MIPS disassembling: lui followed by lbu

Question

I'm disassembling a firmware using IDA (mipsb processor)

I'm seeing this a lot in this IDA dissasm.

lui       $t9 , 0x802f

...does nothing with $t9 ...and doesn't jump..

lbu      $t9, 0x200+var_24($sp)

And it makes no sense to me. in first line: $t9 becomes 0x802F0000 in 2nd line: $t9 becomes whatever byte is store at that location on the stack.

If i'm right, then what's the point? Is this a mishap of the compiler used, or maybe a programmer's mishap, or am i missing something ?

Answer 1

This shall remain a mystery how it got here, but obviously the lui $t9 , 0x802F has absolutely no purpose in this code (and other parts of the firmware i'm looking at, i see same thing.. same nonsense...with same values lui $t9, 0x802f)

hsikcah's answer is definitely wrong. (lbu loads a single byte, but it zero'es out the first 3 bytes of the register)..

The answer seems to be my original guess. It's either a compiler's artifact or a coder's nonsense that wasn't removed by the compiler (also suggested by m0skit0's and markgz's comments)

Answer 2

You didn't show what happens before this. If there's a branch just before the lui, the code at the destination of the branch could be using the loaded t9 value.

Additionally, disable simplification of instructions in the processor-specific options. I suspect that the store at 800D8328 is using the t9 value for the part of the address, and IDA simplified it by substituting the complete value.

Answer 3

The lbu instruction is not sign extended. As a result suppose 0x200+var_24($sp) contains 0x12 after these 2 instructions the value of $t9 will become ox80200012. These pairings of instructions are common for loading a 32 bit memory address. As a common example would be iterating through a data structure on the heap.