REPL robustness pass: lock safety, degraded completion, and refresh resilience

[ndenev]

Summary

Bundle REPL hardening work into a focused robustness pass to prevent avoidable panics, improve degraded-mode behavior, and make failure states visible/actionable.

Scope

1) Lock-safety hardening in completion paths

• Replace panic-prone lock unwraps (e.g. RwLock::read().unwrap()) with graceful handling.
• On poisoned lock, return empty completions instead of panicking.
• Optionally emit one-time warning for observability.

2) Completion cache resiliency

• Avoid silently swallowing initial completion cache population failures (unwrap_or_default).
• Keep REPL usable with degraded completion, but inform the user that completion is degraded.
• Retry cache population on later lifecycle events (USE, REFRESH TABLES).

3) Refresh/switch consistency

• After USE ... and REFRESH TABLES, consistently attempt completion cache refresh.
• On refresh failure, preserve current cache but surface warning.

4) Error UX normalization

• Standardize warning/error formatting for REPL command failures.
• Include concise, actionable hints where possible.

5) Robustness-focused tests

Add tests for:

• poisoned RwLock in completion path -> no panic, empty suggestions
• initial cache population failure -> REPL starts with warning/degraded completion
• cache refresh failure after USE / REFRESH TABLES -> no crash, warning shown
• malformed/edge REPL commands -> no panic

Motivation

Current REPL is mostly stable, but there are brittle spots where internal errors can trigger panic or silent degradation. This pass keeps REPL interactive and predictable under failure.

Notes

This issue intentionally bundles related REPL reliability concerns so fixes can be applied coherently (instead of piecemeal panic patches).