKPFS).

Research Interests

Database, Operating System, Computer Security, and Software Engineering.
I am passionate to advance the science and practice of building reliable and secure systems via tackling fundamental and difficult problems.

Publications

  1. Detecting Logic Bugs in Database Engines via Equivalent Expression Transformation
    Zu-Ming Jiang, Zhendong Su.
    In Proceeding of the 18th USENIX Symposium on Operating Systems Design and Implementation (OSDI' 24). Santa Clara, July 10–12, 2024.
    [PDF | GitHub| YouTube]
  2. Detecting Transactional Bugs in Database Engines via Graph-Based Oracle Construction
    Zu-Ming Jiang, Si Liu, Manuel Rigger, Zhendong Su.
    In Proceeding of the 17th USENIX Symposium on Operating Systems Design and Implementation (OSDI' 23). Boston, July 10–12, 2023.
    [PDF | GitHub | YouTube]
  3. DynSQL: Stateful Fuzzing for Database Management Systems with Complex and Valid SQL Query Generation
    Zu-Ming Jiang, Jia-Ju Bai, Zhendong Su.
    In Proceedings of the 32nd USENIX Security Symposium (Security'23). Anaheim, August 9–11, 2023.
    [PDF | YouTube]
  4. Blackbox Fuzzing of Distributed Systems with Multi-Dimensional Inputs and Symmetry-Based Feedback Pruning
    Yonghao Zou, Jia-Ju Bai, Zu-Ming Jiang, Ming Zhao, Diyu Zhou.
    In Proceedings of the 32th Network and Distributed System Security Symposium (NDSS'25). San Diego, February 24–28, 2025.
    [PDF]
  5. Testing Error Handling Code with Software Fault Injection and Error-Coverage-Guided Fuzzing
    Jia-Ju Bai, Zi-Xuan Fu, Kai-Tao Xie, Zu-Ming Jiang.
    IEEE Transactions on Dependable and Secure Computing (TDSC'23), 2023.
    [PDF]
  6. Context-Sensitive and Directional Concurrency Fuzzing for Data-Race Detection
    Zu-Ming Jiang, Jia-Ju Bai, Kangjie Lu, Shi-Min Hu.
    In Proceedings of the 29th Network and Distributed System Security Symposium (NDSS'22). San Diego, February 27–March 3, 2022.
    [PDF | YouTube]
  7. Hybrid Static-Dynamic Analysis of Data Races Caused by Inconsistent Locking Discipline in Device Drivers
    Jia-Ju Bai, Qiu-Liang Chen, Zu-Ming Jiang, Julia Lawall, Shi-Min Hu.
    IEEE Transactions on Software Engineering (TSE'22), 2022.
    [PDF]
  8. Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection
    Zu-Ming Jiang, Jia-Ju Bai, Kangjie Lu, Shi-Min Hu.
    In Proceedings of the 29th USENIX Security Symposium (Security'20). Boston, August 12–14, 2020.
    [PDF | YouTube]
  9. Fuzzing Error Handling Code in Device Drivers Based on Software Fault Injection
    Zu-Ming Jiang, Jia-Ju Bai, Julia Lawall, Shi-Min Hu.
    In Proceedings of the 30th International Symposium on Software Reliability Engineering (ISSRE'19). Berlin, October 28-31, 2019.
    [PDF]
  10. Detecting Data Races Caused by Inconsistent Lock Protection in Device Drivers
    Qiu-Liang Chen, Jia-Ju Bai, Zu-Ming Jiang, Julia Lawall, Shi-Min Hu.
    In Proceedings of the 26th International Conference on Software Analysis, Evolution and Reengineering (SANER'19). Hangzhou, February 24-27, 2019.
    [PDF]

Academic Service

Program Committee (PC) Member
  • International Workshop on Testing Database Systems (DBTest) 2024
    • Artifact Evaluation Committee (AEC) Member
  • USENIX Symposium on Operating Systems Design and Implementation (OSDI) 2024, 2023
  • USENIX Annual Technical Conference (ATC) 2025, 2024, 2023
    • Reviewer
  • IEEE Transactions on Dependable and Secure Computing (TDSC) 2025, 2022, 2021
  • ACM Transactions on Software Engineering and Methodology (TOSEM) 2024, 2023

    • Teaching Assistant

  • Compiler Design Fall 2024 (Head TA), Fall 2023, Fall 2022, Fall 2021
  • Data Modelling and Databases Spring 2024
  • Big Data for Engineers Spring 2025
  • Software Engineering Seminar Fall 2024, Fall 2023, Fall 2022, Fall 2021
  • Computer Science II Spring 2023
  • Automated Software Testing Spring 2025, Spring 2024, Spring 2023
  • Research Topics in Software Engineering Spring 2025, Spring 2024, Spring 2023, Spring 2022

    • Education

    2018 - 2021
    Master degree in Computer Technology, Tsinghua University
    2014 - 2018
    Bachelor degree in Electrical Engineering and Automation, Zhejiang University

    Awards and Grants

    2023
    OSDI '23 Student Grant Award
    2021
    Outstanding Master's Graduate, Department of Computer Science and Technology, Tsinghua University
    2020
    Siebel Scholar Class of 2021, Siebel Scholars Foundation
    2018
    Outstanding Bachelor Thesis, Zhejiang University

    Assigned CVEs

    MySQL (22)
    CVE-2024-21013, CVE-2024-21009, CVE-2024-21008, CVE-2024-20982, CVE-2023-22112, CVE-2023-22028,
    CVE-2023-21935, CVE-2023-21881, CVE-2023-21880, CVE-2023-21879, CVE-2023-21878, CVE-2023-21872,
    CVE-2022-21607, CVE-2022-21594, CVE-2022-21556, CVE-2022-21438, CVE-2021-35635, CVE-2021-35628,
    CVE-2021-2357, CVE-2021-2427, CVE-2021-2426, CVE-2021-2425
    MariaDB (12)
    CVE-2021-46669, CVE-2021-46668, CVE-2021-46667, CVE-2021-46666, CVE-2021-46665, CVE-2021-46664,
    CVE-2021-46663, CVE-2021-46662, CVE-2021-46661, CVE-2021-46659, CVE-2021-46658, CVE-2021-46657
    Vim (2)
    CVE-2020-19923, CVE-2020-19922

    Activities

  • Invited talk at Georgia Tech: Making Databases Robust and Reliable: from SQL Generation to Test-Oracle Construction (hosted by Taesoo Kim, October 23, 2024)
  • Invited talk at System Group, ETH Zurich: Making Databases Robust and Reliable: from SQL Generation to Test-Oracle Construction (hosted by Pengcheng Xu and Shien Zhu, September 27, 2024)
  • Invited talk at Northeastern University: Making Databases Robust and Reliable: from SQL Generation to Test-Oracle Construction (hosted by Cheng Tan, September 18, 2024)
  • Invited talk at Institute of Software Chinese Academy of Science: Making Databases Robust and Reliable: from SQL Generation to Test-Oracle Construction (hosted by Mingyu Li, August 9, 2024)
  • Invited talk at Stanford: Making Databases Robust and Reliable: from SQL Generation to Test-Oracle Construction (hosted by Anjiang Wei, July 9, 2024)
  • Invited talk at UC Berkeley: Making Databases Robust and Reliable: from SQL Generation to Test-Oracle Construction (hosted by Yiming Lin, July 8, 2024)
  • Invited talk at NUS: Detecting Logic Bugs in Database Engines via Equivalent Expression Transformation (hosted by Jinsheng Ba, April 30, 2024)
  • Attendance at Dagstuhl Seminar: Ensuring the Reliability and Robustness of Database Management Systems (October 29 - November 3, 2023)
  • Invited talk at HKUST: Effective Bug Detection for Database Systems: Complex-Query Generation and Oracle Construction (hosted by Shuai Wang, August 7, 2023)
  • Invited talk at CUHK: Effective Bug Detection for Database Systems: Complex-Query Generation and Oracle Construction (hosted by Qiang Su, August 2, 2023)
  • Invited talk at PingCAP: Transactional Bugs Detection for Database Systems (hosted by Yangguang Wang, 2022)
  • Invited talk at Tencent: Fuzzing for Database Systems (hosted by Peng Chen, October 10, 2022)

    • --- Updated on August 16, 2025 ---