Fixes for frida, qemu_sugar (#1427)

* Fixes for frida, qemu_sugar

* tiny clippy

* clippy

* fix thread_id

* Attempted fix for qemu

fuzzers/baby_fuzzer_minimizing/src/main.rs

@@ -109,7 +109,7 @@ pub fn main() -> Result<(), Error> {
 
     let mut state = StdState::new(
         StdRand::with_seed(current_nanos()),
-        InMemoryOnDiskCorpus::new(&minimized_dir).unwrap(),
+        InMemoryOnDiskCorpus::new(minimized_dir).unwrap(),
         InMemoryCorpus::new(),
         &mut (),
         &mut (),

libafl_frida/src/executor.rs

@@ -1,5 +1,5 @@
 use core::fmt::{self, Debug, Formatter};
-use std::{ffi::c_void, marker::PhantomData};
+use std::{ffi::c_void, marker::PhantomData, process};
 
 use frida_gum::{
     stalker::{NoneEventSink, Stalker},
@@ -35,7 +35,7 @@ where
 {
     base: InProcessExecutor<'a, H, OT, S>,
     // thread_id for the Stalker
-    thread_id: usize,
+    thread_id: u32,
     /// Frida's dynamic rewriting engine
     stalker: Stalker<'a>,
     /// User provided callback for instrumentation
@@ -87,8 +87,11 @@ where
             } else {
                 self.followed = true;
                 let transformer = self.helper.transformer();
-                self.stalker
+                self.stalker.follow::<NoneEventSink>(
-                    .follow::<NoneEventSink>(self.thread_id, transformer, None);
+                    self.thread_id.try_into().unwrap(),
+                    transformer,
+                    None,
+                );
             }
         }
         let res = self.base.run_target(fuzzer, state, mgr, input);
@@ -153,12 +156,21 @@ where
     OT: ObserversTuple<S>,
     RT: FridaRuntimeTuple,
 {
-    /// Creates a new [`FridaInProcessExecutor`]
+    /// Creates a new [`FridaInProcessExecutor`].
     pub fn new(
         gum: &'a Gum,
         base: InProcessExecutor<'a, H, OT, S>,
-        thread_id: usize,
         helper: &'c mut FridaInstrumentationHelper<'b, RT>,
+    ) -> Self {
+        Self::on_thread(gum, base, helper, process::id())
+    }
+
+    /// Creates a new [`FridaInProcessExecutor`] tracking the given `thread_id`.
+    pub fn on_thread(
+        gum: &'a Gum,
+        base: InProcessExecutor<'a, H, OT, S>,
+        helper: &'c mut FridaInstrumentationHelper<'b, RT>,
+        thread_id: u32,
     ) -> Self {
         let mut stalker = Stalker::new(gum);
         // Include the current module (the fuzzer) in stalked ranges. We clone the ranges so that

libafl_qemu/src/executor.rs

@@ -2,7 +2,11 @@
 use core::fmt::{self, Debug, Formatter};
 
 #[cfg(feature = "fork")]
-use libafl::{events::EventManager, executors::InProcessForkExecutor, state::HasMetadata};
+use libafl::{
+    events::EventManager,
+    executors::InProcessForkExecutor,
+    state::{HasLastReportTime, HasMetadata},
+};
 use libafl::{
     events::{EventFirer, EventRestarter},
     executors::{Executor, ExitKind, HasObservers, InProcessExecutor},
@@ -10,10 +14,7 @@ use libafl::{
     fuzzer::{HasFeedback, HasObjective, HasScheduler},
     inputs::UsesInput,
     observers::{ObserversTuple, UsesObservers},
-    state::{
+    state::{HasClientPerfMonitor, HasCorpus, HasExecutions, HasSolutions, State, UsesState},
-        HasClientPerfMonitor, HasCorpus, HasExecutions, HasLastReportTime, HasSolutions, State,
-        UsesState,
-    },
     Error,
 };
 #[cfg(feature = "fork")]