On Wed, Feb 26, 2025 at 4:23 AM Petr Beneš <w1be...@gmail.com> wrote: > I finally managed to capture a few non-corrupted crashdumps. > The cause of crash always points to the same symbol: > nt!KiIpiProcessRequests+0x193
It appears that the Windows likes to manage its own IPI - i.e. KiIpiSendRequest stores the request packet to the KPRCB->RequestMailbox, and then KiIpiProcessRequests takes that request from the RequestMailbox. If someone externally interferes with that (Xen?) and triggers IPI that Windows doesn't expect, then Windows crashes - likely because it takes some invalid/stale value from the RequestMailbox (which wasn't set properly by KiIpiSendRequest). This is just a wild guess and it might be wrong. But clearly, something weird is happening around IPI during the xl save process that Windows doesn't like. P.
