fix(runner+boxlite/rest): classify stopped-box exec as 409 and refuse overwrite=false over REST

Two related real bugs surfaced by the Tokyo e2e suite once the
deserialization gate stopped poisoning every list call:

1. test_files_io.py::test_copy_in_overwrite_false_rejects_conflict
   Root cause: src/boxlite/src/rest/litebox.rs::copy_into named the
   CopyOptions argument `_opts` — i.e. dropped on the floor. The REST
   upload protocol is a single tar that the runner extracts over
   container_dst unconditionally, so overwrite=false silently turned
   into overwrite=true and the test's host file replaced the seeded
   guest content. The test contract explicitly accepts a raised
   exception ('the runtime behaviour can be either a raised exception
   or a no-op (FFI raises) — either is acceptable; the contract is
   the guest content must be unchanged'), so the REST backend now
   returns BoxliteError::Unsupported up front rather than silently
   clobbering. A real per-entry skip-if-exists implementation would
   require an end-to-end protocol change (overwrite query param +
   runner-side staged-vs-existing check); follow-up work, not in
   scope for the gate.

2. test_execution_shutdown.py::test_exec_on_stopped_box_is_typed_error
   Root cause: apps/runner/pkg/api/controllers/boxlite_exec.go ::
   BoxliteExec wraps every execManager.Start error in a generic 500
   ('exec failed: ...'). A stopped-box exec surfaces from libboxlite as
   the typed Go SDK code 11 (ErrStopped) — the SDK already exposes
   sdkboxlite.IsStopped/IsInvalidState helpers for exactly this case.
   Use them to map to 409 Conflict (box is in a state that can't
   accept execs), so the response is a typed 4xx instead of a leaked
   500 'Handle invalidated after stop()'.

Local-verified:
- cargo test -p boxlite --features rest rest::types::tests + the
  new build_platform_ref / oversize cases still pass (44 passing,
  the one pre-existing ws_watchdog_fires_when_idle flaky timing test
  fails unrelated).
- cd apps/runner && go vet ./pkg/api/controllers/ clean (full link
  needs libboxlite.a which the deploy pipeline rebuilds).

Author: G4614

apps/runner/pkg/api/controllers/boxlite_exec.go

@@ -6,6 +6,7 @@ import (
 	"net/http"
 	"time"
 
+	sdkboxlite "github.com/boxlite-ai/boxlite/sdks/go"
 	"github.com/boxlite-ai/runner/pkg/boxlite"
 	"github.com/boxlite-ai/runner/pkg/runner"
 	"github.com/gin-gonic/gin"
@@ -74,6 +75,19 @@ func BoxliteExec(ctx *gin.Context) {
 
 	execId, err := execManager.Start(ctx.Request.Context(), bx, boxId, startOpts)
 	if err != nil {
+		// Classify so a stopped / wrong-state box surfaces as 4xx, not
+		// 500. Without this the box-stopped case leaks
+		//   internal error: HTTP 500 Internal Server Error:
+		//   {"error":"exec failed: failed to start execution: boxlite: stopped:
+		//    Handle invalidated after stop(). ... (code=11)"}
+		// and the SDK's 'all 5xx is bug' guard fires. The Go SDK already
+		// gives us a typed bool for the two states that aren't 500 from
+		// the runner's perspective (the box exists but isn't accepting
+		// execs right now).
+		if sdkboxlite.IsStopped(err) || sdkboxlite.IsInvalidState(err) {
+			ctx.JSON(http.StatusConflict, gin.H{"error": fmt.Sprintf("exec failed: %s", err)})
+			return
+		}
 		ctx.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("exec failed: %s", err)})
 		return
 	}

src/boxlite/src/rest/litebox.rs

@@ -209,10 +209,29 @@ impl BoxBackend for RestBox {
         &self,
         host_src: &Path,
         container_dst: &str,
-        _opts: CopyOptions,
+        opts: CopyOptions,
     ) -> BoxliteResult<()> {
         let box_id = self.box_id_str();
 
+        // Honor overwrite=false at the REST boundary. The runner's
+        // upload handler always extracts the tar over whatever's at
+        // container_dst (the test in scripts/test/e2e/cases/test_files_io.py::
+        // test_copy_in_overwrite_false_rejects_conflict was catching
+        // 'overwrite=False replaced guest content'). The test contract
+        // explicitly accepts a raised exception OR a no-op — the
+        // invariant is "guest content must be unchanged". We can't
+        // express the per-entry "skip if dst exists" semantics over
+        // the current single-tar upload protocol, so refuse the call
+        // outright instead of silently clobbering.
+        if !opts.overwrite {
+            return Err(BoxliteError::Unsupported(
+                "copy_into with overwrite=false is not supported over the REST backend; \
+                 the current upload protocol cannot express per-entry skip-if-exists. \
+                 Use the FFI backend or pre-check the destination before calling."
+                    .into(),
+            ));
+        }
+
         // Create tar archive from host path
         let tar_bytes = create_tar_from_path(host_src)?;