HP-UX Reference (11i v2 07/12) - 1 User Commands A-M (vol 1)
l
ld_pa(1)
PA-RISC Systems Only
ld_pa(1)
An object file extracted from an archive library in the previous link remains in the output load module even
if all references to symbols defined in the object file have been removed. The linker removes these object
files when it performs the next initial incremental link.
Shared Library Processing
In an initial incremental link, the linker scans shared library symbol tables and resolves unsats the same
way it would in a regular link. In incremental links, the linker does not process shared libraries and their
symbol tables at all and does not report shared library unsats. The dynamic loader detects them at run
time. If any of the shared libraries on the command line was modified, the linker reverts to an initial incre-
mental link.
Performance
Performance of the incremental linker may suffer greatly if you change a high percentage of object files.
The incremental linker may not link small programs much faster, and the relative increase in size of the
executable is greater than that for larger programs.
Generally, the linker needs to scan through all shared libraries on a link line in order to determine all the
unsats, even in incremental links. This process may slow down incremental links. The incremental linker
does not scan shared libraries and leaves detection of shared library unsats to the dynamic loader.
Do not use the incremental linker to create final production modules. Because it reserves additional pad-
ding space, modules created by the incremental linker are considerably larger than those created in regular
links.
Notes
The HP WDB symbolic debugger only supports debugging of incrementally linked load modules that you
create with the +objdebug compiler option enabled. (The HP DDE debugger does not support the +ild
option.
Any program that modifies an executable (for example, strip(1)), may affect the ability of
ld to perform an
incremental link. When this happens, the incremental linker issues a message and performs an initial
incremental link.
Third-party tools that work on object files may have unexpected results on modules produced by the incre-
mental linker.
Kernel Virtual Environment Support
For virtual environment support for the kernel, build your kernel with the following linker options (instead
of the
-noshared option):
$ ld ... -B symbolic -b +hideallsymbols +allowrorelocs +linkersyms
...
By using these options, you create the kernel as a self-contained shared library with no exported symbols
(with the
-B symbolic, -b, and +hideallsymbols
options). Because the kernel contains references
to linker-generated symbols such as
_etext, _end, and _edata, the +linkersyms option instructs
the linker to create these symbols (which it does not do for shared libraries by default). The kernel contains
direct calls and relocations in read-only data space. Normally these are applied at link time and are fixed
up to link-time virtual addresses.
In the case of relocatable kernels, the linker needs to create dynamic relocations to fix up these references
at run-time. The
+allowrorelocs option instructs the linker to allow dynamic relocations in read-only
sections (Normally the linker issues an error message).
Security Restrictions
On a system that supports fine-grained privileges, if a process gains any privileges from the binary’s
extended attributes, dynamic path lookup is disabled. Similarly, on a system that supports compartments,
if a process changes compartment due to the binary’s extended attributes, the dynamic path lookup is dis-
abled.
See setflexsec(1M) on how to set extended attributes on a binary. See privileges(5) and compartments(5) for
more information about privileges and compartments.
Linking Secure Programs
Secure programs are programs that are commonly run by privileged users, such as root, or programs that
run with elevated privileges due to setuid or setgid protection. Special precautions should be taken
when linking secure programs that use shared libraries. The default linker behavior may be sufficient for
32-bit applications, but not for 64-bit applications.
536 Hewlett-Packard Company − 18 − HP-UX 11i Version 2: December 2007 Update