x86: 0.583
architecture: 0.554
device: 0.469
graphic: 0.426
mistranslation: 0.352
network: 0.329
socket: 0.283
kernel: 0.251
semantic: 0.239
register: 0.214
vnc: 0.205
ppc: 0.197
files: 0.185
boot: 0.184
permissions: 0.175
PID: 0.148
TCG: 0.128
risc-v: 0.125
VMM: 0.113
virtual: 0.111
peripherals: 0.110
i386: 0.084
performance: 0.083
arm: 0.078
debug: 0.069
user-level: 0.066
hypervisor: 0.047
KVM: 0.034
assembly: 0.008

linux-user does not check PROT_EXEC

At no point do we actually verify that a page is PROT_EXEC before translating.  All we end up verifying is that the page is readable.  Not the same thing, obviously.

The following test case should work for any architecture, though I've only validated it for x86_64 and aarch64.



It turns out we can't fix this without also fixing
our implementation of signal trampolines.


This is an automated cleanup. This bug report has been moved to QEMU's
new bug tracker on gitlab.com and thus gets marked as 'expired' now.
Please continue with the discussion here:

 https://gitlab.com/qemu-project/qemu/-/issues/122