fix: harden Codex backend parity across runtime and validation

[VasuBansal7576]

Description

Hardens the backend/runtime path that Codex was exposing more aggressively than other models. This PR focuses on validation, rerun/input propagation, worker handoff, result visibility at the event layer, stop behavior, and parity regression coverage.

Stacked on top of PR1: aden-hive#6830

Type of Change

• Bug fix (non-breaking change that fixes an issue)
• New feature (non-breaking change that adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Refactoring (no functional changes)

Related Issues

Related to aden-hive#6741
Related to aden-hive#6817

Changes Made

• block stage/run on failed validation and fix the validation subprocess entrypoint
• preserve structured run/rerun inputs and worker handoff state across backend flows
• fix stale phase/tool/output state, result handoff overwrites, terminal stop handling, and no-progress churn detection
• improve worker health reporting and add Codex parity / Codex-vs-control regression coverage

Testing

Ran the following tests locally:

• [x]
  ...................................ss......s............................ [ 28%]
  ........................................................................ [ 56%]
  ........................................................................ [ 85%]
  ..................................... [100%]
  =============================== warnings summary ===============================
  tests/test_codex_parity_gate.py: 1 warning
  tests/test_validate_agent_path.py: 5 warnings
  framework/server/tests/test_api.py: 82 warnings
  /Users/vasu/Desktop/hive-upstream-prs/core/framework/server/app.py:240: NotAppKeyWarning: It is recommended to use web.AppKey instances for keys.
  https://docs.aiohttp.org/en/stable/web_advanced.html#application-s-config
  app["credential_store"] = credential_store

tests/test_codex_parity_gate.py: 1 warning
tests/test_validate_agent_path.py: 5 warnings
framework/server/tests/test_api.py: 82 warnings
/Users/vasu/Desktop/hive-upstream-prs/core/framework/server/app.py:241: NotAppKeyWarning: It is recommended to use web.AppKey instances for keys.
https://docs.aiohttp.org/en/stable/web_advanced.html#application-s-config
app["manager"] = SessionManager(model=model, credential_store=credential_store)

tests/test_validate_agent_path.py::TestHTTPEndpointsRejectMaliciousPaths::test_load_worker_rejects_outside_path
/Users/vasu/.local/share/uv/python/cpython-3.11.14-macos-aarch64-none/lib/python3.11/asyncio/base_events.py:1921: RuntimeWarning: coroutine 'ResponsesToCompletionBridgeHandler.acompletion' was never awaited
handle = self._ready.popleft()
Enable tracemalloc to get traceback where the object was allocated.
See https://docs.pytest.org/en/stable/how-to/capture-warnings.html#resource-warnings for more info.

tests/test_validate_agent_path.py::TestHTTPEndpointsRejectMaliciousPaths::test_load_worker_rejects_outside_path
/Users/vasu/.local/share/uv/python/cpython-3.11.14-macos-aarch64-none/lib/python3.11/concurrent/futures/thread.py:85: RuntimeWarning: coroutine 'ResponsesToCompletionBridgeHandler.acompletion' was never awaited
del work_item
Enable tracemalloc to get traceback where the object was allocated.
See https://docs.pytest.org/en/stable/how-to/capture-warnings.html#resource-warnings for more info.

framework/server/tests/test_api.py::TestCredentials::test_list_credentials_empty
framework/server/tests/test_api.py::TestCredentials::test_save_and_list_credential
framework/server/tests/test_api.py::TestCredentials::test_get_credential
framework/server/tests/test_api.py::TestCredentials::test_get_credential_not_found
framework/server/tests/test_api.py::TestCredentials::test_delete_credential
framework/server/tests/test_api.py::TestCredentials::test_delete_credential_not_found
framework/server/tests/test_api.py::TestCredentials::test_save_credential_missing_fields
framework/server/tests/test_api.py::TestCredentials::test_save_overwrites_existing
/Users/vasu/Desktop/hive-upstream-prs/core/framework/server/tests/test_api.py:1690: NotAppKeyWarning: It is recommended to use web.AppKey instances for keys.
https://docs.aiohttp.org/en/stable/web_advanced.html#application-s-config
app["credential_store"] = CredentialStore.for_testing(initial_creds or {})

framework/server/tests/test_api.py::TestErrorMiddleware::test_404_on_unknown_api_route
/Users/vasu/Desktop/hive-upstream-prs/.venv/lib/python3.11/site-packages/aiohttp/web_protocol.py:528: DeprecationWarning: returning HTTPException object is deprecated (aden-hive#2415) and will be removed, please raise the exception instead
warnings.warn(

-- Docs: https://docs.pytest.org/en/stable/how-to/capture-warnings.html
250 passed, 3 skipped, 187 warnings in 41.16s

• [ ]
• Manual testing performed

Checklist

• My code follows the project's style guidelines
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes

Screenshots (if applicable)

N/A

[github-actions]

PR Closed - Requirements Not Met

This PR has been automatically closed because it doesn't meet the requirements.

PR Author: @VasuBansal7576
Found issues:
Problem: The PR author must be assigned to the linked issue.

To fix:

1. Assign yourself (@VasuBansal7576) to one of the linked issues
2. Re-open this PR

Exception: To bypass this requirement, you can:

• Add the micro-fix label or include micro-fix in your PR title for trivial fixes
• Add the documentation label or include doc/docs in your PR title for documentation changes

Micro-fix requirements (must meet ALL):

Qualifies	Disqualifies
< 20 lines changed	Any functional bug fix
Typos & Documentation & Linting	Refactoring for "clean code"
No logic/API/DB changes	New features (even tiny ones)

Why is this required? See aden-hive#472 for details.