That's because LVI protection involves compiler and assembler updates that insert extra x86 instructions (lfence) and replace problematic instructions (such as ret) with functionally equivalent but more verbose instruction sequences.
Why would an attacker use a compiler that does this?
Did I misunderstand something about this strategy?