if target crashes add LTO fixed map as a possible reason

1 files changed, 12 insertions, 6 deletions

diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c
index c1623f22..1c0ba349 100644
--- a/src/afl-forkserver.c
+++ b/src/afl-forkserver.c
@@ -676,12 +676,12 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
   } else if (!fsrv->mem_limit) {
 
     SAYF("\n" cLRD "[-] " cRST
-         "Hmm, looks like the target binary terminated "
-         "before we could complete a\n"
-         "    handshake with the injected code. Perhaps there is a horrible "
-         "bug in the\n"
-         "    fuzzer. Poke <afl-users@googlegroups.com> for troubleshooting "
-         "tips.\n");
+         "Hmm, looks like the target binary terminated before we could"
+         "complete a handshake with the injected code.\n"
+         "If the target was compiled with afl-clang-lto then recompiling with"
+         "AFL_LLVM_MAP_DYNAMIC might solve your problem.\n"
+         "Otherwise there is a horrible bug in the fuzzer.\n"
+         "Poke <afl-users@googlegroups.com> for troubleshooting tips.\n");
 
   } else {
 
@@ -708,6 +708,12 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
         "      estimate the required amount of virtual memory for the "
         "binary.\n\n"
 
+        "    - the target was compiled with afl-clang-lto and a constructor "
+        "was\n"
+        "      instrumented, recompiling with AFL_LLVM_MAP_DYNAMIC might solve "
+        "your\n"
+        "      problem\n\n"
+
         "    - Less likely, there is a horrible bug in the fuzzer. If other "
         "options\n"
         "      fail, poke <afl-users@googlegroups.com> for troubleshooting "