Spectre code generation mitigations need to be taken seriously because timer mitigations many not be effective, see our proof of concept showing that there may be no practical safe timer mitigation threshold.
Spectre bounds check mitigation using a subtraction with borrow
Subtraction with borrow appears a useful pattern for Spectre bound check mitigation and can be fused with the bounds check branch for use in web sandbox implementations.
Spectre bounds check data flow mitigation
Web browser vendors have started exploring the challenge of mitigating the Spectre vulnerabilities. Were bounds checks are necessarily being retained index masking is being explored. We offer one alternative that seems promising using a different approach, see the Spectre bounds check data flow mitigation