about summary refs log tree commit diff
diff options
context:
space:
mode:
authorvan Hauser <vh@thc.org>2020-03-17 12:37:20 +0100
committervan Hauser <vh@thc.org>2020-03-17 12:37:20 +0100
commit287d430fcf032219e235bf36f9f4077645bad713 (patch)
tree28a52b1dcc0de1cae39d50871dfbf4a37281bf5f
parent8cc39a359035fd3a9b369b969c3a559102e4b345 (diff)
downloadafl++-287d430fcf032219e235bf36f9f4077645bad713.tar.gz
better explain AFL_QEMU_DEBUG_MAPS
-rw-r--r--qemu_mode/README.persistent.md3
1 files changed, 2 insertions, 1 deletions
diff --git a/qemu_mode/README.persistent.md b/qemu_mode/README.persistent.md
index c96a451b..46077402 100644
--- a/qemu_mode/README.persistent.md
+++ b/qemu_mode/README.persistent.md
@@ -26,7 +26,8 @@ hexadecimal with the 0x prefix or as a decimal value.
 If the target is compiled with position independant code (PIE/PIC), you must
 add 0x4000000000 to that address, because qemu loads to this base address.
 On strange setups the base address set by QEMU for PIE executable may change,
-you can check it printing the process map using AFL_QEMU_DEBUG_MAPS=1.
+you can check it printing the process map using 
+`AFL_QEMU_DEBUG_MAPS=1 afl-qemu-trace TARGET-BINARY`
 
 If this address is not valid, afl-fuzz will error during startup with the
 message that the forkserver was not found.