From 287d430fcf032219e235bf36f9f4077645bad713 Mon Sep 17 00:00:00 2001
From: van Hauser <vh@thc.org>
Date: Tue, 17 Mar 2020 12:37:20 +0100
Subject: better explain AFL_QEMU_DEBUG_MAPS

---
 qemu_mode/README.persistent.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/qemu_mode/README.persistent.md b/qemu_mode/README.persistent.md
index c96a451b..46077402 100644
--- a/qemu_mode/README.persistent.md
+++ b/qemu_mode/README.persistent.md
@@ -26,7 +26,8 @@ hexadecimal with the 0x prefix or as a decimal value.
 If the target is compiled with position independant code (PIE/PIC), you must
 add 0x4000000000 to that address, because qemu loads to this base address.
 On strange setups the base address set by QEMU for PIE executable may change,
-you can check it printing the process map using AFL_QEMU_DEBUG_MAPS=1.
+you can check it printing the process map using 
+`AFL_QEMU_DEBUG_MAPS=1 afl-qemu-trace TARGET-BINARY`
 
 If this address is not valid, afl-fuzz will error during startup with the
 message that the forkserver was not found.
-- 
cgit 1.4.1