Zijie Zhao

GitHub zzjas zzjas98 zijie-zhao Google Scholar Scholar

About me

I am Zijie Zhao, a third year PhD student in the PL/FM/SE group at University of Illinois Urbana-Champaign advised by Lingming Zhang.

I'm most passionate about fuzzing and broadly interested in software engineering and testing, with a focus on combining traditional techniques with powerful, rapidly evolving LLMs.

I obtained my bachelor's and master's degree in Computer Science at University of California San Diego.

Publication

KNighter: Transforming Static Analysis with LLM-Synthesized Checkers

Chenyuan Yang, Zijie Zhao, Zichen Xie, Haoyu Li, Lingming Zhang

Preprint

Kernelgpt: Enhanced kernel fuzzing via large language models

Chenyuan Yang, Zijie Zhao, Lingming Zhang

ASPLOS 2025

WaVe: a verifiably secure WebAssembly sandboxing runtime

Evan Johnson, Evan Laufer, Zijie Zhao, Shravan Narayan, Stefan Savage, Deian Stefan, Fraser Brown

IEEE S&P 2023 🏆 Distinguished Paper Award

Industry Experience

AptosLabs

Feb - Aug 2025

Graduate Intern

Built new features for MoveSmith to improve its fuzzing capabilities.
Implemented an LLM-based Move program generator to automatically generate diverse tests for new language features.

AptosLabs

May - Aug 2024

Graduate Intern

Built a source code level fuzzer MoveSmith for the Aptos Move Compiler and VM stack.
MoveSmith is able to generate complex Move programs with high valid rate by respecting rules for language features like ability constraints, lifetime, and ownership.
To date, MoveSmith has found 50+ bugs in both the compile and the VM.

AppFolio

June - Sept 2019

Software Engineer Intern

Used React.js, MobX.js, and Bootstrap to build complex web-based financial applications.
Maintained existing server-rendered applications built by Ruby on Rails.
Reduced page loading time from 18s to 2s and data saving time from 100s to 15s.
Optimized over 2400 SQL queries into 600 queries.

Teaching Experience

UIUC CS 527: Topics in Software Engineering
UIUC CS 427: Software Engineering I
UCSD CSE 127: Intro to Computer Security
UCSD CSE 21: Mathematics for Algorithms and Systems
UCSD CSE 12: Basic Data Structures and OOD
UCSD CSE 11: Introduction to Java

Selected Bugs

A selection of bugs that my work found:

Firefox
- CVE-2020-26960 (received $1,000 bug bounty)
Linux kernel
- CVE-2024-23851, CVE-2023-52429, CVE-2024-23848, CVE-2024-23850, CVE-2024-25739, CVE-2024-23849, CVE-2024-25740, CVE-2024-26655, CVE-2024-25741, CVE-2024-43825, CVE-2024-50103
Aptos Move
- Nested borrow, Operand order, Compile V1 Bugs, Mutable Borrow Comparison, Type Inference for abort, Bytecode Verifier Erros(MOVELOC_UNAVAILABLE_ERROR, STLOC_UNSAFE_TO_DESTROY_ERROR, COPYLOC_EXISTS_BORROW_ERROR)