Description of problem:
I get a complete lockup when launching a qemu/kvm Vm with kernel-4.4.0-0.rc3.git3.2.fc24.x86_64 and I don't get the same lockup with kernel-4.4.0-0.rc2.git0.1.fc24.x86_64


Version-Release number of selected component (if applicable):
kernel-4.4.0-0.rc3.git3.2.fc24.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Launch Vm with VGA passthrough
I don't know if the fact that it's using VGA passthrough is relevant.

I'm not very comfortable constantly locking up the machine so I'm not sure how to help figure out what's happening. I ran the machine with the debug kernel but I didn't see anything in the logs.

I compiled a kernel without CONFIG_X86_INTEL_MPX since that was the only config difference I could see in the new kernel but the lockup actually happened before launching the VM, right after opening up the "Activities" view in Gnome and clicking Show applications with that kernel.

One thing I have noticed when using the WORKING kernel is the following warning in libvirt's logs when starting the VM
"ehci warning: guest updated active QH"

I don't think I've seen that in the logs when using the kernel that hangs the machine

This is the libvirt/qemu log when the lockup occurs
2015-12-06 02:51:58.492+0000: starting up libvirt version: 1.2.18.1, package: 2.fc23 (Fedora Project, 2015-10-06-20:34:16, buildhw-09.phx2.fedoraproject.org), qemu version: 2.4.1 (qemu-2.4.1-1.fc23)
LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin QEMU_AUDIO_DRV=pa QEMU_PA_SERVER=tcp:127.0.0.1:4713 QEMU_PA_SAMPLES=8192 /usr/bin/qemu-kvm -name win10 -S -machine pc-i440fx-2.4,accel=kvm,usb=off,vmport=off -cpu host,kvm=off -drive file=/usr/share/edk2.git/ovmf-x64/OVMF_CODE-pure-efi.fd,if=pflash,format=raw,unit=0,readonly=on -drive file=/var/lib/libvirt/qemu/nvram/win10_VARS.fd,if=pflash,format=raw,unit=1 -m 6144 -realtime mlock=off -smp 2,sockets=1,cores=4,threads=1 -uuid cc97250a-e7de-4bda-acce-4fec0a676fe0 -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/win10.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=localtime,driftfix=slew -global kvm-pit.lost_tick_policy=discard -no-hpet -no-shutdown -global PIIX4_PM.disable_s3=1 -global PIIX4_PM.disable_s4=1 -boot strict=on -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x6.0x7 -device ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x6 -device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x6.0x1 -device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x6.0x2 -device virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0xa -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x5 -drive file=/usr/share/virtio-win/virtio-win-0.1.110.iso,if=none,id=drive-scsi0-0-0-0,readonly=on,format=raw -device scsi-cd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0 -drive file=/var/lib/libvirt/images/win10.img,if=none,id=drive-scsi0-0-0-1,format=raw -device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=1,drive=drive-scsi0-0-0-1,id=scsi0-0-0-1,bootindex=1 -netdev tap,fd=23,id=hostnet0 -device rtl8139,netdev=hostnet0,id=net0,mac=52:54:00:c8:aa:e1,bus=pci.0,addr=0x3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev spicevmc,id=charchannel0,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0 -device usb-tablet,id=input0 -spice port=5900,addr=127.0.0.1,disable-ticketing,image-compression=off,seamless-migration=on -device qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,vgamem_mb=16,bus=pci.0,addr=0x2 -device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev spicevmc,id=charredir0,name=usbredir -device usb-redir,chardev=charredir0,id=redir0 -chardev spicevmc,id=charredir1,name=usbredir -device usb-redir,chardev=charredir1,id=redir1 -device vfio-pci,host=01:00.0,id=hostdev0,bus=pci.0,addr=0x8 -device vfio-pci,host=01:00.1,id=hostdev1,bus=pci.0,addr=0x9 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x7 -msg timestamp=on
Domain id=1 is tainted: custom-argv
Domain id=1 is tainted: host-cpu
char device redirected to /dev/pts/3 (label charserial0)
Failed to load cookie file from cookie: No such file or directory

Kernel line 
linuxefi /vmlinuz-4.4.0-0.rc3.git3.2.fc24.x86_64 root=/dev/mapper/luks-eb296514-e8a6-40c9-981f-3aed5ae51da7 ro rd.lvm.lv=fedora/root rd.luks.uuid=luks-eb296514-e8a6-40c9-981f-3aed5ae51da7 rd.lvm.lv=fedora/swap rd.luks.uuid=luks-0d57749f-284c-4188-94c9-4ab2eae2c525 rd.blacklist=nouveau intel_iommu=on pci-stub.ids=10de:1380,10de:0fbc hugepages=2048 quiet LANG=en_US.UTF-8

I understand that I haven't given you much to go on but thought I'd file it anyway.