I spent 10 years doing microprocessor validation. This was my first idea. Then I realized that the OS never sees the instructions that fetch the cache line. <doh> Note that it might be easier for attack code to do a divide by zero to cause an exception than to outsmart the branch prediction hardware.
During my ten years, I did my share of fussin' & cussin' about designers just doing things wrong. But I'm also a mathematician. My brain is wired for this stuff, and it STILL took years & years of my professors pointing out where my errors were before they even began to think about letting me into the program.
This is a side-channel attack on the warmth of the cache. If you think you can, please detail how the hardware can prevent such an attack without substantially compromising performance. I've got some ideas, but after realizing that my OS fix would not work, I'm going to shut up about them for a while...