peripherals: 0.930
VMM: 0.891
x86: 0.887
permissions: 0.885
hypervisor: 0.876
architecture: 0.875
debug: 0.874
TCG: 0.869
files: 0.864
register: 0.855
device: 0.850
performance: 0.847
risc-v: 0.845
PID: 0.841
graphic: 0.834
i386: 0.827
vnc: 0.827
socket: 0.824
user-level: 0.813
boot: 0.807
arm: 0.791
assembly: 0.785
kernel: 0.785
mistranslation: 0.783
network: 0.782
KVM: 0.774
semantic: 0.764
ppc: 0.763
virtual: 0.743

qemu-user: zero_bss might raise segfault when segment is not writable
Description of problem:
When a PT_LOAD segment with the following attributes presented in the user program,
* MemSiz > FileSiz
* NOT Writable

qemu-aarch64 will crash with segment fault running it.




in [linux-user/elfload.c: bss_zero](https://gitlab.com/qemu-project/qemu/-/blob/master/linux-user/elfload.c#L2097), the exceeded part is zero'ed without checking if it is writable
```
    if (host_start < host_map_start) {
        memset((void *)host_start, 0, host_map_start - host_start);
    }
```
Steps to reproduce:
1. ./qemu-aarch64 ./X.so
Additional information:
readelf output of X.so
```
Program Headers:
  Type           Offset             VirtAddr           PhysAddr                 FileSiz            MemSiz              Flags  Align
  PHDR           0x0000000000000040 0x0000000000000040 0x0000000000000040       0x0000000000000230 0x0000000000000230  R E    0x8
  LOAD           0x0000000000000000 0x0000000000000000 0x0000000000000000       0x0000000000110270 0x00000000001c94e0  R E    0x10000
  LOAD           0x0000000000129bd0 0x00000000001d9bd0 0x00000000001d9bd0       0x0000000000000438 0x00000000000004c0  RW     0x10000
  LOAD           0x000000000013a008 0x00000000001ea008 0x00000000001ea008       0x0000000000017bd0 0x0000000000017bd0  RW     0x10000
  LOAD           0x0000000000161bd8 0x0000000000211bd8 0x0000000000211bd8       0x000000000000f740 0x000000000000f740  RW     0x10000
  DYNAMIC        0x0000000000161e60 0x0000000000211e60 0x0000000000211e60       0x00000000000001e0 0x00000000000001e0  RW     0x8
  INTERP         0x0000000000089410 0x0000000000089410 0x0000000000089410       0x0000000000000015 0x0000000000000015  R      0x1
      [Requesting program interpreter: /system/bin/linker64]
  NOTE           0x000000000013dbc8 0x00000000001edbc8 0x00000000001edbc8       0x0000000000000011 0x0000000000000011  R      0x1
  GNU_EH_FRAME   0x00000000001c86a4 0x00000000001c86a4 0x00000000001c86a4       0x00000000000002dc 0x00000000000002dc  R      0x4
  GNU_STACK      0x0000000000000000 0x0000000000000000 0x0000000000000000       0x0000000000000000 0x0000000000000000  RW     0x10
```

X.so: https://drive.google.com/file/d/1A7mkWRcK2BKkpeevt8T6FVLg-t6mWdgi/view?usp=sharing