Running them on in-order, speculation-free hardware would be quite sufficient, and come with additional benefits in power efficiency. The thing about Spectre or Meltdown is that there's really no case for the sorts of out-of-order cpus that raise these issues, unless you're truly bound by compute or memory bandwidth on some single-threaded task - which will never be the case for typical JS/WASM workloads on the "edge".
> Running them on in-order, speculation-free hardware would be quite sufficient.
In-order isn't a magic bullet against Spectre, they still do spectulative execution after predicting branches and they can still be vunerable. ARM have listed at least one of their in-order cores as vunerable.
To be free of all speculation you have to go back to the 486, which didn't even have branch prediction.
Besides, if you are making custom CPUs there are other options to avoid Spectre that don't require eliminating all spectulative execution.
> which will never be the case for typical JS/WASM workloads on the "edge".
Yeah, but it's the atypical workloads that get you, and in every place I've worked there's always been at least the odd atypical workload regardless of system, product, platform, technology, target market (including internal and external).
So, small in-order CPUs will be the future of commodity distributed computing after all?
I doubt they will resort to that though. They can do other tricks, since they control the infrastructure, like turning on process isolation automatically for suspiciously behaving code.
