Comment # 13 on bug 1202851 from Larry Finger

Running the debugger on VBoxDD.so and looking at offset 178000, which is
indicated as the segfault address in your messages, I get:

finger@localhost:~>gdb /usr/lib/virtualbox/VBoxDD.so
(gdb) list *178000
0x2b750 is in PS2MByteToAux(PDMDEVINSR3*, PS2M*, unsigned char)
(/usr/src/debug/virtualbox-6.1.36-2.1.x86_64/src/VBox/Devices/Input/DevPS2M.cpp:263).
Downloading 0.04 MB source file
/usr/src/debug/virtualbox-6.1.36-2.1.x86_64/src/VBox/Devices/Input/DevPS2M.cpp
258     {                                                                       
259         switch (pThis->enmKnockState)
260         {
261         case PS2M_KNOCK_INITIAL:
262             if (rate == 200)
263                 pThis->enmKnockState = PS2M_KNOCK_1ST;
264             break;
265         case PS2M_KNOCK_1ST:
266             if (rate == 100)
267                 pThis->enmKnockState = PS2M_KNOCK_IMPS2_2ND;

Note: I had to allow the debugger to download the symbols.

I have not looked at the source code, but the error location only makes sense
if pThis->enmKnockState is read-only. The switch statement show that it can be
read.

Before I look at the code, could you please verify that you get the same
location for the segfault? You will likely need to install the debugger.