Static detection of unconditional jump targets in dalvik byte code

Question

In x86 binaries we sometimes find statements like jmp %eax, where the jmp target eax is computed at runtime. This adds complexity in building static control flow graphs. My question is are there any similar instructions in dalvik byte code too? I mean are there any branch targets which can only be computed at runtime?

I heard that in dalvik this is deterministic that means branch targets are not determined in runtime instead the compiler stores the information.

Looking towards your feed back and if possible with references.

Answer 1

No, Dalivk byte code only allows for fixed jumps. There is no equivalent of a jump register; all jumps are to an exact offset. I do not have an authorative reference for you, but I did happen to read this presentation yesterday, which explicitly mentions this limitation.

The presentation linked above also claims that Dalvik has some support for native code execution, which I would assume allows whatever types of branches the target architecture supports. But that has little to do with byte code.