The MASM Forum

In the following code-

000000D3                        invoke MessageBoxA,0,soffptr,0,0
000000D3  6A00              *    push 0
000000D5  6A00              *    push 0
000000D7  68A9000000        *    push offset soffptr
000000DC  6A00              *    push 0
000000DE  E800000000        *    call MessageBoxA


Why does it say  " push offset soffptr "  when in fact it is pushing the value of soffptr?

soffptr is probably defined as
soffptr  DB "Text of the message",0
so it is not a value (text of the message), which is being pushed, but offset of the string (encoded as immediate number, similary as other three operands). The string is at position 0x000000A9 in data segment during assembly-time, and those four bytes will be relocated to its virtual address at run-time.

The listing looks wrong indeed, but it is impossible to judge without seeing the complete source.

Tested with Asmc Version 2.31.17 :
.386
.model flat,stdcall
option casemap:none

MessageBoxA PROTO :DWORD,:DWORD,:DWORD,:DWORD
ExitProcess PROTO :DWORD

.data

soffptr db 'Hello',0

.code

start:

    invoke  MessageBoxA,0,soffptr,0,0
    invoke  ExitProcess,0

END start

Disassembling the object module with Agner Fog's objconv :
.386
option dotname
.model flat

public _start

extern _ExitProcess@4: near
extern _MessageBoxA@16: near


_text   SEGMENT DWORD PUBLIC 'CODE'                     ; section number 1

_start  PROC NEAR
        push    0                                       ; 0000 _ 6A, 00
        push    0                                       ; 0002 _ 6A, 00
        movzx   eax, byte ptr [_soffptr]                ; 0004 _ 0F B6. 05, 00000000(d)
        push    eax                                     ; 000B _ 50
        push    0                                       ; 000C _ 6A, 00
        call    _MessageBoxA@16                         ; 000E _ E8, 00000000(rel)
        push    0                                       ; 0013 _ 6A, 00
; Note: Function does not end with ret or jmp
        call    _ExitProcess@4                          ; 0015 _ E8, 00000000(rel)
_start  ENDP

_text   ENDS

_data   SEGMENT DWORD PUBLIC 'DATA'                     ; section number 2

_soffptr label byte
        db 48H, 65H, 6CH, 6CH, 6FH, 00H                 ; 0000 _ Hello.


soffptr is defined as just a number

soffptr = $

It happens to be an offset into memory, but there is no such thing as "offset soffptr" in this case, it's just a number.

I can see the assembler internally saying "I know this is a relocatable reference to a memory location", indeed, how would it get the right number after the relocation takes place, but it is not semantically an offset.

It threw me when I saw it in the assembly listing and I briefly thought it was pushing the address of some place holding the actual number, but it wasn't.

In any case, it pushes the correct value, so this was just a curiosity question to see if there was some logic I wasn't seeing.

 Hi Jimg!
I think you code is wrong, must be:Invoke MessageBoxA, 0,addr soffptr, 0,0
I can't test in this phone

Sorry I see pretty bad the problem. In this case $ means "offset of this position", not whatever number.

include \masm32\include\masm32rt.inc

.code
TheTitle db "the title", 0
start:
  .listall
  soffptr=$
  invoke MessageBox, 0, soffptr, addr TheTitle, MB_OK
  .nolist
  exit

end start

UAsm64 listing:
00000000  746865207469746C65    TheTitle db "the title", 0
0000000A                        start:
                                  .listall
0000000A  = A                     soffptr=$
0000000A                          invoke MessageBoxA, 0, soffptr, addr TheTitle, MB_OK
0000000A  6A00              *    push MB_OK
0000000C  6800000000        *    push offset TheTitle
00000011  680A000000        *    push offset soffptr
00000016  6A00              *    push 0
00000018  E800000000        *    call MessageBoxA

As the disassembly shows, the code assembles correctly: the ModuleEntryPoint is being pushed, and the MsgBox shows the character 'j', which is the push 0 (6A translates to a j).
00401000                 .  74 68 65 20 74 69 74 6C ascii "the title",0                   ; ASCII "the title"
<ModuleEntryPoint>      Ú$  6A 00                   push 0                                ; ÚType = MB_OK|MB_DEFBUTTON1|MB_APPLMODAL
0040100C                ³.  68 00104000             push 00401000                         ; ³Caption = "the title"
00401011                ³.  68 0A104000             push <ModuleEntryPoint>               ; ³Text = "j"
00401016                ³.  6A 00                   push 0                                ; ³hOwner = NULL
00401018                ³.  E8 07000000             call <jmp.&user32.MessageBoxA>        ; ÀUSER32.MessageBoxA
0040101D                ³.  6A 00                   push 0                                ; ÚExitCode = 0
0040101F                À.  E8 06000000             call <jmp.&kernel32.ExitProcess>      ; ÀKERNEL32.ExitProcess
00401024                 $ FF25 4C204000           jmp near [<&user32.MessageBoxA>]
0040102A                 $ FF25 54204000           jmp near [<&kernel32.ExitProcess>]

So the issue here is a slightly incorrect interpretation of invoke MessageBox, 0, soffptr, ... in the listing only. The assembly of this rather exotic piece of code behaves correctly.

MASM (all versions) doesn't like the source (error A2004: symbol type conflict). But there is nothing wrong in trying to push $, so that's another MASM bug.

P.S., just in case somebody wants to defend MASM against the ugly word "bug":
include \masm32\include\masm32rt.inc

.code
TheTitle db "it's a bug, folks!!", 0
start:
  invoke MessageBox, 0, $, 0, MB_OK
  exit

end start

Have fun with the disassembly :cool:

Pretty silly jj.

;dotst1=1
.data
ifdef dotst1
soffptr = $  ;;
testptr db "test",0
else
soffptr = $
tstptr2 db "test2",0
endif

.code

invoke MessageBox,0,soffptr,0,0