Fix cross-thread ownership check: Use bits 8-15 for owner_tid_low

Problem:
- TLS_SLL_PUSH_DUP crash in Larson multi-threaded benchmark
- Cross-thread frees incorrectly routed to same-thread TLS path
- Root cause: pthread_t on glibc is 256-byte aligned (TCB base)
  so lower 8 bits are ALWAYS 0x00 for ALL threads

Fix:
- Change owner_tid_low from (tid & 0xFF) to ((tid >> 8) & 0xFF)
- Bits 8-15 actually vary between threads, enabling correct detection
- Applied consistently across all ownership check locations:
  - superslab_inline.h: ss_owner_try_acquire/release/is_mine
  - slab_handle.h: slab_try_acquire
  - tiny_free_fast.inc.h: tiny_free_is_same_thread_ss
  - tiny_free_fast_v2.inc.h: cross-thread detection
  - tiny_superslab_free.inc.h: same-thread check
  - ss_allocation_box.c: slab initialization
  - hakmem_tiny_superslab.c: ownership handling

Also added:
- Address watcher debug infrastructure (tiny_region_id.h)
- Cross-thread detection in malloc_tiny_fast.h Front Gate

Test results:
- Larson 1T/2T/4T: PASS (no TLS_SLL_PUSH_DUP crash)
- random_mixed: PASS
- Performance: ~20M ops/s (regression from 48M, needs optimization)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

core/tiny_free_fast.inc.h

@@ -57,7 +57,7 @@ extern void tiny_alloc_fast_push(int class_idx, void* ptr);
 // Invariant: This check MUST be atomic (no TOCTOU between check and push)
 static inline int tiny_free_is_same_thread_ss(SuperSlab* ss, int slab_idx, uint32_t my_tid) {
     TinySlabMeta* meta = &ss->slabs[slab_idx];
-    uint8_t my_tid_low = (uint8_t)my_tid;
+    uint8_t my_tid_low = (uint8_t)((my_tid >> 8) & 0xFFu);
     uint8_t owner = tiny_atomic_load_u8_relaxed(&meta->owner_tid_low);
     return (owner == my_tid_low && owner != 0);
 }