This simply refers to the type of data that the instruction holds. The vm must be able to determine statically that the register contains that type of data at that point. In other words, that for all incoming code paths, that register has been set to that type of data.

If you want to investigate how register type information is propagated in more detail, you can decompile your application with baksmali using the -r option, which will output comments before/after each instruction with information on the register types for the registers that are relevant for that instruction. This information should match the register type information that the vm builds internally, in the bytecode verifier.

For example, say you have a method that simply contains:

const-string v0, "Hello World!"
throw v0

This would not be allowed, because at the point of the throw instruction, the p0 register does not contain a reference to an object that extends from Throwable (i.e. it is not “an exception-bearing register”).

If you use -r in baksmali, you will see:

#v0=(Uninit);
const-string v0, "Hello World!"
#v0=(Reference,Ljava/lang/String;);

#v0=(Reference,Ljava/lang/String;);
throw v0

Which clearly shows that v0 does not contain an exception at the point of the throw instruction.

Additionally, something like this would not be allowed:

#v0=(Uninit);
new-instance v0, Ljava/lang/Exception;
#v0=(UninitRef,Ljava/lang/Exception;);

#v0=(UninitRef,Ljava/lang/Exception;);
invoke-direct {v0}, Ljava/lang/Exception;-><init>()V
#v0=(Reference,Ljava/lang/Exception;);

#p0=(Integer);
if-eqz p0, :cond_9

#v0=(Reference,Ljava/lang/Exception;);
const-string v0, "Hello World!"
#v0=(Reference,Ljava/lang/String;);

:cond_9
#v0=(Reference,Ljava/lang/Object;);
throw v0

Because at the point of the throw, v0 might contain either an exception, or a string. In this case, it reports the “type” of v0 as Ljava/lang/Object;, because that is the common parent class of both types.