GUI events can create and destroy local entities. Serialisation ENSURES that the destruction queue is empty (the reason for that is that we don't serialize the destruction queue)
If the simulation is paused, it can happen that local entities have been destroyed and not flushed (since we only flush if the simulation is running), which then crashes. In particular this can happen in odd cases in MP (see ticket).
I _believe_ it is enough to flush after the GUI event loop and the simulationUpdate call. I think this still crashes if the player tries to serialize on the same event-loop that an entity is destroyed, but in SP I don't really see how you could do that, and I _believe_ in MP we would necessarily flush before the server can handle any request.
It might be safer to explicitly Flush before any "SaveGame" call or something.
Alternatively, I'm not sure that we actually need this ENSURE here: since local entities don't get serialised, they won't be loaded back or transmitted over MP, so it ought to be safe to remove it.