Create a `DefinedInstance` internal newtype

[fitzgen]

A DefinedInstance is exactly like Instance but it only provides access to defined tables/memories/globals/etc...

This would allow us to make splitting a mutable store borrow into multiple mutable (defined!) instance borrows safe because you couldn't access the imported entities that could alias defined items from another instance that could also be mutably borrowed. That is, this method (and any others we might eventually add like it) would no longer need to be unsafe as long as it yielded DefinedInstances instead of Instances:

wasmtime/crates/wasmtime/src/runtime/store.rs

Lines 1308 to 1332 in eb54a90

	/// Access multiple instances specified via `ids`.
	///
	/// # Panics
	///
	/// This method will panic if any indices in `ids` overlap.
	///
	/// # Safety
	///
	/// This method is not safe if the returned instances are used to traverse
	/// "laterally" between other instances. For example accessing imported
	/// items in an instance may traverse laterally to a sibling instance thus
	/// aliasing a returned value here. The caller must ensure that only defined
	/// items within the instances themselves are accessed.
	#[inline]
	pub unsafe fn optional_gc_store_and_instances_mut<const N: usize>(
	&mut self,
	ids: [InstanceId; N],
	) -> (Option<&mut GcStore>, [Pin<&mut vm::Instance>; N]) {
	let instances = self
	.instances
	.get_disjoint_mut(ids)
	.unwrap()
	.map(|h| h.handle.get_mut());
	(self.gc_store.as_mut(), instances)
	}

To cut down on code duplication, we would probably want an Instance to deref to a DefinedInstance or something like that. Probably Instance would be a newtype of DefinedInstance that has methods for accessing imported items and anything that accesses that stuff, and then it also derefs to its inner DefinedInstance.

cc @alexcrichton