Where does nativeGetUninitializedObject actually exist?

Question

I was curious about some serialization stuff so I went poking around FormatterServices and found a method called nativeGetUninitializedObject that actually handles the initialization (without calling the custructor) of a given type. This method is decorated with the extern keyword and the following attribute: [MethodImpl(MethodImplOptions.InternalCall), SecurityCritical]

I'm left wondering: where does this method actually exist? What code does the CLR call to get the given type initialized (without calling the constructor)?

Answer 1

The method exists in the CLR. The JIT compiler has access to a table inside the CLR that contains the addresses of all MethodImplOptions.InternalCall functions. The section of the table that's relevant to your question looks like this in the SSCLI20 source code (clr/src/vm/ecall.cpp):

FCFuncStart(gSerializationFuncs)
    FCFuncElement("nativeGetSafeUninitializedObject", ReflectionSerialization::GetSafeUninitializedObject)
    FCFuncElement("nativeGetUninitializedObject", ReflectionSerialization::GetUninitializedObject)
FCFuncEnd()

To jit the method call, it merely looks up the function name in that table and generates a direct CALL instruction to the function address as listed in the table. Very fast, direct transition from managed code to code written in C++ inside the CLR.

The ReflectionSerialization::GetUninitializedObject() method lives inside clr/src/vm/reflectioninvocation.cpp, it's too big to post here. You can have a look-see at the downloadable SSCLI20 source code. There's a bunch of error checking, then a call to a raw Allocate() method to allocate the memory for the object. No constructor call.