It's not something to over-index on, but it's not a strong protection measure. It simply raises the overall cost to attack and analyze a system.

Take the PS5 for example. It has execute-only memory. Even if you find a bug, how do you exploit it if you can't read the executable text of your ROP/JOP target?