persist: special-case a shard with empty upper and empty since

[danhhz]

If the upper and shard-global since are both the empty antichain, then no further writes can ever commit and no further reads can be served. Optimize the shard into a final unchanging tombstone state by replacing the spine with a single empty batch and clearing the reader and writer registrations.

Also included are a couple tweaks that I felt helped make this easier to reason about:

• We no longer allow compare_and_append with lower == upper (and empty updates). This was added originally to make heartbeats easier, but now that we have an explicit writer heartbeat cmd, it's now just adding complexity to the compare_and_append impl. (Hit this because I was thinking about CaA on a batch with lower and upper empty against a shard with upper empty.)
• Split the Break type for compare_and_append into an enum. It was previously abusing Result (me being lazy and it's been bugging me since), but now that we need 3 variants, it seems like a clear time to fix this.
• Reject any apply_merge_res from an expired writer. This is important to our leaked block detection story, but was missing.
• Eliminate the clone_reader cmd. It was exactly the same impl as register_reader. Instead, we replace it with an assert in ReadHandle::clone that the since of the new registration is <= the since of the handle being cloned.

Motivation

• This PR adds a feature that has not yet been specified.

Tips for reviewer

Checklist

• [ ] This PR has adequate test coverage / QA involvement has been duly considered.

• [ ] This PR evolves an existing $T ⇔ Proto$T mapping (possibly in a backwards-incompatible way) and therefore is tagged with a T-protobuf label.

• [ ] This PR includes the following user-facing behavior changes: