bugfix(contain): Prevent objects from being added to destroyed container object

[Caball009]

• Closes China Assault Troop Crawler can become a firing ghost unit after Reinforcement Pad drop #2741
• Related PR bugfix(object): Avoid crash with dangling contain module in Object::onDestroy() when Reinforcement Pad is destroyed before Troop Crawler drop #2747

When a reinforcement plane with an Infantry General Troop Crawler is destroyed en route, the plane and vehicle are destroyed, but the infantry spawned and remains in an invalid state (see issue for more details).

Beside being a gameplay and logic bug, there's also another issue because the infantry objects will hold on the container pointer even though that object has been destroyed. This can lead to use-after-free bugs and a crash (see related PR).

This PR makes 4 changes:

1. Objects that are spawned in such a state are now visible.
2. Added code to prevent the creation of the transport payload (e.g. the Mini-Gunners) if the container object is destroyed (non-retail only).
3. Added an early return to OpenContain::addToContain to prevent units from being added to a destroyed object (non-retail only).
4. Added debug assertions for dead container objects or occupants.

TODO:

• Replicate in Generals.

[greptile-apps]

Greptile Summary

This PR adds defensive guards to prevent infantry units from entering an invalid state when a reinforcement plane (with a Transport Crawler payload) is destroyed mid-flight. The root cause is that TransportContain::update could call createPayload() on an already-destroyed container, and addToContain would then accept those units into the destroyed container, leaving dangling pointers and causing use-after-free bugs.

• OpenContain::addOrRemoveObjFromWorld: In RTS_DEBUG builds, skips hiding the drawable when the container is already effectively dead/destroyed, so spawned infantry remain visible rather than becoming invisible phantoms.
• OpenContain::addToContain: Adds an early return (and DEBUG_CRASH assertion) under !RETAIL_COMPATIBLE_CRC to reject any unit that would be loaded into a destroyed container; also wraps the pre-existing destroyed-rider guard in braces and adds a matching DEBUG_CRASH.
• TransportContain::update: Under !RETAIL_COMPATIBLE_CRC, skips createPayload() entirely when the transport object is destroyed, preventing the infantry units from being created in the first place.

Confidence Score: 5/5

Safe to merge — all changes are either non-retail-only guards or debug-only assertions with no impact on retail CRC or gameplay logic.

Both changed files introduce narrowly scoped, preprocessor-guarded defensive checks. The retail path in TransportContain::update is left untouched behind #if RETAIL_COMPATIBLE_CRC, preserving CRC compatibility with unpatched clients. The new early return in addToContain and the DEBUG_CRASH assertions are gated behind !RETAIL_COMPATIBLE_CRC, so they only fire in non-retail builds. The addOrRemoveObjFromWorld visibility fix is further restricted to RTS_DEBUG builds only. No existing retail code paths are altered.

No files require special attention — both files touch only guarded, non-retail code paths.

Important Files Changed

Filename	Overview
GeneralsMD/Code/GameEngine/Source/GameLogic/Object/Contain/OpenContain.cpp	Adds early-return guard and DEBUG_CRASH for destroyed container in addToContain (non-retail), wraps destroyed-rider guard in braces with matching assertion, and makes occupants visible in debug builds when container is dead during addOrRemoveObjFromWorld.
GeneralsMD/Code/GameEngine/Source/GameLogic/Object/Contain/TransportContain.cpp	Wraps createPayload() call in !RETAIL_COMPATIBLE_CRC guard that skips payload creation if the transport container is already destroyed, preventing invalid-state infantry units from being spawned.

Sequence Diagram

sequenceDiagram
    participant Plane as Reinforcement Plane
    participant TC as TransportContain::update()
    participant OC as OpenContain::addToContain()
    participant Obj as Infantry Object

    Plane->>Plane: Destroyed mid-flight
    TC->>TC: "m_payloadCreated == FALSE"

    Note over TC: RETAIL_COMPATIBLE_CRC path
    TC->>OC: createPayload() always called
    OC->>Obj: Spawn infantry
    OC->>OC: addToContain — container destroyed
    OC-->>Obj: Infantry in invalid state

    Note over TC: Non-retail path (this PR)
    TC->>TC: "getObject()->isDestroyed()?"
    TC--xTC: Skip createPayload()

    Note over OC: Fallback guard non-retail
    OC->>OC: "getObject()->isDestroyed()?"
    OC-->>OC: DEBUG_CRASH + early return

    Note over OC: RTS_DEBUG visibility fix
    OC->>Obj: setDrawableHidden skipped
    Obj-->>Obj: Infantry remains visible

Loading

_{Reviews (7): Last reviewed commit: "Changed macro." | Re-trigger Greptile}

[xezon]

Do we really need this visual deviance in Debug as well? I suggest turn this into a regular assert. It will be far more obvious in debug.

DEBUG_ASSERTCRASH(!getObject()->isEffectivelyDead() && !getObject()->isDestroyed(), ("..."));

But check if this is already covered by earlier asserts. Maybe it is not necessary to assert here.