Liang Gong     

I am currently a research scientist at Meta, working on language/system infrastructure.

Before joining Meta, I obtained my Computer Science Ph.D. degree from UC Berkeley in 2018. My research adviser at Berkeley was Prof. Koushik Sen. I got my Master degree from Tsinghua University in 2013 (GPA ranked No.2 among 130 students).

My research interests are in the areas of Programming Language and Software Engineering. More specifically, my research includes program analysis for JavaScript, JIT-compiler, applying machine learning techniques for mining software repositories. I also published papers/patents on software testing, fault localization, web security, and data privacy.

I built memlab Star , which is a framework for finding JavaScript memory leaks and analyzing heap snapshots.

My research on Node.js security leads to the discovery and validation (by the node.js community) of 250+ highly severe security vulnerabilities in npm packages. See more details.

Some of my past projects: Jalangi Firefox Extension, DLint, JITProf Async-Track, and Online Lambda Calculus Interpreter.

[LinkedIn] [GitHub]

Email: gongliang13 AT berkeley.com

Liang Gong
    

Publications [Google Scholar] [DBLP]

Selected Awards

• ACM SIGSOFT Distinguished Paper Award
2015/09
• NSF Travel Grant
2015/09
• Grand Prize at Yahoo! Hack Day Beijing
  (top team in China) [Pic] [Album] [More]
2013/07
• Excellent Graduate of Tsinghua Univeristy
2013/05
• Excellent Thesis Award of Tsinghua University
2013/06
• Excellent Graduate of Beijing
2013/06
• National Scholarship for Graduate Students, China
2013/05
• First-level Scholarship, Tsinghua University (2/130)
2013/05
• First-level Scholarship, Tsinghua University (2/130)
2012/05
• National Scholarship, China
2008/05

Patents

Work Experience

  • Research Scientist @ Meta
    Menlo Park | July 2018 - Now
    Building and optimizing Facebook's system/dev infrastructure.
    Improving performance, memory, reliability, and user engagements.
    Directly contributed to revenue increase totaling over $57M/yr.
    Built MemLab from scratch and made it open source.
  • Research Intern @ Microsoft Research
    Redmond | May 2017 - August, 2017
    Memory visualization for Node-ChakraCore.
    Node.js security (got 300+ vuln confirmed in npm. 250+ are highly severe).
  • Research Intern @ Microsoft Research
    Redmond | May 2016 - August, 2016
    Developed a runtime instrumentation framework that keeps track of sync-context and async-context in Node.js. The core framework has been integrated into Glimpse (Node).
    Doing research in Node.js based on the framework.
  • Software Engineer Intern @ Google
    Mountain View | May 2015 - August, 2015
    Worked on linters and structural type system for Google Closure Compiler
    [Code Commits] [Doc]
  • Software Engineer Intern @ IBM
    Beijing | Dec 2012 - March, 2013
    Worked on IBM Docs

Teaching Experience

  • GSI of CS169 (Software Engineering) @ UC Berkeley [2016 Fall]
  • GSI of CS169 (Software Engineering) @ UC Berkeley [2016 Spring]

Teach 2 discussion sections every week as a graduate student instructor (GSI). Guide 5-8 student projects every semester. Manage homework, exam etc.
[My Section Materials] [Student Feedback]

 

Profressional Activities

Journal Reviewer

  • IEEE Transactions on Parallel and Distributed Systems (TPDS)
  • Software Quality Journal

Conference Co-reviewer/Sub-reviewer

  • The 46th ACM SIGPLAN Symposium on Principles of Programming Languages (POPL), 2019
  • The 23rd International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2018
  • The 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE), 2018
  • The 30th International Conference on Computer Aided Verification (CAV), 2018
  • The 40th annual ACM SIGPLAN conference on Programming Language Design and Implementation (PLDI), 2018
  • International Symposium on Software Testing and Analysis (ISSTA), 2017
  • The 24th ACM Conference on Computer and Communications Security (CCS), 2017
  • The 24th Asia Pacific Software Engineering Conference (APSEC), 2017
  • International Symposium on Software Testing and Analysis (ISSTA), 2016
  • The 21st International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2016
  • The 27th International Conference on Computer Aided Verification (CAV), 2015
  • International Symposium on Software Testing and Analysis (ISSTA), 2015
  • The 37th International Conference on Software Engineering (ICSE Demo), 2015
  • The 36th annual ACM SIGPLAN conference on Programming Language Design and Implementation (PLDI), 2014
  • The 16th European Conference on Software Maintenance and Reengineering (CSMR), 2012
  • The 7th International Conference on Predictive Models in Software Engineering (PROMISE), 2011
  • The 18th Asia Pacific Software Engineering Conference (APSEC), 2011

CVEs Reported

I found the following security vulnerabilities. They are reported through this Github Repo.

 

© Liang Gong, Electric Engineering & Computer Science, University of California, Berkeley.