I've seen the JNA Crash protection feature description starting with "It is not uncommon when defining a new library and writing tests to encounter memory access errors which crash the VM". This suggests to me that this crash protection is really intended for debugging / early phases of development. Is it safe to leave it on in production, or is there a large performance cost that I should be aware of / other reason to turn it off?
For Windows, it's on by default and safe to leave that way, because it uses structured exception handling to catch the errors (you should still attempt to shut down gracefully, because there's no guarantee that the caught error is in any way recoverable).
For platforms that use signal handling to trap errors, you should probably not use it in production, since the VM itself uses those same signals. In development you typically need to use the jsig library in order for JNA to be able to properly trap the signals without interfering with the JVM (or vice versa) and it's unlikely you'll be able to do this in production.
There is no performance cost, it's more of a reliability issue.