So... if I have a wallet without a password and create one or change the password, why does it change the master private HD key?
In order to protect future keys in case you were compromised. If an attacker somehow got your wallet at some time, they would be able to access all of your private keys generated previously and in the future. By changing the password, you then make it impossible for someone to be able to steal all of your Bitcoin in the future.
The same is done with non-HD wallets. When you change the password, the look-ahead keypool is refilled to prevent people from being able to steal future Bitcoin.
What happens in these three scenarios:
A) You receive 10 payments to 10 different addresses, and spend 5 of those payments, then subsequently change your password. Would you still be able to spend the 5 unspent inputs? If so, with what mechanism?
B) You receive 10 payments to 10 different addresses, and spend all 10 of those payments, then subsequently change your password. Subsequent to changing your password, you receive an additional payment to a previously used address. Would you still be able to spend that input? If so with what mechanism?
C) You calculate 10 addresses that are associated with your xprivkey, but do not do anything to let Core know that you have given these addresses out (eg you never click on "receive" -- or whatever it is called), and change your password. You subsequently receive bitcoin to those 10 addresses. Would you be able to spend those 10 inputs? If so under what mechanism?
I guess my broader question is what happens to your xprivkey when you change your wallet password with Core?