fix: avoid false watchdog restart right after startup

[CJKmkp]

Motivation

• Prevent the watchdog from falsely detecting the app as unresponsive immediately after startup due to stale/timing/race conditions on heartbeat/startup timestamps.
• Ensure heartbeat and startup timestamps are thread-safe and consistent across threads to avoid premature automatic restarts.

Description

• Replaced DateTime fields used by the heartbeat/watchdog logic with UTC ticks stored in long fields and accessed with Interlocked to make reads/writes thread-safe (Ink Canvas/App.xaml.cs).
• Added ReadUtcTicks helper to convert atomic tick values into DateTime consistently and moved all timestamp writes (splash, app startup, startup-complete, heartbeat) to UTC ticks via Interlocked.Exchange.
• When the main window Loaded event records the startup-complete heartbeat, the code now also updates the live heartbeat timestamp to avoid stale pre-startup heartbeats triggering a restart.
• Introduced a StartupCompleteGracePeriod (30s) that skips post-startup hang detection immediately after startup completeness is recorded to avoid noisy restarts during final initialization.

Testing

• Attempted to build with dotnet build "Ink Canvas.sln" -c Release, but the build could not be run in this environment because dotnet is not installed (build failed).

---

Codex Task

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: e7af98721d

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Record startup heartbeat before marking startup complete

The Loaded handler publishes isStartupComplete before updating startupCompleteHeartbeatTicksUtc/lastHeartbeatTicksUtc, but watchdogTimer reads these values from another thread. In the small window after isStartupComplete becomes true, the watchdog can still see an old heartbeat and a MinValue startup-complete timestamp, which bypasses the new grace-period check and can trigger the same immediate post-startup restart this change is trying to prevent. Write the timestamps first and only then mark startup complete (or enforce ordering with synchronization).

Useful? React with 👍 / 👎.