Fix fuzzer links in the libafl book (#2493)

* the rustup official command to update is 'rustup update' not 'rustup upgrade', although to catch mistakes, 'rustup upgrade' also fallback to update

* fix references to baby_fuzzer and baby_fuzzer new location

* modernize a bit the manifests and code snippets for the baby_fuzzer to make the experience more consistent with the current rust compiler

* fix another reference path for baby fuzzers

* fix frida fuzzers locations in the book

* fix the concolic hybrid fuzzers location in the book

* fix baby_no_std location in the book

* fix nyx fuzzers location in the book

* Revert "modernize a bit the manifests and code snippets for the baby_fuzzer to make the experience more consistent with the current rust compiler"

This reverts commit c58bfbfffd06a3afa8338043dde6ed59b03d8178.

docs/src/advanced_features/concolic.md

@@ -115,7 +115,7 @@ The `symcc_runtime` crate supports this use case and runtimes built with `symcc_
 
 ## Hybrid Fuzzing in LibAFL
 
-The LibAFL repository contains an [example hybrid fuzzer](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/libfuzzer_stb_image_concolic).
+The LibAFL repository contains an [example hybrid fuzzer](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/stb/libfuzzer_stb_image_concolic).
 
 There are three main steps involved with building a hybrid fuzzer using LibAFL:
 
@@ -130,7 +130,7 @@ For example, we need to have a runtime ready before we can do instrumentation wi
 
 Building a custom runtime can be done easily using the `symcc_runtime` crate.
 Note, that a custom runtime is a separate shared object file, which means that we need a separate crate for our runtime.
-Check out the [example hybrid fuzzer's runtime](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/libfuzzer_stb_image_concolic/runtime) and the [`symcc_runtime` docs](https://docs.rs/symcc_runtime/0.1/symcc_runtime) for inspiration.
+Check out the [example hybrid fuzzer's runtime](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/stb/libfuzzer_stb_image_concolic/runtime) and the [`symcc_runtime` docs](https://docs.rs/symcc_runtime/0.1/symcc_runtime) for inspiration.
 
 ### Instrumentation
 
@@ -151,7 +151,7 @@ How exactly this is done does not matter.
 However, the SymCC compiler needs to be made aware of the location of the runtime that it should instrument against.
 This is done by setting the `SYMCC_RUNTIME_DIR` environment variable to the directory which contains the runtime (typically the `target/(debug|release)` folder of your runtime crate).
 
-The example hybrid fuzzer instruments the target in its [`build.rs` build script](https://github.com/AFLplusplus/LibAFL/blob/main/fuzzers/libfuzzer_stb_image_concolic/fuzzer/build.rs#L50).
+The example hybrid fuzzer instruments the target in its [`build.rs` build script](https://github.com/AFLplusplus/LibAFL/blob/main/fuzzers/stb/libfuzzer_stb_image_concolic/fuzzer/build.rs#L50).
 It does this by cloning and building a copy of SymCC and then using this version to instrument the target.
 The [`symcc_libafl` crate](https://docs.rs/symcc_libafl) contains helper functions for cloning and building SymCC.
 
@@ -169,7 +169,7 @@ No matter the instrumentation method, the interface between the fuzzer and the i
 The only difference between using SymCC and SymQEMU should be the binary that represents the target:
 In the case of SymCC it will be the binary that was build with instrumentation and with SymQEMU it will be the emulator binary (eg. `x86_64-linux-user/symqemu-x86_64`), followed by your uninstrumented target binary and its arguments.
 
-You can use the [`CommandExecutor`](https://docs.rs/libafl/latest/libafl/executors/command/struct.CommandExecutor.html) to execute your target ([example](https://github.com/AFLplusplus/LibAFL/blob/main/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs#L244)).
+You can use the [`CommandExecutor`](https://docs.rs/libafl/latest/libafl/executors/command/struct.CommandExecutor.html) to execute your target ([example](https://github.com/AFLplusplus/LibAFL/blob/main/fuzzers/stb/libfuzzer_stb_image_concolic/fuzzer/src/main.rs#L244)).
 When configuring the command, make sure you pass the `SYMCC_INPUT_FILE` environment variable (set to the input file path), if your target reads input from a file (instead of standard input).
 
 #### Serialization and Solving
@@ -184,4 +184,4 @@ It will attempt to solve all branches, like the original simple backend from Sym
 
 ### Example
 
-The example fuzzer shows how to use the [`ConcolicTracingStage` together with the `SimpleConcolicMutationalStage`](https://github.com/AFLplusplus/LibAFL/blob/main/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs#L222) to build a basic hybrid fuzzer.
+The example fuzzer shows how to use the [`ConcolicTracingStage` together with the `SimpleConcolicMutationalStage`](https://github.com/AFLplusplus/LibAFL/blob/main/fuzzers/stb/libfuzzer_stb_image_concolic/fuzzer/src/main.rs#L222) to build a basic hybrid fuzzer.

docs/src/advanced_features/frida.md

@@ -4,7 +4,7 @@ LibAFL supports different instrumentation engines for binary-only fuzzing.
 A potent cross-platform (Windows, MacOS, Android, Linux, iOS) option for binary-only fuzzing is Frida; the dynamic instrumentation tool.
 
 In this section, we will talk about the components in fuzzing with `libafl_frida`.
-You can take a look at a working example in our [`fuzzers/frida_libpng`](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/frida_libpng) folder for Linux, and [`fuzzers/frida_gdiplus`](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/frida_gdiplus) for Windows.
+You can take a look at a working example in our [`fuzzers/frida/frida_libpng`](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/frida/frida_libpng) folder for Linux, and [`fuzzers/frida/frida_gdiplus`](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/frida/frida_gdiplus) for Windows.
 
 ## Dependencies
 
@@ -84,4 +84,4 @@ You can then link this observer to `FridaInProcessExecutor` as follows:
 ```
 
 And finally you can run the fuzzer.
-See the `frida_` examples in [`./fuzzers`](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/) for more information and, for linux or full-system, play around with `libafl_qemu`, another binary-only tracer.
+See the `frida_` examples in [`./fuzzers/frida`](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/frida/) for more information and, for linux or full-system, play around with `libafl_qemu`, another binary-only tracer.

docs/src/advanced_features/no_std.md

@@ -37,4 +37,4 @@ pub extern "C" fn external_current_millis() -> u64 {
 }
 ```
 
-See [./fuzzers/baby_no_std](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/baby_no_std) for an example.
+See [./fuzzers/baby/baby_no_std](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/baby/baby_no_std) for an example.

docs/src/advanced_features/nyx.md

@@ -24,7 +24,7 @@ For binary-only fuzzing, Nyx uses intel-PT(Intel® Processor Trace). You can fin
 
 ## Preparing the Nyx working directory
 
-This step is used to pack the target into Nyx's kernel. Don't worry, we have a template shell script in our [example](https://github.com/AFLplusplus/LibAFL/blob/main/fuzzers/nyx_libxml2_parallel/setup_libxml2.sh):
+This step is used to pack the target into Nyx's kernel. Don't worry, we have a template shell script in our [example](https://github.com/AFLplusplus/LibAFL/blob/main/fuzzers/nyx/nyx_libxml2_parallel/setup_libxml2.sh):
 
 the parameter's meaning is listed below:
 
@@ -49,7 +49,7 @@ python3 ./packer/packer/nyx_config_gen.py /tmp/nyx_libxml2/ Kernel || exit
 
 ## Standalone fuzzing
 
-In the [example fuzzer](https://github.com/AFLplusplus/LibAFL/blob/main/fuzzers/nyx_libxml2_standalone/src/main.rs) you first need to run `./setup_libxml2.sh`. It will prepare your target and create your nyx work directory in `/tmp/libxml2`. After that, you can start to write your code.
+In the [example fuzzer](https://github.com/AFLplusplus/LibAFL/blob/main/fuzzers/nyx/nyx_libxml2_standalone/src/main.rs) you first need to run `./setup_libxml2.sh`. It will prepare your target and create your nyx work directory in `/tmp/libxml2`. After that, you can start to write your code.
 
 First, to create `Nyxhelper`:
 
@@ -71,7 +71,7 @@ Finally, use them normally and pass them into `fuzzer.fuzz_loop(&mut stages, &mu
 
 ## Parallel fuzzing
 
-In the [example fuzzer](https://github.com/AFLplusplus/LibAFL/blob/main/fuzzers/nyx_libxml2_parallel/src/main.rs) you first need to run `./setup_libxml2.sh` as described before.
+In the [example fuzzer](https://github.com/AFLplusplus/LibAFL/blob/main/fuzzers/nyx/nyx_libxml2_parallel/src/main.rs) you first need to run `./setup_libxml2.sh` as described before.
 
 Parallel fuzzing relies on [`Launcher`](../message_passing/spawn_instances.md), so spawn logic should be written in the scoop of anonymous function `run_client`:
 

docs/src/baby_fuzzer/baby_fuzzer.md

@@ -6,7 +6,7 @@ While the following chapters discuss the components of LibAFL in detail, here we
 
 We are going to fuzz a simple Rust function that panics under a condition. The fuzzer will be single-threaded and will stop after the crash, just like libFuzzer normally does.
 
-You can find a complete version of this tutorial as an example fuzzer in [`fuzzers/baby_fuzzer`](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/baby_fuzzer).
+You can find a complete version of this tutorial as an example fuzzer in [`fuzzers/baby/baby_fuzzer`](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/baby/baby_fuzzer).
 
 > ### Warning
 >
@@ -222,4 +222,4 @@ Bye!
 
 As you can see, after the panic message, the `objectives` count of the log increased by one and you will find the crashing input in `crashes/`.
 
-The complete code can be found in [`./fuzzers/baby_fuzzer`](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/baby_fuzzer) alongside other `baby_` fuzzers.
+The complete code can be found in [`./fuzzers/baby/baby_fuzzer`](https://github.com/AFLplusplus/LibAFL/tree/main/fuzzers/baby/baby_fuzzer) alongside other `baby_` fuzzers.

docs/src/baby_fuzzer/more_examples.md

@@ -1,6 +1,6 @@
 # More Examples
 
-Examples can be found under `./fuzzer`.
+Examples can be found under `./fuzzers/baby`.
 
 |fuzzer name|usage|
 |  ----  | ----  |