Implement Phase B: Crash Recovery

Add startup integrity checks, corruption recovery, CAS size limits,
graceful shutdown orchestration, and a task supervisor — turning 5
previously-RED resilience tests GREEN and adding 5 new tests.

- CAS: pre-check size limit in put(), add StoreFull error variant
- CAS: sled corruption recovery in open() (retry then recreate)
- SQLite: open_with_integrity_check() via PRAGMA integrity_check(1)
- tantivy: open_with_recovery() deletes and rebuilds corrupt index
- CLI: CancellationToken-based ordered shutdown sequence
- Core: TaskSupervisor with spawn_supervised/spawn_critical + backoff
- Tests: replace 4 todo!() stubs, add 5 new shutdown/supervisor tests

musicfs/Cargo.lock

@@ -1938,6 +1938,7 @@ dependencies = [
  "parking_lot 0.12.5",
  "sd-notify",
  "tokio",
+ "tokio-util 0.7.18",
  "tracing",
  "tracing-appender",
  "tracing-journald",
@@ -2090,6 +2091,7 @@ dependencies = [
  "musicfs-cas",
  "musicfs-core",
  "musicfs-origins",
+ "musicfs-search",
  "nix",
  "noxious-client",
  "parking_lot 0.12.5",
@@ -2100,6 +2102,7 @@ dependencies = [
  "thiserror 1.0.69",
  "tokio",
  "tokio-test",
+ "tokio-util 0.7.18",
  "tracing",
 ]
 
@@ -3735,6 +3738,7 @@ dependencies = [
  "bytes",
  "futures-core",
  "futures-sink",
+ "futures-util",
  "pin-project-lite",
  "tokio",
 ]