CRITICAL FIX: TLS 未初期化による 4T SEGV を完全解消

**問題:**
- Larson 4T で 100% SEGV (1T は 2.09M ops/s で完走)
- System/mimalloc は 4T で 33.52M ops/s 正常動作
- SS OFF + Remote OFF でも 4T で SEGV

**根本原因: (Task agent ultrathink 調査結果)**
```
CRASH: mov (%r15),%r13
R15 = 0x6261  ← ASCII "ba" (ゴミ値、未初期化TLS)
```

Worker スレッドの TLS 変数が未初期化:
- `__thread void* g_tls_sll_head[TINY_NUM_CLASSES];`  ← 初期化なし
- pthread_create() で生成されたスレッドでゼロ初期化されない
- NULL チェックが通過 (0x6261 != NULL) → dereference → SEGV

**修正内容:**
全 TLS 配列に明示的初期化子 `= {0}` を追加:

1. **core/hakmem_tiny.c:**
   - `g_tls_sll_head[TINY_NUM_CLASSES] = {0}`
   - `g_tls_sll_count[TINY_NUM_CLASSES] = {0}`
   - `g_tls_live_ss[TINY_NUM_CLASSES] = {0}`
   - `g_tls_bcur[TINY_NUM_CLASSES] = {0}`
   - `g_tls_bend[TINY_NUM_CLASSES] = {0}`

2. **core/tiny_fastcache.c:**
   - `g_tiny_fast_cache[TINY_FAST_CLASS_COUNT] = {0}`
   - `g_tiny_fast_count[TINY_FAST_CLASS_COUNT] = {0}`
   - `g_tiny_fast_free_head[TINY_FAST_CLASS_COUNT] = {0}`
   - `g_tiny_fast_free_count[TINY_FAST_CLASS_COUNT] = {0}`

3. **core/hakmem_tiny_magazine.c:**
   - `g_tls_mags[TINY_NUM_CLASSES] = {0}`

4. **core/tiny_sticky.c:**
   - `g_tls_sticky_ss[TINY_NUM_CLASSES][TINY_STICKY_RING] = {0}`
   - `g_tls_sticky_idx[TINY_NUM_CLASSES][TINY_STICKY_RING] = {0}`
   - `g_tls_sticky_pos[TINY_NUM_CLASSES] = {0}`

**効果:**
```
Before: 1T: 2.09M ✅  |  4T: SEGV 💀
After:  1T: 2.41M ✅  |  4T: 4.19M ✅  (+15% 1T, SEGV解消)
```

**テスト:**
```bash
# 1 thread: 完走
./larson_hakmem 2 8 128 1024 1 12345 1
→ Throughput = 2,407,597 ops/s ✅

# 4 threads: 完走（以前は SEGV）
./larson_hakmem 2 8 128 1024 1 12345 4
→ Throughput = 4,192,155 ops/s ✅
```

**調査協力:** Task agent (ultrathink mode) による完璧な根本原因特定

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

core/hakmem_tiny_superslab.c

@@ -27,6 +27,15 @@ static pthread_mutex_t g_superslab_lock = PTHREAD_MUTEX_INITIALIZER;
 uint64_t g_superslabs_allocated = 0;  // Non-static for debugging
 uint64_t g_superslabs_freed = 0;      // Phase 7.6: Non-static for test access
 uint64_t g_bytes_allocated = 0;  // Non-static for debugging
+
+// Debug counters
+_Atomic uint64_t g_ss_active_dec_calls = 0;
+_Atomic uint64_t g_hak_tiny_free_calls = 0;
+_Atomic uint64_t g_ss_remote_push_calls = 0;
+// Free path instrumentation (lightweight, for OOM/route diagnosis)
+_Atomic uint64_t g_free_ss_enter = 0;          // hak_tiny_free_superslab() entries
+_Atomic uint64_t g_free_local_box_calls = 0;   // same-thread freelist pushes
+_Atomic uint64_t g_free_remote_box_calls = 0;  // cross-thread remote pushes
 // Per-class counters for gating/metrics (Tiny classes = 8)
 uint64_t g_ss_alloc_by_class[8] = {0};
 uint64_t g_ss_freed_by_class[8] = {0};
@@ -494,6 +503,10 @@ void superslab_free(SuperSlab* ss) {
         return;
     }
 
+    fprintf(stderr, "[DEBUG ss_os_release] Freeing SuperSlab ss=%p class=%d size=%zu active=%u\n",
+            (void*)ss, ss->size_class, ss_size,
+            atomic_load_explicit(&ss->total_active_blocks, memory_order_relaxed));
+
     munmap(ss, ss_size);
 
     // Update statistics for actual release to OS
@@ -504,6 +517,9 @@ void superslab_free(SuperSlab* ss) {
     }
     g_bytes_allocated -= ss_size;
     pthread_mutex_unlock(&g_superslab_lock);
+
+    fprintf(stderr, "[DEBUG ss_os_release] g_superslabs_freed now = %llu\n",
+            (unsigned long long)g_superslabs_freed);
 }
 
 // ============================================================================