A zerofill section is the only way to reserve address space and prevent
system frameworks from using it, including preventing allocations
before any preloader code runs:
- starting with Ventura, dyld allocates private memory from 0x1000-0x81000.
  This breaks EXEs that have an image base of 0x10000.
- Rosetta allocates memory starting at 0x100000000, which breaks EXEs based there.
- starting with Monterey, for proper 10.7 binaries (which include a __program_vars section),
  libSystem initializes itself before the preloader runs. This fragments the <4GB
  address space which is needed for Wow64.

This will need to be adjusted if any EXEs based at 0x200000000 or higher
are found.