IL_003a: // ldarg.1 - load pStr
IL_003b: // dup - duplicate pStr, now the stack contains the value of pStr twice
IL_003e: // add - add one of the pStrs and 2
IL_003f: // starg.s: Char* pStr - store the value on top of the stack to pStr
// !!!the original value of pStr remains on top of the stack!!!
pStr = (Char*)(((Int32)pStr + (Int32)2));IL_0041: // ldind.u2 - load from the address on top of the stack
// that is, from the original pStr
local0 = ((((UInt16)*(UInt16*)pStr) == 0) == 0); // load from pStr - not the original pStr but the incremented one
The net result is that since you're using the incremented pStr you're one character ahead, this is where the -1 differences comes from.