Reconsider SandboxMemoryLayout::is_compatible_with on snapshot restore

[ludfjig]

SandboxMemoryLayout::is_compatible_with gates snapshot restore on a strict
match of all configured layout fields. This looks more restrictive than needed,
and possibly unnecessary, because restore already replaces the sandbox's live
layout with the snapshot's.

MultiUseSandbox::restore calls validate_compatibility, which rejects a
snapshot whose layout differs in any of input_data_size, output_data_size,
heap_size, code_size, init_data_size, init_data_permissions, or
scratch_size.

But SandboxMemoryManager::restore_snapshot then does
self.layout = *snapshot.layout() and rebuilds shared_mem and scratch_mem
from the snapshot. The VM remaps both regions, and reset_vcpu,
set_stack_top, and set_entrypoint all take their values from the snapshot.
So the live layout is fully adopted from the snapshot on every restore. Every
consumer reads sizes and offsets through this layout object.

Given that, the layout compatibility check may be redundant: any snapshot could
load into any sandbox, with the sandbox taking on the snapshot's layout. Host
function validation (validate_host_functions) is independent and stays.

Proposed work

• Confirm nothing outside the layout/mem state assumes the pre-restore layout
  after restore_snapshot runs.
• If safe, drop the layout check (or reduce it to the few fields that actually
  must match, if any).