While investigating T76274, I found crash scenario when playhead is near end frame and moving a strip.
It is not as easy to reproduce, about 5% success rate, and it will be even harder after rB4066c921fbe5.
In any case there is chance, that this may happen even when these conditions are not met. I wasn't able to find out exact cause of this problem. I have been able to reproduce crash only when moving strip, other editors don't cause crash.
It seems that when prefetch thread is restarted during modal operation invalid scene state is loaded and used for prefetching. This will happen in main thread, so I am not sure how this invalid state could be caused.
Perhaps it is some weird logic in transform operator itself. Other modal operators doesn't seem to cause this crash.
Here is stack trace:
Prefetch (crashed):
> blender.exe!DEG::`anonymous namespace'::update_sequence_orig_pointers(const ListBase * sequences_orig, ListBase * sequences_cow) Line 480 C++ blender.exe!DEG::`anonymous namespace'::update_sequence_orig_pointers(const ListBase * sequences_orig, ListBase * sequences_cow) Line 483 C++ blender.exe!DEG::`anonymous namespace'::update_scene_orig_pointers(const Scene * scene_orig, Scene * scene_cow) Line 494 C++ blender.exe!DEG::`anonymous namespace'::update_id_after_copy(const DEG::Depsgraph * depsgraph, const DEG::IDNode * id_node, const ID * id_orig, ID * id_cow) Line 814 C++ blender.exe!DEG::deg_expand_copy_on_write_datablock(const DEG::Depsgraph * depsgraph, const DEG::IDNode * id_node, DEG::DepsgraphNodeBuilder * node_builder, bool create_placeholders) Line 924 C++ blender.exe!DEG::deg_update_copy_on_write_datablock(const DEG::Depsgraph * depsgraph, const DEG::IDNode * id_node) Line 951 C++ blender.exe!DEG::`anonymous namespace'::depsgraph_ensure_view_layer(DEG::Depsgraph * graph) Line 346 C++ blender.exe!DEG::deg_evaluate_on_refresh(DEG::Depsgraph * graph) Line 380 C++ blender.exe!DEG_evaluate_on_framechange(Main * bmain, Depsgraph * graph, float ctime) Line 81 C++ blender.exe!seq_prefetch_update_depsgraph(PrefetchJob * pfjob) Line 203 C blender.exe!seq_prefetch_frames(void * job) Line 414 C blender.exe!tslot_thread_start(void * tslot_p) Line 222 C [External Code]
Main(stack may be different here):
> blender.exe!MEM_lockfree_freeN(void * vmemh) Line 128 C blender.exe!BLO_memfile_free(MemFile * memfile) Line 65 C blender.exe!BLO_memfile_merge(MemFile * first, MemFile * second) Line 93 C blender.exe!memfile_undosys_step_free(UndoStep * us_p) Line 268 C blender.exe!undosys_step_free_and_unlink(UndoStack * ustack, UndoStep * us) Line 225 C blender.exe!undosys_stack_clear_all_first(UndoStack * ustack, UndoStep * us, UndoStep * us_exclude) Line 333 C blender.exe!BKE_undosys_stack_limit_steps_and_memory(UndoStack * ustack, int steps, unsigned __int64 memory_limit) Line 449 C blender.exe!ED_undo_push(bContext * C, const unsigned char * str) Line 107 C blender.exe!ED_undo_push_op(bContext * C, wmOperator * op) Line 302 C blender.exe!wm_operator_finished(bContext * C, wmOperator * op, const bool repeat, const bool store) Line 920 C blender.exe!wm_handler_operator_call(bContext * C, ListBase * handlers, wmEventHandler * handler_base, wmEvent * event, PointerRNA * properties, const unsigned char * kmi_idname) Line 2044 C blender.exe!wm_handlers_do_intern(bContext * C, wmEvent * event, ListBase * handlers) Line 2800 C blender.exe!wm_handlers_do(bContext * C, wmEvent * event, ListBase * handlers) Line 2848 C blender.exe!wm_event_do_handlers(bContext * C) Line 3277 C blender.exe!WM_main(bContext * C) Line 478 C blender.exe!main(int argc, const unsigned char * * UNUSED_argv_c) Line 530 C [External Code]
I wanted to disable prefetching during modal operator execution in VSE, but currently I don't have any signalling method in place.
Checking for G.moving seems to resolve this problem.