API tools faq
paste
Advertisement
Guest User

dtruss with tshark

a guest
Jul 30th, 2012
307
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 29.53 KB | None | 0 0
raw download clone embed print report
  1. $tshark
  2.  
  3. ** ERROR **: Duplicate protocol name "Coseventcomm Dissector Using GIOP API"! This might be caused by an inappropriate plugin or a development error.
  4. Trace/BPT trap
  5. $dtruss -a -f tshark
  6. dtrace: failed to initialize dtrace: DTrace requires additional privileges
  7. $sudo dtruss -a -f tshark
  8. PID/THRD RELATIVE ELAPSD CPU SYSCALL(args) = return
  9. 2588/0x7357: 165 204 0 getpid(0x7FFF5FBFF720, 0x7FFFFFE00050, 0x0) = 2588 0
  10. 2588/0x7357: 201 40 34 open_nocancel("/dev/urandom\0", 0x0, 0x0) = 3 0
  11. 2588/0x7357: 223 25 20 read_nocancel(0x3, "D\341o\271\020ha\222\216,\371c\311\325\207}\251@\035\021\343\376\356\360\2046\310\254\373\242\273\a\266Q\246\022\003\207\244\253\230%\025;\242\317T\274\243\203oQiu6Pg\267Vw\256\341\377\305G\3518\232c\262\216\347*K\277\377v3\376\233\211\240\313R\215\037L\262\304\263%\357\215\256\376h\306LU3A\311\267y\367`4\204\0", 0x6C) = 108 0
  12. 2588/0x7357: 231 13 7 close_nocancel(0x3) = 0 0
  13. 2588/0x7357: 265 6 0 issetugid(0x100000000, 0x7FFF5FBFF9E5, 0x7FFF5FC40530) = 0 0
  14. 2588/0x7357: 266 4 0 geteuid(0x100000000, 0x7FFF5FBFF9E5, 0x0) = 0 0
  15. 2588/0x7357: 324 14 9 __sysctl(0x7FFF5FBFD610, 0x2, 0x7FFF5FBFD5D0) = 0 0
  16. 2588/0x7357: 329 7 4 __sysctl(0x7FFF5FBFD5D0, 0x2, 0x7FFF5FBFD66C) = 0 0
  17. 2588/0x7357: 333 7 2 shared_region_check_np(0x7FFF5FBFD7D8, 0x0, 0x7FFF5FC1DC86) = 0 0
  18. 2588/0x7357: 354 17 13 stat64("/usr/lib/dtrace/libdtrace_dyld.dylib\0", 0x7FFF5FBFCBE0, 0x7FFF5FBFD220) = 0 0
  19. 2588/0x7357: 377 23 19 open("/usr/lib/dtrace/libdtrace_dyld.dylib\0", 0x0, 0x0) = 3 0
  20. 2588/0x7357: 389 13 6 pread(0x3, "\312\376\272\276\0", 0x1000, 0x0) = 4096 0
  21. 2588/0x7357: 393 6 3 pread(0x3, "\317\372\355\376\a\0", 0x1000, 0x1000) = 4096 0
  22. 2588/0x7357: 418 19 13 mmap(0x1000B6000, 0x2000, 0x5, 0x12, 0x3, 0x7FFF00000001) = 0xB6000 0
  23. 2588/0x7357: 422 7 3 mmap(0x1000B8000, 0x1000, 0x3, 0x12, 0x3, 0x7FFF00000001) = 0xB8000 0
  24. 2588/0x7357: 426 7 3 mmap(0x1000B9000, 0x1F10, 0x1, 0x12, 0x3, 0x7FFF00000001) = 0xB9000 0
  25. 2588/0x7357: 437 7 3 close(0x3) = 0 0
  26. 2588/0x7357: 445 7 4 stat64("/usr/lib/libncurses.5.4.dylib\0", 0x7FFF5FBFC960, 0x7FFF5FBFCFA0) = 0 0
  27. 2588/0x7357: 454 6 4 stat64("/usr/lib/libiconv.2.dylib\0", 0x7FFF5FBFC960, 0x7FFF5FBFCFA0) = 0 0
  28. 2588/0x7357: 460 5 2 stat64("/usr/lib/libSystem.B.dylib\0", 0x7FFF5FBFC960, 0x7FFF5FBFCFA0) = 0 0
  29. 2588/0x7357: 469 8 5 stat64("/usr/lib/system/libmathCommon.A.dylib\0", 0x7FFF5FBFC6C0, 0x7FFF5FBFCD00) = 0 0
  30. 2588/0x7357: 542 200 2 madvise(0x7FFF8ACC3000, 0x2000, 0x5) = 0 0
  31. 2588/0x7357: 596 14 10 open("/dev/dtracehelper\0", 0x2, 0x7FFF5FC45348) = 3 0
  32. 2588/0x7357: 10706 10113 10108 ioctl(0x3, 0x80086804, 0x7FFF5FBFD570) = 0 0
  33. 2588/0x7357: 10716 12 7 close(0x3) = 0 0
  34. 2588/0x7357: 10738 21 17 stat64("/usr/lib/libstdc++.6.dylib\0", 0x7FFF5FBFC980, 0x7FFF5FBFCFC0) = 0 0
  35. 2588/0x7357: 10808 18 14 open("/dev/dtracehelper\0", 0x2, 0x7FFF5FC45410) = 3 0
  36. 2588/0x7357: 14053 3247 3243 ioctl(0x3, 0x80086804, 0x7FFF5FBFD570) = 0 0
  37. 2588/0x7357: 14057 6 3 close(0x3) = 0 0
  38. 2588/0x7357: 14165 12 8 __sysctl(0x7FFF5FBFD460, 0x2, 0x7FFF5FBFD450) = 0 0
  39. 2588/0x7357: 14176 5 0 bsdthread_register(0x7FFF89802E7C, 0x7FFF897E3A98, 0x2000) = 0 0
  40. 2588/0x7357: 14177 4 0 thread_selfid(0x7FFF89802E7C, 0x7FFF897E3A98, 0x0) = 29527 0
  41. 2588/0x7357: 14192 14 9 open_nocancel("/dev/urandom\0", 0x0, 0x7FFF710FDC00) = 3 0
  42. 2588/0x7357: 14207 18 13 read_nocancel(0x3, "\206D~! \204\366(\207\301\206\304\326\210o\300!Z\225\203\336\334\001mE\226\303\343q\345{\311\027z3_N\335fv\315\022L\336\236Vt\311\002C\353\351\307\327\332T\242\273\036\b\253 \376\255\0", 0x40) = 64 0
  43. 2588/0x7357: 14210 6 2 close_nocancel(0x3) = 0 0
  44. 2588/0x7357: 14217 8 1 mmap(0x0, 0x3000, 0x3, 0x1002, 0x1000000, 0x7FFF00000001) = 0xBB000 0
  45. 2588/0x7357: 14244 17 14 __sysctl(0x7FFF5FBFD2E0, 0x2, 0x7FFF5FBFD2A0) = 0 0
  46. 2588/0x7357: 14249 7 4 __sysctl(0x7FFF5FBFD2A0, 0x2, 0x7FFF5FBFD338) = 0 0
  47. 2588/0x7357: 14259 4 0 getpid(0x7FFF5FBFD230, 0x7FFFFFE00050, 0x0) = 2588 0
  48. 2588/0x7357: 14266 10 6 open_nocancel("/dev/urandom\0", 0x0, 0x0) = 3 0
  49. 2588/0x7357: 14277 14 10 read_nocancel(0x3, "\257n\373~\005\315\021\006\274\177\354bs\332\214\333\3630\323\326\207&\260\237M\n\236j\374\016/e8\362{\020\250t\222\002}\347\261\243\243\321\350[t\344\274\356\r\264\323\357\202\206\033\360\304\215Y\257j\305RP\022\221\357C\252\340\333\tL\316\366\243\231\vW`C\201\241\023\217\271\361\202\033\240R\372\323\206\360R\0", 0x6C) = 108 0
  50. 2588/0x7357: 14280 5 1 close_nocancel(0x3) = 0 0
  51. 2588/0x7357: 14298 9 6 __sysctl(0x7FFF5FBFD2E0, 0x2, 0x7FFF5FBFD30C) = 0 0
  52. 2588/0x7357: 14300 5 1 mmap(0x0, 0x17000, 0x3, 0x1002, 0x1000000, 0x7FFF00000001) = 0xBE000 0
  53. 2588/0x7357: 14356 4 0 mmap(0x0, 0x17000, 0x3, 0x1002, 0x1000000, 0x7FFF00000001) = 0xD5000 0
  54. 2588/0x7357: 14370 4 0 mmap(0x0, 0x1000, 0x3, 0x1002, 0x1000000, 0x7FFF00000001) = 0xEC000 0
  55. 2588/0x7357: 14379 5 0 mmap(0x0, 0x200000, 0x3, 0x1002, 0x7000000, 0x7FFF00000001) = 0xED000 0
  56. 2588/0x7357: 14381 5 1 munmap(0x1000ED000, 0x13000) = 0 0
  57. 2588/0x7357: 14382 3 0 munmap(0x100200000, 0xED000) = 0 0
  58. 2588/0x7357: 14415 10 6 __sysctl(0x7FFF5FBFD440, 0x2, 0x7FFF5FBFD400) = 0 0
  59. 2588/0x7357: 14420 7 4 __sysctl(0x7FFF5FBFD400, 0x2, 0x7FFF7110A7A0) = 0 0
  60. 2588/0x7357: 14425 7 4 __sysctl(0x7FFF5FBFD440, 0x2, 0x7FFF5FBFD400) = 0 0
  61. 2588/0x7357: 14429 6 3 __sysctl(0x7FFF5FBFD400, 0x2, 0x7FFF7110A7A4) = 0 0
  62. 2588/0x7357: 14434 6 4 __sysctl(0x7FFF5FBFD440, 0x2, 0x7FFF5FBFD400) = 0 0
  63. 2588/0x7357: 14438 6 3 __sysctl(0x7FFF5FBFD400, 0x2, 0x7FFF7110A7A8) = 0 0
  64. 2588/0x7357: 14472 5 1 mmap(0x0, 0x3000, 0x3, 0x1002, 0x1000000, 0x7FFF00000001) = 0xED000 0
  65. 2588/0x7357: 14489 9 5 __sysctl(0x7FFF5FBFD410, 0x2, 0x7FFF5FBFD3D0) = 0 0
  66. 2588/0x7357: 14493 6 3 __sysctl(0x7FFF5FBFD3D0, 0x2, 0x7FFF5FBFD468) = 0 0
  67. 2588/0x7357: 14499 6 3 __sysctl(0x7FFF5FBFD410, 0x2, 0x7FFF5FBFD43C) = 0 0
  68. 2588/0x7357: 14500 4 0 mmap(0x0, 0x17000, 0x3, 0x1002, 0x1000000, 0x7FFF00000001) = 0x200000 0
  69. 2588/0x7357: 14518 4 0 mmap(0x0, 0x17000, 0x3, 0x1002, 0x1000000, 0x7FFF00000001) = 0x217000 0
  70. 2588/0x7357: 14541 5 0 mmap(0x0, 0x200000, 0x3, 0x1002, 0x7000000, 0x7FFF00000001) = 0x22E000 0
  71. 2588/0x7357: 14543 4 1 munmap(0x10022E000, 0xD2000) = 0 0
  72. 2588/0x7357: 14544 3 0 munmap(0x100400000, 0x2E000) = 0 0
  73. 2589/0x735a: 188: 0: 0 fork() = 0 0
  74. 2589/0x735a: 189 6 0 thread_selfid(0x7FFF71100CC0, 0x3, 0x1) = 29530 0
  75. 2589/0x735a: 191 3 0 getpid(0x7FFF71100CC0, 0x3, 0x0) = 2589 0
  76. 2589/0x735a: 245 5 1 close(0xFF) = 0 0
  77. 2589/0x735a: 256 5 0 sigprocmask(0x3, 0x1000A69F8, 0x0) = 0x0 0
  78. 2589/0x735a: 262 4 0 sigaction(0x12, 0x7FFF5FBFEB80, 0x7FFF5FBFEBB0) = 0 0
  79. 2589/0x735a: 262 3 0 sigaction(0x15, 0x7FFF5FBFEB80, 0x7FFF5FBFEBB0) = 0 0
  80. 2589/0x735a: 263 2 0 sigaction(0x16, 0x7FFF5FBFEB90, 0x7FFF5FBFEBC0) = 0 0
  81. 2589/0x735a: 267 3 0 sigaction(0x2, 0x7FFF5FBFEB80, 0x7FFF5FBFEBB0) = 0 0
  82. 2589/0x735a: 273 3 0 sigaction(0x3, 0x7FFF5FBFEB80, 0x7FFF5FBFEBB0) = 0 0
  83. 2589/0x735a: 274 3 0 sigaction(0x14, 0x7FFF5FBFEB80, 0x7FFF5FBFEBB0) = 0 0
  84. 2589/0x735a: 274 3 0 sigaction(0x14, 0x7FFF5FBFEBD0, 0x7FFF5FBFEC00) = 0 0
  85. 2589/0x735a: 275 2 0 sigaction(0x2, 0x7FFF5FBFEBD0, 0x7FFF5FBFEC00) = 0 0
  86. 2589/0x735a: 280 5 2 dup2(0x4, 0x1, 0x0) = 1 0
  87. 2589/0x735a: 284 3 0 close(0x4) = 0 0
  88. 2589/0x735a: 285 2 0 close(0x3) = 0 0
  89. 2589/0x735a: 295 3 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFEC10) = 0x0 0
  90. 2589/0x735a: 295 4 0 sigaltstack(0x0, 0x7FFF5FBFEC00, 0x0) = 0 0
  91. 2589/0x735a: 326 3 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFEBB0) = 0x0 0
  92. 2589/0x735a: 327 3 0 sigaltstack(0x0, 0x7FFF5FBFEBA0, 0x0) = 0 0
  93. 2589/0x735a: 440 13 9 stat64(".\0", 0x7FFF5FBFE950, 0x100103880) = 0 0
  94. 2589/0x735a: 453 9 6 stat64("/Users/asimmons/.rvm/gems/ruby-1.9.2-p320/bin/basename\0", 0x7FFF5FBFE850, 0x1001034E7) = -1 Err#2
  95. 2589/0x735a: 457 5 2 stat64("/Users/asimmons/.rvm/gems/ruby-1.9.2-p320@global/bin/basename\0", 0x7FFF5FBFE850, 0x10010358E) = -1 Err#2
  96. 2589/0x735a: 461 5 2 stat64("/Users/asimmons/.rvm/rubies/ruby-1.9.2-p320/bin/basename\0", 0x7FFF5FBFE850, 0x1001034E9) = -1 Err#2
  97. 2589/0x735a: 464 4 1 stat64("/Users/asimmons/.rvm/bin/basename\0", 0x7FFF5FBFE850, 0x100103512) = -1 Err#2
  98. 2589/0x735a: 468 5 3 stat64("/opt/local/bin/basename\0", 0x7FFF5FBFE850, 0x1001034C8) = -1 Err#2
  99. 2589/0x735a: 470 4 1 stat64("/opt/local/sbin/basename\0", 0x7FFF5FBFE850, 0x1001034C9) = -1 Err#2
  100. 2589/0x735a: 473 4 1 stat64("/sw/bin/basename\0", 0x7FFF5FBFE850, 0x1001034C1) = -1 Err#2
  101. 2589/0x735a: 475 4 1 stat64("/sw/sbin/basename\0", 0x7FFF5FBFE850, 0x1001034C2) = -1 Err#2
  102. 2589/0x735a: 482 8 5 stat64("/usr/bin/basename\0", 0x7FFF5FBFE850, 0x1001034C2) = 0 0
  103. 2589/0x735a: 484 4 1 stat64("/usr/bin/basename\0", 0x7FFF5FBFE890, 0x7FFF710F4650) = 0 0
  104. 2589/0x735a: 490 3 0 sigaction(0x2, 0x7FFF5FBFE9B0, 0x7FFF5FBFE9E0) = 0 0
  105. 2589/0x735a: 494 3 0 sigaction(0x3, 0x7FFF5FBFE9B0, 0x7FFF5FBFE9E0) = 0 0
  106. 2589/0x735a: 496 3 0 sigaction(0x14, 0x7FFF5FBFE9B0, 0x7FFF5FBFE9E0) = 0 0
  107. 2589/0x735a: 788 266 250 execve(0x1001034B0, 0x1001045D0, 0x1001041D0) = 0 0
  108. 2589/0x735a: 891 4 0 getpid(0x7FFF5FBFF780, 0x7FFFFFE00050, 0x0) = 2589 0
  109. 2589/0x735a: 914 25 21 open_nocancel("/dev/urandom\0", 0x0, 0x0) = 3 0
  110. 2589/0x735a: 944 23 19 read_nocancel(0x3, "\342\277\234\263\263\030n))\n\221\227\322\321\247}$\355\243j\371\210\020\r=\314\365\260I\221\337qS4Fs\261\037\214\0277h\a|\335\217TK]RL\037\223F\252\320{C\330.@\003\357\0", 0x6C) = 108 0
  111. 2589/0x735a: 949 8 4 close_nocancel(0x3) = 0 0
  112. 2589/0x735a: 975 8 0 issetugid(0x100000000, 0x7FFF5FBFFA40, 0x7FFF5FC40530) = 0 0
  113. 2589/0x735a: 977 6 0 geteuid(0x100000000, 0x7FFF5FBFFA40, 0x0) = 0 0
  114. 2589/0x735a: 1033 18 14 __sysctl(0x7FFF5FBFD670, 0x2, 0x7FFF5FBFD630) = 0 0
  115. 2589/0x735a: 1038 7 4 __sysctl(0x7FFF5FBFD630, 0x2, 0x7FFF5FBFD6CC) = 0 0
  116. 2589/0x735a: 1040 6 1 shared_region_check_np(0x7FFF5FBFD838, 0x0, 0x7FFF5FC1DC86) = 0 0
  117. 2589/0x735a: 1053 7 5 stat64("/usr/lib/libSystem.B.dylib\0", 0x7FFF5FBFC9F0, 0x7FFF5FBFD030) = 0 0
  118. 2589/0x735a: 1064 7 4 stat64("/usr/lib/system/libmathCommon.A.dylib\0", 0x7FFF5FBFC8A0, 0x7FFF5FBFCEE0) = 0 0
  119. 2589/0x735a: 1077 6 2 madvise(0x7FFF8ACC3000, 0x2000, 0x5) = 0 0
  120. 2589/0x735a: 1108 12 8 open("/dev/dtracehelper\0", 0x2, 0x7FFF5FC45130) = 3 0
  121. 2588/0x7357: 29163 20587 12 read(0x3, "tshark\n\0", 0x80) = 7 0
  122. 2588/0x7357: 29172 117 4 read(0x3, "\0", 0x80) = 0 0
  123. 2588/0x7357: 29195 25 21 close(0x3) = 0 0
  124. 2588/0x7357: 29254 9 5 wait4(0xFFFFFFFF, 0x7FFF5FBFE67C, 0x1) = 2589 0
  125. 2588/0x7357: 29255 3 0 wait4(0xFFFFFFFF, 0x7FFF5FBFE67C, 0x1) = -1 Err#10
  126. 2588/0x7357: 29261 6 2 sigreturn(0x7FFF5FBFEB70, 0x1E, 0xFFFFFFFFFFFFFFFF) = 0 Err#-2
  127. 2588/0x7357: 29264 5 0 sigprocmask(0x1, 0x7FFF5FBFEBEC, 0x7FFF5FBFEBE8) = 0x0 0
  128. 2588/0x7357: 29266 4 1 sigaction(0x2, 0x7FFF5FBFEB70, 0x7FFF5FBFEBA0) = 0 0
  129. 2588/0x7357: 29270 3 0 sigprocmask(0x3, 0x7FFF5FBFEBE8, 0x0) = 0x0 0
  130. 2588/0x7357: 29271 3 0 sigaction(0x2, 0x7FFF5FBFEB70, 0x7FFF5FBFEBA0) = 0 0
  131. 2588/0x7357: 29320 5 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF710) = 0x0 0
  132. 2588/0x7357: 29321 4 0 sigaltstack(0x0, 0x7FFF5FBFF700, 0x0) = 0 0
  133. 2588/0x7357: 29336 11 8 read(0xFF, "exec \"$WIRESHARK_APP_DIR/Contents/Resources/bin/$APPNAME\" \"$@\"\n\n\0", 0x1E2) = 64 0
  134. 2588/0x7357: 29419 4 0 sigaction(0x2, 0x7FFF5FBFF450, 0x7FFF5FBFF480) = 0 0
  135. 2588/0x7357: 29420 3 0 sigaction(0x3, 0x7FFF5FBFF450, 0x7FFF5FBFF480) = 0 0
  136. 2588/0x7357: 29421 3 0 sigaction(0x14, 0x7FFF5FBFF450, 0x7FFF5FBFF480) = 0 0
  137. 2588/0x7357: 14614 220 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF750) = 0x0 0
  138. 2588/0x7357: 14616 4 0 sigaltstack(0x0, 0x7FFF5FBFF740, 0x0) = 0 0
  139. 2588/0x7357: 14657 22 18 open("/dev/tty\0", 0x6, 0x1) = 3 0
  140. 2588/0x7357: 14663 7 3 close(0x3) = 0 0
  141. 2588/0x7357: 14685 5 0 getrlimit(0x1008, 0x7FFF5FBFF0D0, 0x7FFF897CD2EC) = 0 0
  142. 2588/0x7357: 14723 40 35 open_nocancel("/usr/share/locale/en_US.UTF-8/LC_COLLATE\0", 0x0, 0x1B6) = 3 0
  143. 2588/0x7357: 14728 7 2 fstat64(0x3, 0x7FFF5FBFF0A0, 0x7FFF5FBFF16C) = 0 0
  144. 2588/0x7357: 14731 7 1 mmap(0x0, 0x1000000, 0x3, 0x1002, 0x2000000, 0x2280F400000000) = 0x400000 0
  145. 2588/0x7357: 14734 5 1 munmap(0x100400000, 0x400000) = 0 0
  146. 2588/0x7357: 14735 3 0 munmap(0x101000000, 0x400000) = 0 0
  147. 2588/0x7357: 14792 18 13 read_nocancel(0x3, "1.1A\n\0", 0x1000) = 2086 0
  148. 2588/0x7357: 14803 9 4 close_nocancel(0x3) = 0 0
  149. 2588/0x7357: 14828 25 21 open_nocancel("/usr/share/locale/en_US.UTF-8/LC_CTYPE\0", 0x0, 0x1B6) = 3 0
  150. 2588/0x7357: 14831 4 1 fstat64(0x3, 0x7FFF5FBFF180, 0x0) = 0 0
  151. 2588/0x7357: 14839 4 1 fstat64(0x3, 0x7FFF5FBFEF60, 0x7FFF5FBFF02C) = 0 0
  152. 2588/0x7357: 14842 5 1 lseek(0x3, 0x0, 0x1) = 0 0
  153. 2588/0x7357: 14844 3 0 lseek(0x3, 0x0, 0x0) = 0 0
  154. 2588/0x7357: 14849 7 4 read_nocancel(0x3, "RuneMagAUTF-8\0", 0x1000) = 4096 0
  155. 2588/0x7357: 14864 7 2 read_nocancel(0x3, "\0", 0x1000) = 4096 0
  156. 2588/0x7357: 14876 6 2 read_nocancel(0x3, "\0", 0x1000) = 4096 0
  157. 2588/0x7357: 14887 6 2 read_nocancel(0x3, "\0", 0x1000) = 4096 0
  158. 2588/0x7357: 14900 6 2 read_nocancel(0x3, "\0", 0x1000) = 4096 0
  159. 2588/0x7357: 14910 6 2 read_nocancel(0x3, "\0", 0x1000) = 4096 0
  160. 2588/0x7357: 14968 56 52 read_nocancel(0x3, "@\004\211\0", 0xDB70) = 56176 0
  161. 2588/0x7357: 14994 7 3 close_nocancel(0x3) = 0 0
  162. 2588/0x7357: 15019 20 16 open_nocancel("/usr/share/locale/en_US.UTF-8/LC_MONETARY\0", 0x0, 0x7FFF5FBFF24A) = 3 0
  163. 2588/0x7357: 15022 4 1 fstat64(0x3, 0x7FFF5FBFF190, 0x0) = 0 0
  164. 2588/0x7357: 15025 6 2 read_nocancel(0x3, "USD \n$\n.\n,\n3;3\n\n-\n2\n2\n1\n0\n1\n0\n1\n1\n\b\0", 0x22) = 34 0
  165. 2588/0x7357: 15029 6 2 close_nocancel(0x3) = 0 0
  166. 2588/0x7357: 15044 15 11 open_nocancel("/usr/share/locale/en_US.UTF-8/LC_NUMERIC\0", 0x0, 0x7FFF5FBFF259) = 3 0
  167. 2588/0x7357: 15046 4 1 fstat64(0x3, 0x7FFF5FBFF1A0, 0x0) = 0 0
  168. 2588/0x7357: 15049 6 2 read_nocancel(0x3, ".\n,\n3;3\n@\004\b\0", 0x8) = 8 0
  169. 2588/0x7357: 15052 5 2 close_nocancel(0x3) = 0 0
  170. 2588/0x7357: 15066 15 12 open_nocancel("/usr/share/locale/en_US.UTF-8/LC_TIME\0", 0x0, 0x7FFF5FBFF256) = 3 0
  171. 2588/0x7357: 15068 4 1 fstat64(0x3, 0x7FFF5FBFF1A0, 0x0) = 0 0
  172. 2588/0x7357: 15071 6 2 read_nocancel(0x3, "Jan\nFeb\nMar\nApr\nMay\nJun\nJul\nAug\nSep\nOct\nNov\nDec\nJanuary\nFebruary\nMarch\nApril\nMay\nJune\nJuly\nAugust\nSeptember\nOctober\nNovember\nDecember\nSun\nMon\nTue\nWed\nThu\nFri\nSat\nSunday\nMonday\nTuesday\nWednesday\nThursday\nFriday\nSaturday\n%H:%M:%S\n%m/%d/%Y\n%a %b %e %X %Y\nAM\nP", 0x179) = 377 0
  173. 2588/0x7357: 15075 5 2 close_nocancel(0x3) = 0 0
  174. 2588/0x7357: 15099 25 21 open_nocancel("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/LC_MESSAGES\0", 0x0, 0x7FFF5FBFF266) = 3 0
  175. 2588/0x7357: 15103 6 2 fstat64(0x3, 0x7FFF5FBFF1A0, 0x0) = 0 0
  176. 2588/0x7357: 15107 6 2 read_nocancel(0x3, "^[yYsS].*\n^[nN].*\n(\0", 0x12) = 18 0
  177. 2588/0x7357: 15110 6 2 close_nocancel(0x3) = 0 0
  178. 2588/0x7357: 15141 4 0 getuid(0x1001005E5, 0x100071063, 0x0) = 0 0
  179. 2588/0x7357: 15144 3 0 getgid(0x0, 0x100071063, 0x0) = 0 0
  180. 2588/0x7357: 15145 3 0 geteuid(0x0, 0x100071063, 0x0) = 0 0
  181. 2588/0x7357: 15146 4 0 getegid(0x0, 0x100071063, 0x0) = 0 0
  182. 2588/0x7357: 15159 4 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF750) = 0x0 0
  183. 2588/0x7357: 15160 3 0 sigaltstack(0x0, 0x7FFF5FBFF740, 0x0) = 0 0
  184. 2588/0x7357: 15210 6 2 fstat64(0x2, 0x7FFF5FBFF650, 0x7FFF5FBFF72C) = 0 0
  185. 2588/0x7357: 15213 4 1 fstat64(0x1, 0x7FFF5FBFF650, 0x7FFF5FBFF72C) = 0 0
  186. 2588/0x7357: 15238 6 1 sigaction(0x14, 0x7FFF5FBFF6F0, 0x7FFF5FBFF720) = 0 0
  187. 2588/0x7357: 15239 3 0 sigaction(0x14, 0x7FFF5FBFF6F0, 0x7FFF5FBFF720) = 0 0
  188. 2588/0x7357: 15240 3 0 sigaction(0x2, 0x7FFF5FBFF6F0, 0x7FFF5FBFF720) = 0 0
  189. 2588/0x7357: 15241 3 0 sigaction(0x2, 0x7FFF5FBFF6F0, 0x7FFF5FBFF720) = 0 0
  190. 2588/0x7357: 15242 3 0 sigaction(0x3, 0x7FFF5FBFF6F0, 0x7FFF5FBFF720) = 0 0
  191. 2588/0x7357: 15243 3 0 sigaction(0x3, 0x7FFF5FBFF6F0, 0x7FFF5FBFF720) = 0 0
  192. 2588/0x7357: 15244 3 0 sigprocmask(0x1, 0x0, 0x1000A69F8) = 0x0 0
  193. 2588/0x7357: 15247 3 0 sigaction(0x3, 0x7FFF5FBFF6A0, 0x7FFF5FBFF730) = 0 0
  194. 2588/0x7357: 15254 9 4 __sysctl(0x7FFF5FBFF620, 0x2, 0x7FFF5FBFF630) = 0 0
  195. 2588/0x7357: 15281 12 8 stat64("/Users/asimmons/Development/RosettaReader/trunk\0", 0x7FFF5FBFF600, 0x0) = 0 0
  196. 2588/0x7357: 15284 4 1 stat64(".\0", 0x7FFF5FBFF570, 0x0) = 0 0
  197. 2588/0x7357: 15304 4 0 getppid(0x1000BC000, 0x100100000, 0xFC080) = 2575 0
  198. 2588/0x7357: 15333 4 0 getpgrp(0x0, 0x10010307, 0x0) = 2573 0
  199. 2588/0x7357: 15336 4 0 sigaction(0x14, 0x7FFF5FBFF6E0, 0x7FFF5FBFF710) = 0 0
  200. 2588/0x7357: 15341 4 0 getrlimit(0x1007, 0x7FFF5FBFF6D0, 0x7FFF897CD2EC) = 0 0
  201. 2588/0x7357: 15471 4 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF750) = 0x0 0
  202. 2588/0x7357: 15472 3 0 sigaltstack(0x0, 0x7FFF5FBFF740, 0x0) = 0 0
  203. 2588/0x7357: 15488 14 11 open("/usr/local/bin/tshark\0", 0x0, 0x0) = 3 0
  204. 2588/0x7357: 15497 5 1 ioctl(0x3, 0x4004667A, 0x7FFF5FBFF5CC) = -1 Err#25
  205. 2588/0x7357: 15499 4 0 ioctl(0x3, 0x40487413, 0x7FFF5FBFF5D0) = -1 Err#25
  206. 2588/0x7357: 15502 4 0 lseek(0x3, 0x0, 0x1) = 0 0
  207. 2588/0x7357: 15508 9 4 read(0x3, "#!/bin/sh\n#\n# $Id: utility-launcher 26612 2008-10-28 21:53:39Z stig $\n#\n# Wiresh@\004\b\0", 0x50) = 80 0
  208. 2588/0x7357: 15510 4 0 lseek(0x3, 0x0, 0x0) = 0 0
  209. 2588/0x7357: 15514 5 0 getdtablesize(0x3, 0x0, 0xFFFFFFFF) = 256 0
  210. 2588/0x7357: 15520 8 4 dup2(0x3, 0xFF, 0x100) = 255 0
  211. 2588/0x7357: 15522 4 0 close(0x3) = 0 0
  212. 2588/0x7357: 15526 5 1 fcntl(0xFF, 0x2, 0x1) = 0 0
  213. 2588/0x7357: 15527 3 0 fcntl(0xFF, 0x3, 0x0) = 0 0
  214. 2588/0x7357: 15534 5 2 fstat64(0xFF, 0x7FFF5FBFF680, 0x0) = 0 0
  215. 2588/0x7357: 15536 3 0 lseek(0xFF, 0x0, 0x1) = 0 0
  216. 2588/0x7357: 15543 3 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF710) = 0x0 0
  217. 2588/0x7357: 15544 3 0 sigaltstack(0x0, 0x7FFF5FBFF700, 0x0) = 0 0
  218. 2588/0x7357: 15563 6 3 read(0xFF, "#!/bin/sh\n#\n# $Id: utility-launcher 26612 2008-10-28 21:53:39Z stig $\n#\n# Wireshark CLI utility launcher\n\nif [ -z \"$WIRESHARK_APP_DIR\" ] ; then\n\tWIRESHARK_APP_DIR=\"/Applications/Wireshark.app\"\nfi\n\nif [ ! -d \"$WIRESHARK_APP_DIR\" ] ; then\n\techo \"Wireshark do", 0x1E2) = 482 0
  219. 2588/0x7357: 15570 3 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF710) = 0x0 0
  220. 2588/0x7357: 15570 3 0 sigaltstack(0x0, 0x7FFF5FBFF700, 0x0) = 0 0
  221. 2588/0x7357: 15572 3 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF710) = 0x0 0
  222. 2588/0x7357: 15573 3 0 sigaltstack(0x0, 0x7FFF5FBFF700, 0x0) = 0 0
  223. 2588/0x7357: 15578 3 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF710) = 0x0 0
  224. 2588/0x7357: 15579 3 0 sigaltstack(0x0, 0x7FFF5FBFF700, 0x0) = 0 0
  225. 2588/0x7357: 15580 3 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF710) = 0x0 0
  226. 2588/0x7357: 15581 3 0 sigaltstack(0x0, 0x7FFF5FBFF700, 0x0) = 0 0
  227. 2588/0x7357: 15585 3 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF710) = 0x0 0
  228. 2588/0x7357: 15585 3 0 sigaltstack(0x0, 0x7FFF5FBFF700, 0x0) = 0 0
  229. 2588/0x7357: 15587 3 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF710) = 0x0 0
  230. 2588/0x7357: 15588 3 0 sigaltstack(0x0, 0x7FFF5FBFF700, 0x0) = 0 0
  231. 2588/0x7357: 15662 4 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF420) = 0x0 0
  232. 2588/0x7357: 15663 3 0 sigaltstack(0x0, 0x7FFF5FBFF410, 0x0) = 0 0
  233. 2588/0x7357: 15667 4 0 sigprocmask(0x3, 0x7FFF5FBFF420, 0x0) = 0x0 0
  234. 2588/0x7357: 15669 4 0 sigreturn(0x0, 0x80000000, 0x0) = 0 0
  235. 2588/0x7357: 15691 4 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF710) = 0x0 0
  236. 2588/0x7357: 15692 3 0 sigaltstack(0x0, 0x7FFF5FBFF700, 0x0) = 0 0
  237. 2588/0x7357: 15694 3 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF710) = 0x0 0
  238. 2588/0x7357: 15694 3 0 sigaltstack(0x0, 0x7FFF5FBFF700, 0x0) = 0 0
  239. 2588/0x7357: 15737 3 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF420) = 0x0 0
  240. 2588/0x7357: 15738 3 0 sigaltstack(0x0, 0x7FFF5FBFF410, 0x0) = 0 0
  241. 2588/0x7357: 15746 9 6 stat64("/Applications/Wireshark.app\0", 0x7FFF5FBFF330, 0x10002F338) = 0 0
  242. 2588/0x7357: 15747 3 0 sigprocmask(0x3, 0x7FFF5FBFF420, 0x0) = 0x0 0
  243. 2588/0x7357: 15748 3 0 sigreturn(0x0, 0x80000000, 0x0) = 0 0
  244. 2588/0x7357: 15756 3 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF710) = 0x0 0
  245. 2588/0x7357: 15756 3 0 sigaltstack(0x0, 0x7FFF5FBFF700, 0x0) = 0 0
  246. 2588/0x7357: 15758 3 0 sigprocmask(0x1, 0x0, 0x7FFF5FBFF710) = 0x0 0
  247. 2588/0x7357: 15759 3 0 sigaltstack(0x0, 0x7FFF5FBFF700, 0x0) = 0 0
  248. 2588/0x7357: 15794 20 16 pipe(0x7FFF5FBFEC70, 0x7FFF710F4650, 0x7FFF710F4650) = 3 0
  249. 2588/0x7357: 15795 4 0 sigprocmask(0x1, 0x7FFF5FBFEC0C, 0x7FFF5FBFEC08) = 0x0 0
  250. 2588/0x7357: 15796 3 0 sigprocmask(0x3, 0x7FFF5FBFEC08, 0x0) = 0x0 0
  251. 2588/0x7357: 15798 3 0 sigprocmask(0x1, 0x7FFF5FBFEBFC, 0x7FFF5FBFEBF8) = 0x0 0
  252. 2588/0x7357: 15799 3 1 lseek(0xFF, 0xFFFFFFFFFFFFFFC0, 0x1) = 418 0
  253. 2588/0x7357: 29082 13282 13275 fork() = 2589 0
  254. 2588/0x7357: 29144 7 1 sigprocmask(0x3, 0x7FFF5FBFEBF8, 0x0) = 0x0 0
  255. 2588/0x7357: 29147 4 1 sigaction(0x14, 0x7FFF5FBFEBD0, 0x7FFF5FBFEC00) = 0 0
  256. 2588/0x7357: 29149 5 1 close(0x4) = 0 0
  257. 2589/0x735a: 11713 18017 10603 ioctl(0x3, 0x80086804, 0x7FFF5FBFD5D0) = 0 0
  258. 2589/0x735a: 11729 19 12 close(0x3) = 0 0
  259. 2589/0x735a: 11874 15 10 __sysctl(0x7FFF5FBFD510, 0x2, 0x7FFF5FBFD500) = 0 0
  260. 2589/0x735a: 11885 6 0 bsdthread_register(0x7FFF89802E7C, 0x7FFF897E3A98, 0x2000) = 0 0
  261. 2589/0x735a: 11887 5 0 thread_selfid(0x7FFF89802E7C, 0x7FFF897E3A98, 0x0) = 29530 0
  262. 2589/0x735a: 11919 31 26 open_nocancel("/dev/urandom\0", 0x0, 0x7FFF710FDC00) = 3 0
  263. 2589/0x735a: 11940 25 20 read_nocancel(0x3, "\v\200W\304X\0", 0x40) = 64 0
  264. 2589/0x735a: 11943 6 2 close_nocancel(0x3) = 0 0
  265. 2589/0x735a: 11952 9 2 mmap(0x0, 0x3000, 0x3, 0x1002, 0x1000000, 0x7FFF00000001) = 0x4000 0
  266. 2589/0x735a: 11982 20 17 __sysctl(0x7FFF5FBFD390, 0x2, 0x7FFF5FBFD350) = 0 0
  267. 2589/0x735a: 11988 7 4 __sysctl(0x7FFF5FBFD350, 0x2, 0x7FFF5FBFD3E8) = 0 0
  268. 2589/0x735a: 11998 4 0 getpid(0x7FFF5FBFD2E0, 0x7FFFFFE00050, 0x0) = 2589 0
  269. 2589/0x735a: 12006 11 7 open_nocancel("/dev/urandom\0", 0x0, 0x0) = 3 0
  270. 2589/0x735a: 12019 15 11 read_nocancel(0x3, "\242.Q\375.\247D\262y\337;\241\323\r\270\t.\240\260\302,\255\t\252\202T\261\026\301Fj\032\213\270\265\346\221\230\325-SD>D\216l\213\0", 0x6C) = 108 0
  271. 2589/0x735a: 12022 6 2 close_nocancel(0x3) = 0 0
  272. 2589/0x735a: 12042 10 6 __sysctl(0x7FFF5FBFD390, 0x2, 0x7FFF5FBFD3BC) = 0 0
  273. 2589/0x735a: 12044 6 1 mmap(0x0, 0x17000, 0x3, 0x1002, 0x1000000, 0x7FFF00000001) = 0x7000 0
  274. 2589/0x735a: 12062 5 1 mmap(0x0, 0x17000, 0x3, 0x1002, 0x1000000, 0x7FFF00000001) = 0x1E000 0
  275. 2589/0x735a: 12077 5 0 mmap(0x0, 0x1000, 0x3, 0x1002, 0x1000000, 0x7FFF00000001) = 0x35000 0
  276. 2589/0x735a: 12087 5 1 mmap(0x0, 0x200000, 0x3, 0x1002, 0x7000000, 0x7FFF00000001) = 0x36000 0
  277. 2589/0x735a: 12090 6 2 munmap(0x100036000, 0xCA000) = 0 0
  278. 2589/0x735a: 12091 3 0 munmap(0x100200000, 0x36000) = 0 0
  279. 2589/0x735a: 12126 10 6 __sysctl(0x7FFF5FBFD4F0, 0x2, 0x7FFF5FBFD4B0) = 0 0
  280. 2589/0x735a: 12131 7 4 __sysctl(0x7FFF5FBFD4B0, 0x2, 0x7FFF7110A7A0) = 0 0
  281. 2589/0x735a: 12137 7 4 __sysctl(0x7FFF5FBFD4F0, 0x2, 0x7FFF5FBFD4B0) = 0 0
  282. 2589/0x735a: 12141 7 3 __sysctl(0x7FFF5FBFD4B0, 0x2, 0x7FFF7110A7A4) = 0 0
  283. 2589/0x735a: 12146 7 4 __sysctl(0x7FFF5FBFD4F0, 0x2, 0x7FFF5FBFD4B0) = 0 0
  284. 2589/0x735a: 12151 6 3 __sysctl(0x7FFF5FBFD4B0, 0x2, 0x7FFF7110A7A8) = 0 0
  285. 2589/0x735a: 12176 6 1 mmap(0x0, 0x1000000, 0x3, 0x1002, 0x2000000, 0x7FFF00000001) = 0x200000 0
  286. 2589/0x735a: 12178 4 1 munmap(0x100200000, 0x600000) = 0 0
  287. 2589/0x735a: 12179 3 0 munmap(0x101000000, 0x200000) = 0 0
  288. 2589/0x735a: 12204 4 0 getrlimit(0x1008, 0x7FFF5FBFF7A0, 0x7FFF897CD2EC) = 0 0
  289. 2589/0x735a: 12209 6 3 fstat64(0x1, 0x7FFF5FBFF730, 0x7FFF5FBFF7FC) = 0 0
  290. 2589/0x735a: 12219 12 6 write_nocancel(0x1, "tshark\n\0", 0x7) = 7 0
  291.  
  292. CALL COUNT
  293. exit 1
  294. fork 1
  295. getdtablesize 1
  296. getegid 1
  297. getgid 1
  298. getpgrp 1
  299. getppid 1
  300. getuid 1
  301. pipe 1
  302. write_nocancel 1
  303. bsdthread_register 2
  304. dup2 2
  305. execve 2
  306. fcntl 2
  307. issetugid 2
  308. madvise 2
  309. pread 2
  310. shared_region_check_np 2
  311. wait4 2
  312. geteuid 3
  313. getrlimit 3
  314. sigreturn 3
  315. thread_selfid 3
  316. getpid 5
  317. ioctl 5
  318. read 5
  319. lseek 6
  320. open 6
  321. munmap 10
  322. close 11
  323. fstat64 11
  324. close_nocancel 12
  325. open_nocancel 12
  326. read_nocancel 18
  327. mmap 19
  328. sigaltstack 19
  329. stat64 22
  330. sigaction 25
  331. __sysctl 28
  332. sigprocmask 29
  333.  
  334. $
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!