A test was recently pushed to XTF's repository which may crash a host whose hardware is vulnerable to XSA-304 (hardware vulnerability related to EPT superpages).
There are two modes in Xen regarding EPT superpages, fast vs secure, and XCP-ng defaults to fast due to the big performance hit secure would have by default on affected hardware. The vulnerability may allow an HVM guest to crash the host, and this is what the test demonstrates.
I've updated the small Xen testing guide above with instructions to switch to secure mode before running the tests, if you want to avoid the crash in case your host is vulnerable.