Unfortunately micro-architectural side-channels are much, much more than leaking information through timing of victim code, and I thought by 2021 this would now be widely known. For one thing, Spectre variant #2 can allow attacker processes to inject speculative information leaks by polluting the BTB to induce essentially any speculative behavior you want. That renders all compiler-based mitigations basically ineffective, because an attacker can just bypass them.
There are other microarchitectural leaks like L1TF that allows (on some unpatched, unmitigated CPUs/kernels) the ability to speculatively read all of L1 cache, regardless of privilege level. Let alone speculative attacks on the kernel aimed at reading physical memory, which bypasses any in-process you could think of. And of course, this paper doesn't address the fact that memory access patterns are not affected, so the classes of attacks that reverse address translation and ASLR are on the table. I didn't read the paper in detail, but there's always the problem of mis-classifying "secret" data and not applying mitigations everywhere.
Unfortunately, the authors misuse of terminology will cause this paper to be misunderstood. It has much, much narrower applicability than it would appear. It only applies to specific kinds of timing channels. This might be worthwhile to apply to codes like crypto, but honestly, those need to be designed much more comprehensively now, rather than just applying a compiler analysis to the problem.
> we present Constantine, a compiler-based system to automatically harden programs against microarchitectural side channels [...]
> secret dependent control and data flows are completely linearized (i.e., all involved code/data accesses are always executed).
Their goal is to hide microarchitectural events from a passive or active observer. As a side note, the VUSec research group helped discover microarchitectural side channels such as Rogue In-Flight Data Load  and I'm sure they know the difference between earlier work on timing and microarchitectural side channels.
1. What data can be leaked? (scope)
2. How difficult is it to construct a gadget?
3. What is the signal-to-noise ratio of the channel?
4. What is the bandwidth of the channel?
The original 3 Spectre variants were basically "whole process or whole of memory, easy, tens of dB, and many kilobytes a second".
If you're looking for binary safety w.r.t side channels, I think modern hardware cannot actually guarantee it.
Identifying Sensitive Program Portions.Control and data flow
linearization need to be applied only to regions affected
by secret data, as protecting non-leaky code only hampers