diff --git a/tools/devctr/Dockerfile b/tools/devctr/Dockerfile
index a3128847498..1570c24f312 100644
--- a/tools/devctr/Dockerfile
+++ b/tools/devctr/Dockerfile
@@ -6,10 +6,6 @@ FROM public.ecr.aws/lts/ubuntu:22.04
 
 ARG RUST_TOOLCHAIN="1.79.0"
 ARG TMP_BUILD_DIR=/tmp/build
-ARG FIRECRACKER_SRC_DIR="/firecracker"
-ARG FIRECRACKER_BUILD_DIR="$FIRECRACKER_SRC_DIR/build"
-ARG CARGO_REGISTRY_DIR="$FIRECRACKER_BUILD_DIR/cargo_registry"
-ARG CARGO_GIT_REGISTRY_DIR="$FIRECRACKER_BUILD_DIR/cargo_git_registry"
 ARG DEBIAN_FRONTEND=noninteractive
 ARG ARCH
 
@@ -51,7 +47,7 @@ RUN apt-get update \
     && apt-get -y install --no-install-recommends \
         # essential build tools
         gcc make libc-dev binutils-dev libssl-dev \
-        # Useful utilifies
+        # Useful utilities
         gdbserver \
         # Needed in order to be able to compile `userfaultfd-sys`.
         clang \
@@ -110,7 +106,7 @@ RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain "$RUST_TOOL
     && rustup target add x86_64-unknown-linux-musl \
     && rustup target add aarch64-unknown-linux-musl \
     && rustup component add llvm-tools-preview \
-    && cargo install --locked cargo-audit cargo-deny grcov cargo-sort \
+    && cargo install --locked cargo-audit cargo-deny grcov cargo-sort cargo-afl \
     && (if [ "$ARCH" = "x86_64" ]; then cargo install --locked kani-verifier && cargo kani setup; else true; fi) \
     \
     && apt-get update \
@@ -132,9 +128,7 @@ RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain "$RUST_TOOL
     && cd && rm -r /tmp/crosvm \
     \
     && rm -rf "$CARGO_HOME/registry" \
-    && ln -s "$CARGO_REGISTRY_DIR" "$CARGO_HOME/registry" \
-    && rm -rf "$CARGO_HOME/git" \
-    && ln -s "$CARGO_GIT_REGISTRY_DIR" "$CARGO_HOME/git"
+    && rm -rf "$CARGO_HOME/git"
 
 # help musl-gcc find linux headers
 RUN cd /usr/include/$ARCH-linux-musl \
@@ -162,5 +156,4 @@ RUN cd /usr/local/bin \
 
 ADD tools/devctr/ctr_gitconfig /root/.gitconfig
 
-WORKDIR "$FIRECRACKER_SRC_DIR"
 ENTRYPOINT ["/usr/bin/tini", "--"]
diff --git a/tools/devtool b/tools/devtool
index 749d0749cd7..bc5970bdd16 100755
--- a/tools/devtool
+++ b/tools/devtool
@@ -68,7 +68,7 @@
 DEVCTR_IMAGE_NO_TAG="public.ecr.aws/firecracker/fcuvm"
 
 # Development container tag
-DEVCTR_IMAGE_TAG=${DEVCTR_IMAGE_TAG:-v73}
+DEVCTR_IMAGE_TAG=${DEVCTR_IMAGE_TAG:-v74}
 
 # Development container image (name:tag)
 # This should be updated whenever we upgrade the development container.
@@ -228,6 +228,7 @@ cmd_fix_perms() {
     # Yes, running Docker to get elevated privileges, just to chown some files
     # is a dirty hack.
     run_devctr \
+        --workdir "$CTR_FC_ROOT_DIR" \
         -- \
         chown -R "$(id -u):$(id -g)" "$CTR_FC_BUILD_DIR"
 }
@@ -305,6 +306,8 @@ run_devctr() {
         --rm \
         --volume /dev:/dev \
         --volume "$FC_ROOT_DIR:$CTR_FC_ROOT_DIR:z" \
+        --volume "$FC_ROOT_DIR/build/cargo_registry:/usr/local/rust/registry:z" \
+        --volume "$FC_ROOT_DIR/build/cargo_git_registry:/usr/local/rust/git:z" \
         --tmpfs /srv:exec,dev,size=32G \
         -v /boot:/boot \
         --env PYTHONDONTWRITEBYTECODE=1 \