Fix CI from the prior CVE fixes (#5250)

Pulling in various shapes of fixes from `release-2.0.0` and `main`.

crates/runtime/src/cow.rs

@@ -647,14 +647,16 @@ impl MemoryImageSlot {
     /// Map anonymous zeroed memory across the whole slot,
     /// inaccessible. Used both during instantiate and during drop.
     fn reset_with_anon_memory(&mut self) -> Result<()> {
-        unsafe {
-            let ptr = rustix::mm::mmap_anonymous(
-                self.base as *mut c_void,
-                self.static_size,
-                rustix::mm::ProtFlags::empty(),
-                rustix::mm::MapFlags::PRIVATE | rustix::mm::MapFlags::FIXED,
-            )?;
-            assert_eq!(ptr as usize, self.base);
+        if self.static_size > 0 {
+            unsafe {
+                let ptr = rustix::mm::mmap_anonymous(
+                    self.base as *mut c_void,
+                    self.static_size,
+                    rustix::mm::ProtFlags::empty(),
+                    rustix::mm::MapFlags::PRIVATE | rustix::mm::MapFlags::FIXED,
+                )?;
+                assert_eq!(ptr as usize, self.base);
+            }
         }
 
         self.image = None;

crates/runtime/src/instance/allocator/pooling.rs

@@ -330,13 +330,19 @@ impl InstancePool {
                 )
             };
 
-            let mut slot = self
-                .memories
-                .take_memory_image_slot(instance_index, defined_index);
+            let slot = if cfg!(memory_init_cow) {
+                Some(
+                    self.memories
+                        .take_memory_image_slot(instance_index, defined_index),
+                )
+            } else {
+                None
+            };
             if let Some(image) = runtime_info
                 .memory_image(defined_index)
                 .map_err(|err| InstantiationError::Resource(err.into()))?
             {
+                let mut slot = slot.unwrap();
                 let initial_size = plan.memory.minimum * WASM_PAGE_SIZE as u64;
 
                 // If instantiation fails, we can propagate the error

tests/all/pooling_allocator.rs

@@ -581,14 +581,10 @@ fn drop_externref_global_during_module_init() -> Result<()> {
 
 #[test]
 fn switch_image_and_non_image() -> Result<()> {
+    let mut pool = PoolingAllocationConfig::default();
+    pool.instance_count(1);
     let mut c = Config::new();
-    c.allocation_strategy(InstanceAllocationStrategy::Pooling {
-        instance_limits: InstanceLimits {
-            count: 1,
-            ..Default::default()
-        },
-        strategy: Default::default(),
-    });
+    c.allocation_strategy(InstanceAllocationStrategy::Pooling(pool));
     let engine = Engine::new(&c)?;
     let module1 = Module::new(
         &engine,
@@ -683,15 +679,10 @@ configured maximum of 16 bytes; breakdown of allocation requirement:
 
 #[test]
 fn zero_memory_pages_disallows_oob() -> Result<()> {
+    let mut pool = PoolingAllocationConfig::default();
+    pool.instance_count(1).instance_memory_pages(0);
     let mut config = Config::new();
-    config.allocation_strategy(InstanceAllocationStrategy::Pooling {
-        strategy: PoolingAllocationStrategy::NextAvailable,
-        instance_limits: InstanceLimits {
-            count: 1,
-            memory_pages: 0,
-            ..Default::default()
-        },
-    });
+    config.allocation_strategy(InstanceAllocationStrategy::Pooling(pool));
 
     let engine = Engine::new(&config)?;
     let module = Module::new(