Duplicate process without fork

Question

In linux embedded system I can see in ps 2 processes of the same binary(pid1=X, pid2=Y) those processes don't have threads(/proc/X/task and /proc/Y/task don't exist)

When I look on /proc/Y/status I can see that the parent pid(PPID) is X.

I looking on the binary file in Ida,that dynamic binary ,and do not see fork function in import table.

When I change the some instructions with PTRACE of pid X or pid Y that influence on the another pid, so that seem they share the same code area

If Y was thread of X I supposed to see it in /proc/X/task and not in ps without show threads flags.

Which function can duplicate process that share the same code area but of fork ?

Answer 1

Which function can duplicate process that share the same code area?

From what I know I can list syscalls:

• fork
• vfork - fork with some restrictions and faster
• clone - fork but linux-specific fine-tuning everything
• clone3 - newer version of clone()
• clone2 - clone that is IA-64 specific and only available on IA-64

Answer 2

You can use the portable hard drives, or USB drives, to make the duplicate process easier, and ensure that you will always have a backup space, so you will don't need to restore the necessary data if something happens with the main data storage. At the same time, if you don't want to use so much space for duplicates, you can delete the files when you need space and, after that, recover the necessary data by running the special recovery software or approaching the data recovery services near me(https://www.salvagedata.com/).