Module recovery 

Crash recovery (RFC-018): detects and repairs interrupted state left by a previous session that terminated abnormally.

Called at startup before any work begins. All repairs are non-destructive: running jobs are reset to queued (not deleted), and the previous active index is preserved (RFC-006 §12 replace-on-success guarantee).

Structs

IntegrityReport

Catalog integrity report (RFC-018 §16 test 7).

RecoveryReport

Results of the startup recovery scan (RFC-018 §16 requirements).

Functions

check_catalog_integrity

Run catalog integrity checks (RFC-018 §16 test 7). Read-only — does not repair, only reports.

run_startup_recovery

Run all startup recovery steps.