I've analyzed the crash information from the latest VirtualBox 6.1.16 log files, but AFAICS, they unfortunately do not reveal the real source of the problem. Some bits and pieces in case a VirtualBox developer reads this:
The EMT thread crashed with the following call stack:
vmR3EmulationThreadWithId() > EMR3ExecuteVM() > VMMR3HmRunGC() > vmmR3ServiceCallRing3Request() > PDMR3CritSectEnterEx() > PDMCritSectEnterDebug(). In
VMMR3HmRunGC(), the previous call to
SUPR3CallVMMR0Fast() prepared the call to
PDMR3CritSectEnterEx(), but the Ring-3 address was 0 and finally led to the crash. From the VirtualBox source code, I can make the educated guess that the order came from
pdmCritSectEnter(), where
MMHyperCCToR3() was called to obtain the Ring-3 address from a Ring-0 address, and it has a developer's prophecy: "You'll be damned if this is not in the HMA!
". Gotcha! Since the Ring-0 address was not revealed, I cannot guess the physical or virtual hardware component involved (with the exception that it's handled by the PDM), so this seems to be a dead end at the moment.
User2358 wrote:Is there an experimental version of Vbox that offers more verbose logging?
The release version of VirtualBox and (above all) a self-built debug version of VirtualBox both offer more verbose logging. Note that it requires detailed knowledge about the inner workings of the VirtualBox code and is therefore rather suited for developers IMHO. For details, see
Technical documentation and
The VirtualBox/IPRT logging facility.
scottgus1 wrote:The exception code is the same as the hardening log exit code: [...]0xc0000005
In case you don't know it already: 0xc0000005 (STATUS_ACCESS_VIOLATION) is the Windows error code for one of the most common programming mistakes in the C and C++ programming languages, sometimes called
Null pointer access. VirtualBox captures the Windows exception triggered in its own code and writes corresponding information to the VBox.log and VBoxHardening.log files. It is quite possible that the crash has no hardening background in the typical sense (no 3rd-party software involved).