Zu-Ming Jiang (江祖铭)

Ph.D. student @ ETH Zurich
Supervised by Prof. Zhendong Su
Advanced Software Technologies (AST) Lab
Department of Computer Science

Address: CNB H 103.1, Universitätstrasse 6, 8092 Zürich, Switzerland
E-Mail: zuming.jiang # inf.ethz.ch

Research Interests


Computer Security, Database, Operating System and Software Engineering.
Currently he is researching the security and reliability problems of system software using software testing techniques (e.g. fuzzing).

Publications


  1. Detecting Logic Bugs in Database Engines via Equivalent Expression Transformation
    Zu-Ming Jiang, Zhendong Su.
    In Proceeding of the 18th USENIX Symposium on Operating Systems Design and Implementation (OSDI' 24). Santa Clara, July 10–12, 2024.
  2. Detecting Transactional Bugs in Database Engines via Graph-Based Oracle Construction
    Zu-Ming Jiang, Si Liu, Manuel Rigger, Zhendong Su.
    In Proceeding of the 17th USENIX Symposium on Operating Systems Design and Implementation (OSDI' 23). Boston, July 10–12, 2023.
  3. DynSQL: Stateful Fuzzing for Database Management Systems with Complex and Valid SQL Query Generation
    Zu-Ming Jiang, Jia-Ju Bai, Zhendong Su.
    In Proceedings of the 32nd USENIX Security Symposium (Security'23). Anaheim, August 9–11, 2023.
  4. Testing Error Handling Code with Software Fault Injection and Error-Coverage-Guided Fuzzing
    Jia-Ju Bai, Zi-Xuan Fu, Kai-Tao Xie, Zu-Ming Jiang.
    IEEE Transactions on Dependable and Secure Computing (TDSC'23), 2023.
  5. Context-Sensitive and Directional Concurrency Fuzzing for Data-Race Detection
    Zu-Ming Jiang, Jia-Ju Bai, Kangjie Lu, Shi-Min Hu.
    In Proceedings of the 29th Network and Distributed System Security Symposium (NDSS'22). San Diego, February 27–March 3, 2022.
  6. Hybrid Static-Dynamic Analysis of Data Races Caused by Inconsistent Locking Discipline in Device Drivers
    Jia-Ju Bai, Qiu-Liang Chen, Zu-Ming Jiang, Julia Lawall, Shi-Min Hu.
    IEEE Transactions on Software Engineering (TSE'22), 2022.
  7. Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection
    Zu-Ming Jiang, Jia-Ju Bai, Kangjie Lu, Shi-Min Hu.
    In Proceedings of the 29th USENIX Security Symposium (Security'20). Boston, August 12–14, 2020.
  8. Fuzzing Error Handling Code in Device Drivers Based on Software Fault Injection
    Zu-Ming Jiang, Jia-Ju Bai, Julia Lawall, Shi-Min Hu.
    In Proceedings of the 30th International Symposium on Software Reliability Engineering (ISSRE'19). Berlin, October 28-31, 2019.
  9. Detecting Data Races Caused by Inconsistent Lock Protection in Device Drivers
    Qiu-Liang Chen, Jia-Ju Bai, Zu-Ming Jiang, Julia Lawall, Shi-Min Hu.
    In Proceedings of the 26th International Conference on Software Analysis, Evolution and Reengineering (SANER'19). Hangzhou, February 24-27, 2019.

Academic Service


Program Committee (PC) Member
  • International Workshop on Testing Database Systems (DBTest) 2024
  • Artifact Evaluation Committee (AEC) Member
  • USENIX Symposium on Operating Systems Design and Implementation (OSDI) 2024, 2023
  • USENIX Annual Technical Conference (ATC) 2024, 2023
  • Reviewer
  • IEEE Transactions on Dependable and Secure Computing (TDSC) 2022, 2021
  • ACM Transactions on Software Engineering and Methodology (TOSEM) 2024, 2023
  • Teaching Assistant


  • Compiler Design Fall 2024 (Head TA), Fall 2023, Fall 2022, Fall 2021
  • Data Modelling and Databases Spring 2024
  • Software Engineering Seminar Fall 2024, Fall 2023, Fall 2022, Fall 2021
  • Computer Science II Spring 2023
  • Automated Software Testing Spring 2024, Spring 2023
  • Research Topics in Software Engineering Spring 2024, Spring 2023, Spring 2022
  • Education


    2018 - 2021
    Master degree in Computer Technology, Tsinghua University
    2014 - 2018
    Bachelor degree in Electrical Engineering and Automation, Zhejiang University

    Awards and Grants


    2023
    OSDI '23 Student Grant Award
    2021
    Outstanding Master's Graduate, Department of Computer Science and Technology, Tsinghua University
    2020
    Siebel Scholar Class of 2021, Siebel Scholars Foundation
    2018
    Outstanding Bachelor Thesis, Zhejiang University

    Assigned CVEs


    MySQL (22)
    CVE-2024-21013, CVE-2024-21009, CVE-2024-21008, CVE-2024-20982, CVE-2023-22112, CVE-2023-22028,
    CVE-2023-21935, CVE-2023-21881, CVE-2023-21880, CVE-2023-21879, CVE-2023-21878, CVE-2023-21872,
    CVE-2022-21607, CVE-2022-21594, CVE-2022-21556, CVE-2022-21438, CVE-2021-35635, CVE-2021-35628,
    CVE-2021-2357, CVE-2021-2427, CVE-2021-2426, CVE-2021-2425
    MariaDB (12)
    CVE-2021-46669, CVE-2021-46668, CVE-2021-46667, CVE-2021-46666, CVE-2021-46665, CVE-2021-46664,
    CVE-2021-46663, CVE-2021-46662, CVE-2021-46661, CVE-2021-46659, CVE-2021-46658, CVE-2021-46657
    Vim (2)
    CVE-2020-19923, CVE-2020-19922

    Activities


  • Invited talk at system group, ETH Zurich, 2024: Making Databases Robust and Reliable: from SQL Generation to Test-Oracle Construction (hosted by Pengcheng Xu and Shien Zhu)
  • Invited talk at Northeastern University, 2024: Making Databases Robust and Reliable: from SQL Generation to Test-Oracle Construction (hosted by Cheng Tan)
  • Invited talk at Institute of Software Chinese Academy of Science, 2024: Making Databases Robust and Reliable: from SQL Generation to Test-Oracle Construction (hosted by Mingyu Li)
  • Invited talk at Stanford, 2024: Making Databases Robust and Reliable: from SQL Generation to Test-Oracle Construction (hosted by Anjiang Wei)
  • Invited talk at UC Berkeley, 2024: Making Databases Robust and Reliable: from SQL Generation to Test-Oracle Construction (hosted by Yiming Lin)
  • Invited talk at NUS, 2024: Detecting Logic Bugs in Database Engines via Equivalent Expression Transformation (hosted by Jinsheng Ba)
  • Attendance at Dagstuhl Seminar, 2023: Ensuring the Reliability and Robustness of Database Management Systems.
  • Invited talk at HKUST, 2023: Effective Bug Detection for Database Systems: Complex-Query Generation and Oracle Construction (hosted by Shuai Wang)
  • Invited talk at CUHK, 2023: Effective Bug Detection for Database Systems: Complex-Query Generation and Oracle Construction (hosted by Qiang Su)
  • Invited talk at PingCAP, 2022: Transactional Bugs Detection for Database Systems (hosted by Yangguang Wang)
  • Invited talk at Tencent, 2022: Fuzzing for Database Systems (hosted by Peng Chen)

  • --- Updated on 3rd May 2024 ---