Cycle-overrun fault primitive

Gap capability: deadline violations transition the runtime — at task or executor scope — to a configured fault state, rather than only being reported as timestamps via ExecutionMonitor.

Feature: Cycle-overrun fault primitive FEAT_0018
status: open
satisfies: FEAT_0010
is satisfied by: REQ_0070, REQ_0071, REQ_0072, REQ_0073
is implemented by: BB_0093

Deadline violations transition the runtime — at task or executor scope — to a configured fault state, rather than only being reported as timestamps via ExecutionMonitor.
Requirement: Per-task overrun fault transition REQ_0070
status: implemented
satisfies: FEAT_0018
is refined by: REQ_0102
is implemented by: IMPL_0081
is verified by: TEST_0815, TEST_0816
links outgoing: BB_0093, IMPL_0081, TEST_0815, TEST_0816, TEST_0819, TEST_0820, TEST_0821

When a task’s execute exceeds a configured per-task deadline, the runtime shall transition that task to a configured fault state and shall not invoke its normal execute again until cleared.
Requirement: Executor-wide overrun fault transition REQ_0071
status: implemented
satisfies: FEAT_0018
is implemented by: IMPL_0082
is verified by: TEST_0817
links outgoing: BB_0093, IMPL_0082, TEST_0817

When any single dispatch iteration exceeds a configured executor-wide deadline, the runtime shall transition the executor to a configured fault state.
Requirement: Fault-handler item dispatch REQ_0072
status: implemented
satisfies: FEAT_0018
is implemented by: IMPL_0084
is verified by: TEST_0818
links outgoing: BB_0093, IMPL_0084, TEST_0818

When a task or the executor is in a fault state, the runtime shall not run the normal item logic and shall instead dispatch an optional user-supplied fault-handler item once per triggering cycle. The handler is registered via Executor::add_with_fault_handler(main, handler) and inherits the main item’s triggers (its own declare_triggers declarations are ignored).
Requirement: Fault state observability REQ_0073
status: implemented
satisfies: FEAT_0018
is implemented by: IMPL_0083
is verified by: TEST_0817, TEST_0820, TEST_0822
links outgoing: BB_0093, IMPL_0083, TEST_0822, TEST_0820

Fault transitions shall be visible to the configured Observer via a dedicated callback distinct from on_app_error so users can react to overruns separately from item-returned errors.