Add tokio-rs/loom concurrency harnesses for async-runtime scheduler

[avrabe]

Part of the V&V coverage initiative.

Problem

kiln's async runtime (component-model threading, async-runtime-error handling) is the scheduling substrate for everything running on top. Kani covers bounded invariants; Verus covers functional contracts. What's missing: every-interleaving concurrency checking of the scheduler and its synchronization primitives.

tokio-rs/loom is the Rust-native tool for this. Note: this is the crate loom = "..." — not the sibling pulseengine/loom (WASM optimizer).

Acceptance

• Add loom dev-dep with #[cfg(loom)] import pattern
• tokio-loom harness for task spawn/complete ordering (no task is dropped, no task is completed twice)
• tokio-loom harness for wake/notify: wakers cannot be missed under concurrent spawns
• tokio-loom harness for capability-factory concurrent allocation (no double-free, budget respected)
• Harnesses under kiln-component/tests/loom_*.rs or wherever the scheduler lives
• Separate CI job (loom is slow) — feature-gated RUSTFLAGS="--cfg loom"
• cargo-kiln subcommand cargo-kiln loom-verify to drive harnesses (optional but consistent with kani-verify)

Notes

• Kani + Verus cover functional correctness; loom covers concurrency
• Pair harnesses with the safe_managed_alloc! capability system to verify memory-budget allocation is thread-safe
• Reference: thrum/crates/thrum-db/tests/loom_claims.rs