Series comparison

-[PULL 0/6] Block patches
+[Qemu-devel] [PULL v2 0/6] Block patches
-The following changes since commit ffd454c67e38cc6df792733ebc5d967eee28ac0d:
+The following changes since commit b384cd95eb9c6f73ad84ed1bb0717a26e29cc78f:
-  Merge tag 'pull-vfio-20240107' of https://github.com/legoater/qemu into staging (2024-01-08 10:28:42 +0000)
+  Merge remote-tracking branch 'remotes/ehabkost/tags/machine-next-pull-request' into staging (2018-01-19 16:35:25 +0000)
 are available in the Git repository at:
-  https://gitlab.com/stefanha/qemu.git tags/block-pull-request
+  git://github.com/stefanha/qemu.git tags/block-pull-request
-for you to fetch changes up to 0b2675c473f68f13bc5ca1dd1c43ce421542e7b8:
+for you to fetch changes up to bcbb3866da19cce4360c828b6ec1c2a137757927:
-  Rename "QEMU global mutex" to "BQL" in comments and docs (2024-01-08 10:45:43 -0500)
+  block/parallels: add backing support to readv/writev (2018-01-22 14:02:33 +0000)
 ----------------------------------------------------------------
 Pull request
+v2:
+ * Drop merge failure from a previous pull request that broke virtio-blk on ARM
+   guests
+ * Add Parallels XML patch series
 ----------------------------------------------------------------
-Philippe Mathieu-Daudé (1):
+Edgar Kaziakhmedov (1):
-  iothread: Remove unused Error** argument in aio_context_set_aio_params
+  block/parallels: add backing support to readv/writev
-Stefan Hajnoczi (5):
+Klim Kireev (4):
-  system/cpus: rename qemu_mutex_lock_iothread() to bql_lock()
+  docs/interop/prl-xml: description of Parallels Disk format
-  qemu/main-loop: rename QEMU_IOTHREAD_LOCK_GUARD to BQL_LOCK_GUARD
+  configure: add dependency
-  qemu/main-loop: rename qemu_cond_wait_iothread() to
+  block/parallels: move some structures into header
-    qemu_cond_wait_bql()
+  block/parallels: replace some magic numbers
   Replace "iothread lock" with "BQL" in comments
   Rename "QEMU global mutex" to "BQL" in comments and docs
- docs/devel/multi-thread-tcg.rst      |   7 +-
+Stefan Hajnoczi (1):
- docs/devel/qapi-code-gen.rst         |   2 +-
+  block: add block_set_io_throttle virtio-blk-pci QMP example
- docs/devel/replay.rst                |   2 +-
- docs/devel/reset.rst                 |   2 +-
+ docs/interop/prl-xml.txt | 158 +++++++++++++++++++++++++++++++++++++++++++++++
- docs/devel/multiple-iothreads.txt    |  14 ++--
+ qapi/block-core.json     |  18 ++++++
- hw/display/qxl.h                     |   2 +-
+ configure                |  27 ++++++++
- include/block/aio-wait.h             |   2 +-
+ block/Makefile.objs      |   2 +
- include/block/aio.h                  |   3 +-
+ block/parallels.h        |  88 ++++++++++++++++++++++++++
- include/block/blockjob.h             |   6 +-
+ block/parallels.c        | 108 ++++++++++++++------------------
- include/exec/cpu-common.h            |   2 +-
+ scripts/checkpatch.pl    |   1 +
- include/exec/memory.h                |   4 +-
+files changed, 342 insertions(+), 60 deletions(-)
- include/exec/ramblock.h              |   2 +-
+ create mode 100644 docs/interop/prl-xml.txt
- include/io/task.h                    |   2 +-
+ create mode 100644 block/parallels.h
  include/migration/register.h         |   8 +-
  include/qemu/coroutine-core.h        |   2 +-
  include/qemu/coroutine.h             |   2 +-
  include/qemu/main-loop.h             |  68 ++++++++-------
  include/qemu/thread.h                |   2 +-
  target/arm/internals.h               |   4 +-
  accel/accel-blocker.c                |  10 +--
  accel/dummy-cpus.c                   |   8 +-
  accel/hvf/hvf-accel-ops.c            |   4 +-
  accel/kvm/kvm-accel-ops.c            |   4 +-
  accel/kvm/kvm-all.c                  |  22 ++---
  accel/tcg/cpu-exec.c                 |  26 +++---
  accel/tcg/cputlb.c                   |  20 ++---
  accel/tcg/tcg-accel-ops-icount.c     |   6 +-
  accel/tcg/tcg-accel-ops-mttcg.c      |  12 +--
  accel/tcg/tcg-accel-ops-rr.c         |  18 ++--
  accel/tcg/tcg-accel-ops.c            |   2 +-
  accel/tcg/translate-all.c            |   2 +-
  cpu-common.c                         |   4 +-
  dump/dump.c                          |   4 +-
  hw/block/dataplane/virtio-blk.c      |   8 +-
  hw/block/virtio-blk.c                |   2 +-
  hw/core/cpu-common.c                 |   6 +-
  hw/display/virtio-gpu.c              |   2 +-
  hw/i386/intel_iommu.c                |   6 +-
  hw/i386/kvm/xen_evtchn.c             |  30 +++----
  hw/i386/kvm/xen_gnttab.c             |   2 +-
  hw/i386/kvm/xen_overlay.c            |   2 +-
  hw/i386/kvm/xen_xenstore.c           |   2 +-
  hw/intc/arm_gicv3_cpuif.c            |   2 +-
  hw/intc/s390_flic.c                  |  18 ++--
  hw/mips/mips_int.c                   |   2 +-
  hw/misc/edu.c                        |   4 +-
  hw/misc/imx6_src.c                   |   2 +-
  hw/misc/imx7_src.c                   |   2 +-
  hw/net/xen_nic.c                     |   8 +-
  hw/ppc/pegasos2.c                    |   2 +-
  hw/ppc/ppc.c                         |   6 +-
  hw/ppc/spapr.c                       |   2 +-
  hw/ppc/spapr_events.c                |   2 +-
  hw/ppc/spapr_rng.c                   |   4 +-
  hw/ppc/spapr_softmmu.c               |   4 +-
  hw/remote/mpqemu-link.c              |  22 ++---
  hw/remote/vfio-user-obj.c            |   2 +-
  hw/s390x/s390-skeys.c                |   2 +-
  hw/scsi/virtio-scsi-dataplane.c      |   6 +-
  iothread.c                           |   3 +-
  migration/block-dirty-bitmap.c       |  14 ++--
  migration/block.c                    |  38 ++++-----
  migration/colo.c                     |  62 +++++++-------
  migration/dirtyrate.c                |  12 +--
  migration/migration.c                |  54 ++++++------
  migration/ram.c                      |  16 ++--
  net/tap.c                            |   2 +-
  replay/replay-internal.c             |   2 +-
  semihosting/console.c                |   8 +-
  stubs/iothread-lock.c                |   6 +-
  system/cpu-throttle.c                |   6 +-
  system/cpus.c                        |  55 +++++++------
  system/dirtylimit.c                  |   4 +-
  system/memory.c                      |   2 +-
  system/physmem.c                     |  14 ++--
  system/runstate.c                    |   2 +-
  system/watchpoint.c                  |   4 +-
  target/arm/arm-powerctl.c            |  14 ++--
  target/arm/helper.c                  |   6 +-
  target/arm/hvf/hvf.c                 |   8 +-
  target/arm/kvm.c                     |   8 +-
  target/arm/ptw.c                     |   6 +-
  target/arm/tcg/helper-a64.c          |   8 +-
  target/arm/tcg/m_helper.c            |   6 +-
  target/arm/tcg/op_helper.c           |  24 +++---
  target/arm/tcg/psci.c                |   2 +-
  target/hppa/int_helper.c             |   8 +-
  target/i386/hvf/hvf.c                |   6 +-
  target/i386/kvm/hyperv.c             |   4 +-
  target/i386/kvm/kvm.c                |  28 +++----
  target/i386/kvm/xen-emu.c            |  16 ++--
  target/i386/nvmm/nvmm-accel-ops.c    |   6 +-
  target/i386/nvmm/nvmm-all.c          |  20 ++---
  target/i386/tcg/sysemu/fpu_helper.c  |   6 +-
  target/i386/tcg/sysemu/misc_helper.c |   4 +-
  target/i386/whpx/whpx-accel-ops.c    |   6 +-
  target/i386/whpx/whpx-all.c          |  24 +++---
  target/loongarch/tcg/csr_helper.c    |   4 +-
  target/mips/kvm.c                    |   4 +-
  target/mips/tcg/sysemu/cp0_helper.c  |   4 +-
  target/openrisc/sys_helper.c         |  16 ++--
  target/ppc/excp_helper.c             |  14 ++--
  target/ppc/helper_regs.c             |   2 +-
  target/ppc/kvm.c                     |   4 +-
  target/ppc/misc_helper.c             |   8 +-
  target/ppc/timebase_helper.c         |   8 +-
  target/riscv/cpu_helper.c            |   4 +-
  target/s390x/kvm/kvm.c               |   4 +-
  target/s390x/tcg/misc_helper.c       | 118 +++++++++++++--------------
  target/sparc/int32_helper.c          |   2 +-
  target/sparc/int64_helper.c          |   6 +-
  target/sparc/win_helper.c            |  20 ++---
  target/xtensa/exc_helper.c           |   8 +-
  ui/spice-core.c                      |   6 +-
  util/aio-posix.c                     |   3 +-
  util/aio-win32.c                     |   3 +-
  util/async.c                         |   2 +-
  util/main-loop.c                     |  13 ++-
  util/qsp.c                           |   6 +-
  util/rcu.c                           |  16 ++--
  audio/coreaudio.m                    |   8 +-
  memory_ldst.c.inc                    |  18 ++--
  target/i386/hvf/README.md            |   2 +-
  ui/cocoa.m                           |  56 ++++++-------
 files changed, 646 insertions(+), 655 deletions(-)
 --
-.43.0
+.14.3

-[PULL 6/6] Rename "QEMU global mutex" to "BQL" in comments and docs
+[Qemu-devel] [PULL v2 1/6] block: add block_set_io_throttle virtio-blk-pci QMP example
-The term "QEMU global mutex" is identical to the more widely used Big
+The block_set_io_throttle command can look up BlockBackends by the
-QEMU Lock ("BQL"). Update the code comments and documentation to use
+attached qdev device ID.  virtio-blk-pci is a special case because the
-"BQL" instead of "QEMU global mutex".
+actual VirtIOBlock device is the "/virtio-backend" child of the PCI
 adapter device.
+Add a QMP schema example so clients will know how to use
+block_set_io_throttle on the virtio-blk-pci device.
+The alternative is to implement some sort of aliasing for qmp_get_blk()
+but that is likely to cause confusion and could break future use cases.
+Let's not go there.
+Cc: Kevin Wolf <kwolf@redhat.com>
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
-Acked-by: Markus Armbruster <armbru@redhat.com>
+Reviewed-by: Alberto Garcia <berto@igalia.com>
-Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
+Message-id: 20180117090700.25811-1-stefanha@redhat.com
 Reviewed-by: Paul Durrant <paul@xen.org>
 Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
 Reviewed-by: Cédric Le Goater <clg@kaod.org>
 Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
 Message-id: 20240102153529.486531-6-stefanha@redhat.com
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 ---
- docs/devel/multi-thread-tcg.rst   |  7 +++----
+ qapi/block-core.json | 18 ++++++++++++++++++
- docs/devel/qapi-code-gen.rst      |  2 +-
+file changed, 18 insertions(+)
  docs/devel/replay.rst             |  2 +-
  docs/devel/multiple-iothreads.txt | 14 +++++++-------
  include/block/blockjob.h          |  6 +++---
  include/io/task.h                 |  2 +-
  include/qemu/coroutine-core.h     |  2 +-
  include/qemu/coroutine.h          |  2 +-
  hw/block/dataplane/virtio-blk.c   |  8 ++++----
  hw/block/virtio-blk.c             |  2 +-
  hw/scsi/virtio-scsi-dataplane.c   |  6 +++---
  net/tap.c                         |  2 +-
 files changed, 27 insertions(+), 28 deletions(-)
-diff --git a/docs/devel/multi-thread-tcg.rst b/docs/devel/multi-thread-tcg.rst
+diff --git a/qapi/block-core.json b/qapi/block-core.json
 index XXXXXXX..XXXXXXX 100644
---- a/docs/devel/multi-thread-tcg.rst
+--- a/qapi/block-core.json
-+++ b/docs/devel/multi-thread-tcg.rst
++++ b/qapi/block-core.json
@@ -XXX,XX +XXX,XX @@ instruction. This could be a future optimisation.
  Emulated hardware state
  -----------------------
 -Currently thanks to KVM work any access to IO memory is automatically
 -protected by the global iothread mutex, also known as the BQL (Big
 -QEMU Lock). Any IO region that doesn't use global mutex is expected to
 -do its own locking.
 +Currently thanks to KVM work any access to IO memory is automatically protected
 +by the BQL (Big QEMU Lock). Any IO region that doesn't use the BQL is expected
 +to do its own locking.
  However IO memory isn't the only way emulated hardware state can be
  modified. Some architectures have model specific registers that
 diff --git a/docs/devel/qapi-code-gen.rst b/docs/devel/qapi-code-gen.rst
 index XXXXXXX..XXXXXXX 100644
 --- a/docs/devel/qapi-code-gen.rst
 +++ b/docs/devel/qapi-code-gen.rst
@@ -XXX,XX +XXX,XX @@ blocking the guest and other background operations.
  Coroutine safety can be hard to prove, similar to thread safety.  Common
  pitfalls are:
 -- The global mutex isn't held across ``qemu_coroutine_yield()``, so
 +- The BQL isn't held across ``qemu_coroutine_yield()``, so
    operations that used to assume that they execute atomically may have
    to be more careful to protect against changes in the global state.
 diff --git a/docs/devel/replay.rst b/docs/devel/replay.rst
 index XXXXXXX..XXXXXXX 100644
 --- a/docs/devel/replay.rst
 +++ b/docs/devel/replay.rst
@@ -XXX,XX +XXX,XX @@ modes.
  Reading and writing requests are created by CPU thread of QEMU. Later these
  requests proceed to block layer which creates "bottom halves". Bottom
  halves consist of callback and its parameters. They are processed when
 -main loop locks the global mutex. These locks are not synchronized with
 +main loop locks the BQL. These locks are not synchronized with
  replaying process because main loop also processes the events that do not
  affect the virtual machine state (like user interaction with monitor).
 diff --git a/docs/devel/multiple-iothreads.txt b/docs/devel/multiple-iothreads.txt
 index XXXXXXX..XXXXXXX 100644
 --- a/docs/devel/multiple-iothreads.txt
 +++ b/docs/devel/multiple-iothreads.txt
@@ -XXX,XX +XXX,XX @@ the COPYING file in the top-level directory.
  This document explains the IOThread feature and how to write code that runs
 -outside the QEMU global mutex.
 +outside the BQL.
  The main loop and IOThreads
  ---------------------------
@@ -XXX,XX +XXX,XX @@ scalability bottleneck on hosts with many CPUs.  Work can be spread across
  several IOThreads instead of just one main loop.  When set up correctly this
  can improve I/O latency and reduce jitter seen by the guest.
 -The main loop is also deeply associated with the QEMU global mutex, which is a
 -scalability bottleneck in itself.  vCPU threads and the main loop use the QEMU
 -global mutex to serialize execution of QEMU code.  This mutex is necessary
 -because a lot of QEMU's code historically was not thread-safe.
 +The main loop is also deeply associated with the BQL, which is a
 +scalability bottleneck in itself.  vCPU threads and the main loop use the BQL
 +to serialize execution of QEMU code.  This mutex is necessary because a lot of
 +QEMU's code historically was not thread-safe.
  The fact that all I/O processing is done in a single main loop and that the
 -QEMU global mutex is contended by all vCPU threads and the main loop explain
 +BQL is contended by all vCPU threads and the main loop explain
  why it is desirable to place work into IOThreads.
  The experimental virtio-blk data-plane implementation has been benchmarked and
@@ -XXX,XX +XXX,XX @@ There are several old APIs that use the main loop AioContext:
  Since they implicitly work on the main loop they cannot be used in code that
  runs in an IOThread.  They might cause a crash or deadlock if called from an
 -IOThread since the QEMU global mutex is not held.
 +IOThread since the BQL is not held.
  Instead, use the AioContext functions directly (see include/block/aio.h):
   * aio_set_fd_handler() - monitor a file descriptor
 diff --git a/include/block/blockjob.h b/include/block/blockjob.h
 index XXXXXXX..XXXXXXX 100644
 --- a/include/block/blockjob.h
 +++ b/include/block/blockjob.h
@@ -XXX,XX +XXX,XX @@ typedef struct BlockJob {
      /**
       * Speed that was set with @block_job_set_speed.
 -     * Always modified and read under QEMU global mutex (GLOBAL_STATE_CODE).
 +     * Always modified and read under the BQL (GLOBAL_STATE_CODE).
       */
      int64_t speed;
@@ -XXX,XX +XXX,XX @@ typedef struct BlockJob {
      /**
       * Block other operations when block job is running.
 -     * Always modified and read under QEMU global mutex (GLOBAL_STATE_CODE).
 +     * Always modified and read under the BQL (GLOBAL_STATE_CODE).
       */
      Error *blocker;
@@ -XXX,XX +XXX,XX @@ typedef struct BlockJob {
      /**
       * BlockDriverStates that are involved in this block job.
 -     * Always modified and read under QEMU global mutex (GLOBAL_STATE_CODE).
 +     * Always modified and read under the BQL (GLOBAL_STATE_CODE).
       */
      GSList *nodes;
  } BlockJob;
 diff --git a/include/io/task.h b/include/io/task.h
 index XXXXXXX..XXXXXXX 100644
 --- a/include/io/task.h
 +++ b/include/io/task.h
@@ -XXX,XX +XXX,XX @@ typedef void (*QIOTaskWorker)(QIOTask *task,
   * lookups) to be easily run non-blocking. Reporting the
   * results in the main thread context means that the caller
   * typically does not need to be concerned about thread
 - * safety wrt the QEMU global mutex.
 + * safety wrt the BQL.
   *
   * For example, the socket_listen() method will block the caller
   * while DNS lookups take place if given a name, instead of IP
 diff --git a/include/qemu/coroutine-core.h b/include/qemu/coroutine-core.h
 index XXXXXXX..XXXXXXX 100644
 --- a/include/qemu/coroutine-core.h
 +++ b/include/qemu/coroutine-core.h
 @@ -XXX,XX +XXX,XX @@
-  * rather than callbacks, for operations that need to give up control while
+ # Example:
-  * waiting for events to complete.
+ #
-  *
+ # -> { "execute": "block_set_io_throttle",
-- * These functions are re-entrant and may be used outside the global mutex.
++#      "arguments": { "id": "virtio-blk-pci0/virtio-backend",
-+ * These functions are re-entrant and may be used outside the BQL.
++#                     "bps": 0,
-  *
++#                     "bps_rd": 0,
-  * Functions that execute in coroutine context cannot be called
++#                     "bps_wr": 0,
-  * directly from normal functions.  Use @coroutine_fn to mark such
++#                     "iops": 512,
-diff --git a/include/qemu/coroutine.h b/include/qemu/coroutine.h
++#                     "iops_rd": 0,
-index XXXXXXX..XXXXXXX 100644
++#                     "iops_wr": 0,
---- a/include/qemu/coroutine.h
++#                     "bps_max": 0,
-+++ b/include/qemu/coroutine.h
++#                     "bps_rd_max": 0,
-@@ -XXX,XX +XXX,XX @@
++#                     "bps_wr_max": 0,
-  * rather than callbacks, for operations that need to give up control while
++#                     "iops_max": 0,
-  * waiting for events to complete.
++#                     "iops_rd_max": 0,
-  *
++#                     "iops_wr_max": 0,
-- * These functions are re-entrant and may be used outside the global mutex.
++#                     "bps_max_length": 0,
-+ * These functions are re-entrant and may be used outside the BQL.
++#                     "iops_size": 0 } }
-  *
++# <- { "return": {} }
-  * Functions that execute in coroutine context cannot be called
++#
-  * directly from normal functions.  Use @coroutine_fn to mark such
++# -> { "execute": "block_set_io_throttle",
-diff --git a/hw/block/dataplane/virtio-blk.c b/hw/block/dataplane/virtio-blk.c
+ #      "arguments": { "id": "ide0-1-0",
-index XXXXXXX..XXXXXXX 100644
+ #                     "bps": 1000000,
---- a/hw/block/dataplane/virtio-blk.c
+ #                     "bps_rd": 0,
 +++ b/hw/block/dataplane/virtio-blk.c
@@ -XXX,XX +XXX,XX @@ apply_vq_mapping(IOThreadVirtQueueMappingList *iothread_vq_mapping_list,
      }
  }
 -/* Context: QEMU global mutex held */
 +/* Context: BQL held */
  bool virtio_blk_data_plane_create(VirtIODevice *vdev, VirtIOBlkConf *conf,
                                    VirtIOBlockDataPlane **dataplane,
                                    Error **errp)
@@ -XXX,XX +XXX,XX @@ bool virtio_blk_data_plane_create(VirtIODevice *vdev, VirtIOBlkConf *conf,
      return true;
  }
 -/* Context: QEMU global mutex held */
 +/* Context: BQL held */
  void virtio_blk_data_plane_destroy(VirtIOBlockDataPlane *s)
  {
      VirtIOBlock *vblk;
@@ -XXX,XX +XXX,XX @@ void virtio_blk_data_plane_destroy(VirtIOBlockDataPlane *s)
      g_free(s);
  }
 -/* Context: QEMU global mutex held */
 +/* Context: BQL held */
  int virtio_blk_data_plane_start(VirtIODevice *vdev)
  {
      VirtIOBlock *vblk = VIRTIO_BLK(vdev);
@@ -XXX,XX +XXX,XX @@ static void virtio_blk_data_plane_stop_vq_bh(void *opaque)
      virtio_queue_host_notifier_read(host_notifier);
  }
 -/* Context: QEMU global mutex held */
 +/* Context: BQL held */
  void virtio_blk_data_plane_stop(VirtIODevice *vdev)
  {
      VirtIOBlock *vblk = VIRTIO_BLK(vdev);
 diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/block/virtio-blk.c
 +++ b/hw/block/virtio-blk.c
@@ -XXX,XX +XXX,XX @@ static void virtio_blk_resize(void *opaque)
      VirtIODevice *vdev = VIRTIO_DEVICE(opaque);
      /*
 -     * virtio_notify_config() needs to acquire the global mutex,
 +     * virtio_notify_config() needs to acquire the BQL,
       * so it can't be called from an iothread. Instead, schedule
       * it to be run in the main context BH.
       */
 diff --git a/hw/scsi/virtio-scsi-dataplane.c b/hw/scsi/virtio-scsi-dataplane.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/scsi/virtio-scsi-dataplane.c
 +++ b/hw/scsi/virtio-scsi-dataplane.c
@@ -XXX,XX +XXX,XX @@
  #include "scsi/constants.h"
  #include "hw/virtio/virtio-bus.h"
 -/* Context: QEMU global mutex held */
 +/* Context: BQL held */
  void virtio_scsi_dataplane_setup(VirtIOSCSI *s, Error **errp)
  {
      VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(s);
@@ -XXX,XX +XXX,XX @@ static void virtio_scsi_dataplane_stop_bh(void *opaque)
      }
  }
 -/* Context: QEMU global mutex held */
 +/* Context: BQL held */
  int virtio_scsi_dataplane_start(VirtIODevice *vdev)
  {
      int i;
@@ -XXX,XX +XXX,XX @@ fail_guest_notifiers:
      return -ENOSYS;
  }
 -/* Context: QEMU global mutex held */
 +/* Context: BQL held */
  void virtio_scsi_dataplane_stop(VirtIODevice *vdev)
  {
      BusState *qbus = qdev_get_parent_bus(DEVICE(vdev));
 diff --git a/net/tap.c b/net/tap.c
 index XXXXXXX..XXXXXXX 100644
 --- a/net/tap.c
 +++ b/net/tap.c
@@ -XXX,XX +XXX,XX @@ static void tap_send(void *opaque)
          /*
           * When the host keeps receiving more packets while tap_send() is
 -         * running we can hog the QEMU global mutex.  Limit the number of
 +         * running we can hog the BQL.  Limit the number of
           * packets that are processed per tap_send() callback to prevent
           * stalling the guest.
           */
 --
-.43.0
+.14.3

-[PULL 5/6] Replace "iothread lock" with "BQL" in comments
+[Qemu-devel] [PULL v2 2/6] docs/interop/prl-xml: description of Parallels Disk format
-The term "iothread lock" is obsolete. The APIs use Big QEMU Lock (BQL)
+From: Klim Kireev <klim.kireev@virtuozzo.com>
 in their names. Update the code comments to use "BQL" instead of
 "iothread lock".
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
+This patch adds main information about Parallels Disk
-Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
+format, which consists of DiskDescriptor.xml and other files.
-Reviewed-by: Paul Durrant <paul@xen.org>
-Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
+Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
-Reviewed-by: Cédric Le Goater <clg@kaod.org>
+Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
-Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
+Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
-Message-id: 20240102153529.486531-5-stefanha@redhat.com
+Signed-off-by: Denis V. Lunev <den@openvz.org>
 Message-id: 20180112090122.1702-2-klim.kireev@virtuozzo.com
 CC: Stefan Hajnoczi <stefanha@redhat.com>
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 ---
- docs/devel/reset.rst             |  2 +-
+ docs/interop/prl-xml.txt | 158 +++++++++++++++++++++++++++++++++++++++++++++++
- hw/display/qxl.h                 |  2 +-
+file changed, 158 insertions(+)
- include/exec/cpu-common.h        |  2 +-
+ create mode 100644 docs/interop/prl-xml.txt
  include/exec/memory.h            |  4 ++--
  include/exec/ramblock.h          |  2 +-
  include/migration/register.h     |  8 ++++----
  target/arm/internals.h           |  4 ++--
  accel/tcg/cputlb.c               |  4 ++--
  accel/tcg/tcg-accel-ops-icount.c |  2 +-
  hw/remote/mpqemu-link.c          |  2 +-
  migration/block-dirty-bitmap.c   | 10 +++++-----
  migration/block.c                | 22 +++++++++++-----------
  migration/colo.c                 |  2 +-
  migration/migration.c            |  2 +-
  migration/ram.c                  |  4 ++--
  system/physmem.c                 |  6 +++---
  target/arm/helper.c              |  2 +-
  ui/spice-core.c                  |  2 +-
  util/rcu.c                       |  2 +-
  audio/coreaudio.m                |  4 ++--
  ui/cocoa.m                       |  6 +++---
 files changed, 47 insertions(+), 47 deletions(-)
-diff --git a/docs/devel/reset.rst b/docs/devel/reset.rst
+diff --git a/docs/interop/prl-xml.txt b/docs/interop/prl-xml.txt
-index XXXXXXX..XXXXXXX 100644
+new file mode 100644
---- a/docs/devel/reset.rst
+index XXXXXXX..XXXXXXX
-+++ b/docs/devel/reset.rst
+--- /dev/null
-@@ -XXX,XX +XXX,XX @@ Triggering reset
++++ b/docs/interop/prl-xml.txt
  This section documents the APIs which "users" of a resettable object should use
  to control it. All resettable control functions must be called while holding
 -the iothread lock.
 +the BQL.
  You can apply a reset to an object using ``resettable_assert_reset()``. You need
  to call ``resettable_release_reset()`` to release the object from reset. To
 diff --git a/hw/display/qxl.h b/hw/display/qxl.h
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/display/qxl.h
 +++ b/hw/display/qxl.h
@@ -XXX,XX +XXX,XX @@ OBJECT_DECLARE_SIMPLE_TYPE(PCIQXLDevice, PCI_QXL)
   *
   * Use with care; by the time this function returns, the returned pointer is
   * not protected by RCU anymore.  If the caller is not within an RCU critical
 - * section and does not hold the iothread lock, it must have other means of
 + * section and does not hold the BQL, it must have other means of
   * protecting the pointer, such as a reference to the region that includes
   * the incoming ram_addr_t.
   *
 diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h
 index XXXXXXX..XXXXXXX 100644
 --- a/include/exec/cpu-common.h
 +++ b/include/exec/cpu-common.h
@@ -XXX,XX +XXX,XX @@ RAMBlock *qemu_ram_block_by_name(const char *name);
   *
   * By the time this function returns, the returned pointer is not protected
   * by RCU anymore.  If the caller is not within an RCU critical section and
 - * does not hold the iothread lock, it must have other means of protecting the
 + * does not hold the BQL, it must have other means of protecting the
   * pointer, such as a reference to the memory region that owns the RAMBlock.
   */
  RAMBlock *qemu_ram_block_from_host(void *ptr, bool round_offset,
 diff --git a/include/exec/memory.h b/include/exec/memory.h
 index XXXXXXX..XXXXXXX 100644
 --- a/include/exec/memory.h
 +++ b/include/exec/memory.h
@@ -XXX,XX +XXX,XX @@ int memory_region_get_fd(MemoryRegion *mr);
   *
   * Use with care; by the time this function returns, the returned pointer is
   * not protected by RCU anymore.  If the caller is not within an RCU critical
 - * section and does not hold the iothread lock, it must have other means of
 + * section and does not hold the BQL, it must have other means of
   * protecting the pointer, such as a reference to the region that includes
   * the incoming ram_addr_t.
   *
@@ -XXX,XX +XXX,XX @@ MemoryRegion *memory_region_from_host(void *ptr, ram_addr_t *offset);
   *
   * Use with care; by the time this function returns, the returned pointer is
   * not protected by RCU anymore.  If the caller is not within an RCU critical
 - * section and does not hold the iothread lock, it must have other means of
 + * section and does not hold the BQL, it must have other means of
   * protecting the pointer, such as a reference to the region that includes
   * the incoming ram_addr_t.
   *
 diff --git a/include/exec/ramblock.h b/include/exec/ramblock.h
 index XXXXXXX..XXXXXXX 100644
 --- a/include/exec/ramblock.h
 +++ b/include/exec/ramblock.h
@@ -XXX,XX +XXX,XX @@ struct RAMBlock {
      ram_addr_t max_length;
      void (*resized)(const char*, uint64_t length, void *host);
      uint32_t flags;
 -    /* Protected by iothread lock.  */
 +    /* Protected by the BQL.  */
      char idstr[256];
      /* RCU-enabled, writes protected by the ramlist lock */
      QLIST_ENTRY(RAMBlock) next;
 diff --git a/include/migration/register.h b/include/migration/register.h
 index XXXXXXX..XXXXXXX 100644
 --- a/include/migration/register.h
 +++ b/include/migration/register.h
 @@ -XXX,XX +XXX,XX @@
- #include "hw/vmstate-if.h"
++= License =
++
- typedef struct SaveVMHandlers {
++Copyright (c) 2015-2017, Virtuozzo, Inc.
--    /* This runs inside the iothread lock.  */
++Authors:
-+    /* This runs inside the BQL.  */
++        2015 Denis Lunev <den@openvz.org>
-     SaveStateHandler *save_state;
++        2015 Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
++        2016-2017 Klim Kireev <klim.kireev@virtuozzo.com>
-     /*
++        2016-2017 Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
-@@ -XXX,XX +XXX,XX @@ typedef struct SaveVMHandlers {
++
-     int (*save_live_complete_postcopy)(QEMUFile *f, void *opaque);
++This work is licensed under the terms of the GNU GPL, version 2 or later.
-     int (*save_live_complete_precopy)(QEMUFile *f, void *opaque);
++See the COPYING file in the top-level directory.
++
--    /* This runs both outside and inside the iothread lock.  */
++This specification contains minimal information about Parallels Disk Format,
-+    /* This runs both outside and inside the BQL.  */
++which is enough to proper work with QEMU. Nevertheless, Parallels Cloud Server
-     bool (*is_active)(void *opaque);
++and Parallels Desktop are able to add some unspecified nodes to xml and use
-     bool (*has_postcopy)(void *opaque);
++them, but they are for internal work and don't affect functionality. Also it
++uses auxiliary xml "Snapshot.xml", which allows to store optional snapshot
-@@ -XXX,XX +XXX,XX @@ typedef struct SaveVMHandlers {
++information, but it doesn't influence open/read/write functionality. QEMU and
-      */
++other software should not use fields not covered in this document and
-     bool (*is_active_iterate)(void *opaque);
++Snapshot.xml file and must leave them as is.
++
--    /* This runs outside the iothread lock in the migration case, and
++= Parallels Disk Format =
-+    /* This runs outside the BQL in the migration case, and
++
-      * within the lock in the savevm case.  The callback had better only
++Parallels disk consists of two parts: the set of snapshots and the disk
-      * use data that is local to the migration thread or protected
++descriptor file, which stores information about all files and snapshots.
-      * by other locks.
++
-      */
++== Definitions ==
-     int (*save_live_iterate)(QEMUFile *f, void *opaque);
++    Snapshot       a record of the contents captured at a particular time,
++                   capable of storing current state. A snapshot has UUID and
--    /* This runs outside the iothread lock!  */
++                   parent UUID.
-+    /* This runs outside the BQL!  */
++
-     /* Note for save_live_pending:
++ Snapshot image    an overlay representing the difference between this
-      * must_precopy:
++                   snapshot and some earlier snapshot.
-      * - must be migrated in precopy or in stopped state
++
-diff --git a/target/arm/internals.h b/target/arm/internals.h
++    Overlay        an image storing the different sectors between two captured
-index XXXXXXX..XXXXXXX 100644
++                   states.
---- a/target/arm/internals.h
++
-+++ b/target/arm/internals.h
++   Root image      snapshot image with no parent, the root of snapshot tree.
-@@ -XXX,XX +XXX,XX @@ static inline const char *aarch32_mode_name(uint32_t psr)
++
-  *
++    Storage        the backing storage for a subset of the virtual disk. When
-  * Update the CPU_INTERRUPT_VIRQ bit in cs->interrupt_request, following
++                   there is more than one storage in a Parallels disk then that
-  * a change to either the input VIRQ line from the GIC or the HCR_EL2.VI bit.
++                   is referred to as a split image. In this case every storage
-- * Must be called with the iothread lock held.
++                   covers specific address space area of the disk and has its
-+ * Must be called with the BQL held.
++                   particular root image. Split images are not considered here
-  */
++                   and are not supported. Each storage consists of disk
- void arm_cpu_update_virq(ARMCPU *cpu);
++                   parameters and a list of images. The list of images always
++                   contains a root image and may also contain overlays. The
-@@ -XXX,XX +XXX,XX @@ void arm_cpu_update_virq(ARMCPU *cpu);
++                   root image can be an expandable Parallels image file or
-  *
++                   plain. Overlays must be expandable.
-  * Update the CPU_INTERRUPT_VFIQ bit in cs->interrupt_request, following
++
-  * a change to either the input VFIQ line from the GIC or the HCR_EL2.VF bit.
++  Description      DiskDescriptor.xml stores information about disk parameters,
-- * Must be called with the iothread lock held.
++     file          snapshots, storages.
-+ * Must be called with the BQL held.
++
-  */
++     Top           The overlay between actual state and some previous snapshot.
- void arm_cpu_update_vfiq(ARMCPU *cpu);
++   Snapshot        It is not a snapshot in the classical sense because it
++                   serves as the active image that the guest writes to.
-diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
++
-index XXXXXXX..XXXXXXX 100644
++    Sector         a 512-byte data chunk.
---- a/accel/tcg/cputlb.c
++
-+++ b/accel/tcg/cputlb.c
++== Description file ==
-@@ -XXX,XX +XXX,XX @@ static void *atomic_mmu_lookup(CPUState *cpu, vaddr addr, MemOpIdx oi,
++All information is placed in a single XML element Parallels_disk_image.
-  * @size: number of bytes
++The element has only one attribute "Version", that must be 1.0.
-  * @mmu_idx: virtual address context
++Schema of DiskDescriptor.xml:
-  * @ra: return address into tcg generated code, or 0
++
-- * Context: iothread lock held
++<Parallels_disk_image Version="1.0">
-+ * Context: BQL held
++    <Disk_Parameters>
-  *
++        ...
-  * Load @size bytes from @addr, which is memory-mapped i/o.
++    </Disk_Parameters>
-  * The bytes are concatenated in big-endian order with @ret_be.
++    <StorageData>
-@@ -XXX,XX +XXX,XX @@ static Int128 do_ld16_mmu(CPUState *cpu, vaddr addr,
++        ...
-  * @size: number of bytes
++    </StorageData>
-  * @mmu_idx: virtual address context
++    <Snapshots>
-  * @ra: return address into tcg generated code, or 0
++        ...
-- * Context: iothread lock held
++    </Snapshots>
-+ * Context: BQL held
++</Parallels_disk_image>
-  *
++
-  * Store @size bytes at @addr, which is memory-mapped i/o.
++== Disk_Parameters element ==
-  * The bytes to store are extracted in little-endian order from @val_le;
++The Disk_Parameters element describes the physical layout of the virtual disk
-diff --git a/accel/tcg/tcg-accel-ops-icount.c b/accel/tcg/tcg-accel-ops-icount.c
++and some general settings.
-index XXXXXXX..XXXXXXX 100644
++
---- a/accel/tcg/tcg-accel-ops-icount.c
++The Disk_Parameters element MUST contain the following child elements:
-+++ b/accel/tcg/tcg-accel-ops-icount.c
++    * Disk_size - number of sectors in the disk,
-@@ -XXX,XX +XXX,XX @@ void icount_prepare_for_run(CPUState *cpu, int64_t cpu_budget)
++                  desired size of the disk.
++    * Cylinders - number of the disk cylinders.
-     if (cpu->icount_budget == 0) {
++    * Heads     - number of the disk heads.
-         /*
++    * Sectors   - number of the disk sectors per cylinder
--         * We're called without the iothread lock, so must take it while
++                  (sector size is 512 bytes)
-+         * We're called without the BQL, so must take it while
++                  Limitation: Product of the Heads, Sectors and Cylinders
-          * we're calling timer handlers.
++                  values MUST be equal to the value of the Disk_size parameter.
-          */
++    * Padding   - must be 0. Parallels Cloud Server and Parallels Desktop may
-         bql_lock();
++                  use padding set to 1, however this case is not covered
-diff --git a/hw/remote/mpqemu-link.c b/hw/remote/mpqemu-link.c
++                  by this spec, QEMU and other software should not open
-index XXXXXXX..XXXXXXX 100644
++                  such disks and should not create them.
---- a/hw/remote/mpqemu-link.c
++
-+++ b/hw/remote/mpqemu-link.c
++== StorageData element ==
-@@ -XXX,XX +XXX,XX @@ bool mpqemu_msg_send(MPQemuMsg *msg, QIOChannel *ioc, Error **errp)
++This element of the file describes the root image and all snapshot images.
-     assert(qemu_in_coroutine() || !iothread);
++
++The StorageData element consists of the Storage child element, as shown below:
-     /*
++<StorageData>
--     * Skip unlocking/locking iothread lock when the IOThread is running
++    <Storage>
-+     * Skip unlocking/locking BQL when the IOThread is running
++        ...
-      * in co-routine context. Co-routine context is asserted above
++    </Storage>
-      * for IOThread case.
++</StorageData>
-      * Also skip lock handling while in a co-routine in the main context.
++
-diff --git a/migration/block-dirty-bitmap.c b/migration/block-dirty-bitmap.c
++A Storage element has following child elements:
-index XXXXXXX..XXXXXXX 100644
++    * Start     - start sector of the storage, in case of non split storage
---- a/migration/block-dirty-bitmap.c
++                  equals to 0.
-+++ b/migration/block-dirty-bitmap.c
++    * End       - number of sector following the last sector, in case of non
-@@ -XXX,XX +XXX,XX @@ static void send_bitmap_bits(QEMUFile *f, DBMSaveState *s,
++                  split storage equals to Disk_size.
-     g_free(buf);
++    * Blocksize - storage cluster size, number of sectors per one cluster.
- }
++                  Cluster size for each "Compressed" (see below) image in
++                  parallels disk must be equal to this field. Note: cluster
--/* Called with iothread lock taken.  */
++                  size for Parallels Expandable Image is in 'tracks' field of
-+/* Called with the BQL taken.  */
++                  its header (see docs/interop/parallels.txt).
- static void dirty_bitmap_do_save_cleanup(DBMSaveState *s)
++    * Several Image child elements.
- {
++
-     SaveBitmapState *dbms;
++Each Image element has following child elements:
-@@ -XXX,XX +XXX,XX @@ static void dirty_bitmap_do_save_cleanup(DBMSaveState *s)
++    * GUID - image identifier, UUID in curly brackets.
-     }
++             For instance, {12345678-9abc-def1-2345-6789abcdef12}.
- }
++             The GUID is used by the Snapshots element to reference images
++             (see below)
--/* Called with iothread lock taken. */
++    * Type - image type of the element. It can be:
-+/* Called with the BQL taken. */
++             "Plain" for raw files.
- static int add_bitmaps_to_list(DBMSaveState *s, BlockDriverState *bs,
++             "Compressed" for expanding disks.
-                                const char *bs_name, GHashTable *alias_map)
++    * File - path to image file. Path can be relative to DiskDecriptor.xml or
- {
++             absolute.
-@@ -XXX,XX +XXX,XX @@ static int add_bitmaps_to_list(DBMSaveState *s, BlockDriverState *bs,
++
-     return 0;
++== Snapshots element ==
- }
++The Snapshots element describes the snapshot relations with the snapshot tree.
++
--/* Called with iothread lock taken. */
++The element contains the set of Shot child elements, as shown below:
-+/* Called with the BQL taken. */
++<Snapshots>
- static int init_dirty_bitmap_migration(DBMSaveState *s)
++    <TopGUID> ... </TopGUID> /* Optional child element */
- {
++    <Shot>
-     BlockDriverState *bs;
++        ...
-@@ -XXX,XX +XXX,XX @@ static int init_dirty_bitmap_migration(DBMSaveState *s)
++    </Shot>
-     BlockBackend *blk;
++    <Shot>
-     GHashTable *alias_map = NULL;
++        ...
++    </Shot>
--    /* Runs in the migration thread, but holds the iothread lock */
++    ...
-+    /* Runs in the migration thread, but holds the BQL */
++</Snapshots>
-     GLOBAL_STATE_CODE();
++
-     GRAPH_RDLOCK_GUARD_MAINLOOP();
++Each Shot element contains the following child elements:
++    * GUID       - an image GUID.
-@@ -XXX,XX +XXX,XX @@ static int dirty_bitmap_save_iterate(QEMUFile *f, void *opaque)
++    * ParentGUID - GUID of the image of the parent snapshot.
-     return s->bulk_completed;
++
- }
++The software may traverse snapshots from child to parent using <ParentGUID>
++field as reference. ParentGUID of root snapshot is
--/* Called with iothread lock taken.  */
++{00000000-0000-0000-0000-000000000000}. There should be only one root
-+/* Called with the BQL taken.  */
++snapshot. Top snapshot could be described via two ways: via TopGUID child
++element of the Snapshots element or via predefined GUID
- static int dirty_bitmap_save_complete(QEMUFile *f, void *opaque)
++{5fbaabe3-6958-40ff-92a7-860e329aab41}. If TopGUID is defined, predefined GUID is
- {
++interpreted as usual GUID. All snapshot images (except Top Snapshot) should be
-diff --git a/migration/block.c b/migration/block.c
++opened read-only. There is another predefined GUID,
-index XXXXXXX..XXXXXXX 100644
++BackupID = {704718e1-2314-44c8-9087-d78ed36b0f4e}, which is used by original and
---- a/migration/block.c
++some third-party software for backup, QEMU and other software may operate with
-+++ b/migration/block.c
++images with GUID = BackupID as usual, however, it is not recommended to use this
-@@ -XXX,XX +XXX,XX @@ typedef struct BlkMigState {
++GUID for new disks. Top snapshot cannot have this GUID.
      int prev_progress;
      int bulk_completed;
 -    /* Lock must be taken _inside_ the iothread lock.  */
 +    /* Lock must be taken _inside_ the BQL.  */
      QemuMutex lock;
  } BlkMigState;
@@ -XXX,XX +XXX,XX @@ static void blk_mig_unlock(void)
      qemu_mutex_unlock(&block_mig_state.lock);
  }
 -/* Must run outside of the iothread lock during the bulk phase,
 +/* Must run outside of the BQL during the bulk phase,
   * or the VM will stall.
   */
@@ -XXX,XX +XXX,XX @@ static int mig_save_device_bulk(QEMUFile *f, BlkMigDevState *bmds)
      return (bmds->cur_sector >= total_sectors);
  }
 -/* Called with iothread lock taken.  */
 +/* Called with the BQL taken.  */
  static int set_dirty_tracking(void)
  {
@@ -XXX,XX +XXX,XX @@ fail:
      return ret;
  }
 -/* Called with iothread lock taken.  */
 +/* Called with the BQL taken.  */
  static void unset_dirty_tracking(void)
  {
@@ -XXX,XX +XXX,XX @@ static void blk_mig_reset_dirty_cursor(void)
      }
  }
 -/* Called with iothread lock taken.  */
 +/* Called with the BQL taken.  */
  static int mig_save_device_dirty(QEMUFile *f, BlkMigDevState *bmds,
                                   int is_async)
@@ -XXX,XX +XXX,XX @@ error:
      return ret;
  }
 -/* Called with iothread lock taken.
 +/* Called with the BQL taken.
   *
   * return value:
   * 0: too much data for max_downtime
@@ -XXX,XX +XXX,XX @@ static int flush_blks(QEMUFile *f)
      return ret;
  }
 -/* Called with iothread lock taken.  */
 +/* Called with the BQL taken.  */
  static int64_t get_remaining_dirty(void)
  {
@@ -XXX,XX +XXX,XX @@ static int64_t get_remaining_dirty(void)
 -/* Called with iothread lock taken.  */
 +/* Called with the BQL taken.  */
  static void block_migration_cleanup_bmds(void)
  {
      BlkMigDevState *bmds;
@@ -XXX,XX +XXX,XX @@ static void block_migration_cleanup_bmds(void)
      }
  }
 -/* Called with iothread lock taken.  */
 +/* Called with the BQL taken.  */
  static void block_migration_cleanup(void *opaque)
  {
      BlkMigBlock *blk;
@@ -XXX,XX +XXX,XX @@ static int block_save_iterate(QEMUFile *f, void *opaque)
              }
              ret = 0;
          } else {
 -            /* Always called with iothread lock taken for
 +            /* Always called with the BQL taken for
               * simplicity, block_save_complete also calls it.
               */
              bql_lock();
@@ -XXX,XX +XXX,XX @@ static int block_save_iterate(QEMUFile *f, void *opaque)
      return (delta_bytes > 0);
  }
 -/* Called with iothread lock taken.  */
 +/* Called with the BQL taken.  */
  static int block_save_complete(QEMUFile *f, void *opaque)
  {
 diff --git a/migration/colo.c b/migration/colo.c
 index XXXXXXX..XXXXXXX 100644
 --- a/migration/colo.c
 +++ b/migration/colo.c
@@ -XXX,XX +XXX,XX @@ int coroutine_fn colo_incoming_co(void)
      qemu_thread_join(&th);
      bql_lock();
 -    /* We hold the global iothread lock, so it is safe here */
 +    /* We hold the global BQL, so it is safe here */
      colo_release_ram_cache();
      return 0;
 diff --git a/migration/migration.c b/migration/migration.c
 index XXXXXXX..XXXXXXX 100644
 --- a/migration/migration.c
 +++ b/migration/migration.c
@@ -XXX,XX +XXX,XX @@ fail:
  /**
   * migration_maybe_pause: Pause if required to by
 - * migrate_pause_before_switchover called with the iothread locked
 + * migrate_pause_before_switchover called with the BQL locked
   * Returns: 0 on success
   */
  static int migration_maybe_pause(MigrationState *s,
 diff --git a/migration/ram.c b/migration/ram.c
 index XXXXXXX..XXXXXXX 100644
 --- a/migration/ram.c
 +++ b/migration/ram.c
@@ -XXX,XX +XXX,XX @@ static void ram_save_cleanup(void *opaque)
      /* We don't use dirty log with background snapshots */
      if (!migrate_background_snapshot()) {
 -        /* caller have hold iothread lock or is in a bh, so there is
 +        /* caller have hold BQL or is in a bh, so there is
           * no writing race against the migration bitmap
           */
          if (global_dirty_tracking & GLOBAL_DIRTY_MIGRATION) {
@@ -XXX,XX +XXX,XX @@ out:
   *
   * Returns zero to indicate success or negative on error
   *
 - * Called with iothread lock
 + * Called with the BQL
   *
   * @f: QEMUFile where to send the data
   * @opaque: RAMState pointer
 diff --git a/system/physmem.c b/system/physmem.c
 index XXXXXXX..XXXXXXX 100644
 --- a/system/physmem.c
 +++ b/system/physmem.c
@@ -XXX,XX +XXX,XX @@ static RAMBlock *qemu_get_ram_block(ram_addr_t addr)
      abort();
  found:
 -    /* It is safe to write mru_block outside the iothread lock.  This
 +    /* It is safe to write mru_block outside the BQL.  This
       * is what happens:
       *
       *     mru_block = xxx
@@ -XXX,XX +XXX,XX @@ int qemu_ram_get_fd(RAMBlock *rb)
      return rb->fd;
  }
 -/* Called with iothread lock held.  */
 +/* Called with the BQL held.  */
  void qemu_ram_set_idstr(RAMBlock *new_block, const char *name, DeviceState *dev)
  {
      RAMBlock *block;
@@ -XXX,XX +XXX,XX @@ void qemu_ram_set_idstr(RAMBlock *new_block, const char *name, DeviceState *dev)
      }
  }
 -/* Called with iothread lock held.  */
 +/* Called with the BQL held.  */
  void qemu_ram_unset_idstr(RAMBlock *block)
  {
      /* FIXME: arch_init.c assumes that this is not called throughout
 diff --git a/target/arm/helper.c b/target/arm/helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/arm/helper.c
 +++ b/target/arm/helper.c
@@ -XXX,XX +XXX,XX @@ static void do_hcr_write(CPUARMState *env, uint64_t value, uint64_t valid_mask)
       * Updates to VI and VF require us to update the status of
       * virtual interrupts, which are the logical OR of these bits
       * and the state of the input lines from the GIC. (This requires
 -     * that we have the iothread lock, which is done by marking the
 +     * that we have the BQL, which is done by marking the
       * reginfo structs as ARM_CP_IO.)
       * Note that if a write to HCR pends a VIRQ or VFIQ it is never
       * possible for it to be taken immediately, because VIRQ and
 diff --git a/ui/spice-core.c b/ui/spice-core.c
 index XXXXXXX..XXXXXXX 100644
 --- a/ui/spice-core.c
 +++ b/ui/spice-core.c
@@ -XXX,XX +XXX,XX @@ static void channel_event(int event, SpiceChannelEventInfo *info)
       * not do that.  It isn't that easy to fix it in spice and even
       * when it is fixed we still should cover the already released
       * spice versions.  So detect that we've been called from another
 -     * thread and grab the iothread lock if so before calling qemu
 +     * thread and grab the BQL if so before calling qemu
       * functions.
       */
      bool need_lock = !qemu_thread_is_self(&me);
 diff --git a/util/rcu.c b/util/rcu.c
 index XXXXXXX..XXXXXXX 100644
 --- a/util/rcu.c
 +++ b/util/rcu.c
@@ -XXX,XX +XXX,XX @@ static void rcu_init_complete(void)
      qemu_event_init(&rcu_call_ready_event, false);
 -    /* The caller is assumed to have iothread lock, so the call_rcu thread
 +    /* The caller is assumed to have BQL, so the call_rcu thread
       * must have been quiescent even after forking, just recreate it.
       */
      qemu_thread_create(&thread, "call_rcu", call_rcu_thread,
 diff --git a/audio/coreaudio.m b/audio/coreaudio.m
 index XXXXXXX..XXXXXXX 100644
 --- a/audio/coreaudio.m
 +++ b/audio/coreaudio.m
@@ -XXX,XX +XXX,XX @@ static ret_type glue(coreaudio_, name)args_decl             \
  #undef COREAUDIO_WRAPPER_FUNC
  /*
 - * callback to feed audiooutput buffer. called without iothread lock.
 + * callback to feed audiooutput buffer. called without BQL.
   * allowed to lock "buf_mutex", but disallowed to have any other locks.
   */
  static OSStatus audioDeviceIOProc(
@@ -XXX,XX +XXX,XX @@ static void update_device_playback_state(coreaudioVoiceOut *core)
      }
  }
 -/* called without iothread lock. */
 +/* called without BQL. */
  static OSStatus handle_voice_change(
      AudioObjectID in_object_id,
      UInt32 in_number_addresses,
 diff --git a/ui/cocoa.m b/ui/cocoa.m
 index XXXXXXX..XXXXXXX 100644
 --- a/ui/cocoa.m
 +++ b/ui/cocoa.m
@@ -XXX,XX +XXX,XX @@ static void cocoa_switch(DisplayChangeListener *dcl,
  static QemuClipboardInfo *cbinfo;
  static QemuEvent cbevent;
 -// Utility functions to run specified code block with iothread lock held
 +// Utility functions to run specified code block with the BQL held
  typedef void (^CodeBlock)(void);
  typedef bool (^BoolCodeBlock)(void);
@@ -XXX,XX +XXX,XX @@ - (void) setContentDimensions
  - (void) updateUIInfoLocked
  {
 -    /* Must be called with the iothread lock, i.e. via updateUIInfo */
 +    /* Must be called with the BQL, i.e. via updateUIInfo */
      NSSize frameSize;
      QemuUIInfo info;
@@ -XXX,XX +XXX,XX @@ static void cocoa_display_init(DisplayState *ds, DisplayOptions *opts)
       * Create the menu entries which depend on QEMU state (for consoles
       * and removable devices). These make calls back into QEMU functions,
       * which is OK because at this point we know that the second thread
 -     * holds the iothread lock and is synchronously waiting for us to
 +     * holds the BQL and is synchronously waiting for us to
       * finish.
       */
      add_console_menu_entries();
 --
-.43.0
+.14.3

-[PULL 4/6] qemu/main-loop: rename qemu_cond_wait_iothread() to qemu_cond_wait_bql()
+[Qemu-devel] [PULL v2 3/6] configure: add dependency
-The name "iothread" is overloaded. Use the term Big QEMU Lock (BQL)
+From: Klim Kireev <klim.kireev@virtuozzo.com>
 instead, it is already widely used and unambiguous.
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
+This dependency is required for adequate Parallels images support.
-Reviewed-by: Cédric Le Goater <clg@kaod.org>
+Typically the disk consists of several images which are glued by
-Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
+XML disk descriptor. Also XML hides inside several important parameters
-Reviewed-by: Paul Durrant <paul@xen.org>
+which are not available in the image header.
-Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
-Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
+The patch also adds clause to checkpatch.pl to understand libxml2 types.
-Message-id: 20240102153529.486531-4-stefanha@redhat.com
 Signed-off-by: Denis V. Lunev <den@openvz.org>
 Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
 Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
 Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
 Message-id: 20180112090122.1702-3-klim.kireev@virtuozzo.com
 CC: Stefan Hajnoczi <stefanha@redhat.com>
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 ---
- include/qemu/main-loop.h          | 10 +++++-----
+ configure             | 27 +++++++++++++++++++++++++++
- accel/tcg/tcg-accel-ops-rr.c      |  4 ++--
+ block/Makefile.objs   |  2 ++
- hw/display/virtio-gpu.c           |  2 +-
+ scripts/checkpatch.pl |  1 +
- hw/ppc/spapr_events.c             |  2 +-
+files changed, 30 insertions(+)
  system/cpu-throttle.c             |  2 +-
  system/cpus.c                     |  4 ++--
  target/i386/nvmm/nvmm-accel-ops.c |  2 +-
  target/i386/whpx/whpx-accel-ops.c |  2 +-
 files changed, 14 insertions(+), 14 deletions(-)
-diff --git a/include/qemu/main-loop.h b/include/qemu/main-loop.h
+diff --git a/configure b/configure
 index XXXXXXX..XXXXXXX 100755
 --- a/configure
 +++ b/configure
@@ -XXX,XX +XXX,XX @@ tcmalloc="no"
  jemalloc="no"
  replication="yes"
  vxhs=""
 +libxml2=""
  supported_cpu="no"
  supported_os="no"
@@ -XXX,XX +XXX,XX @@ for opt do
    ;;
    --enable-numa) numa="yes"
    ;;
 +  --disable-libxml2) libxml2="no"
 +  ;;
 +  --enable-libxml2) libxml2="yes"
 +  ;;
    --disable-tcmalloc) tcmalloc="no"
    ;;
    --enable-tcmalloc) tcmalloc="yes"
@@ -XXX,XX +XXX,XX @@ disabled with --disable-FEATURE, default is enabled if available:
    tpm             TPM support
    libssh2         ssh block device support
    numa            libnuma support
 +  libxml2         for Parallels image format
    tcmalloc        tcmalloc support
    jemalloc        jemalloc support
    replication     replication support
@@ -XXX,XX +XXX,XX @@ EOF
    fi
  fi
 +##########################################
 +# libxml2 probe
 +if test "$libxml2" != "no" ; then
 +    if $pkg_config --exists libxml-2.0; then
 +        libxml2="yes"
 +        libxml2_cflags=$($pkg_config --cflags libxml-2.0)
 +        libxml2_libs=$($pkg_config --libs libxml-2.0)
 +    else
 +        if test "$libxml2" = "yes"; then
 +            feature_not_found "libxml2" "Install libxml2 devel"
 +        fi
 +        libxml2="no"
 +    fi
 +fi
  ##########################################
  # glusterfs probe
@@ -XXX,XX +XXX,XX @@ echo "lzo support       $lzo"
  echo "snappy support    $snappy"
  echo "bzip2 support     $bzip2"
  echo "NUMA host support $numa"
 +echo "libxml2           $libxml2"
  echo "tcmalloc support  $tcmalloc"
  echo "jemalloc support  $jemalloc"
  echo "avx2 optimization $avx2_opt"
@@ -XXX,XX +XXX,XX @@ if test "$have_rtnetlink" = "yes" ; then
    echo "CONFIG_RTNETLINK=y" >> $config_host_mak
  fi
 +if test "$libxml2" = "yes" ; then
 +  echo "CONFIG_LIBXML2=y" >> $config_host_mak
 +  echo "LIBXML2_CFLAGS=$libxml2_cflags" >> $config_host_mak
 +  echo "LIBXML2_LIBS=$libxml2_libs" >> $config_host_mak
 +fi
 +
  if test "$replication" = "yes" ; then
    echo "CONFIG_REPLICATION=y" >> $config_host_mak
  fi
 diff --git a/block/Makefile.objs b/block/Makefile.objs
 index XXXXXXX..XXXXXXX 100644
---- a/include/qemu/main-loop.h
+--- a/block/Makefile.objs
-+++ b/include/qemu/main-loop.h
++++ b/block/Makefile.objs
-@@ -XXX,XX +XXX,XX @@ G_DEFINE_AUTOPTR_CLEANUP_FUNC(BQLLockAuto, bql_auto_unlock)
+@@ -XXX,XX +XXX,XX @@ block-obj-$(if $(CONFIG_BZIP2),m,n) += dmg-bz2.o
-         = bql_auto_lock(__FILE__, __LINE__)
+ dmg-bz2.o-libs     := $(BZIP2_LIBS)
+ qcow.o-libs        := -lz
- /*
+ linux-aio.o-libs   := -laio
-- * qemu_cond_wait_iothread: Wait on condition for the main loop mutex
++parallels.o-cflags := $(LIBXML2_CFLAGS)
-+ * qemu_cond_wait_bql: Wait on condition for the Big QEMU Lock (BQL)
++parallels.o-libs   := $(LIBXML2_LIBS)
-  *
+diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
-- * This function atomically releases the main loop mutex and causes
+index XXXXXXX..XXXXXXX 100755
-+ * This function atomically releases the Big QEMU Lock (BQL) and causes
+--- a/scripts/checkpatch.pl
-  * the calling thread to block on the condition.
++++ b/scripts/checkpatch.pl
-  */
+@@ -XXX,XX +XXX,XX @@ our @typeList = (
--void qemu_cond_wait_iothread(QemuCond *cond);
+     qr{${Ident}_handler_fn},
-+void qemu_cond_wait_bql(QemuCond *cond);
+     qr{target_(?:u)?long},
+     qr{hwaddr},
- /*
++    qr{xml${Ident}},
-- * qemu_cond_timedwait_iothread: like the previous, but with timeout
+ );
-+ * qemu_cond_timedwait_bql: like the previous, but with timeout
-  */
+ # This can be modified by sub possible.  Since it can be empty, be careful
 -void qemu_cond_timedwait_iothread(QemuCond *cond, int ms);
 +void qemu_cond_timedwait_bql(QemuCond *cond, int ms);
  /* internal interfaces */
 diff --git a/accel/tcg/tcg-accel-ops-rr.c b/accel/tcg/tcg-accel-ops-rr.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/tcg/tcg-accel-ops-rr.c
 +++ b/accel/tcg/tcg-accel-ops-rr.c
@@ -XXX,XX +XXX,XX @@ static void rr_wait_io_event(void)
      while (all_cpu_threads_idle()) {
          rr_stop_kick_timer();
 -        qemu_cond_wait_iothread(first_cpu->halt_cond);
 +        qemu_cond_wait_bql(first_cpu->halt_cond);
      }
      rr_start_kick_timer();
@@ -XXX,XX +XXX,XX @@ static void *rr_cpu_thread_fn(void *arg)
      /* wait for initial kick-off after machine start */
      while (first_cpu->stopped) {
 -        qemu_cond_wait_iothread(first_cpu->halt_cond);
 +        qemu_cond_wait_bql(first_cpu->halt_cond);
          /* process any pending work */
          CPU_FOREACH(cpu) {
 diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/display/virtio-gpu.c
 +++ b/hw/display/virtio-gpu.c
@@ -XXX,XX +XXX,XX @@ void virtio_gpu_reset(VirtIODevice *vdev)
          g->reset_finished = false;
          qemu_bh_schedule(g->reset_bh);
          while (!g->reset_finished) {
 -            qemu_cond_wait_iothread(&g->reset_cond);
 +            qemu_cond_wait_bql(&g->reset_cond);
          }
      } else {
          virtio_gpu_reset_bh(g);
 diff --git a/hw/ppc/spapr_events.c b/hw/ppc/spapr_events.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/ppc/spapr_events.c
 +++ b/hw/ppc/spapr_events.c
@@ -XXX,XX +XXX,XX @@ void spapr_mce_req_event(PowerPCCPU *cpu, bool recovered)
              }
              return;
          }
 -        qemu_cond_wait_iothread(&spapr->fwnmi_machine_check_interlock_cond);
 +        qemu_cond_wait_bql(&spapr->fwnmi_machine_check_interlock_cond);
          if (spapr->fwnmi_machine_check_addr == -1) {
              /*
               * If the machine was reset while waiting for the interlock,
 diff --git a/system/cpu-throttle.c b/system/cpu-throttle.c
 index XXXXXXX..XXXXXXX 100644
 --- a/system/cpu-throttle.c
 +++ b/system/cpu-throttle.c
@@ -XXX,XX +XXX,XX @@ static void cpu_throttle_thread(CPUState *cpu, run_on_cpu_data opaque)
      endtime_ns = qemu_clock_get_ns(QEMU_CLOCK_REALTIME) + sleeptime_ns;
      while (sleeptime_ns > 0 && !cpu->stop) {
          if (sleeptime_ns > SCALE_MS) {
 -            qemu_cond_timedwait_iothread(cpu->halt_cond,
 +            qemu_cond_timedwait_bql(cpu->halt_cond,
                                           sleeptime_ns / SCALE_MS);
          } else {
              bql_unlock();
 diff --git a/system/cpus.c b/system/cpus.c
 index XXXXXXX..XXXXXXX 100644
 --- a/system/cpus.c
 +++ b/system/cpus.c
@@ -XXX,XX +XXX,XX @@ void bql_unlock(void)
      qemu_mutex_unlock(&bql);
  }
 -void qemu_cond_wait_iothread(QemuCond *cond)
 +void qemu_cond_wait_bql(QemuCond *cond)
  {
      qemu_cond_wait(cond, &bql);
  }
 -void qemu_cond_timedwait_iothread(QemuCond *cond, int ms)
 +void qemu_cond_timedwait_bql(QemuCond *cond, int ms)
  {
      qemu_cond_timedwait(cond, &bql, ms);
  }
 diff --git a/target/i386/nvmm/nvmm-accel-ops.c b/target/i386/nvmm/nvmm-accel-ops.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/nvmm/nvmm-accel-ops.c
 +++ b/target/i386/nvmm/nvmm-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void *qemu_nvmm_cpu_thread_fn(void *arg)
              }
          }
          while (cpu_thread_is_idle(cpu)) {
 -            qemu_cond_wait_iothread(cpu->halt_cond);
 +            qemu_cond_wait_bql(cpu->halt_cond);
          }
          qemu_wait_io_event_common(cpu);
      } while (!cpu->unplug || cpu_can_run(cpu));
 diff --git a/target/i386/whpx/whpx-accel-ops.c b/target/i386/whpx/whpx-accel-ops.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/whpx/whpx-accel-ops.c
 +++ b/target/i386/whpx/whpx-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void *whpx_cpu_thread_fn(void *arg)
              }
          }
          while (cpu_thread_is_idle(cpu)) {
 -            qemu_cond_wait_iothread(cpu->halt_cond);
 +            qemu_cond_wait_bql(cpu->halt_cond);
          }
          qemu_wait_io_event_common(cpu);
      } while (!cpu->unplug || cpu_can_run(cpu));
 --
-.43.0
+.14.3

-[PULL 2/6] system/cpus: rename qemu_mutex_lock_iothread() to bql_lock()
+[Qemu-devel] [PULL v2 4/6] block/parallels: move some structures into header
-The Big QEMU Lock (BQL) has many names and they are confusing. The
+From: Klim Kireev <klim.kireev@virtuozzo.com>
 actual QemuMutex variable is called qemu_global_mutex but it's commonly
 referred to as the BQL in discussions and some code comments. The
 locking APIs, however, are called qemu_mutex_lock_iothread() and
 qemu_mutex_unlock_iothread().
-The "iothread" name is historic and comes from when the main thread was
+To implement xml format, some defines and structures
-split into into KVM vcpu threads and the "iothread" (now called the main
+from parallels.c are required.
 loop thread). I have contributed to the confusion myself by introducing
 a separate --object iothread, a separate concept unrelated to the BQL.
-The "iothread" name is no longer appropriate for the BQL. Rename the
+Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
-locking APIs to:
+Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
-- void bql_lock(void)
+Signed-off-by: Denis V. Lunev <den@openvz.org>
-- void bql_unlock(void)
+Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
-- bool bql_locked(void)
+Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
+Message-id: 20180112090122.1702-4-klim.kireev@virtuozzo.com
-There are more APIs with "iothread" in their names. Subsequent patches
+CC: Stefan Hajnoczi <stefanha@redhat.com>
 will rename them. There are also comments and documentation that will be
 updated in later patches.
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 Reviewed-by: Paul Durrant <paul@xen.org>
 Acked-by: Fabiano Rosas <farosas@suse.de>
 Acked-by: David Woodhouse <dwmw@amazon.co.uk>
 Reviewed-by: Cédric Le Goater <clg@kaod.org>
 Acked-by: Peter Xu <peterx@redhat.com>
 Acked-by: Eric Farman <farman@linux.ibm.com>
 Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
 Acked-by: Hyman Huang <yong.huang@smartx.com>
 Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
 Message-id: 20240102153529.486531-2-stefanha@redhat.com
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 ---
- include/block/aio-wait.h             |   2 +-
+ block/parallels.h | 86 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
- include/qemu/main-loop.h             |  39 +++++----
+ block/parallels.c | 53 +---------------------------------
- include/qemu/thread.h                |   2 +-
+files changed, 87 insertions(+), 52 deletions(-)
- accel/accel-blocker.c                |  10 +--
+ create mode 100644 block/parallels.h
  accel/dummy-cpus.c                   |   8 +-
  accel/hvf/hvf-accel-ops.c            |   4 +-
  accel/kvm/kvm-accel-ops.c            |   4 +-
  accel/kvm/kvm-all.c                  |  22 ++---
  accel/tcg/cpu-exec.c                 |  26 +++---
  accel/tcg/cputlb.c                   |  16 ++--
  accel/tcg/tcg-accel-ops-icount.c     |   4 +-
  accel/tcg/tcg-accel-ops-mttcg.c      |  12 +--
  accel/tcg/tcg-accel-ops-rr.c         |  14 ++--
  accel/tcg/tcg-accel-ops.c            |   2 +-
  accel/tcg/translate-all.c            |   2 +-
  cpu-common.c                         |   4 +-
  dump/dump.c                          |   4 +-
  hw/core/cpu-common.c                 |   6 +-
  hw/i386/intel_iommu.c                |   6 +-
  hw/i386/kvm/xen_evtchn.c             |  16 ++--
  hw/i386/kvm/xen_overlay.c            |   2 +-
  hw/i386/kvm/xen_xenstore.c           |   2 +-
  hw/intc/arm_gicv3_cpuif.c            |   2 +-
  hw/intc/s390_flic.c                  |  18 ++--
  hw/misc/edu.c                        |   4 +-
  hw/misc/imx6_src.c                   |   2 +-
  hw/misc/imx7_src.c                   |   2 +-
  hw/net/xen_nic.c                     |   8 +-
  hw/ppc/pegasos2.c                    |   2 +-
  hw/ppc/ppc.c                         |   4 +-
  hw/ppc/spapr.c                       |   2 +-
  hw/ppc/spapr_rng.c                   |   4 +-
  hw/ppc/spapr_softmmu.c               |   4 +-
  hw/remote/mpqemu-link.c              |  20 ++---
  hw/remote/vfio-user-obj.c            |   2 +-
  hw/s390x/s390-skeys.c                |   2 +-
  migration/block-dirty-bitmap.c       |   4 +-
  migration/block.c                    |  16 ++--
  migration/colo.c                     |  60 +++++++-------
  migration/dirtyrate.c                |  12 +--
  migration/migration.c                |  52 ++++++------
  migration/ram.c                      |  12 +--
  replay/replay-internal.c             |   2 +-
  semihosting/console.c                |   8 +-
  stubs/iothread-lock.c                |   6 +-
  system/cpu-throttle.c                |   4 +-
  system/cpus.c                        |  51 ++++++------
  system/dirtylimit.c                  |   4 +-
  system/memory.c                      |   2 +-
  system/physmem.c                     |   8 +-
  system/runstate.c                    |   2 +-
  system/watchpoint.c                  |   4 +-
  target/arm/arm-powerctl.c            |  14 ++--
  target/arm/helper.c                  |   4 +-
  target/arm/hvf/hvf.c                 |   8 +-
  target/arm/kvm.c                     |   8 +-
  target/arm/ptw.c                     |   6 +-
  target/arm/tcg/helper-a64.c          |   8 +-
  target/arm/tcg/m_helper.c            |   6 +-
  target/arm/tcg/op_helper.c           |  24 +++---
  target/arm/tcg/psci.c                |   2 +-
  target/hppa/int_helper.c             |   8 +-
  target/i386/hvf/hvf.c                |   6 +-
  target/i386/kvm/hyperv.c             |   4 +-
  target/i386/kvm/kvm.c                |  28 +++----
  target/i386/kvm/xen-emu.c            |  14 ++--
  target/i386/nvmm/nvmm-accel-ops.c    |   4 +-
  target/i386/nvmm/nvmm-all.c          |  20 ++---
  target/i386/tcg/sysemu/fpu_helper.c  |   6 +-
  target/i386/tcg/sysemu/misc_helper.c |   4 +-
  target/i386/whpx/whpx-accel-ops.c    |   4 +-
  target/i386/whpx/whpx-all.c          |  24 +++---
  target/loongarch/tcg/csr_helper.c    |   4 +-
  target/mips/kvm.c                    |   4 +-
  target/mips/tcg/sysemu/cp0_helper.c  |   4 +-
  target/openrisc/sys_helper.c         |  16 ++--
  target/ppc/excp_helper.c             |  12 +--
  target/ppc/kvm.c                     |   4 +-
  target/ppc/misc_helper.c             |   8 +-
  target/ppc/timebase_helper.c         |   8 +-
  target/s390x/kvm/kvm.c               |   4 +-
  target/s390x/tcg/misc_helper.c       | 118 +++++++++++++--------------
  target/sparc/int32_helper.c          |   2 +-
  target/sparc/int64_helper.c          |   6 +-
  target/sparc/win_helper.c            |  20 ++---
  target/xtensa/exc_helper.c           |   8 +-
  ui/spice-core.c                      |   4 +-
  util/async.c                         |   2 +-
  util/main-loop.c                     |   8 +-
  util/qsp.c                           |   6 +-
  util/rcu.c                           |  14 ++--
  audio/coreaudio.m                    |   4 +-
  memory_ldst.c.inc                    |  18 ++--
  target/i386/hvf/README.md            |   2 +-
  ui/cocoa.m                           |  50 ++++++------
 files changed, 529 insertions(+), 529 deletions(-)
-diff --git a/include/block/aio-wait.h b/include/block/aio-wait.h
+diff --git a/block/parallels.h b/block/parallels.h
 new file mode 100644
 index XXXXXXX..XXXXXXX
 --- /dev/null
 +++ b/block/parallels.h
@@ -XXX,XX +XXX,XX @@
 +/*
 +* Block driver for Parallels disk image format
 +*
 +* Copyright (c) 2015-2017 Virtuozzo, Inc.
 +* Authors:
 +*         2016-2017 Klim S. Kireev <klim.kireev@virtuozzo.com>
 +*         2015 Denis V. Lunev <den@openvz.org>
 +*
 +* This code was originally based on comparing different disk images created
 +* by Parallels. Currently it is based on opened OpenVZ sources
 +* available at
 +*     https://github.com/OpenVZ/ploop
 +*
 +* Permission is hereby granted, free of charge, to any person obtaining a copy
 +* of this software and associated documentation files (the "Software"), to deal
 +* in the Software without restriction, including without limitation the rights
 +* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 +* copies of the Software, and to permit persons to whom the Software is
 +* furnished to do so, subject to the following conditions:
 +*
 +* The above copyright notice and this permission notice shall be included in
 +* all copies or substantial portions of the Software.
 +*
 +* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 +* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 +* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
 +* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 +* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 +* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 +* THE SOFTWARE.
 +*/
 +#ifndef BLOCK_PARALLELS_H
 +#define BLOCK_PARALLELS_H
 +#include "qemu/coroutine.h"
 +#include "qemu/typedefs.h"
 +
 +#define DEFAULT_CLUSTER_SIZE 1048576        /* 1 MiB */
 +
 +/* always little-endian */
 +typedef struct ParallelsHeader {
 +    char magic[16]; /* "WithoutFreeSpace" */
 +    uint32_t version;
 +    uint32_t heads;
 +    uint32_t cylinders;
 +    uint32_t tracks;
 +    uint32_t bat_entries;
 +    uint64_t nb_sectors;
 +    uint32_t inuse;
 +    uint32_t data_off;
 +    char padding[12];
 +} QEMU_PACKED ParallelsHeader;
 +
 +typedef enum ParallelsPreallocMode {
 +    PRL_PREALLOC_MODE_FALLOCATE = 0,
 +    PRL_PREALLOC_MODE_TRUNCATE = 1,
 +    PRL_PREALLOC_MODE__MAX = 2,
 +} ParallelsPreallocMode;
 +
 +typedef struct BDRVParallelsState {
 +    /** Locking is conservative, the lock protects
 +     *   - image file extending (truncate, fallocate)
 +     *   - any access to block allocation table
 +     */
 +    CoMutex lock;
 +
 +    ParallelsHeader *header;
 +    uint32_t header_size;
 +    bool header_unclean;
 +
 +    unsigned long *bat_dirty_bmap;
 +    unsigned int  bat_dirty_block;
 +
 +    uint32_t *bat_bitmap;
 +    unsigned int bat_size;
 +
 +    int64_t  data_end;
 +    uint64_t prealloc_size;
 +    ParallelsPreallocMode prealloc_mode;
 +
 +    unsigned int tracks;
 +
 +    unsigned int off_multiplier;
 +    Error *migration_blocker;
 +} BDRVParallelsState;
 +
 +#endif
 diff --git a/block/parallels.c b/block/parallels.c
 index XXXXXXX..XXXXXXX 100644
---- a/include/block/aio-wait.h
+--- a/block/parallels.c
-+++ b/include/block/aio-wait.h
++++ b/block/parallels.c
@@ -XXX,XX +XXX,XX @@ static inline bool in_aio_context_home_thread(AioContext *ctx)
      }
      if (ctx == qemu_get_aio_context()) {
 -        return qemu_mutex_iothread_locked();
 +        return bql_locked();
      } else {
          return false;
      }
 diff --git a/include/qemu/main-loop.h b/include/qemu/main-loop.h
 index XXXXXXX..XXXXXXX 100644
 --- a/include/qemu/main-loop.h
 +++ b/include/qemu/main-loop.h
@@ -XXX,XX +XXX,XX @@ GSource *iohandler_get_g_source(void);
  AioContext *iohandler_get_aio_context(void);
  /**
 - * qemu_mutex_iothread_locked: Return lock status of the main loop mutex.
 + * bql_locked: Return lock status of the Big QEMU Lock (BQL)
   *
 - * The main loop mutex is the coarsest lock in QEMU, and as such it
 + * The Big QEMU Lock (BQL) is the coarsest lock in QEMU, and as such it
   * must always be taken outside other locks.  This function helps
   * functions take different paths depending on whether the current
 - * thread is running within the main loop mutex.
 + * thread is running within the BQL.
   *
   * This function should never be used in the block layer, because
   * unit tests, block layer tools and qemu-storage-daemon do not
   * have a BQL.
   * Please instead refer to qemu_in_main_thread().
   */
 -bool qemu_mutex_iothread_locked(void);
 +bool bql_locked(void);
  /**
   * qemu_in_main_thread: return whether it's possible to safely access
@@ -XXX,XX +XXX,XX @@ bool qemu_in_main_thread(void);
      } while (0)
  /**
 - * qemu_mutex_lock_iothread: Lock the main loop mutex.
 + * bql_lock: Lock the Big QEMU Lock (BQL).
   *
 - * This function locks the main loop mutex.  The mutex is taken by
 + * This function locks the Big QEMU Lock (BQL).  The lock is taken by
   * main() in vl.c and always taken except while waiting on
 - * external events (such as with select).  The mutex should be taken
 + * external events (such as with select).  The lock should be taken
   * by threads other than the main loop thread when calling
   * qemu_bh_new(), qemu_set_fd_handler() and basically all other
   * functions documented in this file.
   *
 - * NOTE: tools currently are single-threaded and qemu_mutex_lock_iothread
 + * NOTE: tools currently are single-threaded and bql_lock
   * is a no-op there.
   */
 -#define qemu_mutex_lock_iothread()                      \
 -    qemu_mutex_lock_iothread_impl(__FILE__, __LINE__)
 -void qemu_mutex_lock_iothread_impl(const char *file, int line);
 +#define bql_lock() bql_lock_impl(__FILE__, __LINE__)
 +void bql_lock_impl(const char *file, int line);
  /**
 - * qemu_mutex_unlock_iothread: Unlock the main loop mutex.
 + * bql_unlock: Unlock the Big QEMU Lock (BQL).
   *
 - * This function unlocks the main loop mutex.  The mutex is taken by
 + * This function unlocks the Big QEMU Lock.  The lock is taken by
   * main() in vl.c and always taken except while waiting on
 - * external events (such as with select).  The mutex should be unlocked
 + * external events (such as with select).  The lock should be unlocked
   * as soon as possible by threads other than the main loop thread,
   * because it prevents the main loop from processing callbacks,
   * including timers and bottom halves.
   *
 - * NOTE: tools currently are single-threaded and qemu_mutex_unlock_iothread
 + * NOTE: tools currently are single-threaded and bql_unlock
   * is a no-op there.
   */
 -void qemu_mutex_unlock_iothread(void);
 +void bql_unlock(void);
  /**
   * QEMU_IOTHREAD_LOCK_GUARD
   *
 - * Wrap a block of code in a conditional qemu_mutex_{lock,unlock}_iothread.
 + * Wrap a block of code in a conditional bql_{lock,unlock}.
   */
  typedef struct IOThreadLockAuto IOThreadLockAuto;
  static inline IOThreadLockAuto *qemu_iothread_auto_lock(const char *file,
                                                          int line)
  {
 -    if (qemu_mutex_iothread_locked()) {
 +    if (bql_locked()) {
          return NULL;
      }
 -    qemu_mutex_lock_iothread_impl(file, line);
 +    bql_lock_impl(file, line);
      /* Anything non-NULL causes the cleanup function to be called */
      return (IOThreadLockAuto *)(uintptr_t)1;
  }
  static inline void qemu_iothread_auto_unlock(IOThreadLockAuto *l)
  {
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  G_DEFINE_AUTOPTR_CLEANUP_FUNC(IOThreadLockAuto, qemu_iothread_auto_unlock)
 diff --git a/include/qemu/thread.h b/include/qemu/thread.h
 index XXXXXXX..XXXXXXX 100644
 --- a/include/qemu/thread.h
 +++ b/include/qemu/thread.h
@@ -XXX,XX +XXX,XX @@ typedef void (*QemuCondWaitFunc)(QemuCond *c, QemuMutex *m, const char *f,
  typedef bool (*QemuCondTimedWaitFunc)(QemuCond *c, QemuMutex *m, int ms,
                                        const char *f, int l);
 -extern QemuMutexLockFunc qemu_bql_mutex_lock_func;
 +extern QemuMutexLockFunc bql_mutex_lock_func;
  extern QemuMutexLockFunc qemu_mutex_lock_func;
  extern QemuMutexTrylockFunc qemu_mutex_trylock_func;
  extern QemuRecMutexLockFunc qemu_rec_mutex_lock_func;
 diff --git a/accel/accel-blocker.c b/accel/accel-blocker.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/accel-blocker.c
 +++ b/accel/accel-blocker.c
@@ -XXX,XX +XXX,XX @@ void accel_blocker_init(void)
  void accel_ioctl_begin(void)
  {
 -    if (likely(qemu_mutex_iothread_locked())) {
 +    if (likely(bql_locked())) {
          return;
      }
@@ -XXX,XX +XXX,XX @@ void accel_ioctl_begin(void)
  void accel_ioctl_end(void)
  {
 -    if (likely(qemu_mutex_iothread_locked())) {
 +    if (likely(bql_locked())) {
          return;
      }
@@ -XXX,XX +XXX,XX @@ void accel_ioctl_end(void)
  void accel_cpu_ioctl_begin(CPUState *cpu)
  {
 -    if (unlikely(qemu_mutex_iothread_locked())) {
 +    if (unlikely(bql_locked())) {
          return;
      }
@@ -XXX,XX +XXX,XX @@ void accel_cpu_ioctl_begin(CPUState *cpu)
  void accel_cpu_ioctl_end(CPUState *cpu)
  {
 -    if (unlikely(qemu_mutex_iothread_locked())) {
 +    if (unlikely(bql_locked())) {
          return;
      }
@@ -XXX,XX +XXX,XX @@ void accel_ioctl_inhibit_begin(void)
       * We allow to inhibit only when holding the BQL, so we can identify
       * when an inhibitor wants to issue an ioctl easily.
       */
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      /* Block further invocations of the ioctls outside the BQL.  */
      CPU_FOREACH(cpu) {
 diff --git a/accel/dummy-cpus.c b/accel/dummy-cpus.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/dummy-cpus.c
 +++ b/accel/dummy-cpus.c
@@ -XXX,XX +XXX,XX @@ static void *dummy_cpu_thread_fn(void *arg)
      rcu_register_thread();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      qemu_thread_get_self(cpu->thread);
      cpu->thread_id = qemu_get_thread_id();
      cpu->neg.can_do_io = true;
@@ -XXX,XX +XXX,XX @@ static void *dummy_cpu_thread_fn(void *arg)
      qemu_guest_random_seed_thread_part2(cpu->random_seed);
      do {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
  #ifndef _WIN32
          do {
              int sig;
@@ -XXX,XX +XXX,XX @@ static void *dummy_cpu_thread_fn(void *arg)
  #else
          qemu_sem_wait(&cpu->sem);
  #endif
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          qemu_wait_io_event(cpu);
      } while (!cpu->unplug);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      rcu_unregister_thread();
      return NULL;
  }
 diff --git a/accel/hvf/hvf-accel-ops.c b/accel/hvf/hvf-accel-ops.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/hvf/hvf-accel-ops.c
 +++ b/accel/hvf/hvf-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void *hvf_cpu_thread_fn(void *arg)
      rcu_register_thread();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      qemu_thread_get_self(cpu->thread);
      cpu->thread_id = qemu_get_thread_id();
@@ -XXX,XX +XXX,XX @@ static void *hvf_cpu_thread_fn(void *arg)
      hvf_vcpu_destroy(cpu);
      cpu_thread_signal_destroyed(cpu);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      rcu_unregister_thread();
      return NULL;
  }
 diff --git a/accel/kvm/kvm-accel-ops.c b/accel/kvm/kvm-accel-ops.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/kvm/kvm-accel-ops.c
 +++ b/accel/kvm/kvm-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void *kvm_vcpu_thread_fn(void *arg)
      rcu_register_thread();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      qemu_thread_get_self(cpu->thread);
      cpu->thread_id = qemu_get_thread_id();
      cpu->neg.can_do_io = true;
@@ -XXX,XX +XXX,XX @@ static void *kvm_vcpu_thread_fn(void *arg)
      kvm_destroy_vcpu(cpu);
      cpu_thread_signal_destroyed(cpu);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      rcu_unregister_thread();
      return NULL;
  }
 diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/kvm/kvm-all.c
 +++ b/accel/kvm/kvm-all.c
@@ -XXX,XX +XXX,XX @@ static void kvm_dirty_ring_flush(void)
       * should always be with BQL held, serialization is guaranteed.
       * However, let's be sure of it.
       */
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      /*
       * First make sure to flush the hardware buffers by kicking all
       * vcpus out in a synchronous way.
@@ -XXX,XX +XXX,XX @@ static void *kvm_dirty_ring_reaper_thread(void *data)
          trace_kvm_dirty_ring_reaper("wakeup");
          r->reaper_state = KVM_DIRTY_RING_REAPER_REAPING;
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          kvm_dirty_ring_reap(s, NULL);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          r->reaper_iteration++;
      }
@@ -XXX,XX +XXX,XX @@ int kvm_cpu_exec(CPUState *cpu)
          return EXCP_HLT;
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      cpu_exec_start(cpu);
      do {
@@ -XXX,XX +XXX,XX @@ int kvm_cpu_exec(CPUState *cpu)
  #ifdef KVM_HAVE_MCE_INJECTION
          if (unlikely(have_sigbus_pending)) {
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              kvm_arch_on_sigbus_vcpu(cpu, pending_sigbus_code,
                                      pending_sigbus_addr);
              have_sigbus_pending = false;
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
          }
  #endif
@@ -XXX,XX +XXX,XX @@ int kvm_cpu_exec(CPUState *cpu)
               * still full.  Got kicked by KVM_RESET_DIRTY_RINGS.
               */
              trace_kvm_dirty_ring_full(cpu->cpu_index);
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              /*
               * We throttle vCPU by making it sleep once it exit from kernel
               * due to dirty ring full. In the dirtylimit scenario, reaping
@@ -XXX,XX +XXX,XX @@ int kvm_cpu_exec(CPUState *cpu)
              } else {
                  kvm_dirty_ring_reap(kvm_state, NULL);
              }
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              dirtylimit_vcpu_execute(cpu);
              ret = 0;
              break;
@@ -XXX,XX +XXX,XX @@ int kvm_cpu_exec(CPUState *cpu)
                  break;
              case KVM_SYSTEM_EVENT_CRASH:
                  kvm_cpu_synchronize_state(cpu);
 -                qemu_mutex_lock_iothread();
 +                bql_lock();
                  qemu_system_guest_panicked(cpu_get_crash_info(cpu));
 -                qemu_mutex_unlock_iothread();
 +                bql_unlock();
                  ret = 0;
                  break;
              default:
@@ -XXX,XX +XXX,XX @@ int kvm_cpu_exec(CPUState *cpu)
      } while (ret == 0);
      cpu_exec_end(cpu);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      if (ret < 0) {
          cpu_dump_state(cpu, stderr, CPU_DUMP_CODE);
 diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/tcg/cpu-exec.c
 +++ b/accel/tcg/cpu-exec.c
@@ -XXX,XX +XXX,XX @@ static void cpu_exec_longjmp_cleanup(CPUState *cpu)
          tcg_ctx->gen_tb = NULL;
      }
  #endif
 -    if (qemu_mutex_iothread_locked()) {
 -        qemu_mutex_unlock_iothread();
 +    if (bql_locked()) {
 +        bql_unlock();
      }
      assert_no_pages_locked();
  }
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_halt(CPUState *cpu)
  #if defined(TARGET_I386)
          if (cpu->interrupt_request & CPU_INTERRUPT_POLL) {
              X86CPU *x86_cpu = X86_CPU(cpu);
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              apic_poll_irq(x86_cpu->apic_state);
              cpu_reset_interrupt(cpu, CPU_INTERRUPT_POLL);
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
          }
  #endif /* TARGET_I386 */
          if (!cpu_has_work(cpu)) {
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_exception(CPUState *cpu, int *ret)
  #else
          if (replay_exception()) {
              CPUClass *cc = CPU_GET_CLASS(cpu);
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              cc->tcg_ops->do_interrupt(cpu);
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              cpu->exception_index = -1;
              if (unlikely(cpu->singlestep_enabled)) {
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
      if (unlikely(qatomic_read(&cpu->interrupt_request))) {
          int interrupt_request;
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          interrupt_request = cpu->interrupt_request;
          if (unlikely(cpu->singlestep_enabled & SSTEP_NOIRQ)) {
              /* Mask out external interrupts for this step. */
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
          if (interrupt_request & CPU_INTERRUPT_DEBUG) {
              cpu->interrupt_request &= ~CPU_INTERRUPT_DEBUG;
              cpu->exception_index = EXCP_DEBUG;
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              return true;
          }
  #if !defined(CONFIG_USER_ONLY)
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
              cpu->interrupt_request &= ~CPU_INTERRUPT_HALT;
              cpu->halted = 1;
              cpu->exception_index = EXCP_HLT;
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              return true;
          }
  #if defined(TARGET_I386)
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
              cpu_svm_check_intercept_param(env, SVM_EXIT_INIT, 0, 0);
              do_cpu_init(x86_cpu);
              cpu->exception_index = EXCP_HALTED;
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              return true;
          }
  #else
          else if (interrupt_request & CPU_INTERRUPT_RESET) {
              replay_interrupt();
              cpu_reset(cpu);
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              return true;
          }
  #endif /* !TARGET_I386 */
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
                   */
                  if (unlikely(cpu->singlestep_enabled)) {
                      cpu->exception_index = EXCP_DEBUG;
 -                    qemu_mutex_unlock_iothread();
 +                    bql_unlock();
                      return true;
                  }
                  cpu->exception_index = -1;
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
          }
          /* If we exit via cpu_loop_exit/longjmp it is reset in cpu_exec */
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      /* Finally, check if we need to exit to the main loop.  */
 diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/tcg/cputlb.c
 +++ b/accel/tcg/cputlb.c
@@ -XXX,XX +XXX,XX @@ static uint64_t do_ld_mmio_beN(CPUState *cpu, CPUTLBEntryFull *full,
      section = io_prepare(&mr_offset, cpu, full->xlat_section, attrs, addr, ra);
      mr = section->mr;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ret = int_ld_mmio_beN(cpu, full, ret_be, addr, size, mmu_idx,
                            type, ra, mr, mr_offset);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return ret;
  }
@@ -XXX,XX +XXX,XX @@ static Int128 do_ld16_mmio_beN(CPUState *cpu, CPUTLBEntryFull *full,
      section = io_prepare(&mr_offset, cpu, full->xlat_section, attrs, addr, ra);
      mr = section->mr;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      a = int_ld_mmio_beN(cpu, full, ret_be, addr, size - 8, mmu_idx,
                          MMU_DATA_LOAD, ra, mr, mr_offset);
      b = int_ld_mmio_beN(cpu, full, ret_be, addr + size - 8, 8, mmu_idx,
                          MMU_DATA_LOAD, ra, mr, mr_offset + size - 8);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return int128_make128(b, a);
  }
@@ -XXX,XX +XXX,XX @@ static uint64_t do_st_mmio_leN(CPUState *cpu, CPUTLBEntryFull *full,
      section = io_prepare(&mr_offset, cpu, full->xlat_section, attrs, addr, ra);
      mr = section->mr;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ret = int_st_mmio_leN(cpu, full, val_le, addr, size, mmu_idx,
                            ra, mr, mr_offset);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return ret;
  }
@@ -XXX,XX +XXX,XX @@ static uint64_t do_st16_mmio_leN(CPUState *cpu, CPUTLBEntryFull *full,
      section = io_prepare(&mr_offset, cpu, full->xlat_section, attrs, addr, ra);
      mr = section->mr;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      int_st_mmio_leN(cpu, full, int128_getlo(val_le), addr, 8,
                      mmu_idx, ra, mr, mr_offset);
      ret = int_st_mmio_leN(cpu, full, int128_gethi(val_le), addr + 8,
                            size - 8, mmu_idx, ra, mr, mr_offset + 8);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return ret;
  }
 diff --git a/accel/tcg/tcg-accel-ops-icount.c b/accel/tcg/tcg-accel-ops-icount.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/tcg/tcg-accel-ops-icount.c
 +++ b/accel/tcg/tcg-accel-ops-icount.c
@@ -XXX,XX +XXX,XX @@ void icount_prepare_for_run(CPUState *cpu, int64_t cpu_budget)
           * We're called without the iothread lock, so must take it while
           * we're calling timer handlers.
           */
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          icount_notify_aio_contexts();
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
  }
 diff --git a/accel/tcg/tcg-accel-ops-mttcg.c b/accel/tcg/tcg-accel-ops-mttcg.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/tcg/tcg-accel-ops-mttcg.c
 +++ b/accel/tcg/tcg-accel-ops-mttcg.c
@@ -XXX,XX +XXX,XX @@ static void *mttcg_cpu_thread_fn(void *arg)
      rcu_add_force_rcu_notifier(&force_rcu.notifier);
      tcg_register_thread();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      qemu_thread_get_self(cpu->thread);
      cpu->thread_id = qemu_get_thread_id();
@@ -XXX,XX +XXX,XX @@ static void *mttcg_cpu_thread_fn(void *arg)
      do {
          if (cpu_can_run(cpu)) {
              int r;
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              r = tcg_cpus_exec(cpu);
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              switch (r) {
              case EXCP_DEBUG:
                  cpu_handle_guest_debug(cpu);
@@ -XXX,XX +XXX,XX @@ static void *mttcg_cpu_thread_fn(void *arg)
                   */
                  break;
              case EXCP_ATOMIC:
 -                qemu_mutex_unlock_iothread();
 +                bql_unlock();
                  cpu_exec_step_atomic(cpu);
 -                qemu_mutex_lock_iothread();
 +                bql_lock();
              default:
                  /* Ignore everything else? */
                  break;
@@ -XXX,XX +XXX,XX @@ static void *mttcg_cpu_thread_fn(void *arg)
      } while (!cpu->unplug || cpu_can_run(cpu));
      tcg_cpus_destroy(cpu);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      rcu_remove_force_rcu_notifier(&force_rcu.notifier);
      rcu_unregister_thread();
      return NULL;
 diff --git a/accel/tcg/tcg-accel-ops-rr.c b/accel/tcg/tcg-accel-ops-rr.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/tcg/tcg-accel-ops-rr.c
 +++ b/accel/tcg/tcg-accel-ops-rr.c
@@ -XXX,XX +XXX,XX @@ static void *rr_cpu_thread_fn(void *arg)
      rcu_add_force_rcu_notifier(&force_rcu);
      tcg_register_thread();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      qemu_thread_get_self(cpu->thread);
      cpu->thread_id = qemu_get_thread_id();
@@ -XXX,XX +XXX,XX @@ static void *rr_cpu_thread_fn(void *arg)
          /* Only used for icount_enabled() */
          int64_t cpu_budget = 0;
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          replay_mutex_lock();
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          if (icount_enabled()) {
              int cpu_count = rr_cpu_count();
@@ -XXX,XX +XXX,XX @@ static void *rr_cpu_thread_fn(void *arg)
              if (cpu_can_run(cpu)) {
                  int r;
 -                qemu_mutex_unlock_iothread();
 +                bql_unlock();
                  if (icount_enabled()) {
                      icount_prepare_for_run(cpu, cpu_budget);
                  }
@@ -XXX,XX +XXX,XX @@ static void *rr_cpu_thread_fn(void *arg)
                  if (icount_enabled()) {
                      icount_process_data(cpu);
                  }
 -                qemu_mutex_lock_iothread();
 +                bql_lock();
                  if (r == EXCP_DEBUG) {
                      cpu_handle_guest_debug(cpu);
                      break;
                  } else if (r == EXCP_ATOMIC) {
 -                    qemu_mutex_unlock_iothread();
 +                    bql_unlock();
                      cpu_exec_step_atomic(cpu);
 -                    qemu_mutex_lock_iothread();
 +                    bql_lock();
                      break;
                  }
              } else if (cpu->stop) {
 diff --git a/accel/tcg/tcg-accel-ops.c b/accel/tcg/tcg-accel-ops.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/tcg/tcg-accel-ops.c
 +++ b/accel/tcg/tcg-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void tcg_cpu_reset_hold(CPUState *cpu)
  /* mask must never be zero, except for A20 change call */
  void tcg_handle_interrupt(CPUState *cpu, int mask)
  {
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      cpu->interrupt_request |= mask;
 diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/tcg/translate-all.c
 +++ b/accel/tcg/translate-all.c
@@ -XXX,XX +XXX,XX @@ void cpu_io_recompile(CPUState *cpu, uintptr_t retaddr)
  void cpu_interrupt(CPUState *cpu, int mask)
  {
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      cpu->interrupt_request |= mask;
      qatomic_set(&cpu->neg.icount_decr.u16.high, -1);
  }
 diff --git a/cpu-common.c b/cpu-common.c
 index XXXXXXX..XXXXXXX 100644
 --- a/cpu-common.c
 +++ b/cpu-common.c
@@ -XXX,XX +XXX,XX @@ void process_queued_cpu_work(CPUState *cpu)
               * BQL, so it goes to sleep; start_exclusive() is sleeping too, so
               * neither CPU can proceed.
               */
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              start_exclusive();
              wi->func(cpu, wi->data);
              end_exclusive();
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
          } else {
              wi->func(cpu, wi->data);
          }
 diff --git a/dump/dump.c b/dump/dump.c
 index XXXXXXX..XXXXXXX 100644
 --- a/dump/dump.c
 +++ b/dump/dump.c
@@ -XXX,XX +XXX,XX @@ static int dump_cleanup(DumpState *s)
      s->guest_note = NULL;
      if (s->resume) {
          if (s->detached) {
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
          }
          vm_start();
          if (s->detached) {
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
          }
      }
      migrate_del_blocker(&dump_migration_blocker);
 diff --git a/hw/core/cpu-common.c b/hw/core/cpu-common.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/core/cpu-common.c
 +++ b/hw/core/cpu-common.c
@@ -XXX,XX +XXX,XX @@ CPUState *cpu_create(const char *typename)
   * BQL here if we need to.  cpu_interrupt assumes it is held.*/
  void cpu_reset_interrupt(CPUState *cpu, int mask)
  {
 -    bool need_lock = !qemu_mutex_iothread_locked();
 +    bool need_lock = !bql_locked();
      if (need_lock) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
      }
      cpu->interrupt_request &= ~mask;
      if (need_lock) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
  }
 diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/i386/intel_iommu.c
 +++ b/hw/i386/intel_iommu.c
@@ -XXX,XX +XXX,XX @@ static bool vtd_switch_address_space(VTDAddressSpace *as)
  {
      bool use_iommu, pt;
      /* Whether we need to take the BQL on our own */
 -    bool take_bql = !qemu_mutex_iothread_locked();
 +    bool take_bql = !bql_locked();
      assert(as);
@@ -XXX,XX +XXX,XX @@ static bool vtd_switch_address_space(VTDAddressSpace *as)
       * it. We'd better make sure we have had it already, or, take it.
       */
      if (take_bql) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
      }
      /* Turn off first then on the other */
@@ -XXX,XX +XXX,XX @@ static bool vtd_switch_address_space(VTDAddressSpace *as)
      }
      if (take_bql) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      return use_iommu;
 diff --git a/hw/i386/kvm/xen_evtchn.c b/hw/i386/kvm/xen_evtchn.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/i386/kvm/xen_evtchn.c
 +++ b/hw/i386/kvm/xen_evtchn.c
@@ -XXX,XX +XXX,XX @@ void xen_evtchn_set_callback_level(int level)
       * effect immediately. That just leaves interdomain loopback as the case
       * which uses the BH.
       */
 -    if (!qemu_mutex_iothread_locked()) {
 +    if (!bql_locked()) {
          qemu_bh_schedule(s->gsi_bh);
          return;
      }
@@ -XXX,XX +XXX,XX @@ int xen_evtchn_set_callback_param(uint64_t param)
       * We need the BQL because set_callback_pci_intx() may call into PCI code,
       * and because we may need to manipulate the old and new GSI levels.
       */
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      qemu_mutex_lock(&s->port_lock);
      switch (type) {
@@ -XXX,XX +XXX,XX @@ static int close_port(XenEvtchnState *s, evtchn_port_t port,
      XenEvtchnPort *p = &s->port_table[port];
      /* Because it *might* be a PIRQ port */
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      switch (p->type) {
      case EVTCHNSTAT_closed:
@@ -XXX,XX +XXX,XX @@ int xen_evtchn_soft_reset(void)
          return -ENOTSUP;
      }
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      qemu_mutex_lock(&s->port_lock);
@@ -XXX,XX +XXX,XX @@ bool xen_evtchn_set_gsi(int gsi, int level)
      XenEvtchnState *s = xen_evtchn_singleton;
      int pirq;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      if (!s || gsi < 0 || gsi >= IOAPIC_NUM_PINS) {
          return false;
@@ -XXX,XX +XXX,XX @@ void xen_evtchn_snoop_msi(PCIDevice *dev, bool is_msix, unsigned int vector,
          return;
      }
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      pirq = msi_pirq_target(addr, data);
@@ -XXX,XX +XXX,XX @@ int xen_evtchn_translate_pirq_msi(struct kvm_irq_routing_entry *route,
          return 1; /* Not a PIRQ */
      }
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      pirq = msi_pirq_target(address, data);
      if (!pirq || pirq >= s->nr_pirqs) {
@@ -XXX,XX +XXX,XX @@ bool xen_evtchn_deliver_pirq_msi(uint64_t address, uint32_t data)
          return false;
      }
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      pirq = msi_pirq_target(address, data);
      if (!pirq || pirq >= s->nr_pirqs) {
 diff --git a/hw/i386/kvm/xen_overlay.c b/hw/i386/kvm/xen_overlay.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/i386/kvm/xen_overlay.c
 +++ b/hw/i386/kvm/xen_overlay.c
@@ -XXX,XX +XXX,XX @@ int xen_overlay_map_shinfo_page(uint64_t gpa)
          return -ENOENT;
      }
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      if (s->shinfo_gpa) {
          /* If removing shinfo page, turn the kernel magic off first */
 diff --git a/hw/i386/kvm/xen_xenstore.c b/hw/i386/kvm/xen_xenstore.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/i386/kvm/xen_xenstore.c
 +++ b/hw/i386/kvm/xen_xenstore.c
@@ -XXX,XX +XXX,XX @@ static void fire_watch_cb(void *opaque, const char *path, const char *token)
  {
      XenXenstoreState *s = opaque;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      /*
       * If there's a response pending, we obviously can't scribble over
 diff --git a/hw/intc/arm_gicv3_cpuif.c b/hw/intc/arm_gicv3_cpuif.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/intc/arm_gicv3_cpuif.c
 +++ b/hw/intc/arm_gicv3_cpuif.c
@@ -XXX,XX +XXX,XX @@ void gicv3_cpuif_update(GICv3CPUState *cs)
      ARMCPU *cpu = ARM_CPU(cs->cpu);
      CPUARMState *env = &cpu->env;
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      trace_gicv3_cpuif_update(gicv3_redist_affid(cs), cs->hppi.irq,
                               cs->hppi.grp, cs->hppi.prio);
 diff --git a/hw/intc/s390_flic.c b/hw/intc/s390_flic.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/intc/s390_flic.c
 +++ b/hw/intc/s390_flic.c
@@ -XXX,XX +XXX,XX @@ static int qemu_s390_clear_io_flic(S390FLICState *fs, uint16_t subchannel_id,
      QEMUS390FlicIO *cur, *next;
      uint8_t isc;
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      if (!(flic->pending & FLIC_PENDING_IO)) {
          return 0;
      }
@@ -XXX,XX +XXX,XX @@ uint32_t qemu_s390_flic_dequeue_service(QEMUS390FLICState *flic)
  {
      uint32_t tmp;
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      g_assert(flic->pending & FLIC_PENDING_SERVICE);
      tmp = flic->service_param;
      flic->service_param = 0;
@@ -XXX,XX +XXX,XX @@ QEMUS390FlicIO *qemu_s390_flic_dequeue_io(QEMUS390FLICState *flic, uint64_t cr6)
      QEMUS390FlicIO *io;
      uint8_t isc;
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      if (!(flic->pending & CR6_TO_PENDING_IO(cr6))) {
          return NULL;
      }
@@ -XXX,XX +XXX,XX @@ QEMUS390FlicIO *qemu_s390_flic_dequeue_io(QEMUS390FLICState *flic, uint64_t cr6)
  void qemu_s390_flic_dequeue_crw_mchk(QEMUS390FLICState *flic)
  {
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      g_assert(flic->pending & FLIC_PENDING_MCHK_CR);
      flic->pending &= ~FLIC_PENDING_MCHK_CR;
  }
@@ -XXX,XX +XXX,XX @@ static void qemu_s390_inject_service(S390FLICState *fs, uint32_t parm)
  {
      QEMUS390FLICState *flic = s390_get_qemu_flic(fs);
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      /* multiplexing is good enough for sclp - kvm does it internally as well */
      flic->service_param |= parm;
      flic->pending |= FLIC_PENDING_SERVICE;
@@ -XXX,XX +XXX,XX @@ static void qemu_s390_inject_io(S390FLICState *fs, uint16_t subchannel_id,
      QEMUS390FLICState *flic = s390_get_qemu_flic(fs);
      QEMUS390FlicIO *io;
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      io = g_new0(QEMUS390FlicIO, 1);
      io->id = subchannel_id;
      io->nr = subchannel_nr;
@@ -XXX,XX +XXX,XX @@ static void qemu_s390_inject_crw_mchk(S390FLICState *fs)
  {
      QEMUS390FLICState *flic = s390_get_qemu_flic(fs);
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      flic->pending |= FLIC_PENDING_MCHK_CR;
      qemu_s390_flic_notify(FLIC_PENDING_MCHK_CR);
@@ -XXX,XX +XXX,XX @@ bool qemu_s390_flic_has_crw_mchk(QEMUS390FLICState *flic)
  bool qemu_s390_flic_has_any(QEMUS390FLICState *flic)
  {
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      return !!flic->pending;
  }
@@ -XXX,XX +XXX,XX @@ static void qemu_s390_flic_reset(DeviceState *dev)
      QEMUS390FlicIO *cur, *next;
      int isc;
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      flic->simm = 0;
      flic->nimm = 0;
      flic->pending = 0;
 diff --git a/hw/misc/edu.c b/hw/misc/edu.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/misc/edu.c
 +++ b/hw/misc/edu.c
@@ -XXX,XX +XXX,XX @@ static void *edu_fact_thread(void *opaque)
          smp_mb__after_rmw();
          if (qatomic_read(&edu->status) & EDU_STATUS_IRQFACT) {
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              edu_raise_irq(edu, FACT_IRQ);
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
          }
      }
 diff --git a/hw/misc/imx6_src.c b/hw/misc/imx6_src.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/misc/imx6_src.c
 +++ b/hw/misc/imx6_src.c
@@ -XXX,XX +XXX,XX @@ static void imx6_clear_reset_bit(CPUState *cpu, run_on_cpu_data data)
      struct SRCSCRResetInfo *ri = data.host_ptr;
      IMX6SRCState *s = ri->s;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      s->regs[SRC_SCR] = deposit32(s->regs[SRC_SCR], ri->reset_bit, 1, 0);
      DPRINTF("reg[%s] <= 0x%" PRIx32 "\n",
 diff --git a/hw/misc/imx7_src.c b/hw/misc/imx7_src.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/misc/imx7_src.c
 +++ b/hw/misc/imx7_src.c
@@ -XXX,XX +XXX,XX @@ static void imx7_clear_reset_bit(CPUState *cpu, run_on_cpu_data data)
      struct SRCSCRResetInfo *ri = data.host_ptr;
      IMX7SRCState *s = ri->s;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      s->regs[SRC_A7RCR0] = deposit32(s->regs[SRC_A7RCR0], ri->reset_bit, 1, 0);
 diff --git a/hw/net/xen_nic.c b/hw/net/xen_nic.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/net/xen_nic.c
 +++ b/hw/net/xen_nic.c
@@ -XXX,XX +XXX,XX @@ static bool net_tx_packets(struct XenNetDev *netdev)
      void *page;
      void *tmpbuf = NULL;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      for (;;) {
          rc = netdev->tx_ring.req_cons;
@@ -XXX,XX +XXX,XX @@ static ssize_t net_rx_packet(NetClientState *nc, const uint8_t *buf, size_t size
      RING_IDX rc, rp;
      void *page;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      if (xen_device_backend_get_state(&netdev->xendev) != XenbusStateConnected) {
          return -1;
@@ -XXX,XX +XXX,XX @@ static bool xen_netdev_connect(XenDevice *xendev, Error **errp)
      XenNetDev *netdev = XEN_NET_DEVICE(xendev);
      unsigned int port, rx_copy;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      if (xen_device_frontend_scanf(xendev, "tx-ring-ref", "%u",
                                    &netdev->tx_ring_ref) != 1) {
@@ -XXX,XX +XXX,XX @@ static void xen_netdev_disconnect(XenDevice *xendev, Error **errp)
      trace_xen_netdev_disconnect(netdev->dev);
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      netdev->tx_ring.sring = NULL;
      netdev->rx_ring.sring = NULL;
 diff --git a/hw/ppc/pegasos2.c b/hw/ppc/pegasos2.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/ppc/pegasos2.c
 +++ b/hw/ppc/pegasos2.c
@@ -XXX,XX +XXX,XX @@ static void pegasos2_hypercall(PPCVirtualHypervisor *vhyp, PowerPCCPU *cpu)
      CPUPPCState *env = &cpu->env;
      /* The TCG path should also be holding the BQL at this point */
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      if (FIELD_EX64(env->msr, MSR, PR)) {
          qemu_log_mask(LOG_GUEST_ERROR, "Hypercall made with MSR[PR]=1\n");
 diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/ppc/ppc.c
 +++ b/hw/ppc/ppc.c
@@ -XXX,XX +XXX,XX @@ void store_40x_dbcr0(CPUPPCState *env, uint32_t val)
  {
      PowerPCCPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      switch ((val >> 28) & 0x3) {
      case 0x0:
@@ -XXX,XX +XXX,XX @@ void store_40x_dbcr0(CPUPPCState *env, uint32_t val)
          break;
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  /* PowerPC 40x internal IRQ controller */
 diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/ppc/spapr.c
 +++ b/hw/ppc/spapr.c
@@ -XXX,XX +XXX,XX @@ static void emulate_spapr_hypercall(PPCVirtualHypervisor *vhyp,
      CPUPPCState *env = &cpu->env;
      /* The TCG path should also be holding the BQL at this point */
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      g_assert(!vhyp_cpu_in_nested(cpu));
 diff --git a/hw/ppc/spapr_rng.c b/hw/ppc/spapr_rng.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/ppc/spapr_rng.c
 +++ b/hw/ppc/spapr_rng.c
@@ -XXX,XX +XXX,XX @@ static target_ulong h_random(PowerPCCPU *cpu, SpaprMachineState *spapr,
      while (hrdata.received < 8) {
          rng_backend_request_entropy(rngstate->backend, 8 - hrdata.received,
                                      random_recv, &hrdata);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          qemu_sem_wait(&hrdata.sem);
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
      }
      qemu_sem_destroy(&hrdata.sem);
 diff --git a/hw/ppc/spapr_softmmu.c b/hw/ppc/spapr_softmmu.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/ppc/spapr_softmmu.c
 +++ b/hw/ppc/spapr_softmmu.c
@@ -XXX,XX +XXX,XX @@ static void *hpt_prepare_thread(void *opaque)
          pending->ret = H_NO_MEM;
      }
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      if (SPAPR_MACHINE(qdev_get_machine())->pending_hpt == pending) {
          /* Ready to go */
@@ -XXX,XX +XXX,XX @@ static void *hpt_prepare_thread(void *opaque)
          free_pending_hpt(pending);
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return NULL;
  }
 diff --git a/hw/remote/mpqemu-link.c b/hw/remote/mpqemu-link.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/remote/mpqemu-link.c
 +++ b/hw/remote/mpqemu-link.c
 @@ -XXX,XX +XXX,XX @@
-  */
+ #include "qemu/bswap.h"
- bool mpqemu_msg_send(MPQemuMsg *msg, QIOChannel *ioc, Error **errp)
+ #include "qemu/bitmap.h"
- {
+ #include "migration/blocker.h"
--    bool iolock = qemu_mutex_iothread_locked();
++#include "parallels.h"
-+    bool drop_bql = bql_locked();
-     bool iothread = qemu_in_iothread();
+ /**************************************************************/
-     struct iovec send[2] = {};
      int *fds = NULL;
@@ -XXX,XX +XXX,XX @@ bool mpqemu_msg_send(MPQemuMsg *msg, QIOChannel *ioc, Error **errp)
       * for IOThread case.
       * Also skip lock handling while in a co-routine in the main context.
       */
 -    if (iolock && !iothread && !qemu_in_coroutine()) {
 -        qemu_mutex_unlock_iothread();
 +    if (drop_bql && !iothread && !qemu_in_coroutine()) {
 +        bql_unlock();
      }
      if (!qio_channel_writev_full_all(ioc, send, G_N_ELEMENTS(send),
@@ -XXX,XX +XXX,XX @@ bool mpqemu_msg_send(MPQemuMsg *msg, QIOChannel *ioc, Error **errp)
          trace_mpqemu_send_io_error(msg->cmd, msg->size, nfds);
      }
 -    if (iolock && !iothread && !qemu_in_coroutine()) {
 +    if (drop_bql && !iothread && !qemu_in_coroutine()) {
          /* See above comment why skip locking here. */
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
      }
      return ret;
@@ -XXX,XX +XXX,XX @@ static ssize_t mpqemu_read(QIOChannel *ioc, void *buf, size_t len, int **fds,
                             size_t *nfds, Error **errp)
  {
      struct iovec iov = { .iov_base = buf, .iov_len = len };
 -    bool iolock = qemu_mutex_iothread_locked();
 +    bool drop_bql = bql_locked();
      bool iothread = qemu_in_iothread();
      int ret = -1;
@@ -XXX,XX +XXX,XX @@ static ssize_t mpqemu_read(QIOChannel *ioc, void *buf, size_t len, int **fds,
       */
      assert(qemu_in_coroutine() || !iothread);
 -    if (iolock && !iothread && !qemu_in_coroutine()) {
 -        qemu_mutex_unlock_iothread();
 +    if (drop_bql && !iothread && !qemu_in_coroutine()) {
 +        bql_unlock();
      }
      ret = qio_channel_readv_full_all_eof(ioc, &iov, 1, fds, nfds, errp);
 -    if (iolock && !iothread && !qemu_in_coroutine()) {
 -        qemu_mutex_lock_iothread();
 +    if (drop_bql && !iothread && !qemu_in_coroutine()) {
 +        bql_lock();
      }
      return (ret <= 0) ? ret : iov.iov_len;
 diff --git a/hw/remote/vfio-user-obj.c b/hw/remote/vfio-user-obj.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/remote/vfio-user-obj.c
 +++ b/hw/remote/vfio-user-obj.c
@@ -XXX,XX +XXX,XX @@ static int vfu_object_mr_rw(MemoryRegion *mr, uint8_t *buf, hwaddr offset,
          }
          if (release_lock) {
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              release_lock = false;
          }
 diff --git a/hw/s390x/s390-skeys.c b/hw/s390x/s390-skeys.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/s390x/s390-skeys.c
 +++ b/hw/s390x/s390-skeys.c
@@ -XXX,XX +XXX,XX @@ void qmp_dump_skeys(const char *filename, Error **errp)
          goto out;
      }
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      guest_phys_blocks_init(&guest_phys_blocks);
      guest_phys_blocks_append(&guest_phys_blocks);
 diff --git a/migration/block-dirty-bitmap.c b/migration/block-dirty-bitmap.c
 index XXXXXXX..XXXXXXX 100644
 --- a/migration/block-dirty-bitmap.c
 +++ b/migration/block-dirty-bitmap.c
@@ -XXX,XX +XXX,XX @@ static void dirty_bitmap_state_pending(void *opaque,
      SaveBitmapState *dbms;
      uint64_t pending = 0;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      QSIMPLEQ_FOREACH(dbms, &s->dbms_list, entry) {
          uint64_t gran = bdrv_dirty_bitmap_granularity(dbms->bitmap);
@@ -XXX,XX +XXX,XX @@ static void dirty_bitmap_state_pending(void *opaque,
          pending += DIV_ROUND_UP(sectors * BDRV_SECTOR_SIZE, gran);
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      trace_dirty_bitmap_state_pending(pending);
 diff --git a/migration/block.c b/migration/block.c
 index XXXXXXX..XXXXXXX 100644
 --- a/migration/block.c
 +++ b/migration/block.c
@@ -XXX,XX +XXX,XX @@ static int mig_save_device_bulk(QEMUFile *f, BlkMigDevState *bmds)
      int64_t count;
      if (bmds->shared_base) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          /* Skip unallocated sectors; intentionally treats failure or
           * partial sector as an allocated sector */
          while (cur_sector < total_sectors &&
@@ -XXX,XX +XXX,XX @@ static int mig_save_device_bulk(QEMUFile *f, BlkMigDevState *bmds)
              }
              cur_sector += count >> BDRV_SECTOR_BITS;
          }
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      if (cur_sector >= total_sectors) {
@@ -XXX,XX +XXX,XX @@ static int mig_save_device_bulk(QEMUFile *f, BlkMigDevState *bmds)
       * I/O runs in the main loop AioContext (see
       * qemu_get_current_aio_context()).
       */
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      bdrv_reset_dirty_bitmap(bmds->dirty_bitmap, cur_sector * BDRV_SECTOR_SIZE,
                              nr_sectors * BDRV_SECTOR_SIZE);
      blk->aiocb = blk_aio_preadv(bb, cur_sector * BDRV_SECTOR_SIZE, &blk->qiov,
 , blk_mig_read_cb, blk);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      bmds->cur_sector = cur_sector + nr_sectors;
      return (bmds->cur_sector >= total_sectors);
@@ -XXX,XX +XXX,XX @@ static int block_save_iterate(QEMUFile *f, void *opaque)
              /* Always called with iothread lock taken for
               * simplicity, block_save_complete also calls it.
               */
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              ret = blk_mig_save_dirty_block(f, 1);
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
          }
          if (ret < 0) {
              return ret;
@@ -XXX,XX +XXX,XX @@ static void block_state_pending(void *opaque, uint64_t *must_precopy,
      /* Estimate pending number of bytes to send */
      uint64_t pending;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      pending = get_remaining_dirty();
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      blk_mig_lock();
      pending += block_mig_state.submitted * BLK_MIG_BLOCK_SIZE +
 diff --git a/migration/colo.c b/migration/colo.c
 index XXXXXXX..XXXXXXX 100644
 --- a/migration/colo.c
 +++ b/migration/colo.c
@@ -XXX,XX +XXX,XX @@ static int colo_do_checkpoint_transaction(MigrationState *s,
      qio_channel_io_seek(QIO_CHANNEL(bioc), 0, 0, NULL);
      bioc->usage = 0;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      if (failover_get_state() != FAILOVER_STATUS_NONE) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          goto out;
      }
      vm_stop_force_state(RUN_STATE_COLO);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      trace_colo_vm_state_change("run", "stop");
      /*
       * Failover request bh could be called after vm_stop_force_state(),
@@ -XXX,XX +XXX,XX @@ static int colo_do_checkpoint_transaction(MigrationState *s,
      if (failover_get_state() != FAILOVER_STATUS_NONE) {
          goto out;
      }
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      replication_do_checkpoint_all(&local_err);
      if (local_err) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          goto out;
      }
      colo_send_message(s->to_dst_file, COLO_MESSAGE_VMSTATE_SEND, &local_err);
      if (local_err) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          goto out;
      }
      /* Note: device state is saved into buffer */
      ret = qemu_save_device_state(fb);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      if (ret < 0) {
          goto out;
      }
@@ -XXX,XX +XXX,XX @@ static int colo_do_checkpoint_transaction(MigrationState *s,
      ret = 0;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      vm_start();
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      trace_colo_vm_state_change("stop", "run");
  out:
@@ -XXX,XX +XXX,XX @@ static void colo_process_checkpoint(MigrationState *s)
      fb = qemu_file_new_output(QIO_CHANNEL(bioc));
      object_unref(OBJECT(bioc));
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      replication_start_all(REPLICATION_MODE_PRIMARY, &local_err);
      if (local_err) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          goto out;
      }
      vm_start();
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      trace_colo_vm_state_change("stop", "run");
      timer_mod(s->colo_delay_timer, qemu_clock_get_ms(QEMU_CLOCK_HOST) +
@@ -XXX,XX +XXX,XX @@ out:
  void migrate_start_colo_process(MigrationState *s)
  {
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      qemu_event_init(&s->colo_checkpoint_event, false);
      s->colo_delay_timer =  timer_new_ms(QEMU_CLOCK_HOST,
                                  colo_checkpoint_notify, s);
      qemu_sem_init(&s->colo_exit_sem, 0);
      colo_process_checkpoint(s);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
  }
  static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
@@ -XXX,XX +XXX,XX @@ static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
      Error *local_err = NULL;
      int ret;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      vm_stop_force_state(RUN_STATE_COLO);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      trace_colo_vm_state_change("run", "stop");
      /* FIXME: This is unnecessary for periodic checkpoint mode */
@@ -XXX,XX +XXX,XX @@ static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
          return;
      }
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      cpu_synchronize_all_states();
      ret = qemu_loadvm_state_main(mis->from_src_file, mis);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      if (ret < 0) {
          error_setg(errp, "Load VM's live state (ram) error");
@@ -XXX,XX +XXX,XX @@ static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
          return;
      }
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      vmstate_loading = true;
      colo_flush_ram_cache();
      ret = qemu_load_device_state(fb);
      if (ret < 0) {
          error_setg(errp, "COLO: load device state failed");
          vmstate_loading = false;
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          return;
      }
@@ -XXX,XX +XXX,XX @@ static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
      if (local_err) {
          error_propagate(errp, local_err);
          vmstate_loading = false;
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          return;
      }
@@ -XXX,XX +XXX,XX @@ static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
      if (local_err) {
          error_propagate(errp, local_err);
          vmstate_loading = false;
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          return;
      }
      /* Notify all filters of all NIC to do checkpoint */
@@ -XXX,XX +XXX,XX @@ static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
      if (local_err) {
          error_propagate(errp, local_err);
          vmstate_loading = false;
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          return;
      }
      vmstate_loading = false;
      vm_start();
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      trace_colo_vm_state_change("stop", "run");
      if (failover_get_state() == FAILOVER_STATUS_RELAUNCH) {
@@ -XXX,XX +XXX,XX @@ static void *colo_process_incoming_thread(void *opaque)
      fb = qemu_file_new_input(QIO_CHANNEL(bioc));
      object_unref(OBJECT(bioc));
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      replication_start_all(REPLICATION_MODE_SECONDARY, &local_err);
      if (local_err) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          goto out;
      }
      vm_start();
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      trace_colo_vm_state_change("stop", "run");
      colo_send_message(mis->to_src_file, COLO_MESSAGE_CHECKPOINT_READY,
@@ -XXX,XX +XXX,XX @@ int coroutine_fn colo_incoming_co(void)
      Error *local_err = NULL;
      QemuThread th;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      if (!migration_incoming_colo_enabled()) {
          return 0;
@@ -XXX,XX +XXX,XX @@ int coroutine_fn colo_incoming_co(void)
      qemu_coroutine_yield();
      mis->colo_incoming_co = NULL;
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      /* Wait checkpoint incoming thread exit before free resource */
      qemu_thread_join(&th);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      /* We hold the global iothread lock, so it is safe here */
      colo_release_ram_cache();
 diff --git a/migration/dirtyrate.c b/migration/dirtyrate.c
 index XXXXXXX..XXXXXXX 100644
 --- a/migration/dirtyrate.c
 +++ b/migration/dirtyrate.c
@@ -XXX,XX +XXX,XX @@ static int64_t do_calculate_dirtyrate(DirtyPageRecord dirty_pages,
  void global_dirty_log_change(unsigned int flag, bool start)
  {
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      if (start) {
          memory_global_dirty_log_start(flag);
      } else {
          memory_global_dirty_log_stop(flag);
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  /*
@@ -XXX,XX +XXX,XX @@ void global_dirty_log_change(unsigned int flag, bool start)
   */
  static void global_dirty_log_sync(unsigned int flag, bool one_shot)
  {
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      memory_global_dirty_log_sync(false);
      if (one_shot) {
          memory_global_dirty_log_stop(flag);
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  static DirtyPageRecord *vcpu_dirty_stat_alloc(VcpuStat *stat)
@@ -XXX,XX +XXX,XX @@ static void calculate_dirtyrate_dirty_bitmap(struct DirtyRateConfig config)
      int64_t start_time;
      DirtyPageRecord dirty_pages;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      memory_global_dirty_log_start(GLOBAL_DIRTY_DIRTY_RATE);
      /*
@@ -XXX,XX +XXX,XX @@ static void calculate_dirtyrate_dirty_bitmap(struct DirtyRateConfig config)
       * KVM_DIRTY_LOG_MANUAL_PROTECT_ENABLE cap is enabled.
       */
      dirtyrate_manual_reset_protect();
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      record_dirtypages_bitmap(&dirty_pages, true);
 diff --git a/migration/migration.c b/migration/migration.c
 index XXXXXXX..XXXXXXX 100644
 --- a/migration/migration.c
 +++ b/migration/migration.c
@@ -XXX,XX +XXX,XX @@ static void migrate_fd_cleanup(MigrationState *s)
          QEMUFile *tmp;
          trace_migrate_fd_cleanup();
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          if (s->migration_thread_running) {
              qemu_thread_join(&s->thread);
              s->migration_thread_running = false;
          }
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          multifd_save_cleanup();
          qemu_mutex_lock(&s->qemu_file_lock);
@@ -XXX,XX +XXX,XX @@ static int postcopy_start(MigrationState *ms, Error **errp)
      }
      trace_postcopy_start();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      trace_postcopy_start_set_run();
      migration_downtime_start(ms);
@@ -XXX,XX +XXX,XX @@ static int postcopy_start(MigrationState *ms, Error **errp)
      migration_downtime_end(ms);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      if (migrate_postcopy_ram()) {
          /*
@@ -XXX,XX +XXX,XX @@ fail:
              error_report_err(local_err);
          }
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return -1;
  }
@@ -XXX,XX +XXX,XX @@ static int migration_maybe_pause(MigrationState *s,
       * wait for the 'pause_sem' semaphore.
       */
      if (s->state != MIGRATION_STATUS_CANCELLING) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          migrate_set_state(&s->state, *current_active_state,
                            MIGRATION_STATUS_PRE_SWITCHOVER);
          qemu_sem_wait(&s->pause_sem);
          migrate_set_state(&s->state, MIGRATION_STATUS_PRE_SWITCHOVER,
                            new_state);
          *current_active_state = new_state;
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
      }
      return s->state == new_state ? 0 : -EINVAL;
@@ -XXX,XX +XXX,XX @@ static int migration_completion_precopy(MigrationState *s,
  {
      int ret;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      migration_downtime_start(s);
      s->vm_old_state = runstate_get();
@@ -XXX,XX +XXX,XX @@ static int migration_completion_precopy(MigrationState *s,
      ret = qemu_savevm_state_complete_precopy(s->to_dst_file, false,
                                               s->block_inactive);
  out_unlock:
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return ret;
  }
@@ -XXX,XX +XXX,XX @@ static void migration_completion_postcopy(MigrationState *s)
  {
      trace_migration_completion_postcopy_end();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      qemu_savevm_state_complete_postcopy(s->to_dst_file);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      /*
       * Shutdown the postcopy fast path thread.  This is only needed when dest
@@ -XXX,XX +XXX,XX @@ static void migration_completion_failed(MigrationState *s,
           */
          Error *local_err = NULL;
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          bdrv_activate_all(&local_err);
          if (local_err) {
              error_report_err(local_err);
          } else {
              s->block_inactive = false;
          }
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      migrate_set_state(&s->state, current_active_state,
@@ -XXX,XX +XXX,XX @@ static void migration_iteration_finish(MigrationState *s)
      /* If we enabled cpu throttling for auto-converge, turn it off. */
      cpu_throttle_stop();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      switch (s->state) {
      case MIGRATION_STATUS_COMPLETED:
          migration_calculate_complete(s);
@@ -XXX,XX +XXX,XX @@ static void migration_iteration_finish(MigrationState *s)
          break;
      }
      migrate_fd_cleanup_schedule(s);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  static void bg_migration_iteration_finish(MigrationState *s)
@@ -XXX,XX +XXX,XX @@ static void bg_migration_iteration_finish(MigrationState *s)
       */
      ram_write_tracking_stop();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      switch (s->state) {
      case MIGRATION_STATUS_COMPLETED:
          migration_calculate_complete(s);
@@ -XXX,XX +XXX,XX @@ static void bg_migration_iteration_finish(MigrationState *s)
      }
      migrate_fd_cleanup_schedule(s);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  /*
@@ -XXX,XX +XXX,XX @@ static void *migration_thread(void *opaque)
      object_ref(OBJECT(s));
      update_iteration_initial_status(s);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      qemu_savevm_state_header(s->to_dst_file);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      /*
       * If we opened the return path, we need to make sure dst has it
@@ -XXX,XX +XXX,XX @@ static void *migration_thread(void *opaque)
          qemu_savevm_send_colo_enable(s->to_dst_file);
      }
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      qemu_savevm_state_setup(s->to_dst_file);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      qemu_savevm_wait_unplug(s, MIGRATION_STATUS_SETUP,
                                 MIGRATION_STATUS_ACTIVE);
@@ -XXX,XX +XXX,XX @@ static void *bg_migration_thread(void *opaque)
      ram_write_tracking_prepare();
  #endif
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      qemu_savevm_state_header(s->to_dst_file);
      qemu_savevm_state_setup(s->to_dst_file);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      qemu_savevm_wait_unplug(s, MIGRATION_STATUS_SETUP,
                                 MIGRATION_STATUS_ACTIVE);
@@ -XXX,XX +XXX,XX @@ static void *bg_migration_thread(void *opaque)
      trace_migration_thread_setup_complete();
      migration_downtime_start(s);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      s->vm_old_state = runstate_get();
@@ -XXX,XX +XXX,XX @@ static void *bg_migration_thread(void *opaque)
      s->vm_start_bh = qemu_bh_new(bg_migration_vm_start_bh, s);
      qemu_bh_schedule(s->vm_start_bh);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      while (migration_is_active(s)) {
          MigIterateState iter_state = bg_migration_iteration_run(s);
@@ -XXX,XX +XXX,XX @@ fail:
      if (early_fail) {
          migrate_set_state(&s->state, MIGRATION_STATUS_ACTIVE,
                  MIGRATION_STATUS_FAILED);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      bg_migration_iteration_finish(s);
 diff --git a/migration/ram.c b/migration/ram.c
 index XXXXXXX..XXXXXXX 100644
 --- a/migration/ram.c
 +++ b/migration/ram.c
@@ -XXX,XX +XXX,XX @@ static int ram_save_setup(QEMUFile *f, void *opaque)
      migration_ops = g_malloc0(sizeof(MigrationOps));
      migration_ops->ram_save_target_page = ram_save_target_page_legacy;
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      ret = multifd_send_sync_main(f);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      if (ret < 0) {
          return ret;
      }
@@ -XXX,XX +XXX,XX @@ static void ram_state_pending_exact(void *opaque, uint64_t *must_precopy,
      uint64_t remaining_size = rs->migration_dirty_pages * TARGET_PAGE_SIZE;
      if (!migration_in_postcopy() && remaining_size < s->threshold_size) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          WITH_RCU_READ_LOCK_GUARD() {
              migration_bitmap_sync_precopy(rs, false);
          }
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          remaining_size = rs->migration_dirty_pages * TARGET_PAGE_SIZE;
      }
@@ -XXX,XX +XXX,XX @@ void colo_incoming_start_dirty_log(void)
  {
      RAMBlock *block = NULL;
      /* For memory_global_dirty_log_start below. */
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      qemu_mutex_lock_ramlist();
      memory_global_dirty_log_sync(false);
@@ -XXX,XX +XXX,XX @@ void colo_incoming_start_dirty_log(void)
      }
      ram_state->migration_dirty_pages = 0;
      qemu_mutex_unlock_ramlist();
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  /* It is need to hold the global lock to call this helper */
 diff --git a/replay/replay-internal.c b/replay/replay-internal.c
 index XXXXXXX..XXXXXXX 100644
 --- a/replay/replay-internal.c
 +++ b/replay/replay-internal.c
@@ -XXX,XX +XXX,XX @@ void replay_mutex_lock(void)
  {
      if (replay_mode != REPLAY_MODE_NONE) {
          unsigned long id;
 -        g_assert(!qemu_mutex_iothread_locked());
 +        g_assert(!bql_locked());
          g_assert(!replay_mutex_locked());
          qemu_mutex_lock(&lock);
          id = mutex_tail++;
 diff --git a/semihosting/console.c b/semihosting/console.c
 index XXXXXXX..XXXXXXX 100644
 --- a/semihosting/console.c
 +++ b/semihosting/console.c
@@ -XXX,XX +XXX,XX @@ static SemihostingConsole console;
  static int console_can_read(void *opaque)
  {
      SemihostingConsole *c = opaque;
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      return (int)fifo8_num_free(&c->fifo);
  }
@@ -XXX,XX +XXX,XX @@ static void console_wake_up(gpointer data, gpointer user_data)
  static void console_read(void *opaque, const uint8_t *buf, int size)
  {
      SemihostingConsole *c = opaque;
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      while (size-- && !fifo8_is_full(&c->fifo)) {
          fifo8_push(&c->fifo, *buf++);
      }
@@ -XXX,XX +XXX,XX @@ bool qemu_semihosting_console_ready(void)
  {
      SemihostingConsole *c = &console;
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      return !fifo8_is_empty(&c->fifo);
  }
@@ -XXX,XX +XXX,XX @@ void qemu_semihosting_console_block_until_ready(CPUState *cs)
  {
      SemihostingConsole *c = &console;
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      /* Block if the fifo is completely empty. */
      if (fifo8_is_empty(&c->fifo)) {
 diff --git a/stubs/iothread-lock.c b/stubs/iothread-lock.c
 index XXXXXXX..XXXXXXX 100644
 --- a/stubs/iothread-lock.c
 +++ b/stubs/iothread-lock.c
 @@ -XXX,XX +XXX,XX @@
- #include "qemu/osdep.h"
+ #define HEADER_INUSE_MAGIC  (0x746F6E59)
- #include "qemu/main-loop.h"
+ #define MAX_PARALLELS_IMAGE_FACTOR (1ull << 32)
--bool qemu_mutex_iothread_locked(void)
+-#define DEFAULT_CLUSTER_SIZE 1048576        /* 1 MiB */
-+bool bql_locked(void)
+-
- {
+-
-     return false;
+-// always little-endian
- }
+-typedef struct ParallelsHeader {
+-    char magic[16]; // "WithoutFreeSpace"
--void qemu_mutex_lock_iothread_impl(const char *file, int line)
+-    uint32_t version;
-+void bql_lock_impl(const char *file, int line)
+-    uint32_t heads;
- {
+-    uint32_t cylinders;
- }
+-    uint32_t tracks;
+-    uint32_t bat_entries;
--void qemu_mutex_unlock_iothread(void)
+-    uint64_t nb_sectors;
-+void bql_unlock(void)
+-    uint32_t inuse;
- {
+-    uint32_t data_off;
- }
+-    char padding[12];
-diff --git a/system/cpu-throttle.c b/system/cpu-throttle.c
+-} QEMU_PACKED ParallelsHeader;
-index XXXXXXX..XXXXXXX 100644
+-
---- a/system/cpu-throttle.c
+-
-+++ b/system/cpu-throttle.c
+-typedef enum ParallelsPreallocMode {
-@@ -XXX,XX +XXX,XX @@ static void cpu_throttle_thread(CPUState *cpu, run_on_cpu_data opaque)
+-    PRL_PREALLOC_MODE_FALLOCATE = 0,
-             qemu_cond_timedwait_iothread(cpu->halt_cond,
+-    PRL_PREALLOC_MODE_TRUNCATE = 1,
-                                          sleeptime_ns / SCALE_MS);
+-    PRL_PREALLOC_MODE__MAX = 2,
-         } else {
+-} ParallelsPreallocMode;
--            qemu_mutex_unlock_iothread();
+-
-+            bql_unlock();
+ static QEnumLookup prealloc_mode_lookup = {
-             g_usleep(sleeptime_ns / SCALE_US);
+     .array = (const char *const[]) {
--            qemu_mutex_lock_iothread();
+         "falloc",
-+            bql_lock();
+@@ -XXX,XX +XXX,XX @@ static QEnumLookup prealloc_mode_lookup = {
-         }
+     .size = PRL_PREALLOC_MODE__MAX
          sleeptime_ns = endtime_ns - qemu_clock_get_ns(QEMU_CLOCK_REALTIME);
      }
 diff --git a/system/cpus.c b/system/cpus.c
 index XXXXXXX..XXXXXXX 100644
 --- a/system/cpus.c
 +++ b/system/cpus.c
@@ -XXX,XX +XXX,XX @@
  #endif /* CONFIG_LINUX */
 -static QemuMutex qemu_global_mutex;
 +/* The Big QEMU Lock (BQL) */
 +static QemuMutex bql;
  /*
   * The chosen accelerator is supposed to register this.
@@ -XXX,XX +XXX,XX @@ void qemu_init_cpu_loop(void)
      qemu_init_sigbus();
      qemu_cond_init(&qemu_cpu_cond);
      qemu_cond_init(&qemu_pause_cond);
 -    qemu_mutex_init(&qemu_global_mutex);
 +    qemu_mutex_init(&bql);
      qemu_thread_get_self(&io_thread);
  }
  void run_on_cpu(CPUState *cpu, run_on_cpu_func func, run_on_cpu_data data)
  {
 -    do_run_on_cpu(cpu, func, data, &qemu_global_mutex);
 +    do_run_on_cpu(cpu, func, data, &bql);
  }
  static void qemu_cpu_stop(CPUState *cpu, bool exit)
@@ -XXX,XX +XXX,XX @@ void qemu_wait_io_event(CPUState *cpu)
              slept = true;
              qemu_plugin_vcpu_idle_cb(cpu);
          }
 -        qemu_cond_wait(cpu->halt_cond, &qemu_global_mutex);
 +        qemu_cond_wait(cpu->halt_cond, &bql);
      }
      if (slept) {
          qemu_plugin_vcpu_resume_cb(cpu);
@@ -XXX,XX +XXX,XX @@ bool qemu_in_vcpu_thread(void)
      return current_cpu && qemu_cpu_is_self(current_cpu);
  }
 -QEMU_DEFINE_STATIC_CO_TLS(bool, iothread_locked)
 +QEMU_DEFINE_STATIC_CO_TLS(bool, bql_locked)
 -bool qemu_mutex_iothread_locked(void)
 +bool bql_locked(void)
  {
 -    return get_iothread_locked();
 +    return get_bql_locked();
  }
  bool qemu_in_main_thread(void)
  {
 -    return qemu_mutex_iothread_locked();
 +    return bql_locked();
  }
  /*
   * The BQL is taken from so many places that it is worth profiling the
   * callers directly, instead of funneling them all through a single function.
   */
 -void qemu_mutex_lock_iothread_impl(const char *file, int line)
 +void bql_lock_impl(const char *file, int line)
  {
 -    QemuMutexLockFunc bql_lock = qatomic_read(&qemu_bql_mutex_lock_func);
 +    QemuMutexLockFunc bql_lock_fn = qatomic_read(&bql_mutex_lock_func);
 -    g_assert(!qemu_mutex_iothread_locked());
 -    bql_lock(&qemu_global_mutex, file, line);
 -    set_iothread_locked(true);
 +    g_assert(!bql_locked());
 +    bql_lock_fn(&bql, file, line);
 +    set_bql_locked(true);
  }
 -void qemu_mutex_unlock_iothread(void)
 +void bql_unlock(void)
  {
 -    g_assert(qemu_mutex_iothread_locked());
 -    set_iothread_locked(false);
 -    qemu_mutex_unlock(&qemu_global_mutex);
 +    g_assert(bql_locked());
 +    set_bql_locked(false);
 +    qemu_mutex_unlock(&bql);
  }
  void qemu_cond_wait_iothread(QemuCond *cond)
  {
 -    qemu_cond_wait(cond, &qemu_global_mutex);
 +    qemu_cond_wait(cond, &bql);
  }
  void qemu_cond_timedwait_iothread(QemuCond *cond, int ms)
  {
 -    qemu_cond_timedwait(cond, &qemu_global_mutex, ms);
 +    qemu_cond_timedwait(cond, &bql, ms);
  }
  /* signal CPU creation */
@@ -XXX,XX +XXX,XX @@ void pause_all_vcpus(void)
      replay_mutex_unlock();
      while (!all_vcpus_paused()) {
 -        qemu_cond_wait(&qemu_pause_cond, &qemu_global_mutex);
 +        qemu_cond_wait(&qemu_pause_cond, &bql);
          CPU_FOREACH(cpu) {
              qemu_cpu_kick(cpu);
          }
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      replay_mutex_lock();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
  }
  void cpu_resume(CPUState *cpu)
@@ -XXX,XX +XXX,XX @@ void cpu_remove_sync(CPUState *cpu)
      cpu->stop = true;
      cpu->unplug = true;
      qemu_cpu_kick(cpu);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      qemu_thread_join(cpu->thread);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
  }
  void cpus_register_accel(const AccelOpsClass *ops)
@@ -XXX,XX +XXX,XX @@ void qemu_init_vcpu(CPUState *cpu)
      cpus_accel->create_vcpu_thread(cpu);
      while (!cpu->created) {
 -        qemu_cond_wait(&qemu_cpu_cond, &qemu_global_mutex);
 +        qemu_cond_wait(&qemu_cpu_cond, &bql);
      }
  }
 diff --git a/system/dirtylimit.c b/system/dirtylimit.c
 index XXXXXXX..XXXXXXX 100644
 --- a/system/dirtylimit.c
 +++ b/system/dirtylimit.c
@@ -XXX,XX +XXX,XX @@ void vcpu_dirty_rate_stat_stop(void)
  {
      qatomic_set(&vcpu_dirty_rate_stat->running, 0);
      dirtylimit_state_unlock();
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      qemu_thread_join(&vcpu_dirty_rate_stat->thread);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      dirtylimit_state_lock();
  }
 diff --git a/system/memory.c b/system/memory.c
 index XXXXXXX..XXXXXXX 100644
 --- a/system/memory.c
 +++ b/system/memory.c
@@ -XXX,XX +XXX,XX @@ void memory_region_transaction_commit(void)
      AddressSpace *as;
      assert(memory_region_transaction_depth);
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      --memory_region_transaction_depth;
      if (!memory_region_transaction_depth) {
 diff --git a/system/physmem.c b/system/physmem.c
 index XXXXXXX..XXXXXXX 100644
 --- a/system/physmem.c
 +++ b/system/physmem.c
@@ -XXX,XX +XXX,XX @@ bool prepare_mmio_access(MemoryRegion *mr)
  {
      bool release_lock = false;
 -    if (!qemu_mutex_iothread_locked()) {
 -        qemu_mutex_lock_iothread();
 +    if (!bql_locked()) {
 +        bql_lock();
          release_lock = true;
      }
      if (mr->flush_coalesced_mmio) {
@@ -XXX,XX +XXX,XX @@ static MemTxResult flatview_write_continue(FlatView *fv, hwaddr addr,
          }
          if (release_lock) {
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              release_lock = false;
          }
@@ -XXX,XX +XXX,XX @@ MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr,
          }
          if (release_lock) {
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              release_lock = false;
          }
 diff --git a/system/runstate.c b/system/runstate.c
 index XXXXXXX..XXXXXXX 100644
 --- a/system/runstate.c
 +++ b/system/runstate.c
@@ -XXX,XX +XXX,XX @@ void qemu_init_subsystems(void)
      qemu_init_cpu_list();
      qemu_init_cpu_loop();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      atexit(qemu_run_exit_notifiers);
 diff --git a/system/watchpoint.c b/system/watchpoint.c
 index XXXXXXX..XXXXXXX 100644
 --- a/system/watchpoint.c
 +++ b/system/watchpoint.c
@@ -XXX,XX +XXX,XX @@ void cpu_check_watchpoint(CPUState *cpu, vaddr addr, vaddr len,
           * Now raise the debug interrupt so that it will
           * trigger after the current instruction.
           */
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          cpu_interrupt(cpu, CPU_INTERRUPT_DEBUG);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          return;
      }
 diff --git a/target/arm/arm-powerctl.c b/target/arm/arm-powerctl.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/arm/arm-powerctl.c
 +++ b/target/arm/arm-powerctl.c
@@ -XXX,XX +XXX,XX @@ static void arm_set_cpu_on_async_work(CPUState *target_cpu_state,
      g_free(info);
      /* Finally set the power status */
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      target_cpu->power_state = PSCI_ON;
  }
@@ -XXX,XX +XXX,XX @@ int arm_set_cpu_on(uint64_t cpuid, uint64_t entry, uint64_t context_id,
      ARMCPU *target_cpu;
      struct CpuOnInfo *info;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      DPRINTF("cpu %" PRId64 " (EL %d, %s) @ 0x%" PRIx64 " with R0 = 0x%" PRIx64
              "\n", cpuid, target_el, target_aa64 ? "aarch64" : "aarch32", entry,
@@ -XXX,XX +XXX,XX @@ static void arm_set_cpu_on_and_reset_async_work(CPUState *target_cpu_state,
      target_cpu_state->halted = 0;
      /* Finally set the power status */
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      target_cpu->power_state = PSCI_ON;
  }
@@ -XXX,XX +XXX,XX @@ int arm_set_cpu_on_and_reset(uint64_t cpuid)
      CPUState *target_cpu_state;
      ARMCPU *target_cpu;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      /* Retrieve the cpu we are powering up */
      target_cpu_state = arm_get_cpu_by_id(cpuid);
@@ -XXX,XX +XXX,XX @@ static void arm_set_cpu_off_async_work(CPUState *target_cpu_state,
  {
      ARMCPU *target_cpu = ARM_CPU(target_cpu_state);
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      target_cpu->power_state = PSCI_OFF;
      target_cpu_state->halted = 1;
      target_cpu_state->exception_index = EXCP_HLT;
@@ -XXX,XX +XXX,XX @@ int arm_set_cpu_off(uint64_t cpuid)
      CPUState *target_cpu_state;
      ARMCPU *target_cpu;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      DPRINTF("cpu %" PRId64 "\n", cpuid);
@@ -XXX,XX +XXX,XX @@ int arm_reset_cpu(uint64_t cpuid)
      CPUState *target_cpu_state;
      ARMCPU *target_cpu;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      DPRINTF("cpu %" PRId64 "\n", cpuid);
 diff --git a/target/arm/helper.c b/target/arm/helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/arm/helper.c
 +++ b/target/arm/helper.c
@@ -XXX,XX +XXX,XX @@ static void do_hcr_write(CPUARMState *env, uint64_t value, uint64_t valid_mask)
       * VFIQ are masked unless running at EL0 or EL1, and HCR
       * can only be written at EL2.
       */
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      arm_cpu_update_virq(cpu);
      arm_cpu_update_vfiq(cpu);
      arm_cpu_update_vserr(cpu);
@@ -XXX,XX +XXX,XX @@ void arm_cpu_do_interrupt(CPUState *cs)
       * BQL needs to be held for any modification of
       * cs->interrupt_request.
       */
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      arm_call_pre_el_change_hook(cpu);
 diff --git a/target/arm/hvf/hvf.c b/target/arm/hvf/hvf.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/arm/hvf/hvf.c
 +++ b/target/arm/hvf/hvf.c
@@ -XXX,XX +XXX,XX @@ static void hvf_wait_for_ipi(CPUState *cpu, struct timespec *ts)
       * sleeping.
       */
      qatomic_set_mb(&cpu->thread_kicked, false);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      pselect(0, 0, 0, 0, ts, &cpu->accel->unblock_ipi_mask);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
  }
  static void hvf_wfi(CPUState *cpu)
@@ -XXX,XX +XXX,XX @@ int hvf_vcpu_exec(CPUState *cpu)
      flush_cpu_state(cpu);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      assert_hvf_ok(hv_vcpu_run(cpu->accel->fd));
      /* handle VMEXIT */
@@ -XXX,XX +XXX,XX @@ int hvf_vcpu_exec(CPUState *cpu)
      uint32_t ec = syn_get_ec(syndrome);
      ret = 0;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      switch (exit_reason) {
      case HV_EXIT_REASON_EXCEPTION:
          /* This is the main one, handle below. */
 diff --git a/target/arm/kvm.c b/target/arm/kvm.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/arm/kvm.c
 +++ b/target/arm/kvm.c
@@ -XXX,XX +XXX,XX @@ MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
      if (run->s.regs.device_irq_level != cpu->device_irq_level) {
          switched_level = cpu->device_irq_level ^ run->s.regs.device_irq_level;
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          if (switched_level & KVM_ARM_DEV_EL1_VTIMER) {
              qemu_set_irq(cpu->gt_timer_outputs[GTIMER_VIRT],
@@ -XXX,XX +XXX,XX @@ MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
          /* We also mark unknown levels as processed to not waste cycles */
          cpu->device_irq_level = run->s.regs.device_irq_level;
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      return MEMTXATTRS_UNSPECIFIED;
@@ -XXX,XX +XXX,XX @@ static bool kvm_arm_handle_debug(ARMCPU *cpu,
      env->exception.syndrome = debug_exit->hsr;
      env->exception.vaddress = debug_exit->far;
      env->exception.target_el = 1;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      arm_cpu_do_interrupt(cs);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return false;
  }
 diff --git a/target/arm/ptw.c b/target/arm/ptw.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/arm/ptw.c
 +++ b/target/arm/ptw.c
@@ -XXX,XX +XXX,XX @@ static uint64_t arm_casq_ptw(CPUARMState *env, uint64_t old_val,
  #if !TCG_OVERSIZED_GUEST
  # error "Unexpected configuration"
  #endif
 -    bool locked = qemu_mutex_iothread_locked();
 +    bool locked = bql_locked();
      if (!locked) {
 -       qemu_mutex_lock_iothread();
 +        bql_lock();
      }
      if (ptw->out_be) {
          cur_val = ldq_be_p(host);
@@ -XXX,XX +XXX,XX @@ static uint64_t arm_casq_ptw(CPUARMState *env, uint64_t old_val,
          }
      }
      if (!locked) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
  #endif
 diff --git a/target/arm/tcg/helper-a64.c b/target/arm/tcg/helper-a64.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/arm/tcg/helper-a64.c
 +++ b/target/arm/tcg/helper-a64.c
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc)
          goto illegal_return;
      }
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      arm_call_pre_el_change_hook(env_archcpu(env));
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      if (!return_to_aa64) {
          env->aarch64 = false;
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc)
       */
      aarch64_sve_change_el(env, cur_el, new_el, return_to_aa64);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      arm_call_el_change_hook(env_archcpu(env));
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return;
 diff --git a/target/arm/tcg/m_helper.c b/target/arm/tcg/m_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/arm/tcg/m_helper.c
 +++ b/target/arm/tcg/m_helper.c
@@ -XXX,XX +XXX,XX @@ void HELPER(v7m_preserve_fp_state)(CPUARMState *env)
      bool ts = is_secure && (env->v7m.fpccr[M_REG_S] & R_V7M_FPCCR_TS_MASK);
      bool take_exception;
 -    /* Take the iothread lock as we are going to touch the NVIC */
 -    qemu_mutex_lock_iothread();
 +    /* Take the BQL as we are going to touch the NVIC */
 +    bql_lock();
      /* Check the background context had access to the FPU */
      if (!v7m_cpacr_pass(env, is_secure, is_priv)) {
@@ -XXX,XX +XXX,XX @@ void HELPER(v7m_preserve_fp_state)(CPUARMState *env)
      take_exception = !stacked_ok &&
          armv7m_nvic_can_take_pending_exception(env->nvic);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      if (take_exception) {
          raise_exception_ra(env, EXCP_LAZYFP, 0, 1, GETPC());
 diff --git a/target/arm/tcg/op_helper.c b/target/arm/tcg/op_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/arm/tcg/op_helper.c
 +++ b/target/arm/tcg/op_helper.c
@@ -XXX,XX +XXX,XX @@ void HELPER(cpsr_write_eret)(CPUARMState *env, uint32_t val)
  {
      uint32_t mask;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      arm_call_pre_el_change_hook(env_archcpu(env));
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      mask = aarch32_cpsr_valid_mask(env->features, &env_archcpu(env)->isar);
      cpsr_write(env, val, mask, CPSRWriteExceptionReturn);
@@ -XXX,XX +XXX,XX @@ void HELPER(cpsr_write_eret)(CPUARMState *env, uint32_t val)
      env->regs[15] &= (env->thumb ? ~1 : ~3);
      arm_rebuild_hflags(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      arm_call_el_change_hook(env_archcpu(env));
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  /* Access to user mode registers from privileged modes.  */
@@ -XXX,XX +XXX,XX @@ void HELPER(set_cp_reg)(CPUARMState *env, const void *rip, uint32_t value)
      const ARMCPRegInfo *ri = rip;
      if (ri->type & ARM_CP_IO) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          ri->writefn(env, ri, value);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      } else {
          ri->writefn(env, ri, value);
      }
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(get_cp_reg)(CPUARMState *env, const void *rip)
      uint32_t res;
      if (ri->type & ARM_CP_IO) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          res = ri->readfn(env, ri);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      } else {
          res = ri->readfn(env, ri);
      }
@@ -XXX,XX +XXX,XX @@ void HELPER(set_cp_reg64)(CPUARMState *env, const void *rip, uint64_t value)
      const ARMCPRegInfo *ri = rip;
      if (ri->type & ARM_CP_IO) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          ri->writefn(env, ri, value);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      } else {
          ri->writefn(env, ri, value);
      }
@@ -XXX,XX +XXX,XX @@ uint64_t HELPER(get_cp_reg64)(CPUARMState *env, const void *rip)
      uint64_t res;
      if (ri->type & ARM_CP_IO) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          res = ri->readfn(env, ri);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      } else {
          res = ri->readfn(env, ri);
      }
 diff --git a/target/arm/tcg/psci.c b/target/arm/tcg/psci.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/arm/tcg/psci.c
 +++ b/target/arm/tcg/psci.c
@@ -XXX,XX +XXX,XX @@ void arm_handle_psci_call(ARMCPU *cpu)
              }
              target_cpu = ARM_CPU(target_cpu_state);
 -            g_assert(qemu_mutex_iothread_locked());
 +            g_assert(bql_locked());
              ret = target_cpu->power_state;
              break;
          default:
 diff --git a/target/hppa/int_helper.c b/target/hppa/int_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/hppa/int_helper.c
 +++ b/target/hppa/int_helper.c
@@ -XXX,XX +XXX,XX @@ void hppa_cpu_alarm_timer(void *opaque)
  void HELPER(write_eirr)(CPUHPPAState *env, target_ulong val)
  {
      env->cr[CR_EIRR] &= ~val;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      eval_interrupt(env_archcpu(env));
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(write_eiem)(CPUHPPAState *env, target_ulong val)
  {
      env->cr[CR_EIEM] = val;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      eval_interrupt(env_archcpu(env));
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void hppa_cpu_do_interrupt(CPUState *cs)
 diff --git a/target/i386/hvf/hvf.c b/target/i386/hvf/hvf.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/hvf/hvf.c
 +++ b/target/i386/hvf/hvf.c
@@ -XXX,XX +XXX,XX @@ int hvf_vcpu_exec(CPUState *cpu)
          }
          vmx_update_tpr(cpu);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          if (!cpu_is_bsp(X86_CPU(cpu)) && cpu->halted) {
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              return EXCP_HLT;
          }
@@ -XXX,XX +XXX,XX @@ int hvf_vcpu_exec(CPUState *cpu)
          rip = rreg(cpu->accel->fd, HV_X86_RIP);
          env->eflags = rreg(cpu->accel->fd, HV_X86_RFLAGS);
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          update_apic_tpr(cpu);
          current_cpu = cpu;
 diff --git a/target/i386/kvm/hyperv.c b/target/i386/kvm/hyperv.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/kvm/hyperv.c
 +++ b/target/i386/kvm/hyperv.c
@@ -XXX,XX +XXX,XX @@ void hyperv_x86_synic_update(X86CPU *cpu)
  static void async_synic_update(CPUState *cs, run_on_cpu_data data)
  {
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      hyperv_x86_synic_update(X86_CPU(cs));
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  int kvm_hv_handle_exit(X86CPU *cpu, struct kvm_hyperv_exit *exit)
 diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/kvm/kvm.c
 +++ b/target/i386/kvm/kvm.c
@@ -XXX,XX +XXX,XX @@ void kvm_arch_pre_run(CPUState *cpu, struct kvm_run *run)
      /* Inject NMI */
      if (cpu->interrupt_request & (CPU_INTERRUPT_NMI | CPU_INTERRUPT_SMI)) {
          if (cpu->interrupt_request & CPU_INTERRUPT_NMI) {
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              cpu->interrupt_request &= ~CPU_INTERRUPT_NMI;
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              DPRINTF("injected NMI\n");
              ret = kvm_vcpu_ioctl(cpu, KVM_NMI);
              if (ret < 0) {
@@ -XXX,XX +XXX,XX @@ void kvm_arch_pre_run(CPUState *cpu, struct kvm_run *run)
              }
          }
          if (cpu->interrupt_request & CPU_INTERRUPT_SMI) {
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              cpu->interrupt_request &= ~CPU_INTERRUPT_SMI;
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              DPRINTF("injected SMI\n");
              ret = kvm_vcpu_ioctl(cpu, KVM_SMI);
              if (ret < 0) {
@@ -XXX,XX +XXX,XX @@ void kvm_arch_pre_run(CPUState *cpu, struct kvm_run *run)
      }
      if (!kvm_pic_in_kernel()) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
      }
      /* Force the VCPU out of its inner loop to process any INIT requests
@@ -XXX,XX +XXX,XX @@ void kvm_arch_pre_run(CPUState *cpu, struct kvm_run *run)
          DPRINTF("setting tpr\n");
          run->cr8 = cpu_get_apic_tpr(x86_cpu->apic_state);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
  }
@@ -XXX,XX +XXX,XX @@ MemTxAttrs kvm_arch_post_run(CPUState *cpu, struct kvm_run *run)
      /* We need to protect the apic state against concurrent accesses from
       * different threads in case the userspace irqchip is used. */
      if (!kvm_irqchip_in_kernel()) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
      }
      cpu_set_apic_tpr(x86_cpu->apic_state, run->cr8);
      cpu_set_apic_base(x86_cpu->apic_state, run->apic_base);
      if (!kvm_irqchip_in_kernel()) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      return cpu_get_mem_attrs(env);
  }
@@ -XXX,XX +XXX,XX @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
      switch (run->exit_reason) {
      case KVM_EXIT_HLT:
          DPRINTF("handle_hlt\n");
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          ret = kvm_handle_halt(cpu);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          break;
      case KVM_EXIT_SET_TPR:
          ret = 0;
          break;
      case KVM_EXIT_TPR_ACCESS:
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          ret = kvm_handle_tpr_access(cpu);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          break;
      case KVM_EXIT_FAIL_ENTRY:
          code = run->fail_entry.hardware_entry_failure_reason;
@@ -XXX,XX +XXX,XX @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
          break;
      case KVM_EXIT_DEBUG:
          DPRINTF("kvm_exit_debug\n");
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          ret = kvm_handle_debug(cpu, &run->debug.arch);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          break;
      case KVM_EXIT_HYPERV:
          ret = kvm_hv_handle_exit(cpu, &run->hyperv);
 diff --git a/target/i386/kvm/xen-emu.c b/target/i386/kvm/xen-emu.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/kvm/xen-emu.c
 +++ b/target/i386/kvm/xen-emu.c
@@ -XXX,XX +XXX,XX @@ void kvm_xen_maybe_deassert_callback(CPUState *cs)
      /* If the evtchn_upcall_pending flag is cleared, turn the GSI off. */
      if (!vi->evtchn_upcall_pending) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          /*
           * Check again now we have the lock, because it may have been
           * asserted in the interim. And we don't want to take the lock
@@ -XXX,XX +XXX,XX @@ void kvm_xen_maybe_deassert_callback(CPUState *cs)
              X86_CPU(cs)->env.xen_callback_asserted = false;
              xen_evtchn_set_callback_level(0);
          }
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
  }
@@ -XXX,XX +XXX,XX @@ static bool handle_set_param(struct kvm_xen_exit *exit, X86CPU *cpu,
      switch (hp.index) {
      case HVM_PARAM_CALLBACK_IRQ:
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          err = xen_evtchn_set_callback_param(hp.value);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          xen_set_long_mode(exit->u.hcall.longmode);
          break;
      default:
@@ -XXX,XX +XXX,XX @@ int kvm_xen_soft_reset(void)
      CPUState *cpu;
      int err;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      trace_kvm_xen_soft_reset();
@@ -XXX,XX +XXX,XX @@ static int schedop_shutdown(CPUState *cs, uint64_t arg)
          break;
      case SHUTDOWN_soft_reset:
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          ret = kvm_xen_soft_reset();
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          break;
      default:
 diff --git a/target/i386/nvmm/nvmm-accel-ops.c b/target/i386/nvmm/nvmm-accel-ops.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/nvmm/nvmm-accel-ops.c
 +++ b/target/i386/nvmm/nvmm-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void *qemu_nvmm_cpu_thread_fn(void *arg)
      rcu_register_thread();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      qemu_thread_get_self(cpu->thread);
      cpu->thread_id = qemu_get_thread_id();
      current_cpu = cpu;
@@ -XXX,XX +XXX,XX @@ static void *qemu_nvmm_cpu_thread_fn(void *arg)
      nvmm_destroy_vcpu(cpu);
      cpu_thread_signal_destroyed(cpu);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      rcu_unregister_thread();
      return NULL;
  }
 diff --git a/target/i386/nvmm/nvmm-all.c b/target/i386/nvmm/nvmm-all.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/nvmm/nvmm-all.c
 +++ b/target/i386/nvmm/nvmm-all.c
@@ -XXX,XX +XXX,XX @@ nvmm_vcpu_pre_run(CPUState *cpu)
      uint8_t tpr;
      int ret;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      tpr = cpu_get_apic_tpr(x86_cpu->apic_state);
      if (tpr != qcpu->tpr) {
@@ -XXX,XX +XXX,XX @@ nvmm_vcpu_pre_run(CPUState *cpu)
          }
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  /*
@@ -XXX,XX +XXX,XX @@ nvmm_vcpu_post_run(CPUState *cpu, struct nvmm_vcpu_exit *exit)
      tpr = exit->exitstate.cr8;
      if (qcpu->tpr != tpr) {
          qcpu->tpr = tpr;
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          cpu_set_apic_tpr(x86_cpu->apic_state, qcpu->tpr);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
  }
@@ -XXX,XX +XXX,XX @@ nvmm_handle_halted(struct nvmm_machine *mach, CPUState *cpu,
      CPUX86State *env = cpu_env(cpu);
      int ret = 0;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      if (!((cpu->interrupt_request & CPU_INTERRUPT_HARD) &&
            (env->eflags & IF_MASK)) &&
@@ -XXX,XX +XXX,XX @@ nvmm_handle_halted(struct nvmm_machine *mach, CPUState *cpu,
          ret = 1;
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return ret;
  }
@@ -XXX,XX +XXX,XX @@ nvmm_vcpu_loop(CPUState *cpu)
          return 0;
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      cpu_exec_start(cpu);
      /*
@@ -XXX,XX +XXX,XX @@ nvmm_vcpu_loop(CPUState *cpu)
              error_report("NVMM: Unexpected VM exit code 0x%lx [hw=0x%lx]",
                  exit->reason, exit->u.inv.hwcode);
              nvmm_get_registers(cpu);
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              qemu_system_guest_panicked(cpu_get_crash_info(cpu));
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              ret = -1;
              break;
          }
      } while (ret == 0);
      cpu_exec_end(cpu);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      qatomic_set(&cpu->exit_request, false);
 diff --git a/target/i386/tcg/sysemu/fpu_helper.c b/target/i386/tcg/sysemu/fpu_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/tcg/sysemu/fpu_helper.c
 +++ b/target/i386/tcg/sysemu/fpu_helper.c
@@ -XXX,XX +XXX,XX @@ void x86_register_ferr_irq(qemu_irq irq)
  void fpu_check_raise_ferr_irq(CPUX86State *env)
  {
      if (ferr_irq && !(env->hflags2 & HF2_IGNNE_MASK)) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          qemu_irq_raise(ferr_irq);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          return;
      }
  }
@@ -XXX,XX +XXX,XX @@ void cpu_set_ignne(void)
  {
      CPUX86State *env = &X86_CPU(first_cpu)->env;
 -    assert(qemu_mutex_iothread_locked());
 +    assert(bql_locked());
      env->hflags2 |= HF2_IGNNE_MASK;
      /*
 diff --git a/target/i386/tcg/sysemu/misc_helper.c b/target/i386/tcg/sysemu/misc_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/tcg/sysemu/misc_helper.c
 +++ b/target/i386/tcg/sysemu/misc_helper.c
@@ -XXX,XX +XXX,XX @@ void helper_write_crN(CPUX86State *env, int reg, target_ulong t0)
          break;
      case 8:
          if (!(env->hflags2 & HF2_VINTR_MASK)) {
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              cpu_set_apic_tpr(env_archcpu(env)->apic_state, t0);
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
          }
          env->int_ctl = (env->int_ctl & ~V_TPR_MASK) | (t0 & V_TPR_MASK);
 diff --git a/target/i386/whpx/whpx-accel-ops.c b/target/i386/whpx/whpx-accel-ops.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/whpx/whpx-accel-ops.c
 +++ b/target/i386/whpx/whpx-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void *whpx_cpu_thread_fn(void *arg)
      rcu_register_thread();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      qemu_thread_get_self(cpu->thread);
      cpu->thread_id = qemu_get_thread_id();
      current_cpu = cpu;
@@ -XXX,XX +XXX,XX @@ static void *whpx_cpu_thread_fn(void *arg)
      whpx_destroy_vcpu(cpu);
      cpu_thread_signal_destroyed(cpu);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      rcu_unregister_thread();
      return NULL;
  }
 diff --git a/target/i386/whpx/whpx-all.c b/target/i386/whpx/whpx-all.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/whpx/whpx-all.c
 +++ b/target/i386/whpx/whpx-all.c
@@ -XXX,XX +XXX,XX @@ static int whpx_first_vcpu_starting(CPUState *cpu)
      struct whpx_state *whpx = &whpx_global;
      HRESULT hr;
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      if (!QTAILQ_EMPTY(&cpu->breakpoints) ||
              (whpx->breakpoints.breakpoints &&
@@ -XXX,XX +XXX,XX @@ static int whpx_handle_halt(CPUState *cpu)
      CPUX86State *env = cpu_env(cpu);
      int ret = 0;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      if (!((cpu->interrupt_request & CPU_INTERRUPT_HARD) &&
            (env->eflags & IF_MASK)) &&
          !(cpu->interrupt_request & CPU_INTERRUPT_NMI)) {
@@ -XXX,XX +XXX,XX @@ static int whpx_handle_halt(CPUState *cpu)
          cpu->halted = true;
          ret = 1;
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return ret;
  }
@@ -XXX,XX +XXX,XX @@ static void whpx_vcpu_pre_run(CPUState *cpu)
      memset(&new_int, 0, sizeof(new_int));
      memset(reg_values, 0, sizeof(reg_values));
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      /* Inject NMI */
      if (!vcpu->interruption_pending &&
@@ -XXX,XX +XXX,XX @@ static void whpx_vcpu_pre_run(CPUState *cpu)
          reg_count += 1;
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      vcpu->ready_for_pic_interrupt = false;
      if (reg_count) {
@@ -XXX,XX +XXX,XX @@ static void whpx_vcpu_post_run(CPUState *cpu)
      uint64_t tpr = vcpu->exit_ctx.VpContext.Cr8;
      if (vcpu->tpr != tpr) {
          vcpu->tpr = tpr;
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          cpu_set_apic_tpr(x86_cpu->apic_state, whpx_cr8_to_apic_tpr(vcpu->tpr));
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      vcpu->interruption_pending =
@@ -XXX,XX +XXX,XX @@ static int whpx_vcpu_run(CPUState *cpu)
      WhpxStepMode exclusive_step_mode = WHPX_STEP_NONE;
      int ret;
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      if (whpx->running_cpus++ == 0) {
          /* Insert breakpoints into memory, update exception exit bitmap. */
@@ -XXX,XX +XXX,XX @@ static int whpx_vcpu_run(CPUState *cpu)
          }
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      if (exclusive_step_mode != WHPX_STEP_NONE) {
          start_exclusive();
@@ -XXX,XX +XXX,XX @@ static int whpx_vcpu_run(CPUState *cpu)
              error_report("WHPX: Unexpected VP exit code %d",
                           vcpu->exit_ctx.ExitReason);
              whpx_get_registers(cpu);
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              qemu_system_guest_panicked(cpu_get_crash_info(cpu));
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              break;
          }
@@ -XXX,XX +XXX,XX @@ static int whpx_vcpu_run(CPUState *cpu)
          cpu_exec_end(cpu);
      }
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      current_cpu = cpu;
      if (--whpx->running_cpus == 0) {
 diff --git a/target/loongarch/tcg/csr_helper.c b/target/loongarch/tcg/csr_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/loongarch/tcg/csr_helper.c
 +++ b/target/loongarch/tcg/csr_helper.c
@@ -XXX,XX +XXX,XX @@ target_ulong helper_csrwr_ticlr(CPULoongArchState *env, target_ulong val)
      int64_t old_v = 0;
      if (val & 0x1) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          loongarch_cpu_set_irq(cpu, IRQ_TIMER, 0);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      return old_v;
  }
 diff --git a/target/mips/kvm.c b/target/mips/kvm.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/mips/kvm.c
 +++ b/target/mips/kvm.c
@@ -XXX,XX +XXX,XX @@ void kvm_arch_pre_run(CPUState *cs, struct kvm_run *run)
      int r;
      struct kvm_mips_interrupt intr;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      if ((cs->interrupt_request & CPU_INTERRUPT_HARD) &&
              cpu_mips_io_interrupts_pending(cpu)) {
@@ -XXX,XX +XXX,XX @@ void kvm_arch_pre_run(CPUState *cs, struct kvm_run *run)
          }
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
 diff --git a/target/mips/tcg/sysemu/cp0_helper.c b/target/mips/tcg/sysemu/cp0_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/mips/tcg/sysemu/cp0_helper.c
 +++ b/target/mips/tcg/sysemu/cp0_helper.c
@@ -XXX,XX +XXX,XX @@ static inline void mips_vpe_wake(MIPSCPU *c)
       * because there might be other conditions that state that c should
       * be sleeping.
       */
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      cpu_interrupt(CPU(c), CPU_INTERRUPT_WAKE);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  static inline void mips_vpe_sleep(MIPSCPU *cpu)
 diff --git a/target/openrisc/sys_helper.c b/target/openrisc/sys_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/openrisc/sys_helper.c
 +++ b/target/openrisc/sys_helper.c
@@ -XXX,XX +XXX,XX @@ void HELPER(mtspr)(CPUOpenRISCState *env, target_ulong spr, target_ulong rb)
          break;
      case TO_SPR(9, 0):  /* PICMR */
          env->picmr = rb;
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          if (env->picsr & env->picmr) {
              cpu_interrupt(cs, CPU_INTERRUPT_HARD);
          } else {
              cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD);
          }
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          break;
      case TO_SPR(9, 2):  /* PICSR */
          env->picsr &= ~rb;
          break;
      case TO_SPR(10, 0): /* TTMR */
          {
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              if ((env->ttmr & TTMR_M) ^ (rb & TTMR_M)) {
                  switch (rb & TTMR_M) {
                  case TIMER_NONE:
@@ -XXX,XX +XXX,XX @@ void HELPER(mtspr)(CPUOpenRISCState *env, target_ulong spr, target_ulong rb)
                  cs->interrupt_request &= ~CPU_INTERRUPT_TIMER;
              }
              cpu_openrisc_timer_update(cpu);
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
          }
          break;
      case TO_SPR(10, 1): /* TTCR */
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          cpu_openrisc_count_set(cpu, rb);
          cpu_openrisc_timer_update(cpu);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          break;
      }
  #endif
@@ -XXX,XX +XXX,XX @@ target_ulong HELPER(mfspr)(CPUOpenRISCState *env, target_ulong rd,
          return env->ttmr;
      case TO_SPR(10, 1): /* TTCR */
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          cpu_openrisc_count_update(cpu);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          return cpu_openrisc_count_get(cpu);
      }
  #endif
 diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/ppc/excp_helper.c
 +++ b/target/ppc/excp_helper.c
@@ -XXX,XX +XXX,XX @@ void helper_msgsnd(target_ulong rb)
          return;
      }
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      CPU_FOREACH(cs) {
          PowerPCCPU *cpu = POWERPC_CPU(cs);
          CPUPPCState *cenv = &cpu->env;
@@ -XXX,XX +XXX,XX @@ void helper_msgsnd(target_ulong rb)
              ppc_set_irq(cpu, irq, 1);
          }
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  /* Server Processor Control */
@@ -XXX,XX +XXX,XX @@ static void book3s_msgsnd_common(int pir, int irq)
  {
      CPUState *cs;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      CPU_FOREACH(cs) {
          PowerPCCPU *cpu = POWERPC_CPU(cs);
          CPUPPCState *cenv = &cpu->env;
@@ -XXX,XX +XXX,XX @@ static void book3s_msgsnd_common(int pir, int irq)
              ppc_set_irq(cpu, irq, 1);
          }
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void helper_book3s_msgsnd(target_ulong rb)
@@ -XXX,XX +XXX,XX @@ void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb)
      }
      /* Does iothread need to be locked for walking CPU list? */
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      THREAD_SIBLING_FOREACH(cs, ccs) {
          PowerPCCPU *ccpu = POWERPC_CPU(ccs);
          uint32_t thread_id = ppc_cpu_tir(ccpu);
          if (ttir == thread_id) {
              ppc_set_irq(ccpu, PPC_INTERRUPT_DOORBELL, 1);
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              return;
          }
      }
 diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/ppc/kvm.c
 +++ b/target/ppc/kvm.c
@@ -XXX,XX +XXX,XX @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
      CPUPPCState *env = &cpu->env;
      int ret;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      switch (run->exit_reason) {
      case KVM_EXIT_DCR:
@@ -XXX,XX +XXX,XX @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
          break;
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return ret;
  }
 diff --git a/target/ppc/misc_helper.c b/target/ppc/misc_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/ppc/misc_helper.c
 +++ b/target/ppc/misc_helper.c
@@ -XXX,XX +XXX,XX @@ target_ulong helper_load_dpdes(CPUPPCState *env)
          return dpdes;
      }
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      THREAD_SIBLING_FOREACH(cs, ccs) {
          PowerPCCPU *ccpu = POWERPC_CPU(ccs);
          CPUPPCState *cenv = &ccpu->env;
@@ -XXX,XX +XXX,XX @@ target_ulong helper_load_dpdes(CPUPPCState *env)
              dpdes |= (0x1 << thread_id);
          }
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return dpdes;
  }
@@ -XXX,XX +XXX,XX @@ void helper_store_dpdes(CPUPPCState *env, target_ulong val)
      }
      /* Does iothread need to be locked for walking CPU list? */
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      THREAD_SIBLING_FOREACH(cs, ccs) {
          PowerPCCPU *ccpu = POWERPC_CPU(ccs);
          uint32_t thread_id = ppc_cpu_tir(ccpu);
          ppc_set_irq(cpu, PPC_INTERRUPT_DOORBELL, val & (0x1 << thread_id));
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  #endif /* defined(TARGET_PPC64) */
 diff --git a/target/ppc/timebase_helper.c b/target/ppc/timebase_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/ppc/timebase_helper.c
 +++ b/target/ppc/timebase_helper.c
@@ -XXX,XX +XXX,XX @@ target_ulong helper_load_dcr(CPUPPCState *env, target_ulong dcrn)
      } else {
          int ret;
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          ret = ppc_dcr_read(env->dcr_env, (uint32_t)dcrn, &val);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          if (unlikely(ret != 0)) {
              qemu_log_mask(LOG_GUEST_ERROR, "DCR read error %d %03x\n",
                            (uint32_t)dcrn, (uint32_t)dcrn);
@@ -XXX,XX +XXX,XX @@ void helper_store_dcr(CPUPPCState *env, target_ulong dcrn, target_ulong val)
                                 POWERPC_EXCP_INVAL_INVAL, GETPC());
      } else {
          int ret;
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          ret = ppc_dcr_write(env->dcr_env, (uint32_t)dcrn, (uint32_t)val);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          if (unlikely(ret != 0)) {
              qemu_log_mask(LOG_GUEST_ERROR, "DCR write error %d %03x\n",
                            (uint32_t)dcrn, (uint32_t)dcrn);
 diff --git a/target/s390x/kvm/kvm.c b/target/s390x/kvm/kvm.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/s390x/kvm/kvm.c
 +++ b/target/s390x/kvm/kvm.c
@@ -XXX,XX +XXX,XX @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
      S390CPU *cpu = S390_CPU(cs);
      int ret = 0;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      kvm_cpu_synchronize_state(cs);
@@ -XXX,XX +XXX,XX @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
              fprintf(stderr, "Unknown KVM exit: %d\n", run->exit_reason);
              break;
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      if (ret == 0) {
          ret = EXCP_INTERRUPT;
 diff --git a/target/s390x/tcg/misc_helper.c b/target/s390x/tcg/misc_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/s390x/tcg/misc_helper.c
 +++ b/target/s390x/tcg/misc_helper.c
@@ -XXX,XX +XXX,XX @@ uint64_t HELPER(stck)(CPUS390XState *env)
  /* SCLP service call */
  uint32_t HELPER(servc)(CPUS390XState *env, uint64_t r1, uint64_t r2)
  {
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      int r = sclp_service_call(env_archcpu(env), r1, r2);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      if (r < 0) {
          tcg_s390_program_interrupt(env, -r, GETPC());
      }
@@ -XXX,XX +XXX,XX @@ void HELPER(diag)(CPUS390XState *env, uint32_t r1, uint32_t r3, uint32_t num)
      switch (num) {
      case 0x500:
          /* KVM hypercall */
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          r = s390_virtio_hypercall(env);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          break;
      case 0x44:
          /* yield */
@@ -XXX,XX +XXX,XX @@ void HELPER(diag)(CPUS390XState *env, uint32_t r1, uint32_t r3, uint32_t num)
          break;
      case 0x308:
          /* ipl */
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          handle_diag_308(env, r1, r3, GETPC());
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          r = 0;
          break;
      case 0x288:
@@ -XXX,XX +XXX,XX @@ static void update_ckc_timer(CPUS390XState *env)
      /* stop the timer and remove pending CKC IRQs */
      timer_del(env->tod_timer);
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      env->pending_int &= ~INTERRUPT_EXT_CLOCK_COMPARATOR;
      /* the tod has to exceed the ckc, this can never happen if ckc is all 1's */
@@ -XXX,XX +XXX,XX @@ void HELPER(sckc)(CPUS390XState *env, uint64_t ckc)
  {
      env->ckc = ckc;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      update_ckc_timer(env);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void tcg_s390_tod_updated(CPUState *cs, run_on_cpu_data opaque)
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(sck)(CPUS390XState *env, uint64_t tod_low)
          .low = tod_low,
      };
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      tdc->set(td, &tod, &error_abort);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return 0;
  }
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(sigp)(CPUS390XState *env, uint64_t order_code, uint32_t r1,
      int cc;
      /* TODO: needed to inject interrupts  - push further down */
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      cc = handle_sigp(env, order_code & SIGP_ORDER_MASK, r1, r3);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return cc;
  }
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(sigp)(CPUS390XState *env, uint64_t order_code, uint32_t r1,
  void HELPER(xsch)(CPUS390XState *env, uint64_t r1)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ioinst_handle_xsch(cpu, r1, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(csch)(CPUS390XState *env, uint64_t r1)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ioinst_handle_csch(cpu, r1, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(hsch)(CPUS390XState *env, uint64_t r1)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ioinst_handle_hsch(cpu, r1, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(msch)(CPUS390XState *env, uint64_t r1, uint64_t inst)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ioinst_handle_msch(cpu, r1, inst >> 16, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(rchp)(CPUS390XState *env, uint64_t r1)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ioinst_handle_rchp(cpu, r1, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(rsch)(CPUS390XState *env, uint64_t r1)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ioinst_handle_rsch(cpu, r1, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(sal)(CPUS390XState *env, uint64_t r1)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ioinst_handle_sal(cpu, r1, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(schm)(CPUS390XState *env, uint64_t r1, uint64_t r2, uint64_t inst)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ioinst_handle_schm(cpu, r1, r2, inst >> 16, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(ssch)(CPUS390XState *env, uint64_t r1, uint64_t inst)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ioinst_handle_ssch(cpu, r1, inst >> 16, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(stcrw)(CPUS390XState *env, uint64_t inst)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ioinst_handle_stcrw(cpu, inst >> 16, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(stsch)(CPUS390XState *env, uint64_t r1, uint64_t inst)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ioinst_handle_stsch(cpu, r1, inst >> 16, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  uint32_t HELPER(tpi)(CPUS390XState *env, uint64_t addr)
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(tpi)(CPUS390XState *env, uint64_t addr)
          tcg_s390_program_interrupt(env, PGM_SPECIFICATION, ra);
      }
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      io = qemu_s390_flic_dequeue_io(flic, env->cregs[6]);
      if (!io) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
          return 0;
      }
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(tpi)(CPUS390XState *env, uint64_t addr)
          if (s390_cpu_virt_mem_write(cpu, addr, 0, &intc, sizeof(intc))) {
              /* writing failed, reinject and properly clean up */
              s390_io_interrupt(io->id, io->nr, io->parm, io->word);
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              g_free(io);
              s390_cpu_virt_mem_handle_exc(cpu, ra);
              return 0;
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(tpi)(CPUS390XState *env, uint64_t addr)
      }
      g_free(io);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return 1;
  }
  void HELPER(tsch)(CPUS390XState *env, uint64_t r1, uint64_t inst)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ioinst_handle_tsch(cpu, r1, inst >> 16, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(chsc)(CPUS390XState *env, uint64_t inst)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      ioinst_handle_chsc(cpu, inst >> 16, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  #endif
@@ -XXX,XX +XXX,XX @@ void HELPER(clp)(CPUS390XState *env, uint32_t r2)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      clp_service_call(cpu, r2, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(pcilg)(CPUS390XState *env, uint32_t r1, uint32_t r2)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      pcilg_service_call(cpu, r1, r2, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(pcistg)(CPUS390XState *env, uint32_t r1, uint32_t r2)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      pcistg_service_call(cpu, r1, r2, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(stpcifc)(CPUS390XState *env, uint32_t r1, uint64_t fiba,
@@ -XXX,XX +XXX,XX @@ void HELPER(stpcifc)(CPUS390XState *env, uint32_t r1, uint64_t fiba,
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      stpcifc_service_call(cpu, r1, fiba, ar, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(sic)(CPUS390XState *env, uint64_t r1, uint64_t r3)
@@ -XXX,XX +XXX,XX @@ void HELPER(sic)(CPUS390XState *env, uint64_t r1, uint64_t r3)
      S390CPU *cpu = env_archcpu(env);
      int r;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      r = css_do_sic(cpu, (r3 >> 27) & 0x7, r1 & 0xffff);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      /* css_do_sic() may actually return a PGM_xxx value to inject */
      if (r) {
          tcg_s390_program_interrupt(env, -r, GETPC());
@@ -XXX,XX +XXX,XX @@ void HELPER(rpcit)(CPUS390XState *env, uint32_t r1, uint32_t r2)
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      rpcit_service_call(cpu, r1, r2, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(pcistb)(CPUS390XState *env, uint32_t r1, uint32_t r3,
@@ -XXX,XX +XXX,XX @@ void HELPER(pcistb)(CPUS390XState *env, uint32_t r1, uint32_t r3,
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      pcistb_service_call(cpu, r1, r3, gaddr, ar, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(mpcifc)(CPUS390XState *env, uint32_t r1, uint64_t fiba,
@@ -XXX,XX +XXX,XX @@ void HELPER(mpcifc)(CPUS390XState *env, uint32_t r1, uint64_t fiba,
  {
      S390CPU *cpu = env_archcpu(env);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      mpcifc_service_call(cpu, r1, fiba, ar, GETPC());
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  #endif
 diff --git a/target/sparc/int32_helper.c b/target/sparc/int32_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/sparc/int32_helper.c
 +++ b/target/sparc/int32_helper.c
@@ -XXX,XX +XXX,XX @@ void cpu_check_irqs(CPUSPARCState *env)
      CPUState *cs;
      /* We should be holding the BQL before we mess with IRQs */
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      if (env->pil_in && (env->interrupt_index == 0 ||
                          (env->interrupt_index & ~15) == TT_EXTINT)) {
 diff --git a/target/sparc/int64_helper.c b/target/sparc/int64_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/sparc/int64_helper.c
 +++ b/target/sparc/int64_helper.c
@@ -XXX,XX +XXX,XX @@ void cpu_check_irqs(CPUSPARCState *env)
                    (env->softint & ~(SOFTINT_TIMER | SOFTINT_STIMER));
      /* We should be holding the BQL before we mess with IRQs */
 -    g_assert(qemu_mutex_iothread_locked());
 +    g_assert(bql_locked());
      /* TT_IVEC has a higher priority (16) than TT_EXTINT (31..17) */
      if (env->ivec_status & 0x20) {
@@ -XXX,XX +XXX,XX @@ static bool do_modify_softint(CPUSPARCState *env, uint32_t value)
          env->softint = value;
  #if !defined(CONFIG_USER_ONLY)
          if (cpu_interrupts_enabled(env)) {
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
              cpu_check_irqs(env);
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
          }
  #endif
          return true;
 diff --git a/target/sparc/win_helper.c b/target/sparc/win_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/sparc/win_helper.c
 +++ b/target/sparc/win_helper.c
@@ -XXX,XX +XXX,XX @@ void helper_wrpsr(CPUSPARCState *env, target_ulong new_psr)
          cpu_raise_exception_ra(env, TT_ILL_INSN, GETPC());
      } else {
          /* cpu_put_psr may trigger interrupts, hence BQL */
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          cpu_put_psr(env, new_psr);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
  }
@@ -XXX,XX +XXX,XX @@ void helper_wrpstate(CPUSPARCState *env, target_ulong new_state)
  #if !defined(CONFIG_USER_ONLY)
      if (cpu_interrupts_enabled(env)) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          cpu_check_irqs(env);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
  #endif
  }
@@ -XXX,XX +XXX,XX @@ void helper_wrpil(CPUSPARCState *env, target_ulong new_pil)
      env->psrpil = new_pil;
      if (cpu_interrupts_enabled(env)) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          cpu_check_irqs(env);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
  #endif
  }
@@ -XXX,XX +XXX,XX @@ void helper_done(CPUSPARCState *env)
  #if !defined(CONFIG_USER_ONLY)
      if (cpu_interrupts_enabled(env)) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          cpu_check_irqs(env);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
  #endif
  }
@@ -XXX,XX +XXX,XX @@ void helper_retry(CPUSPARCState *env)
  #if !defined(CONFIG_USER_ONLY)
      if (cpu_interrupts_enabled(env)) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          cpu_check_irqs(env);
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
  #endif
  }
 diff --git a/target/xtensa/exc_helper.c b/target/xtensa/exc_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/xtensa/exc_helper.c
 +++ b/target/xtensa/exc_helper.c
@@ -XXX,XX +XXX,XX @@ void HELPER(waiti)(CPUXtensaState *env, uint32_t pc, uint32_t intlevel)
      env->sregs[PS] = (env->sregs[PS] & ~PS_INTLEVEL) |
          (intlevel << PS_INTLEVEL_SHIFT);
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      check_interrupts(env);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      if (env->pending_irq_level) {
          cpu_loop_exit(cpu);
@@ -XXX,XX +XXX,XX @@ void HELPER(waiti)(CPUXtensaState *env, uint32_t pc, uint32_t intlevel)
  void HELPER(check_interrupts)(CPUXtensaState *env)
  {
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      check_interrupts(env);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
  }
  void HELPER(intset)(CPUXtensaState *env, uint32_t v)
 diff --git a/ui/spice-core.c b/ui/spice-core.c
 index XXXXXXX..XXXXXXX 100644
 --- a/ui/spice-core.c
 +++ b/ui/spice-core.c
@@ -XXX,XX +XXX,XX @@ static void channel_event(int event, SpiceChannelEventInfo *info)
       */
      bool need_lock = !qemu_thread_is_self(&me);
      if (need_lock) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
      }
      if (info->flags & SPICE_CHANNEL_EVENT_FLAG_ADDR_EXT) {
@@ -XXX,XX +XXX,XX @@ static void channel_event(int event, SpiceChannelEventInfo *info)
      }
      if (need_lock) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      qapi_free_SpiceServerInfo(server);
 diff --git a/util/async.c b/util/async.c
 index XXXXXXX..XXXXXXX 100644
 --- a/util/async.c
 +++ b/util/async.c
@@ -XXX,XX +XXX,XX @@ AioContext *qemu_get_current_aio_context(void)
      if (ctx) {
          return ctx;
      }
 -    if (qemu_mutex_iothread_locked()) {
 +    if (bql_locked()) {
          /* Possibly in a vCPU thread.  */
          return qemu_get_aio_context();
      }
 diff --git a/util/main-loop.c b/util/main-loop.c
 index XXXXXXX..XXXXXXX 100644
 --- a/util/main-loop.c
 +++ b/util/main-loop.c
@@ -XXX,XX +XXX,XX @@ static int os_host_main_loop_wait(int64_t timeout)
      glib_pollfds_fill(&timeout);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      replay_mutex_unlock();
      ret = qemu_poll_ns((GPollFD *)gpollfds->data, gpollfds->len, timeout);
      replay_mutex_lock();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      glib_pollfds_poll();
@@ -XXX,XX +XXX,XX @@ static int os_host_main_loop_wait(int64_t timeout)
      poll_timeout_ns = qemu_soonest_timeout(poll_timeout_ns, timeout);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      replay_mutex_unlock();
@@ -XXX,XX +XXX,XX @@ static int os_host_main_loop_wait(int64_t timeout)
      replay_mutex_lock();
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      if (g_poll_ret > 0) {
          for (i = 0; i < w->num; i++) {
              w->revents[i] = poll_fds[n_poll_fds + i].revents;
 diff --git a/util/qsp.c b/util/qsp.c
 index XXXXXXX..XXXXXXX 100644
 --- a/util/qsp.c
 +++ b/util/qsp.c
@@ -XXX,XX +XXX,XX @@ static const char * const qsp_typenames[] = {
      [QSP_CONDVAR]   = "condvar",
  };
--QemuMutexLockFunc qemu_bql_mutex_lock_func = qemu_mutex_lock_impl;
+-typedef struct BDRVParallelsState {
-+QemuMutexLockFunc bql_mutex_lock_func = qemu_mutex_lock_impl;
+-    /** Locking is conservative, the lock protects
- QemuMutexLockFunc qemu_mutex_lock_func = qemu_mutex_lock_impl;
+-     *   - image file extending (truncate, fallocate)
- QemuMutexTrylockFunc qemu_mutex_trylock_func = qemu_mutex_trylock_impl;
+-     *   - any access to block allocation table
- QemuRecMutexLockFunc qemu_rec_mutex_lock_func = qemu_rec_mutex_lock_impl;
+-     */
-@@ -XXX,XX +XXX,XX @@ void qsp_enable(void)
+-    CoMutex lock;
- {
+-
-     qatomic_set(&qemu_mutex_lock_func, qsp_mutex_lock);
+-    ParallelsHeader *header;
-     qatomic_set(&qemu_mutex_trylock_func, qsp_mutex_trylock);
+-    uint32_t header_size;
--    qatomic_set(&qemu_bql_mutex_lock_func, qsp_bql_mutex_lock);
+-    bool header_unclean;
-+    qatomic_set(&bql_mutex_lock_func, qsp_bql_mutex_lock);
+-
-     qatomic_set(&qemu_rec_mutex_lock_func, qsp_rec_mutex_lock);
+-    unsigned long *bat_dirty_bmap;
-     qatomic_set(&qemu_rec_mutex_trylock_func, qsp_rec_mutex_trylock);
+-    unsigned int  bat_dirty_block;
-     qatomic_set(&qemu_cond_wait_func, qsp_cond_wait);
+-
-@@ -XXX,XX +XXX,XX @@ void qsp_disable(void)
+-    uint32_t *bat_bitmap;
- {
+-    unsigned int bat_size;
-     qatomic_set(&qemu_mutex_lock_func, qemu_mutex_lock_impl);
+-
-     qatomic_set(&qemu_mutex_trylock_func, qemu_mutex_trylock_impl);
+-    int64_t  data_end;
--    qatomic_set(&qemu_bql_mutex_lock_func, qemu_mutex_lock_impl);
+-    uint64_t prealloc_size;
-+    qatomic_set(&bql_mutex_lock_func, qemu_mutex_lock_impl);
+-    ParallelsPreallocMode prealloc_mode;
-     qatomic_set(&qemu_rec_mutex_lock_func, qemu_rec_mutex_lock_impl);
+-
-     qatomic_set(&qemu_rec_mutex_trylock_func, qemu_rec_mutex_trylock_impl);
+-    unsigned int tracks;
-     qatomic_set(&qemu_cond_wait_func, qemu_cond_wait_impl);
+-
-diff --git a/util/rcu.c b/util/rcu.c
+-    unsigned int off_multiplier;
-index XXXXXXX..XXXXXXX 100644
+-    Error *migration_blocker;
---- a/util/rcu.c
+-} BDRVParallelsState;
-+++ b/util/rcu.c
+-
-@@ -XXX,XX +XXX,XX @@ static void *call_rcu_thread(void *opaque)
+-
+ #define PARALLELS_OPT_PREALLOC_MODE     "prealloc-mode"
-         qatomic_sub(&rcu_call_count, n);
+ #define PARALLELS_OPT_PREALLOC_SIZE     "prealloc-size"
          synchronize_rcu();
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
          while (n > 0) {
              node = try_dequeue();
              while (!node) {
 -                qemu_mutex_unlock_iothread();
 +                bql_unlock();
                  qemu_event_reset(&rcu_call_ready_event);
                  node = try_dequeue();
                  if (!node) {
                      qemu_event_wait(&rcu_call_ready_event);
                      node = try_dequeue();
                  }
 -                qemu_mutex_lock_iothread();
 +                bql_lock();
              }
              n--;
              node->func(node);
          }
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      abort();
  }
@@ -XXX,XX +XXX,XX @@ static void drain_rcu_callback(struct rcu_head *node)
  void drain_call_rcu(void)
  {
      struct rcu_drain rcu_drain;
 -    bool locked = qemu_mutex_iothread_locked();
 +    bool locked = bql_locked();
      memset(&rcu_drain, 0, sizeof(struct rcu_drain));
      qemu_event_init(&rcu_drain.drain_complete_event, false);
      if (locked) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
@@ -XXX,XX +XXX,XX @@ void drain_call_rcu(void)
      qatomic_dec(&in_drain_call_rcu);
      if (locked) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
      }
  }
 diff --git a/audio/coreaudio.m b/audio/coreaudio.m
 index XXXXXXX..XXXXXXX 100644
 --- a/audio/coreaudio.m
 +++ b/audio/coreaudio.m
@@ -XXX,XX +XXX,XX @@ static OSStatus handle_voice_change(
  {
      coreaudioVoiceOut *core = in_client_data;
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      if (core->outputDeviceID) {
          fini_out_device(core);
@@ -XXX,XX +XXX,XX @@ static OSStatus handle_voice_change(
          update_device_playback_state(core);
      }
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      return 0;
  }
 diff --git a/memory_ldst.c.inc b/memory_ldst.c.inc
 index XXXXXXX..XXXXXXX 100644
 --- a/memory_ldst.c.inc
 +++ b/memory_ldst.c.inc
@@ -XXX,XX +XXX,XX @@ static inline uint32_t glue(address_space_ldl_internal, SUFFIX)(ARG1_DECL,
          *result = r;
      }
      if (release_lock) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      RCU_READ_UNLOCK();
      return val;
@@ -XXX,XX +XXX,XX @@ static inline uint64_t glue(address_space_ldq_internal, SUFFIX)(ARG1_DECL,
          *result = r;
      }
      if (release_lock) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      RCU_READ_UNLOCK();
      return val;
@@ -XXX,XX +XXX,XX @@ uint8_t glue(address_space_ldub, SUFFIX)(ARG1_DECL,
          *result = r;
      }
      if (release_lock) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      RCU_READ_UNLOCK();
      return val;
@@ -XXX,XX +XXX,XX @@ static inline uint16_t glue(address_space_lduw_internal, SUFFIX)(ARG1_DECL,
          *result = r;
      }
      if (release_lock) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      RCU_READ_UNLOCK();
      return val;
@@ -XXX,XX +XXX,XX @@ void glue(address_space_stl_notdirty, SUFFIX)(ARG1_DECL,
          *result = r;
      }
      if (release_lock) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      RCU_READ_UNLOCK();
  }
@@ -XXX,XX +XXX,XX @@ static inline void glue(address_space_stl_internal, SUFFIX)(ARG1_DECL,
          *result = r;
      }
      if (release_lock) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      RCU_READ_UNLOCK();
  }
@@ -XXX,XX +XXX,XX @@ void glue(address_space_stb, SUFFIX)(ARG1_DECL,
          *result = r;
      }
      if (release_lock) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      RCU_READ_UNLOCK();
  }
@@ -XXX,XX +XXX,XX @@ static inline void glue(address_space_stw_internal, SUFFIX)(ARG1_DECL,
          *result = r;
      }
      if (release_lock) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      RCU_READ_UNLOCK();
  }
@@ -XXX,XX +XXX,XX @@ static void glue(address_space_stq_internal, SUFFIX)(ARG1_DECL,
          *result = r;
      }
      if (release_lock) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      RCU_READ_UNLOCK();
  }
 diff --git a/target/i386/hvf/README.md b/target/i386/hvf/README.md
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/hvf/README.md
 +++ b/target/i386/hvf/README.md
@@ -XXX,XX +XXX,XX @@ These sources (and ../hvf-all.c) are adapted from Veertu Inc's vdhh (Veertu Desk
 . Adapt to our current QEMU's `CPUState` structure and `address_space_rw` API; many struct members have been moved around (emulated x86 state, xsave_buf) due to historical differences + QEMU needing to handle more emulation targets.
 . Removal of `apic_page` and hyperv-related functionality.
 -3. More relaxed use of `qemu_mutex_lock_iothread`.
 +3. More relaxed use of `bql_lock`.
 diff --git a/ui/cocoa.m b/ui/cocoa.m
 index XXXXXXX..XXXXXXX 100644
 --- a/ui/cocoa.m
 +++ b/ui/cocoa.m
@@ -XXX,XX +XXX,XX @@ static void cocoa_switch(DisplayChangeListener *dcl,
  typedef void (^CodeBlock)(void);
  typedef bool (^BoolCodeBlock)(void);
 -static void with_iothread_lock(CodeBlock block)
 +static void with_bql(CodeBlock block)
  {
 -    bool locked = qemu_mutex_iothread_locked();
 +    bool locked = bql_locked();
      if (!locked) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
      }
      block();
      if (!locked) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
  }
 -static bool bool_with_iothread_lock(BoolCodeBlock block)
 +static bool bool_with_bql(BoolCodeBlock block)
  {
 -    bool locked = qemu_mutex_iothread_locked();
 +    bool locked = bql_locked();
      bool val;
      if (!locked) {
 -        qemu_mutex_lock_iothread();
 +        bql_lock();
      }
      val = block();
      if (!locked) {
 -        qemu_mutex_unlock_iothread();
 +        bql_unlock();
      }
      return val;
  }
@@ -XXX,XX +XXX,XX @@ - (void) updateUIInfo
          return;
      }
 -    with_iothread_lock(^{
 +    with_bql(^{
          [self updateUIInfoLocked];
      });
  }
@@ -XXX,XX +XXX,XX @@ - (void) handleMonitorInput:(NSEvent *)event
  - (bool) handleEvent:(NSEvent *)event
  {
 -    return bool_with_iothread_lock(^{
 +    return bool_with_bql(^{
          return [self handleEventLocked:event];
      });
  }
@@ -XXX,XX +XXX,XX @@ - (QEMUScreen) gscreen {return screen;}
   */
  - (void) raiseAllKeys
  {
 -    with_iothread_lock(^{
 +    with_bql(^{
          qkbd_state_lift_all_keys(kbd);
      });
  }
@@ -XXX,XX +XXX,XX @@ - (void)applicationWillTerminate:(NSNotification *)aNotification
  {
      COCOA_DEBUG("QemuCocoaAppController: applicationWillTerminate\n");
 -    with_iothread_lock(^{
 +    with_bql(^{
          shutdown_action = SHUTDOWN_ACTION_POWEROFF;
          qemu_system_shutdown_request(SHUTDOWN_CAUSE_HOST_UI);
      });
@@ -XXX,XX +XXX,XX @@ - (void)displayConsole:(id)sender
  /* Pause the guest */
  - (void)pauseQEMU:(id)sender
  {
 -    with_iothread_lock(^{
 +    with_bql(^{
          qmp_stop(NULL);
      });
      [sender setEnabled: NO];
@@ -XXX,XX +XXX,XX @@ - (void)pauseQEMU:(id)sender
  /* Resume running the guest operating system */
  - (void)resumeQEMU:(id) sender
  {
 -    with_iothread_lock(^{
 +    with_bql(^{
          qmp_cont(NULL);
      });
      [sender setEnabled: NO];
@@ -XXX,XX +XXX,XX @@ - (void)removePause
  /* Restarts QEMU */
  - (void)restartQEMU:(id)sender
  {
 -    with_iothread_lock(^{
 +    with_bql(^{
          qmp_system_reset(NULL);
      });
  }
@@ -XXX,XX +XXX,XX @@ - (void)restartQEMU:(id)sender
  /* Powers down QEMU */
  - (void)powerDownQEMU:(id)sender
  {
 -    with_iothread_lock(^{
 +    with_bql(^{
          qmp_system_powerdown(NULL);
      });
  }
@@ -XXX,XX +XXX,XX @@ - (void)ejectDeviceMedia:(id)sender
      }
      __block Error *err = NULL;
 -    with_iothread_lock(^{
 +    with_bql(^{
          qmp_eject([drive cStringUsingEncoding: NSASCIIStringEncoding],
                    NULL, false, false, &err);
      });
@@ -XXX,XX +XXX,XX @@ - (void)changeDeviceMedia:(id)sender
          }
          __block Error *err = NULL;
 -        with_iothread_lock(^{
 +        with_bql(^{
              qmp_blockdev_change_medium([drive cStringUsingEncoding:
                                                    NSASCIIStringEncoding],
                                         NULL,
@@ -XXX,XX +XXX,XX @@ - (void)adjustSpeed:(id)sender
      // get the throttle percentage
      throttle_pct = [sender tag];
 -    with_iothread_lock(^{
 +    with_bql(^{
          cpu_throttle_set(throttle_pct);
      });
      COCOA_DEBUG("cpu throttling at %d%c\n", cpu_throttle_get_percentage(), '%');
@@ -XXX,XX +XXX,XX @@ - (void)pasteboard:(NSPasteboard *)sender provideDataForType:(NSPasteboardType)t
          return;
      }
 -    with_iothread_lock(^{
 +    with_bql(^{
          QemuClipboardInfo *info = qemu_clipboard_info_ref(cbinfo);
          qemu_event_reset(&cbevent);
          qemu_clipboard_request(info, QEMU_CLIPBOARD_TYPE_TEXT);
@@ -XXX,XX +XXX,XX @@ - (void)pasteboard:(NSPasteboard *)sender provideDataForType:(NSPasteboardType)t
          while (info == cbinfo &&
                 info->types[QEMU_CLIPBOARD_TYPE_TEXT].available &&
                 info->types[QEMU_CLIPBOARD_TYPE_TEXT].data == NULL) {
 -            qemu_mutex_unlock_iothread();
 +            bql_unlock();
              qemu_event_wait(&cbevent);
 -            qemu_mutex_lock_iothread();
 +            bql_lock();
          }
          if (info == cbinfo) {
@@ -XXX,XX +XXX,XX @@ static void cocoa_clipboard_request(QemuClipboardInfo *info,
      int status;
      COCOA_DEBUG("Second thread: calling qemu_default_main()\n");
 -    qemu_mutex_lock_iothread();
 +    bql_lock();
      status = qemu_default_main();
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      COCOA_DEBUG("Second thread: qemu_default_main() returned, exiting\n");
      [cbowner release];
      exit(status);
@@ -XXX,XX +XXX,XX @@ static int cocoa_main(void)
      COCOA_DEBUG("Entered %s()\n", __func__);
 -    qemu_mutex_unlock_iothread();
 +    bql_unlock();
      qemu_thread_create(&thread, "qemu_main", call_qemu_main,
                         NULL, QEMU_THREAD_DETACHED);
 --
-.43.0
+.14.3

-[PULL 1/6] iothread: Remove unused Error** argument in aio_context_set_aio_params
+[Qemu-devel] [PULL v2 5/6] block/parallels: replace some magic numbers
-From: Philippe Mathieu-Daudé <philmd@linaro.org>
+From: Klim Kireev <klim.kireev@virtuozzo.com>
-aio_context_set_aio_params() doesn't use its undocumented
+Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
-Error** argument. Remove it to simplify.
+Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
 Signed-off-by: Denis V. Lunev <den@openvz.org>
 Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
 Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
 Message-id: 20180112090122.1702-5-klim.kireev@virtuozzo.com
 CC: Stefan Hajnoczi <stefanha@redhat.com>
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 ---
  block/parallels.h | 2 ++
  block/parallels.c | 5 +++--
 files changed, 5 insertions(+), 2 deletions(-)
-Note this removes a use of "unchecked Error**" in
+diff --git a/block/parallels.h b/block/parallels.h
 iothread_set_aio_context_params().
 Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
 Reviewed-by: Markus Armbruster <armbru@redhat.com>
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 Message-ID: <20231120171806.19361-1-philmd@linaro.org>
 ---
  include/block/aio.h | 3 +--
  iothread.c          | 3 +--
  util/aio-posix.c    | 3 +--
  util/aio-win32.c    | 3 +--
  util/main-loop.c    | 5 +----
 files changed, 5 insertions(+), 12 deletions(-)
 diff --git a/include/block/aio.h b/include/block/aio.h
 index XXXXXXX..XXXXXXX 100644
---- a/include/block/aio.h
+--- a/block/parallels.h
-+++ b/include/block/aio.h
++++ b/block/parallels.h
-@@ -XXX,XX +XXX,XX @@ void aio_context_set_poll_params(AioContext *ctx, int64_t max_ns,
+@@ -XXX,XX +XXX,XX @@
-  * @max_batch: maximum number of requests in a batch, 0 means that the
+ #include "qemu/coroutine.h"
-  *             engine will use its default
+ #include "qemu/typedefs.h"
-  */
--void aio_context_set_aio_params(AioContext *ctx, int64_t max_batch,
++#define HEADS_NUMBER 16
--                                Error **errp);
++#define SEC_IN_CYL 32
-+void aio_context_set_aio_params(AioContext *ctx, int64_t max_batch);
+ #define DEFAULT_CLUSTER_SIZE 1048576        /* 1 MiB */
- /**
+ /* always little-endian */
-  * aio_context_set_thread_pool_params:
+diff --git a/block/parallels.c b/block/parallels.c
 diff --git a/iothread.c b/iothread.c
 index XXXXXXX..XXXXXXX 100644
---- a/iothread.c
+--- a/block/parallels.c
-+++ b/iothread.c
++++ b/block/parallels.c
-@@ -XXX,XX +XXX,XX @@ static void iothread_set_aio_context_params(EventLoopBase *base, Error **errp)
+@@ -XXX,XX +XXX,XX @@ static int parallels_create(const char *filename, QemuOpts *opts, Error **errp)
-     }
+     memcpy(header.magic, HEADER_MAGIC2, sizeof(header.magic));
+     header.version = cpu_to_le32(HEADER_VERSION);
-     aio_context_set_aio_params(iothread->ctx,
+     /* don't care much about geometry, it is not used on image level */
--                               iothread->parent_obj.aio_max_batch,
+-    header.heads = cpu_to_le32(16);
--                               errp);
+-    header.cylinders = cpu_to_le32(total_size / BDRV_SECTOR_SIZE / 16 / 32);
-+                               iothread->parent_obj.aio_max_batch);
++    header.heads = cpu_to_le32(HEADS_NUMBER);
++    header.cylinders = cpu_to_le32(total_size / BDRV_SECTOR_SIZE
-     aio_context_set_thread_pool_params(iothread->ctx, base->thread_pool_min,
++                                   / HEADS_NUMBER / SEC_IN_CYL);
-                                        base->thread_pool_max, errp);
+     header.tracks = cpu_to_le32(cl_size >> BDRV_SECTOR_BITS);
-diff --git a/util/aio-posix.c b/util/aio-posix.c
+     header.bat_entries = cpu_to_le32(bat_entries);
-index XXXXXXX..XXXXXXX 100644
+     header.nb_sectors = cpu_to_le64(DIV_ROUND_UP(total_size, BDRV_SECTOR_SIZE));
 --- a/util/aio-posix.c
 +++ b/util/aio-posix.c
@@ -XXX,XX +XXX,XX @@ void aio_context_set_poll_params(AioContext *ctx, int64_t max_ns,
      aio_notify(ctx);
  }
 -void aio_context_set_aio_params(AioContext *ctx, int64_t max_batch,
 -                                Error **errp)
 +void aio_context_set_aio_params(AioContext *ctx, int64_t max_batch)
  {
      /*
       * No thread synchronization here, it doesn't matter if an incorrect value
 diff --git a/util/aio-win32.c b/util/aio-win32.c
 index XXXXXXX..XXXXXXX 100644
 --- a/util/aio-win32.c
 +++ b/util/aio-win32.c
@@ -XXX,XX +XXX,XX @@ void aio_context_set_poll_params(AioContext *ctx, int64_t max_ns,
      }
  }
 -void aio_context_set_aio_params(AioContext *ctx, int64_t max_batch,
 -                                Error **errp)
 +void aio_context_set_aio_params(AioContext *ctx, int64_t max_batch)
  {
  }
 diff --git a/util/main-loop.c b/util/main-loop.c
 index XXXXXXX..XXXXXXX 100644
 --- a/util/main-loop.c
 +++ b/util/main-loop.c
@@ -XXX,XX +XXX,XX @@ static void main_loop_update_params(EventLoopBase *base, Error **errp)
          return;
      }
 -    aio_context_set_aio_params(qemu_aio_context, base->aio_max_batch, errp);
 -    if (*errp) {
 -        return;
 -    }
 +    aio_context_set_aio_params(qemu_aio_context, base->aio_max_batch);
      aio_context_set_thread_pool_params(qemu_aio_context, base->thread_pool_min,
                                         base->thread_pool_max, errp);
 --
-.43.0
+.14.3

-[PULL 3/6] qemu/main-loop: rename QEMU_IOTHREAD_LOCK_GUARD to BQL_LOCK_GUARD
+[Qemu-devel] [PULL v2 6/6] block/parallels: add backing support to readv/writev
-The name "iothread" is overloaded. Use the term Big QEMU Lock (BQL)
+From: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
 instead, it is already widely used and unambiguous.
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
+Since parallels format supports backing files, refine
-Reviewed-by: Paul Durrant <paul@xen.org>
+readv/writev (allocate_clusters) to redirect read/write requests
-Acked-by: David Woodhouse <dwmw@amazon.co.uk>
+to a backing file (if cluster is not available in the current bs).
-Reviewed-by: Cédric Le Goater <clg@kaod.org>
-Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
+Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
-Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
+Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
-Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
+Signed-off-by: Denis V. Lunev <den@openvz.org>
-Message-id: 20240102153529.486531-3-stefanha@redhat.com
+Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
 Message-id: 20180112090122.1702-6-klim.kireev@virtuozzo.com
 CC: Stefan Hajnoczi <stefanha@redhat.com>
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 ---
- include/qemu/main-loop.h  | 19 +++++++++----------
+ block/parallels.c | 50 ++++++++++++++++++++++++++++++++++++++++++++------
- hw/i386/kvm/xen_evtchn.c  | 14 +++++++-------
+file changed, 44 insertions(+), 6 deletions(-)
  hw/i386/kvm/xen_gnttab.c  |  2 +-
  hw/mips/mips_int.c        |  2 +-
  hw/ppc/ppc.c              |  2 +-
  target/i386/kvm/xen-emu.c |  2 +-
  target/ppc/excp_helper.c  |  2 +-
  target/ppc/helper_regs.c  |  2 +-
  target/riscv/cpu_helper.c |  4 ++--
 files changed, 24 insertions(+), 25 deletions(-)
-diff --git a/include/qemu/main-loop.h b/include/qemu/main-loop.h
+diff --git a/block/parallels.c b/block/parallels.c
 index XXXXXXX..XXXXXXX 100644
---- a/include/qemu/main-loop.h
+--- a/block/parallels.c
-+++ b/include/qemu/main-loop.h
++++ b/block/parallels.c
-@@ -XXX,XX +XXX,XX @@ void bql_lock_impl(const char *file, int line);
+@@ -XXX,XX +XXX,XX @@ static int64_t block_status(BDRVParallelsState *s, int64_t sector_num,
- void bql_unlock(void);
+ static int64_t allocate_clusters(BlockDriverState *bs, int64_t sector_num,
+                                  int nb_sectors, int *pnum)
  /**
 - * QEMU_IOTHREAD_LOCK_GUARD
 + * BQL_LOCK_GUARD
   *
   * Wrap a block of code in a conditional bql_{lock,unlock}.
   */
 -typedef struct IOThreadLockAuto IOThreadLockAuto;
 +typedef struct BQLLockAuto BQLLockAuto;
 -static inline IOThreadLockAuto *qemu_iothread_auto_lock(const char *file,
 -                                                        int line)
 +static inline BQLLockAuto *bql_auto_lock(const char *file, int line)
  {
-     if (bql_locked()) {
++    int ret;
-         return NULL;
+     BDRVParallelsState *s = bs->opaque;
      int64_t pos, space, idx, to_allocate, i, len;
@@ -XXX,XX +XXX,XX @@ static int64_t allocate_clusters(BlockDriverState *bs, int64_t sector_num,
          return len;
      }
-     bql_lock_impl(file, line);
+     if (s->data_end + space > (len >> BDRV_SECTOR_BITS)) {
-     /* Anything non-NULL causes the cleanup function to be called */
+-        int ret;
--    return (IOThreadLockAuto *)(uintptr_t)1;
+         space += s->prealloc_size;
-+    return (BQLLockAuto *)(uintptr_t)1;
+         if (s->prealloc_mode == PRL_PREALLOC_MODE_FALLOCATE) {
- }
+             ret = bdrv_pwrite_zeroes(bs->file,
+@@ -XXX,XX +XXX,XX @@ static int64_t allocate_clusters(BlockDriverState *bs, int64_t sector_num,
--static inline void qemu_iothread_auto_unlock(IOThreadLockAuto *l)
+         }
 +static inline void bql_auto_unlock(BQLLockAuto *l)
  {
      bql_unlock();
  }
 -G_DEFINE_AUTOPTR_CLEANUP_FUNC(IOThreadLockAuto, qemu_iothread_auto_unlock)
 +G_DEFINE_AUTOPTR_CLEANUP_FUNC(BQLLockAuto, bql_auto_unlock)
 -#define QEMU_IOTHREAD_LOCK_GUARD() \
 -    g_autoptr(IOThreadLockAuto) _iothread_lock_auto __attribute__((unused)) \
 -        = qemu_iothread_auto_lock(__FILE__, __LINE__)
 +#define BQL_LOCK_GUARD() \
 +    g_autoptr(BQLLockAuto) _bql_lock_auto __attribute__((unused)) \
 +        = bql_auto_lock(__FILE__, __LINE__)
  /*
   * qemu_cond_wait_iothread: Wait on condition for the main loop mutex
 diff --git a/hw/i386/kvm/xen_evtchn.c b/hw/i386/kvm/xen_evtchn.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/i386/kvm/xen_evtchn.c
 +++ b/hw/i386/kvm/xen_evtchn.c
@@ -XXX,XX +XXX,XX @@ int xen_evtchn_reset_op(struct evtchn_reset *reset)
          return -ESRCH;
      }
--    QEMU_IOTHREAD_LOCK_GUARD();
++    /* Try to read from backing to fill empty clusters
-+    BQL_LOCK_GUARD();
++     * FIXME: 1. previous write_zeroes may be redundant
-     return xen_evtchn_soft_reset();
++     *        2. most of data we read from backing will be rewritten by
- }
++     *           parallels_co_writev. On aligned-to-cluster write we do not need
++     *           this read at all.
-@@ -XXX,XX +XXX,XX @@ int xen_evtchn_close_op(struct evtchn_close *close)
++     *        3. it would be good to combine write of data from backing and new
-         return -EINVAL;
++     *           data into one write call */
-     }
++    if (bs->backing) {
++        int64_t nb_cow_sectors = to_allocate * s->tracks;
--    QEMU_IOTHREAD_LOCK_GUARD();
++        int64_t nb_cow_bytes = nb_cow_sectors << BDRV_SECTOR_BITS;
-+    BQL_LOCK_GUARD();
++        QEMUIOVector qiov;
-     qemu_mutex_lock(&s->port_lock);
++        struct iovec iov = {
++            .iov_len = nb_cow_bytes,
-     ret = close_port(s, close->port, &flush_kvm_routes);
++            .iov_base = qemu_blockalign(bs, nb_cow_bytes)
-@@ -XXX,XX +XXX,XX @@ int xen_evtchn_bind_pirq_op(struct evtchn_bind_pirq *pirq)
++        };
-         return -EINVAL;
++        qemu_iovec_init_external(&qiov, &iov, 1);
-     }
++
++        ret = bdrv_co_readv(bs->backing, idx * s->tracks, nb_cow_sectors,
--    QEMU_IOTHREAD_LOCK_GUARD();
++                            &qiov);
-+    BQL_LOCK_GUARD();
++        if (ret < 0) {
++            qemu_vfree(iov.iov_base);
-     if (s->pirq[pirq->pirq].port) {
++            return ret;
-         return -EBUSY;
++        }
-@@ -XXX,XX +XXX,XX @@ int xen_physdev_map_pirq(struct physdev_map_pirq *map)
++
-         return -ENOTSUP;
++        ret = bdrv_co_writev(bs->file, s->data_end, nb_cow_sectors, &qiov);
-     }
++        qemu_vfree(iov.iov_base);
++        if (ret < 0) {
--    QEMU_IOTHREAD_LOCK_GUARD();
++            return ret;
-+    BQL_LOCK_GUARD();
++        }
-     QEMU_LOCK_GUARD(&s->port_lock);
++    }
++
-     if (map->domid != DOMID_SELF && map->domid != xen_domid) {
+     for (i = 0; i < to_allocate; i++) {
-@@ -XXX,XX +XXX,XX @@ int xen_physdev_unmap_pirq(struct physdev_unmap_pirq *unmap)
+         s->bat_bitmap[idx + i] = cpu_to_le32(s->data_end / s->off_multiplier);
-         return -EINVAL;
+         s->data_end += s->tracks;
-     }
+@@ -XXX,XX +XXX,XX @@ static coroutine_fn int parallels_co_readv(BlockDriverState *bs,
--    QEMU_IOTHREAD_LOCK_GUARD();
+         nbytes = n << BDRV_SECTOR_BITS;
-+    BQL_LOCK_GUARD();
-     qemu_mutex_lock(&s->port_lock);
++        qemu_iovec_reset(&hd_qiov);
++        qemu_iovec_concat(&hd_qiov, qiov, bytes_done, nbytes);
-     if (!pirq_inuse(s, pirq)) {
++
-@@ -XXX,XX +XXX,XX @@ int xen_physdev_eoi_pirq(struct physdev_eoi *eoi)
+         if (position < 0) {
-         return -ENOTSUP;
+-            qemu_iovec_memset(qiov, bytes_done, 0, nbytes);
-     }
++            if (bs->backing) {
++                ret = bdrv_co_readv(bs->backing, sector_num, n, &hd_qiov);
--    QEMU_IOTHREAD_LOCK_GUARD();
++                if (ret < 0) {
-+    BQL_LOCK_GUARD();
++                    break;
-     QEMU_LOCK_GUARD(&s->port_lock);
++                }
++            } else {
-     if (!pirq_inuse(s, pirq)) {
++                qemu_iovec_memset(&hd_qiov, 0, 0, nbytes);
-@@ -XXX,XX +XXX,XX @@ int xen_physdev_query_pirq(struct physdev_irq_status_query *query)
++            }
-         return -ENOTSUP;
+         } else {
-     }
+-            qemu_iovec_reset(&hd_qiov);
+-            qemu_iovec_concat(&hd_qiov, qiov, bytes_done, nbytes);
--    QEMU_IOTHREAD_LOCK_GUARD();
+-
-+    BQL_LOCK_GUARD();
+             ret = bdrv_co_readv(bs->file, position, n, &hd_qiov);
-     QEMU_LOCK_GUARD(&s->port_lock);
+             if (ret < 0) {
+                 break;
-     if (!pirq_inuse(s, pirq)) {
+@@ -XXX,XX +XXX,XX @@ static BlockDriver bdrv_parallels = {
-diff --git a/hw/i386/kvm/xen_gnttab.c b/hw/i386/kvm/xen_gnttab.c
+     .bdrv_co_flush_to_os      = parallels_co_flush_to_os,
-index XXXXXXX..XXXXXXX 100644
+     .bdrv_co_readv  = parallels_co_readv,
---- a/hw/i386/kvm/xen_gnttab.c
+     .bdrv_co_writev = parallels_co_writev,
-+++ b/hw/i386/kvm/xen_gnttab.c
+-
-@@ -XXX,XX +XXX,XX @@ int xen_gnttab_map_page(uint64_t idx, uint64_t gfn)
++    .supports_backing = true,
-         return -EINVAL;
+     .bdrv_create    = parallels_create,
-     }
+     .bdrv_check     = parallels_check,
+     .create_opts    = &parallels_create_opts,
 -    QEMU_IOTHREAD_LOCK_GUARD();
 +    BQL_LOCK_GUARD();
      QEMU_LOCK_GUARD(&s->gnt_lock);
      xen_overlay_do_map_page(&s->gnt_aliases[idx], gpa);
 diff --git a/hw/mips/mips_int.c b/hw/mips/mips_int.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/mips/mips_int.c
 +++ b/hw/mips/mips_int.c
@@ -XXX,XX +XXX,XX @@ static void cpu_mips_irq_request(void *opaque, int irq, int level)
          return;
      }
 -    QEMU_IOTHREAD_LOCK_GUARD();
 +    BQL_LOCK_GUARD();
      if (level) {
          env->CP0_Cause |= 1 << (irq + CP0Ca_IP);
 diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c
 index XXXXXXX..XXXXXXX 100644
 --- a/hw/ppc/ppc.c
 +++ b/hw/ppc/ppc.c
@@ -XXX,XX +XXX,XX @@ void ppc_set_irq(PowerPCCPU *cpu, int irq, int level)
      unsigned int old_pending;
      /* We may already have the BQL if coming from the reset path */
 -    QEMU_IOTHREAD_LOCK_GUARD();
 +    BQL_LOCK_GUARD();
      old_pending = env->pending_interrupts;
 diff --git a/target/i386/kvm/xen-emu.c b/target/i386/kvm/xen-emu.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/i386/kvm/xen-emu.c
 +++ b/target/i386/kvm/xen-emu.c
@@ -XXX,XX +XXX,XX @@ static int xen_set_shared_info(uint64_t gfn)
      uint64_t gpa = gfn << TARGET_PAGE_BITS;
      int i, err;
 -    QEMU_IOTHREAD_LOCK_GUARD();
 +    BQL_LOCK_GUARD();
      /*
       * The xen_overlay device tells KVM about it too, since it had to
 diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/ppc/excp_helper.c
 +++ b/target/ppc/excp_helper.c
@@ -XXX,XX +XXX,XX @@ static int ppc_next_unmasked_interrupt(CPUPPCState *env)
  void ppc_maybe_interrupt(CPUPPCState *env)
  {
      CPUState *cs = env_cpu(env);
 -    QEMU_IOTHREAD_LOCK_GUARD();
 +    BQL_LOCK_GUARD();
      if (ppc_next_unmasked_interrupt(env)) {
          cpu_interrupt(cs, CPU_INTERRUPT_HARD);
 diff --git a/target/ppc/helper_regs.c b/target/ppc/helper_regs.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/ppc/helper_regs.c
 +++ b/target/ppc/helper_regs.c
@@ -XXX,XX +XXX,XX @@ void cpu_interrupt_exittb(CPUState *cs)
       * unless running with TCG.
       */
      if (tcg_enabled()) {
 -        QEMU_IOTHREAD_LOCK_GUARD();
 +        BQL_LOCK_GUARD();
          cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
      }
  }
 diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/riscv/cpu_helper.c
 +++ b/target/riscv/cpu_helper.c
@@ -XXX,XX +XXX,XX @@ void riscv_cpu_interrupt(CPURISCVState *env)
      uint64_t gein, vsgein = 0, vstip = 0, irqf = 0;
      CPUState *cs = env_cpu(env);
 -    QEMU_IOTHREAD_LOCK_GUARD();
 +    BQL_LOCK_GUARD();
      if (env->virt_enabled) {
          gein = get_field(env->hstatus, HSTATUS_VGEIN);
@@ -XXX,XX +XXX,XX @@ uint64_t riscv_cpu_update_mip(CPURISCVState *env, uint64_t mask, uint64_t value)
      /* No need to update mip for VSTIP */
      mask = ((mask == MIP_VSTIP) && env->vstime_irq) ? 0 : mask;
 -    QEMU_IOTHREAD_LOCK_GUARD();
 +    BQL_LOCK_GUARD();
      env->mip = (env->mip & ~mask) | (value & mask);
 --
-.43.0
+.14.3

The following changes since commit ffd454c67e38cc6df792733ebc5d967eee28ac0d:

Merge tag 'pull-vfio-20240107' of https://github.com/legoater/qemu into staging (2024-01-08 10:28:42 +0000)

are available in the Git repository at:

https://gitlab.com/stefanha/qemu.git tags/block-pull-request

for you to fetch changes up to 0b2675c473f68f13bc5ca1dd1c43ce421542e7b8:

Rename "QEMU global mutex" to "BQL" in comments and docs (2024-01-08 10:45:43 -0500)

----------------------------------------------------------------
Pull request

----------------------------------------------------------------

Philippe Mathieu-Daudé (1):
  iothread: Remove unused Error** argument in aio_context_set_aio_params

Stefan Hajnoczi (5):
  system/cpus: rename qemu_mutex_lock_iothread() to bql_lock()
  qemu/main-loop: rename QEMU_IOTHREAD_LOCK_GUARD to BQL_LOCK_GUARD
  qemu/main-loop: rename qemu_cond_wait_iothread() to
    qemu_cond_wait_bql()
  Replace "iothread lock" with "BQL" in comments
  Rename "QEMU global mutex" to "BQL" in comments and docs

-- 
2.43.0

From: Philippe Mathieu-Daudé <philmd@linaro.org>

aio_context_set_aio_params() doesn't use its undocumented
Error** argument. Remove it to simplify.

Note this removes a use of "unchecked Error**" in
iothread_set_aio_context_params().

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-ID: <20231120171806.19361-1-philmd@linaro.org>
---
 include/block/aio.h | 3 +--
 iothread.c          | 3 +--
 util/aio-posix.c    | 3 +--
 util/aio-win32.c    | 3 +--
 util/main-loop.c    | 5 +----
 5 files changed, 5 insertions(+), 12 deletions(-)

diff --git a/include/block/aio.h b/include/block/aio.h
index XXXXXXX..XXXXXXX 100644
--- a/include/block/aio.h
+++ b/include/block/aio.h
@@ -XXX,XX +XXX,XX @@ void aio_context_set_poll_params(AioContext *ctx, int64_t max_ns,
  * @max_batch: maximum number of requests in a batch, 0 means that the
  *             engine will use its default
  */
-void aio_context_set_aio_params(AioContext *ctx, int64_t max_batch,
-                                Error **errp);
+void aio_context_set_aio_params(AioContext *ctx, int64_t max_batch);
 
 /**
  * aio_context_set_thread_pool_params:
diff --git a/iothread.c b/iothread.c
index XXXXXXX..XXXXXXX 100644
--- a/iothread.c
+++ b/iothread.c
@@ -XXX,XX +XXX,XX @@ static void iothread_set_aio_context_params(EventLoopBase *base, Error **errp)
     }
 
     aio_context_set_aio_params(iothread->ctx,
-                               iothread->parent_obj.aio_max_batch,
-                               errp);
+                               iothread->parent_obj.aio_max_batch);
 
     aio_context_set_thread_pool_params(iothread->ctx, base->thread_pool_min,
                                        base->thread_pool_max, errp);
diff --git a/util/aio-posix.c b/util/aio-posix.c
index XXXXXXX..XXXXXXX 100644
--- a/util/aio-posix.c
+++ b/util/aio-posix.c
@@ -XXX,XX +XXX,XX @@ void aio_context_set_poll_params(AioContext *ctx, int64_t max_ns,
     aio_notify(ctx);
 }
 
-void aio_context_set_aio_params(AioContext *ctx, int64_t max_batch,
-                                Error **errp)
+void aio_context_set_aio_params(AioContext *ctx, int64_t max_batch)
 {
     /*
      * No thread synchronization here, it doesn't matter if an incorrect value
diff --git a/util/aio-win32.c b/util/aio-win32.c
index XXXXXXX..XXXXXXX 100644
--- a/util/aio-win32.c
+++ b/util/aio-win32.c
@@ -XXX,XX +XXX,XX @@ void aio_context_set_poll_params(AioContext *ctx, int64_t max_ns,
     }
 }
 
-void aio_context_set_aio_params(AioContext *ctx, int64_t max_batch,
-                                Error **errp)
+void aio_context_set_aio_params(AioContext *ctx, int64_t max_batch)
 {
 }
diff --git a/util/main-loop.c b/util/main-loop.c
index XXXXXXX..XXXXXXX 100644
--- a/util/main-loop.c
+++ b/util/main-loop.c
@@ -XXX,XX +XXX,XX @@ static void main_loop_update_params(EventLoopBase *base, Error **errp)
         return;
     }
 
-    aio_context_set_aio_params(qemu_aio_context, base->aio_max_batch, errp);
-    if (*errp) {
-        return;
-    }
+    aio_context_set_aio_params(qemu_aio_context, base->aio_max_batch);
 
     aio_context_set_thread_pool_params(qemu_aio_context, base->thread_pool_min,
                                        base->thread_pool_max, errp);
-- 
2.43.0

The Big QEMU Lock (BQL) has many names and they are confusing. The
actual QemuMutex variable is called qemu_global_mutex but it's commonly
referred to as the BQL in discussions and some code comments. The
locking APIs, however, are called qemu_mutex_lock_iothread() and
qemu_mutex_unlock_iothread().

The "iothread" name is historic and comes from when the main thread was
split into into KVM vcpu threads and the "iothread" (now called the main
loop thread). I have contributed to the confusion myself by introducing
a separate --object iothread, a separate concept unrelated to the BQL.

The "iothread" name is no longer appropriate for the BQL. Rename the
locking APIs to:
- void bql_lock(void)
- void bql_unlock(void)
- bool bql_locked(void)

There are more APIs with "iothread" in their names. Subsequent patches
will rename them. There are also comments and documentation that will be
updated in later patches.

diff --git a/include/block/aio-wait.h b/include/block/aio-wait.h
index XXXXXXX..XXXXXXX 100644
--- a/include/block/aio-wait.h
+++ b/include/block/aio-wait.h
@@ -XXX,XX +XXX,XX @@ static inline bool in_aio_context_home_thread(AioContext *ctx)
     }
 
     if (ctx == qemu_get_aio_context()) {
-        return qemu_mutex_iothread_locked();
+        return bql_locked();
     } else {
         return false;
     }
diff --git a/include/qemu/main-loop.h b/include/qemu/main-loop.h
index XXXXXXX..XXXXXXX 100644
--- a/include/qemu/main-loop.h
+++ b/include/qemu/main-loop.h
@@ -XXX,XX +XXX,XX @@ GSource *iohandler_get_g_source(void);
 AioContext *iohandler_get_aio_context(void);
 
 /**
- * qemu_mutex_iothread_locked: Return lock status of the main loop mutex.
+ * bql_locked: Return lock status of the Big QEMU Lock (BQL)
  *
- * The main loop mutex is the coarsest lock in QEMU, and as such it
+ * The Big QEMU Lock (BQL) is the coarsest lock in QEMU, and as such it
  * must always be taken outside other locks.  This function helps
  * functions take different paths depending on whether the current
- * thread is running within the main loop mutex.
+ * thread is running within the BQL.
  *
  * This function should never be used in the block layer, because
  * unit tests, block layer tools and qemu-storage-daemon do not
  * have a BQL.
  * Please instead refer to qemu_in_main_thread().
  */
-bool qemu_mutex_iothread_locked(void);
+bool bql_locked(void);
 
 /**
  * qemu_in_main_thread: return whether it's possible to safely access
@@ -XXX,XX +XXX,XX @@ bool qemu_in_main_thread(void);
     } while (0)
 
 /**
- * qemu_mutex_lock_iothread: Lock the main loop mutex.
+ * bql_lock: Lock the Big QEMU Lock (BQL).
  *
- * This function locks the main loop mutex.  The mutex is taken by
+ * This function locks the Big QEMU Lock (BQL).  The lock is taken by
  * main() in vl.c and always taken except while waiting on
- * external events (such as with select).  The mutex should be taken
+ * external events (such as with select).  The lock should be taken
  * by threads other than the main loop thread when calling
  * qemu_bh_new(), qemu_set_fd_handler() and basically all other
  * functions documented in this file.
  *
- * NOTE: tools currently are single-threaded and qemu_mutex_lock_iothread
+ * NOTE: tools currently are single-threaded and bql_lock
  * is a no-op there.
  */
-#define qemu_mutex_lock_iothread()                      \
-    qemu_mutex_lock_iothread_impl(__FILE__, __LINE__)
-void qemu_mutex_lock_iothread_impl(const char *file, int line);
+#define bql_lock() bql_lock_impl(__FILE__, __LINE__)
+void bql_lock_impl(const char *file, int line);
 
 /**
- * qemu_mutex_unlock_iothread: Unlock the main loop mutex.
+ * bql_unlock: Unlock the Big QEMU Lock (BQL).
  *
- * This function unlocks the main loop mutex.  The mutex is taken by
+ * This function unlocks the Big QEMU Lock.  The lock is taken by
  * main() in vl.c and always taken except while waiting on
- * external events (such as with select).  The mutex should be unlocked
+ * external events (such as with select).  The lock should be unlocked
  * as soon as possible by threads other than the main loop thread,
  * because it prevents the main loop from processing callbacks,
  * including timers and bottom halves.
  *
- * NOTE: tools currently are single-threaded and qemu_mutex_unlock_iothread
+ * NOTE: tools currently are single-threaded and bql_unlock
  * is a no-op there.
  */
-void qemu_mutex_unlock_iothread(void);
+void bql_unlock(void);
 
 /**
  * QEMU_IOTHREAD_LOCK_GUARD
  *
- * Wrap a block of code in a conditional qemu_mutex_{lock,unlock}_iothread.
+ * Wrap a block of code in a conditional bql_{lock,unlock}.
  */
 typedef struct IOThreadLockAuto IOThreadLockAuto;
 
 static inline IOThreadLockAuto *qemu_iothread_auto_lock(const char *file,
                                                         int line)
 {
-    if (qemu_mutex_iothread_locked()) {
+    if (bql_locked()) {
         return NULL;
     }
-    qemu_mutex_lock_iothread_impl(file, line);
+    bql_lock_impl(file, line);
     /* Anything non-NULL causes the cleanup function to be called */
     return (IOThreadLockAuto *)(uintptr_t)1;
 }
 
 static inline void qemu_iothread_auto_unlock(IOThreadLockAuto *l)
 {
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 G_DEFINE_AUTOPTR_CLEANUP_FUNC(IOThreadLockAuto, qemu_iothread_auto_unlock)
diff --git a/include/qemu/thread.h b/include/qemu/thread.h
index XXXXXXX..XXXXXXX 100644
--- a/include/qemu/thread.h
+++ b/include/qemu/thread.h
@@ -XXX,XX +XXX,XX @@ typedef void (*QemuCondWaitFunc)(QemuCond *c, QemuMutex *m, const char *f,
 typedef bool (*QemuCondTimedWaitFunc)(QemuCond *c, QemuMutex *m, int ms,
                                       const char *f, int l);
 
-extern QemuMutexLockFunc qemu_bql_mutex_lock_func;
+extern QemuMutexLockFunc bql_mutex_lock_func;
 extern QemuMutexLockFunc qemu_mutex_lock_func;
 extern QemuMutexTrylockFunc qemu_mutex_trylock_func;
 extern QemuRecMutexLockFunc qemu_rec_mutex_lock_func;
diff --git a/accel/accel-blocker.c b/accel/accel-blocker.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/accel-blocker.c
+++ b/accel/accel-blocker.c
@@ -XXX,XX +XXX,XX @@ void accel_blocker_init(void)
 
 void accel_ioctl_begin(void)
 {
-    if (likely(qemu_mutex_iothread_locked())) {
+    if (likely(bql_locked())) {
         return;
     }
 
@@ -XXX,XX +XXX,XX @@ void accel_ioctl_begin(void)
 
 void accel_ioctl_end(void)
 {
-    if (likely(qemu_mutex_iothread_locked())) {
+    if (likely(bql_locked())) {
         return;
     }
 
@@ -XXX,XX +XXX,XX @@ void accel_ioctl_end(void)
 
 void accel_cpu_ioctl_begin(CPUState *cpu)
 {
-    if (unlikely(qemu_mutex_iothread_locked())) {
+    if (unlikely(bql_locked())) {
         return;
     }
 
@@ -XXX,XX +XXX,XX @@ void accel_cpu_ioctl_begin(CPUState *cpu)
 
 void accel_cpu_ioctl_end(CPUState *cpu)
 {
-    if (unlikely(qemu_mutex_iothread_locked())) {
+    if (unlikely(bql_locked())) {
         return;
     }
 
@@ -XXX,XX +XXX,XX @@ void accel_ioctl_inhibit_begin(void)
      * We allow to inhibit only when holding the BQL, so we can identify
      * when an inhibitor wants to issue an ioctl easily.
      */
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
 
     /* Block further invocations of the ioctls outside the BQL.  */
     CPU_FOREACH(cpu) {
diff --git a/accel/dummy-cpus.c b/accel/dummy-cpus.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/dummy-cpus.c
+++ b/accel/dummy-cpus.c
@@ -XXX,XX +XXX,XX @@ static void *dummy_cpu_thread_fn(void *arg)
 
     rcu_register_thread();
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     qemu_thread_get_self(cpu->thread);
     cpu->thread_id = qemu_get_thread_id();
     cpu->neg.can_do_io = true;
@@ -XXX,XX +XXX,XX @@ static void *dummy_cpu_thread_fn(void *arg)
     qemu_guest_random_seed_thread_part2(cpu->random_seed);
 
     do {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
 #ifndef _WIN32
         do {
             int sig;
@@ -XXX,XX +XXX,XX @@ static void *dummy_cpu_thread_fn(void *arg)
 #else
         qemu_sem_wait(&cpu->sem);
 #endif
-        qemu_mutex_lock_iothread();
+        bql_lock();
         qemu_wait_io_event(cpu);
     } while (!cpu->unplug);
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     rcu_unregister_thread();
     return NULL;
 }
diff --git a/accel/hvf/hvf-accel-ops.c b/accel/hvf/hvf-accel-ops.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/hvf/hvf-accel-ops.c
+++ b/accel/hvf/hvf-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void *hvf_cpu_thread_fn(void *arg)
 
     rcu_register_thread();
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     qemu_thread_get_self(cpu->thread);
 
     cpu->thread_id = qemu_get_thread_id();
@@ -XXX,XX +XXX,XX @@ static void *hvf_cpu_thread_fn(void *arg)
 
     hvf_vcpu_destroy(cpu);
     cpu_thread_signal_destroyed(cpu);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     rcu_unregister_thread();
     return NULL;
 }
diff --git a/accel/kvm/kvm-accel-ops.c b/accel/kvm/kvm-accel-ops.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/kvm/kvm-accel-ops.c
+++ b/accel/kvm/kvm-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void *kvm_vcpu_thread_fn(void *arg)
 
     rcu_register_thread();
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     qemu_thread_get_self(cpu->thread);
     cpu->thread_id = qemu_get_thread_id();
     cpu->neg.can_do_io = true;
@@ -XXX,XX +XXX,XX @@ static void *kvm_vcpu_thread_fn(void *arg)
 
     kvm_destroy_vcpu(cpu);
     cpu_thread_signal_destroyed(cpu);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     rcu_unregister_thread();
     return NULL;
 }
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -XXX,XX +XXX,XX @@ static void kvm_dirty_ring_flush(void)
      * should always be with BQL held, serialization is guaranteed.
      * However, let's be sure of it.
      */
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
     /*
      * First make sure to flush the hardware buffers by kicking all
      * vcpus out in a synchronous way.
@@ -XXX,XX +XXX,XX @@ static void *kvm_dirty_ring_reaper_thread(void *data)
         trace_kvm_dirty_ring_reaper("wakeup");
         r->reaper_state = KVM_DIRTY_RING_REAPER_REAPING;
 
-        qemu_mutex_lock_iothread();
+        bql_lock();
         kvm_dirty_ring_reap(s, NULL);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
 
         r->reaper_iteration++;
     }
@@ -XXX,XX +XXX,XX @@ int kvm_cpu_exec(CPUState *cpu)
         return EXCP_HLT;
     }
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     cpu_exec_start(cpu);
 
     do {
@@ -XXX,XX +XXX,XX @@ int kvm_cpu_exec(CPUState *cpu)
 
 #ifdef KVM_HAVE_MCE_INJECTION
         if (unlikely(have_sigbus_pending)) {
-            qemu_mutex_lock_iothread();
+            bql_lock();
             kvm_arch_on_sigbus_vcpu(cpu, pending_sigbus_code,
                                     pending_sigbus_addr);
             have_sigbus_pending = false;
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
         }
 #endif
 
@@ -XXX,XX +XXX,XX @@ int kvm_cpu_exec(CPUState *cpu)
              * still full.  Got kicked by KVM_RESET_DIRTY_RINGS.
              */
             trace_kvm_dirty_ring_full(cpu->cpu_index);
-            qemu_mutex_lock_iothread();
+            bql_lock();
             /*
              * We throttle vCPU by making it sleep once it exit from kernel
              * due to dirty ring full. In the dirtylimit scenario, reaping
@@ -XXX,XX +XXX,XX @@ int kvm_cpu_exec(CPUState *cpu)
             } else {
                 kvm_dirty_ring_reap(kvm_state, NULL);
             }
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             dirtylimit_vcpu_execute(cpu);
             ret = 0;
             break;
@@ -XXX,XX +XXX,XX @@ int kvm_cpu_exec(CPUState *cpu)
                 break;
             case KVM_SYSTEM_EVENT_CRASH:
                 kvm_cpu_synchronize_state(cpu);
-                qemu_mutex_lock_iothread();
+                bql_lock();
                 qemu_system_guest_panicked(cpu_get_crash_info(cpu));
-                qemu_mutex_unlock_iothread();
+                bql_unlock();
                 ret = 0;
                 break;
             default:
@@ -XXX,XX +XXX,XX @@ int kvm_cpu_exec(CPUState *cpu)
     } while (ret == 0);
 
     cpu_exec_end(cpu);
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     if (ret < 0) {
         cpu_dump_state(cpu, stderr, CPU_DUMP_CODE);
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -XXX,XX +XXX,XX @@ static void cpu_exec_longjmp_cleanup(CPUState *cpu)
         tcg_ctx->gen_tb = NULL;
     }
 #endif
-    if (qemu_mutex_iothread_locked()) {
-        qemu_mutex_unlock_iothread();
+    if (bql_locked()) {
+        bql_unlock();
     }
     assert_no_pages_locked();
 }
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_halt(CPUState *cpu)
 #if defined(TARGET_I386)
         if (cpu->interrupt_request & CPU_INTERRUPT_POLL) {
             X86CPU *x86_cpu = X86_CPU(cpu);
-            qemu_mutex_lock_iothread();
+            bql_lock();
             apic_poll_irq(x86_cpu->apic_state);
             cpu_reset_interrupt(cpu, CPU_INTERRUPT_POLL);
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
         }
 #endif /* TARGET_I386 */
         if (!cpu_has_work(cpu)) {
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_exception(CPUState *cpu, int *ret)
 #else
         if (replay_exception()) {
             CPUClass *cc = CPU_GET_CLASS(cpu);
-            qemu_mutex_lock_iothread();
+            bql_lock();
             cc->tcg_ops->do_interrupt(cpu);
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             cpu->exception_index = -1;
 
             if (unlikely(cpu->singlestep_enabled)) {
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
 
     if (unlikely(qatomic_read(&cpu->interrupt_request))) {
         int interrupt_request;
-        qemu_mutex_lock_iothread();
+        bql_lock();
         interrupt_request = cpu->interrupt_request;
         if (unlikely(cpu->singlestep_enabled & SSTEP_NOIRQ)) {
             /* Mask out external interrupts for this step. */
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
         if (interrupt_request & CPU_INTERRUPT_DEBUG) {
             cpu->interrupt_request &= ~CPU_INTERRUPT_DEBUG;
             cpu->exception_index = EXCP_DEBUG;
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             return true;
         }
 #if !defined(CONFIG_USER_ONLY)
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
             cpu->interrupt_request &= ~CPU_INTERRUPT_HALT;
             cpu->halted = 1;
             cpu->exception_index = EXCP_HLT;
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             return true;
         }
 #if defined(TARGET_I386)
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
             cpu_svm_check_intercept_param(env, SVM_EXIT_INIT, 0, 0);
             do_cpu_init(x86_cpu);
             cpu->exception_index = EXCP_HALTED;
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             return true;
         }
 #else
         else if (interrupt_request & CPU_INTERRUPT_RESET) {
             replay_interrupt();
             cpu_reset(cpu);
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             return true;
         }
 #endif /* !TARGET_I386 */
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
                  */
                 if (unlikely(cpu->singlestep_enabled)) {
                     cpu->exception_index = EXCP_DEBUG;
-                    qemu_mutex_unlock_iothread();
+                    bql_unlock();
                     return true;
                 }
                 cpu->exception_index = -1;
@@ -XXX,XX +XXX,XX @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
         }
 
         /* If we exit via cpu_loop_exit/longjmp it is reset in cpu_exec */
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 
     /* Finally, check if we need to exit to the main loop.  */
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -XXX,XX +XXX,XX @@ static uint64_t do_ld_mmio_beN(CPUState *cpu, CPUTLBEntryFull *full,
     section = io_prepare(&mr_offset, cpu, full->xlat_section, attrs, addr, ra);
     mr = section->mr;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ret = int_ld_mmio_beN(cpu, full, ret_be, addr, size, mmu_idx,
                           type, ra, mr, mr_offset);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     return ret;
 }
@@ -XXX,XX +XXX,XX @@ static Int128 do_ld16_mmio_beN(CPUState *cpu, CPUTLBEntryFull *full,
     section = io_prepare(&mr_offset, cpu, full->xlat_section, attrs, addr, ra);
     mr = section->mr;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     a = int_ld_mmio_beN(cpu, full, ret_be, addr, size - 8, mmu_idx,
                         MMU_DATA_LOAD, ra, mr, mr_offset);
     b = int_ld_mmio_beN(cpu, full, ret_be, addr + size - 8, 8, mmu_idx,
                         MMU_DATA_LOAD, ra, mr, mr_offset + size - 8);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     return int128_make128(b, a);
 }
@@ -XXX,XX +XXX,XX @@ static uint64_t do_st_mmio_leN(CPUState *cpu, CPUTLBEntryFull *full,
     section = io_prepare(&mr_offset, cpu, full->xlat_section, attrs, addr, ra);
     mr = section->mr;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ret = int_st_mmio_leN(cpu, full, val_le, addr, size, mmu_idx,
                           ra, mr, mr_offset);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     return ret;
 }
@@ -XXX,XX +XXX,XX @@ static uint64_t do_st16_mmio_leN(CPUState *cpu, CPUTLBEntryFull *full,
     section = io_prepare(&mr_offset, cpu, full->xlat_section, attrs, addr, ra);
     mr = section->mr;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     int_st_mmio_leN(cpu, full, int128_getlo(val_le), addr, 8,
                     mmu_idx, ra, mr, mr_offset);
     ret = int_st_mmio_leN(cpu, full, int128_gethi(val_le), addr + 8,
                           size - 8, mmu_idx, ra, mr, mr_offset + 8);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     return ret;
 }
diff --git a/accel/tcg/tcg-accel-ops-icount.c b/accel/tcg/tcg-accel-ops-icount.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/tcg-accel-ops-icount.c
+++ b/accel/tcg/tcg-accel-ops-icount.c
@@ -XXX,XX +XXX,XX @@ void icount_prepare_for_run(CPUState *cpu, int64_t cpu_budget)
          * We're called without the iothread lock, so must take it while
          * we're calling timer handlers.
          */
-        qemu_mutex_lock_iothread();
+        bql_lock();
         icount_notify_aio_contexts();
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 }
 
diff --git a/accel/tcg/tcg-accel-ops-mttcg.c b/accel/tcg/tcg-accel-ops-mttcg.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/tcg-accel-ops-mttcg.c
+++ b/accel/tcg/tcg-accel-ops-mttcg.c
@@ -XXX,XX +XXX,XX @@ static void *mttcg_cpu_thread_fn(void *arg)
     rcu_add_force_rcu_notifier(&force_rcu.notifier);
     tcg_register_thread();
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     qemu_thread_get_self(cpu->thread);
 
     cpu->thread_id = qemu_get_thread_id();
@@ -XXX,XX +XXX,XX @@ static void *mttcg_cpu_thread_fn(void *arg)
     do {
         if (cpu_can_run(cpu)) {
             int r;
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             r = tcg_cpus_exec(cpu);
-            qemu_mutex_lock_iothread();
+            bql_lock();
             switch (r) {
             case EXCP_DEBUG:
                 cpu_handle_guest_debug(cpu);
@@ -XXX,XX +XXX,XX @@ static void *mttcg_cpu_thread_fn(void *arg)
                  */
                 break;
             case EXCP_ATOMIC:
-                qemu_mutex_unlock_iothread();
+                bql_unlock();
                 cpu_exec_step_atomic(cpu);
-                qemu_mutex_lock_iothread();
+                bql_lock();
             default:
                 /* Ignore everything else? */
                 break;
@@ -XXX,XX +XXX,XX @@ static void *mttcg_cpu_thread_fn(void *arg)
     } while (!cpu->unplug || cpu_can_run(cpu));
 
     tcg_cpus_destroy(cpu);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     rcu_remove_force_rcu_notifier(&force_rcu.notifier);
     rcu_unregister_thread();
     return NULL;
diff --git a/accel/tcg/tcg-accel-ops-rr.c b/accel/tcg/tcg-accel-ops-rr.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/tcg-accel-ops-rr.c
+++ b/accel/tcg/tcg-accel-ops-rr.c
@@ -XXX,XX +XXX,XX @@ static void *rr_cpu_thread_fn(void *arg)
     rcu_add_force_rcu_notifier(&force_rcu);
     tcg_register_thread();
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     qemu_thread_get_self(cpu->thread);
 
     cpu->thread_id = qemu_get_thread_id();
@@ -XXX,XX +XXX,XX @@ static void *rr_cpu_thread_fn(void *arg)
         /* Only used for icount_enabled() */
         int64_t cpu_budget = 0;
 
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         replay_mutex_lock();
-        qemu_mutex_lock_iothread();
+        bql_lock();
 
         if (icount_enabled()) {
             int cpu_count = rr_cpu_count();
@@ -XXX,XX +XXX,XX @@ static void *rr_cpu_thread_fn(void *arg)
             if (cpu_can_run(cpu)) {
                 int r;
 
-                qemu_mutex_unlock_iothread();
+                bql_unlock();
                 if (icount_enabled()) {
                     icount_prepare_for_run(cpu, cpu_budget);
                 }
@@ -XXX,XX +XXX,XX @@ static void *rr_cpu_thread_fn(void *arg)
                 if (icount_enabled()) {
                     icount_process_data(cpu);
                 }
-                qemu_mutex_lock_iothread();
+                bql_lock();
 
                 if (r == EXCP_DEBUG) {
                     cpu_handle_guest_debug(cpu);
                     break;
                 } else if (r == EXCP_ATOMIC) {
-                    qemu_mutex_unlock_iothread();
+                    bql_unlock();
                     cpu_exec_step_atomic(cpu);
-                    qemu_mutex_lock_iothread();
+                    bql_lock();
                     break;
                 }
             } else if (cpu->stop) {
diff --git a/accel/tcg/tcg-accel-ops.c b/accel/tcg/tcg-accel-ops.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/tcg-accel-ops.c
+++ b/accel/tcg/tcg-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void tcg_cpu_reset_hold(CPUState *cpu)
 /* mask must never be zero, except for A20 change call */
 void tcg_handle_interrupt(CPUState *cpu, int mask)
 {
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
 
     cpu->interrupt_request |= mask;
 
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -XXX,XX +XXX,XX @@ void cpu_io_recompile(CPUState *cpu, uintptr_t retaddr)
 
 void cpu_interrupt(CPUState *cpu, int mask)
 {
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     cpu->interrupt_request |= mask;
     qatomic_set(&cpu->neg.icount_decr.u16.high, -1);
 }
diff --git a/cpu-common.c b/cpu-common.c
index XXXXXXX..XXXXXXX 100644
--- a/cpu-common.c
+++ b/cpu-common.c
@@ -XXX,XX +XXX,XX @@ void process_queued_cpu_work(CPUState *cpu)
              * BQL, so it goes to sleep; start_exclusive() is sleeping too, so
              * neither CPU can proceed.
              */
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             start_exclusive();
             wi->func(cpu, wi->data);
             end_exclusive();
-            qemu_mutex_lock_iothread();
+            bql_lock();
         } else {
             wi->func(cpu, wi->data);
         }
diff --git a/dump/dump.c b/dump/dump.c
index XXXXXXX..XXXXXXX 100644
--- a/dump/dump.c
+++ b/dump/dump.c
@@ -XXX,XX +XXX,XX @@ static int dump_cleanup(DumpState *s)
     s->guest_note = NULL;
     if (s->resume) {
         if (s->detached) {
-            qemu_mutex_lock_iothread();
+            bql_lock();
         }
         vm_start();
         if (s->detached) {
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
         }
     }
     migrate_del_blocker(&dump_migration_blocker);
diff --git a/hw/core/cpu-common.c b/hw/core/cpu-common.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/core/cpu-common.c
+++ b/hw/core/cpu-common.c
@@ -XXX,XX +XXX,XX @@ CPUState *cpu_create(const char *typename)
  * BQL here if we need to.  cpu_interrupt assumes it is held.*/
 void cpu_reset_interrupt(CPUState *cpu, int mask)
 {
-    bool need_lock = !qemu_mutex_iothread_locked();
+    bool need_lock = !bql_locked();
 
     if (need_lock) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
     }
     cpu->interrupt_request &= ~mask;
     if (need_lock) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 }
 
diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/i386/intel_iommu.c
+++ b/hw/i386/intel_iommu.c
@@ -XXX,XX +XXX,XX @@ static bool vtd_switch_address_space(VTDAddressSpace *as)
 {
     bool use_iommu, pt;
     /* Whether we need to take the BQL on our own */
-    bool take_bql = !qemu_mutex_iothread_locked();
+    bool take_bql = !bql_locked();
 
     assert(as);
 
@@ -XXX,XX +XXX,XX @@ static bool vtd_switch_address_space(VTDAddressSpace *as)
      * it. We'd better make sure we have had it already, or, take it.
      */
     if (take_bql) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
     }
 
     /* Turn off first then on the other */
@@ -XXX,XX +XXX,XX @@ static bool vtd_switch_address_space(VTDAddressSpace *as)
     }
 
     if (take_bql) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 
     return use_iommu;
diff --git a/hw/i386/kvm/xen_evtchn.c b/hw/i386/kvm/xen_evtchn.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/i386/kvm/xen_evtchn.c
+++ b/hw/i386/kvm/xen_evtchn.c
@@ -XXX,XX +XXX,XX @@ void xen_evtchn_set_callback_level(int level)
      * effect immediately. That just leaves interdomain loopback as the case
      * which uses the BH.
      */
-    if (!qemu_mutex_iothread_locked()) {
+    if (!bql_locked()) {
         qemu_bh_schedule(s->gsi_bh);
         return;
     }
@@ -XXX,XX +XXX,XX @@ int xen_evtchn_set_callback_param(uint64_t param)
      * We need the BQL because set_callback_pci_intx() may call into PCI code,
      * and because we may need to manipulate the old and new GSI levels.
      */
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
     qemu_mutex_lock(&s->port_lock);
 
     switch (type) {
@@ -XXX,XX +XXX,XX @@ static int close_port(XenEvtchnState *s, evtchn_port_t port,
     XenEvtchnPort *p = &s->port_table[port];
 
     /* Because it *might* be a PIRQ port */
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     switch (p->type) {
     case EVTCHNSTAT_closed:
@@ -XXX,XX +XXX,XX @@ int xen_evtchn_soft_reset(void)
         return -ENOTSUP;
     }
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     qemu_mutex_lock(&s->port_lock);
 
@@ -XXX,XX +XXX,XX @@ bool xen_evtchn_set_gsi(int gsi, int level)
     XenEvtchnState *s = xen_evtchn_singleton;
     int pirq;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     if (!s || gsi < 0 || gsi >= IOAPIC_NUM_PINS) {
         return false;
@@ -XXX,XX +XXX,XX @@ void xen_evtchn_snoop_msi(PCIDevice *dev, bool is_msix, unsigned int vector,
         return;
     }
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     pirq = msi_pirq_target(addr, data);
 
@@ -XXX,XX +XXX,XX @@ int xen_evtchn_translate_pirq_msi(struct kvm_irq_routing_entry *route,
         return 1; /* Not a PIRQ */
     }
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     pirq = msi_pirq_target(address, data);
     if (!pirq || pirq >= s->nr_pirqs) {
@@ -XXX,XX +XXX,XX @@ bool xen_evtchn_deliver_pirq_msi(uint64_t address, uint32_t data)
         return false;
     }
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     pirq = msi_pirq_target(address, data);
     if (!pirq || pirq >= s->nr_pirqs) {
diff --git a/hw/i386/kvm/xen_overlay.c b/hw/i386/kvm/xen_overlay.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/i386/kvm/xen_overlay.c
+++ b/hw/i386/kvm/xen_overlay.c
@@ -XXX,XX +XXX,XX @@ int xen_overlay_map_shinfo_page(uint64_t gpa)
         return -ENOENT;
     }
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     if (s->shinfo_gpa) {
         /* If removing shinfo page, turn the kernel magic off first */
diff --git a/hw/i386/kvm/xen_xenstore.c b/hw/i386/kvm/xen_xenstore.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/i386/kvm/xen_xenstore.c
+++ b/hw/i386/kvm/xen_xenstore.c
@@ -XXX,XX +XXX,XX @@ static void fire_watch_cb(void *opaque, const char *path, const char *token)
 {
     XenXenstoreState *s = opaque;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     /*
      * If there's a response pending, we obviously can't scribble over
diff --git a/hw/intc/arm_gicv3_cpuif.c b/hw/intc/arm_gicv3_cpuif.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/intc/arm_gicv3_cpuif.c
+++ b/hw/intc/arm_gicv3_cpuif.c
@@ -XXX,XX +XXX,XX @@ void gicv3_cpuif_update(GICv3CPUState *cs)
     ARMCPU *cpu = ARM_CPU(cs->cpu);
     CPUARMState *env = &cpu->env;
 
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
 
     trace_gicv3_cpuif_update(gicv3_redist_affid(cs), cs->hppi.irq,
                              cs->hppi.grp, cs->hppi.prio);
diff --git a/hw/intc/s390_flic.c b/hw/intc/s390_flic.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/intc/s390_flic.c
+++ b/hw/intc/s390_flic.c
@@ -XXX,XX +XXX,XX @@ static int qemu_s390_clear_io_flic(S390FLICState *fs, uint16_t subchannel_id,
     QEMUS390FlicIO *cur, *next;
     uint8_t isc;
 
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     if (!(flic->pending & FLIC_PENDING_IO)) {
         return 0;
     }
@@ -XXX,XX +XXX,XX @@ uint32_t qemu_s390_flic_dequeue_service(QEMUS390FLICState *flic)
 {
     uint32_t tmp;
 
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     g_assert(flic->pending & FLIC_PENDING_SERVICE);
     tmp = flic->service_param;
     flic->service_param = 0;
@@ -XXX,XX +XXX,XX @@ QEMUS390FlicIO *qemu_s390_flic_dequeue_io(QEMUS390FLICState *flic, uint64_t cr6)
     QEMUS390FlicIO *io;
     uint8_t isc;
 
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     if (!(flic->pending & CR6_TO_PENDING_IO(cr6))) {
         return NULL;
     }
@@ -XXX,XX +XXX,XX @@ QEMUS390FlicIO *qemu_s390_flic_dequeue_io(QEMUS390FLICState *flic, uint64_t cr6)
 
 void qemu_s390_flic_dequeue_crw_mchk(QEMUS390FLICState *flic)
 {
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     g_assert(flic->pending & FLIC_PENDING_MCHK_CR);
     flic->pending &= ~FLIC_PENDING_MCHK_CR;
 }
@@ -XXX,XX +XXX,XX @@ static void qemu_s390_inject_service(S390FLICState *fs, uint32_t parm)
 {
     QEMUS390FLICState *flic = s390_get_qemu_flic(fs);
 
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     /* multiplexing is good enough for sclp - kvm does it internally as well */
     flic->service_param |= parm;
     flic->pending |= FLIC_PENDING_SERVICE;
@@ -XXX,XX +XXX,XX @@ static void qemu_s390_inject_io(S390FLICState *fs, uint16_t subchannel_id,
     QEMUS390FLICState *flic = s390_get_qemu_flic(fs);
     QEMUS390FlicIO *io;
 
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     io = g_new0(QEMUS390FlicIO, 1);
     io->id = subchannel_id;
     io->nr = subchannel_nr;
@@ -XXX,XX +XXX,XX @@ static void qemu_s390_inject_crw_mchk(S390FLICState *fs)
 {
     QEMUS390FLICState *flic = s390_get_qemu_flic(fs);
 
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     flic->pending |= FLIC_PENDING_MCHK_CR;
 
     qemu_s390_flic_notify(FLIC_PENDING_MCHK_CR);
@@ -XXX,XX +XXX,XX @@ bool qemu_s390_flic_has_crw_mchk(QEMUS390FLICState *flic)
 
 bool qemu_s390_flic_has_any(QEMUS390FLICState *flic)
 {
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     return !!flic->pending;
 }
 
@@ -XXX,XX +XXX,XX @@ static void qemu_s390_flic_reset(DeviceState *dev)
     QEMUS390FlicIO *cur, *next;
     int isc;
 
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     flic->simm = 0;
     flic->nimm = 0;
     flic->pending = 0;
diff --git a/hw/misc/edu.c b/hw/misc/edu.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/misc/edu.c
+++ b/hw/misc/edu.c
@@ -XXX,XX +XXX,XX @@ static void *edu_fact_thread(void *opaque)
         smp_mb__after_rmw();
 
         if (qatomic_read(&edu->status) & EDU_STATUS_IRQFACT) {
-            qemu_mutex_lock_iothread();
+            bql_lock();
             edu_raise_irq(edu, FACT_IRQ);
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
         }
     }
 
diff --git a/hw/misc/imx6_src.c b/hw/misc/imx6_src.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/misc/imx6_src.c
+++ b/hw/misc/imx6_src.c
@@ -XXX,XX +XXX,XX @@ static void imx6_clear_reset_bit(CPUState *cpu, run_on_cpu_data data)
     struct SRCSCRResetInfo *ri = data.host_ptr;
     IMX6SRCState *s = ri->s;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     s->regs[SRC_SCR] = deposit32(s->regs[SRC_SCR], ri->reset_bit, 1, 0);
     DPRINTF("reg[%s] <= 0x%" PRIx32 "\n",
diff --git a/hw/misc/imx7_src.c b/hw/misc/imx7_src.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/misc/imx7_src.c
+++ b/hw/misc/imx7_src.c
@@ -XXX,XX +XXX,XX @@ static void imx7_clear_reset_bit(CPUState *cpu, run_on_cpu_data data)
     struct SRCSCRResetInfo *ri = data.host_ptr;
     IMX7SRCState *s = ri->s;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     s->regs[SRC_A7RCR0] = deposit32(s->regs[SRC_A7RCR0], ri->reset_bit, 1, 0);
 
diff --git a/hw/net/xen_nic.c b/hw/net/xen_nic.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/net/xen_nic.c
+++ b/hw/net/xen_nic.c
@@ -XXX,XX +XXX,XX @@ static bool net_tx_packets(struct XenNetDev *netdev)
     void *page;
     void *tmpbuf = NULL;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     for (;;) {
         rc = netdev->tx_ring.req_cons;
@@ -XXX,XX +XXX,XX @@ static ssize_t net_rx_packet(NetClientState *nc, const uint8_t *buf, size_t size
     RING_IDX rc, rp;
     void *page;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     if (xen_device_backend_get_state(&netdev->xendev) != XenbusStateConnected) {
         return -1;
@@ -XXX,XX +XXX,XX @@ static bool xen_netdev_connect(XenDevice *xendev, Error **errp)
     XenNetDev *netdev = XEN_NET_DEVICE(xendev);
     unsigned int port, rx_copy;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     if (xen_device_frontend_scanf(xendev, "tx-ring-ref", "%u",
                                   &netdev->tx_ring_ref) != 1) {
@@ -XXX,XX +XXX,XX @@ static void xen_netdev_disconnect(XenDevice *xendev, Error **errp)
 
     trace_xen_netdev_disconnect(netdev->dev);
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     netdev->tx_ring.sring = NULL;
     netdev->rx_ring.sring = NULL;
diff --git a/hw/ppc/pegasos2.c b/hw/ppc/pegasos2.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/ppc/pegasos2.c
+++ b/hw/ppc/pegasos2.c
@@ -XXX,XX +XXX,XX @@ static void pegasos2_hypercall(PPCVirtualHypervisor *vhyp, PowerPCCPU *cpu)
     CPUPPCState *env = &cpu->env;
 
     /* The TCG path should also be holding the BQL at this point */
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
 
     if (FIELD_EX64(env->msr, MSR, PR)) {
         qemu_log_mask(LOG_GUEST_ERROR, "Hypercall made with MSR[PR]=1\n");
diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/ppc/ppc.c
+++ b/hw/ppc/ppc.c
@@ -XXX,XX +XXX,XX @@ void store_40x_dbcr0(CPUPPCState *env, uint32_t val)
 {
     PowerPCCPU *cpu = env_archcpu(env);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     switch ((val >> 28) & 0x3) {
     case 0x0:
@@ -XXX,XX +XXX,XX @@ void store_40x_dbcr0(CPUPPCState *env, uint32_t val)
         break;
     }
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 /* PowerPC 40x internal IRQ controller */
diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -XXX,XX +XXX,XX @@ static void emulate_spapr_hypercall(PPCVirtualHypervisor *vhyp,
     CPUPPCState *env = &cpu->env;
 
     /* The TCG path should also be holding the BQL at this point */
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
 
     g_assert(!vhyp_cpu_in_nested(cpu));
 
diff --git a/hw/ppc/spapr_rng.c b/hw/ppc/spapr_rng.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/ppc/spapr_rng.c
+++ b/hw/ppc/spapr_rng.c
@@ -XXX,XX +XXX,XX @@ static target_ulong h_random(PowerPCCPU *cpu, SpaprMachineState *spapr,
     while (hrdata.received < 8) {
         rng_backend_request_entropy(rngstate->backend, 8 - hrdata.received,
                                     random_recv, &hrdata);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         qemu_sem_wait(&hrdata.sem);
-        qemu_mutex_lock_iothread();
+        bql_lock();
     }
 
     qemu_sem_destroy(&hrdata.sem);
diff --git a/hw/ppc/spapr_softmmu.c b/hw/ppc/spapr_softmmu.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/ppc/spapr_softmmu.c
+++ b/hw/ppc/spapr_softmmu.c
@@ -XXX,XX +XXX,XX @@ static void *hpt_prepare_thread(void *opaque)
         pending->ret = H_NO_MEM;
     }
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     if (SPAPR_MACHINE(qdev_get_machine())->pending_hpt == pending) {
         /* Ready to go */
@@ -XXX,XX +XXX,XX @@ static void *hpt_prepare_thread(void *opaque)
         free_pending_hpt(pending);
     }
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     return NULL;
 }
 
diff --git a/hw/remote/mpqemu-link.c b/hw/remote/mpqemu-link.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/remote/mpqemu-link.c
+++ b/hw/remote/mpqemu-link.c
@@ -XXX,XX +XXX,XX @@
  */
 bool mpqemu_msg_send(MPQemuMsg *msg, QIOChannel *ioc, Error **errp)
 {
-    bool iolock = qemu_mutex_iothread_locked();
+    bool drop_bql = bql_locked();
     bool iothread = qemu_in_iothread();
     struct iovec send[2] = {};
     int *fds = NULL;
@@ -XXX,XX +XXX,XX @@ bool mpqemu_msg_send(MPQemuMsg *msg, QIOChannel *ioc, Error **errp)
      * for IOThread case.
      * Also skip lock handling while in a co-routine in the main context.
      */
-    if (iolock && !iothread && !qemu_in_coroutine()) {
-        qemu_mutex_unlock_iothread();
+    if (drop_bql && !iothread && !qemu_in_coroutine()) {
+        bql_unlock();
     }
 
     if (!qio_channel_writev_full_all(ioc, send, G_N_ELEMENTS(send),
@@ -XXX,XX +XXX,XX @@ bool mpqemu_msg_send(MPQemuMsg *msg, QIOChannel *ioc, Error **errp)
         trace_mpqemu_send_io_error(msg->cmd, msg->size, nfds);
     }
 
-    if (iolock && !iothread && !qemu_in_coroutine()) {
+    if (drop_bql && !iothread && !qemu_in_coroutine()) {
         /* See above comment why skip locking here. */
-        qemu_mutex_lock_iothread();
+        bql_lock();
     }
 
     return ret;
@@ -XXX,XX +XXX,XX @@ static ssize_t mpqemu_read(QIOChannel *ioc, void *buf, size_t len, int **fds,
                            size_t *nfds, Error **errp)
 {
     struct iovec iov = { .iov_base = buf, .iov_len = len };
-    bool iolock = qemu_mutex_iothread_locked();
+    bool drop_bql = bql_locked();
     bool iothread = qemu_in_iothread();
     int ret = -1;
 
@@ -XXX,XX +XXX,XX @@ static ssize_t mpqemu_read(QIOChannel *ioc, void *buf, size_t len, int **fds,
      */
     assert(qemu_in_coroutine() || !iothread);
 
-    if (iolock && !iothread && !qemu_in_coroutine()) {
-        qemu_mutex_unlock_iothread();
+    if (drop_bql && !iothread && !qemu_in_coroutine()) {
+        bql_unlock();
     }
 
     ret = qio_channel_readv_full_all_eof(ioc, &iov, 1, fds, nfds, errp);
 
-    if (iolock && !iothread && !qemu_in_coroutine()) {
-        qemu_mutex_lock_iothread();
+    if (drop_bql && !iothread && !qemu_in_coroutine()) {
+        bql_lock();
     }
 
     return (ret <= 0) ? ret : iov.iov_len;
diff --git a/hw/remote/vfio-user-obj.c b/hw/remote/vfio-user-obj.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/remote/vfio-user-obj.c
+++ b/hw/remote/vfio-user-obj.c
@@ -XXX,XX +XXX,XX @@ static int vfu_object_mr_rw(MemoryRegion *mr, uint8_t *buf, hwaddr offset,
         }
 
         if (release_lock) {
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             release_lock = false;
         }
 
diff --git a/hw/s390x/s390-skeys.c b/hw/s390x/s390-skeys.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/s390x/s390-skeys.c
+++ b/hw/s390x/s390-skeys.c
@@ -XXX,XX +XXX,XX @@ void qmp_dump_skeys(const char *filename, Error **errp)
         goto out;
     }
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
     guest_phys_blocks_init(&guest_phys_blocks);
     guest_phys_blocks_append(&guest_phys_blocks);
 
diff --git a/migration/block-dirty-bitmap.c b/migration/block-dirty-bitmap.c
index XXXXXXX..XXXXXXX 100644
--- a/migration/block-dirty-bitmap.c
+++ b/migration/block-dirty-bitmap.c
@@ -XXX,XX +XXX,XX @@ static void dirty_bitmap_state_pending(void *opaque,
     SaveBitmapState *dbms;
     uint64_t pending = 0;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     QSIMPLEQ_FOREACH(dbms, &s->dbms_list, entry) {
         uint64_t gran = bdrv_dirty_bitmap_granularity(dbms->bitmap);
@@ -XXX,XX +XXX,XX @@ static void dirty_bitmap_state_pending(void *opaque,
         pending += DIV_ROUND_UP(sectors * BDRV_SECTOR_SIZE, gran);
     }
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     trace_dirty_bitmap_state_pending(pending);
 
diff --git a/migration/block.c b/migration/block.c
index XXXXXXX..XXXXXXX 100644
--- a/migration/block.c
+++ b/migration/block.c
@@ -XXX,XX +XXX,XX @@ static int mig_save_device_bulk(QEMUFile *f, BlkMigDevState *bmds)
     int64_t count;
 
     if (bmds->shared_base) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
         /* Skip unallocated sectors; intentionally treats failure or
          * partial sector as an allocated sector */
         while (cur_sector < total_sectors &&
@@ -XXX,XX +XXX,XX @@ static int mig_save_device_bulk(QEMUFile *f, BlkMigDevState *bmds)
             }
             cur_sector += count >> BDRV_SECTOR_BITS;
         }
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 
     if (cur_sector >= total_sectors) {
@@ -XXX,XX +XXX,XX @@ static int mig_save_device_bulk(QEMUFile *f, BlkMigDevState *bmds)
      * I/O runs in the main loop AioContext (see
      * qemu_get_current_aio_context()).
      */
-    qemu_mutex_lock_iothread();
+    bql_lock();
     bdrv_reset_dirty_bitmap(bmds->dirty_bitmap, cur_sector * BDRV_SECTOR_SIZE,
                             nr_sectors * BDRV_SECTOR_SIZE);
     blk->aiocb = blk_aio_preadv(bb, cur_sector * BDRV_SECTOR_SIZE, &blk->qiov,
                                 0, blk_mig_read_cb, blk);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     bmds->cur_sector = cur_sector + nr_sectors;
     return (bmds->cur_sector >= total_sectors);
@@ -XXX,XX +XXX,XX @@ static int block_save_iterate(QEMUFile *f, void *opaque)
             /* Always called with iothread lock taken for
              * simplicity, block_save_complete also calls it.
              */
-            qemu_mutex_lock_iothread();
+            bql_lock();
             ret = blk_mig_save_dirty_block(f, 1);
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
         }
         if (ret < 0) {
             return ret;
@@ -XXX,XX +XXX,XX @@ static void block_state_pending(void *opaque, uint64_t *must_precopy,
     /* Estimate pending number of bytes to send */
     uint64_t pending;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     pending = get_remaining_dirty();
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     blk_mig_lock();
     pending += block_mig_state.submitted * BLK_MIG_BLOCK_SIZE +
diff --git a/migration/colo.c b/migration/colo.c
index XXXXXXX..XXXXXXX 100644
--- a/migration/colo.c
+++ b/migration/colo.c
@@ -XXX,XX +XXX,XX @@ static int colo_do_checkpoint_transaction(MigrationState *s,
     qio_channel_io_seek(QIO_CHANNEL(bioc), 0, 0, NULL);
     bioc->usage = 0;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     if (failover_get_state() != FAILOVER_STATUS_NONE) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         goto out;
     }
     vm_stop_force_state(RUN_STATE_COLO);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     trace_colo_vm_state_change("run", "stop");
     /*
      * Failover request bh could be called after vm_stop_force_state(),
@@ -XXX,XX +XXX,XX @@ static int colo_do_checkpoint_transaction(MigrationState *s,
     if (failover_get_state() != FAILOVER_STATUS_NONE) {
         goto out;
     }
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     replication_do_checkpoint_all(&local_err);
     if (local_err) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         goto out;
     }
 
     colo_send_message(s->to_dst_file, COLO_MESSAGE_VMSTATE_SEND, &local_err);
     if (local_err) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         goto out;
     }
     /* Note: device state is saved into buffer */
     ret = qemu_save_device_state(fb);
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     if (ret < 0) {
         goto out;
     }
@@ -XXX,XX +XXX,XX @@ static int colo_do_checkpoint_transaction(MigrationState *s,
 
     ret = 0;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     vm_start();
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     trace_colo_vm_state_change("stop", "run");
 
 out:
@@ -XXX,XX +XXX,XX @@ static void colo_process_checkpoint(MigrationState *s)
     fb = qemu_file_new_output(QIO_CHANNEL(bioc));
     object_unref(OBJECT(bioc));
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     replication_start_all(REPLICATION_MODE_PRIMARY, &local_err);
     if (local_err) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         goto out;
     }
 
     vm_start();
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     trace_colo_vm_state_change("stop", "run");
 
     timer_mod(s->colo_delay_timer, qemu_clock_get_ms(QEMU_CLOCK_HOST) +
@@ -XXX,XX +XXX,XX @@ out:
 
 void migrate_start_colo_process(MigrationState *s)
 {
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     qemu_event_init(&s->colo_checkpoint_event, false);
     s->colo_delay_timer =  timer_new_ms(QEMU_CLOCK_HOST,
                                 colo_checkpoint_notify, s);
 
     qemu_sem_init(&s->colo_exit_sem, 0);
     colo_process_checkpoint(s);
-    qemu_mutex_lock_iothread();
+    bql_lock();
 }
 
 static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
@@ -XXX,XX +XXX,XX @@ static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
     Error *local_err = NULL;
     int ret;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     vm_stop_force_state(RUN_STATE_COLO);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     trace_colo_vm_state_change("run", "stop");
 
     /* FIXME: This is unnecessary for periodic checkpoint mode */
@@ -XXX,XX +XXX,XX @@ static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
         return;
     }
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     cpu_synchronize_all_states();
     ret = qemu_loadvm_state_main(mis->from_src_file, mis);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     if (ret < 0) {
         error_setg(errp, "Load VM's live state (ram) error");
@@ -XXX,XX +XXX,XX @@ static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
         return;
     }
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     vmstate_loading = true;
     colo_flush_ram_cache();
     ret = qemu_load_device_state(fb);
     if (ret < 0) {
         error_setg(errp, "COLO: load device state failed");
         vmstate_loading = false;
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         return;
     }
 
@@ -XXX,XX +XXX,XX @@ static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
     if (local_err) {
         error_propagate(errp, local_err);
         vmstate_loading = false;
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         return;
     }
 
@@ -XXX,XX +XXX,XX @@ static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
     if (local_err) {
         error_propagate(errp, local_err);
         vmstate_loading = false;
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         return;
     }
     /* Notify all filters of all NIC to do checkpoint */
@@ -XXX,XX +XXX,XX @@ static void colo_incoming_process_checkpoint(MigrationIncomingState *mis,
     if (local_err) {
         error_propagate(errp, local_err);
         vmstate_loading = false;
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         return;
     }
 
     vmstate_loading = false;
     vm_start();
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     trace_colo_vm_state_change("stop", "run");
 
     if (failover_get_state() == FAILOVER_STATUS_RELAUNCH) {
@@ -XXX,XX +XXX,XX @@ static void *colo_process_incoming_thread(void *opaque)
     fb = qemu_file_new_input(QIO_CHANNEL(bioc));
     object_unref(OBJECT(bioc));
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     replication_start_all(REPLICATION_MODE_SECONDARY, &local_err);
     if (local_err) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         goto out;
     }
     vm_start();
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     trace_colo_vm_state_change("stop", "run");
 
     colo_send_message(mis->to_src_file, COLO_MESSAGE_CHECKPOINT_READY,
@@ -XXX,XX +XXX,XX @@ int coroutine_fn colo_incoming_co(void)
     Error *local_err = NULL;
     QemuThread th;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     if (!migration_incoming_colo_enabled()) {
         return 0;
@@ -XXX,XX +XXX,XX @@ int coroutine_fn colo_incoming_co(void)
     qemu_coroutine_yield();
     mis->colo_incoming_co = NULL;
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     /* Wait checkpoint incoming thread exit before free resource */
     qemu_thread_join(&th);
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     /* We hold the global iothread lock, so it is safe here */
     colo_release_ram_cache();
diff --git a/migration/dirtyrate.c b/migration/dirtyrate.c
index XXXXXXX..XXXXXXX 100644
--- a/migration/dirtyrate.c
+++ b/migration/dirtyrate.c
@@ -XXX,XX +XXX,XX @@ static int64_t do_calculate_dirtyrate(DirtyPageRecord dirty_pages,
 
 void global_dirty_log_change(unsigned int flag, bool start)
 {
-    qemu_mutex_lock_iothread();
+    bql_lock();
     if (start) {
         memory_global_dirty_log_start(flag);
     } else {
         memory_global_dirty_log_stop(flag);
     }
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 /*
@@ -XXX,XX +XXX,XX @@ void global_dirty_log_change(unsigned int flag, bool start)
  */
 static void global_dirty_log_sync(unsigned int flag, bool one_shot)
 {
-    qemu_mutex_lock_iothread();
+    bql_lock();
     memory_global_dirty_log_sync(false);
     if (one_shot) {
         memory_global_dirty_log_stop(flag);
     }
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 static DirtyPageRecord *vcpu_dirty_stat_alloc(VcpuStat *stat)
@@ -XXX,XX +XXX,XX @@ static void calculate_dirtyrate_dirty_bitmap(struct DirtyRateConfig config)
     int64_t start_time;
     DirtyPageRecord dirty_pages;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     memory_global_dirty_log_start(GLOBAL_DIRTY_DIRTY_RATE);
 
     /*
@@ -XXX,XX +XXX,XX @@ static void calculate_dirtyrate_dirty_bitmap(struct DirtyRateConfig config)
      * KVM_DIRTY_LOG_MANUAL_PROTECT_ENABLE cap is enabled.
      */
     dirtyrate_manual_reset_protect();
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     record_dirtypages_bitmap(&dirty_pages, true);
 
diff --git a/migration/migration.c b/migration/migration.c
index XXXXXXX..XXXXXXX 100644
--- a/migration/migration.c
+++ b/migration/migration.c
@@ -XXX,XX +XXX,XX @@ static void migrate_fd_cleanup(MigrationState *s)
         QEMUFile *tmp;
 
         trace_migrate_fd_cleanup();
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         if (s->migration_thread_running) {
             qemu_thread_join(&s->thread);
             s->migration_thread_running = false;
         }
-        qemu_mutex_lock_iothread();
+        bql_lock();
 
         multifd_save_cleanup();
         qemu_mutex_lock(&s->qemu_file_lock);
@@ -XXX,XX +XXX,XX @@ static int postcopy_start(MigrationState *ms, Error **errp)
     }
 
     trace_postcopy_start();
-    qemu_mutex_lock_iothread();
+    bql_lock();
     trace_postcopy_start_set_run();
 
     migration_downtime_start(ms);
@@ -XXX,XX +XXX,XX @@ static int postcopy_start(MigrationState *ms, Error **errp)
 
     migration_downtime_end(ms);
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     if (migrate_postcopy_ram()) {
         /*
@@ -XXX,XX +XXX,XX @@ fail:
             error_report_err(local_err);
         }
     }
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     return -1;
 }
 
@@ -XXX,XX +XXX,XX @@ static int migration_maybe_pause(MigrationState *s,
      * wait for the 'pause_sem' semaphore.
      */
     if (s->state != MIGRATION_STATUS_CANCELLING) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         migrate_set_state(&s->state, *current_active_state,
                           MIGRATION_STATUS_PRE_SWITCHOVER);
         qemu_sem_wait(&s->pause_sem);
         migrate_set_state(&s->state, MIGRATION_STATUS_PRE_SWITCHOVER,
                           new_state);
         *current_active_state = new_state;
-        qemu_mutex_lock_iothread();
+        bql_lock();
     }
 
     return s->state == new_state ? 0 : -EINVAL;
@@ -XXX,XX +XXX,XX @@ static int migration_completion_precopy(MigrationState *s,
 {
     int ret;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     migration_downtime_start(s);
 
     s->vm_old_state = runstate_get();
@@ -XXX,XX +XXX,XX @@ static int migration_completion_precopy(MigrationState *s,
     ret = qemu_savevm_state_complete_precopy(s->to_dst_file, false,
                                              s->block_inactive);
 out_unlock:
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     return ret;
 }
 
@@ -XXX,XX +XXX,XX @@ static void migration_completion_postcopy(MigrationState *s)
 {
     trace_migration_completion_postcopy_end();
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     qemu_savevm_state_complete_postcopy(s->to_dst_file);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     /*
      * Shutdown the postcopy fast path thread.  This is only needed when dest
@@ -XXX,XX +XXX,XX @@ static void migration_completion_failed(MigrationState *s,
          */
         Error *local_err = NULL;
 
-        qemu_mutex_lock_iothread();
+        bql_lock();
         bdrv_activate_all(&local_err);
         if (local_err) {
             error_report_err(local_err);
         } else {
             s->block_inactive = false;
         }
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 
     migrate_set_state(&s->state, current_active_state,
@@ -XXX,XX +XXX,XX @@ static void migration_iteration_finish(MigrationState *s)
     /* If we enabled cpu throttling for auto-converge, turn it off. */
     cpu_throttle_stop();
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     switch (s->state) {
     case MIGRATION_STATUS_COMPLETED:
         migration_calculate_complete(s);
@@ -XXX,XX +XXX,XX @@ static void migration_iteration_finish(MigrationState *s)
         break;
     }
     migrate_fd_cleanup_schedule(s);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 static void bg_migration_iteration_finish(MigrationState *s)
@@ -XXX,XX +XXX,XX @@ static void bg_migration_iteration_finish(MigrationState *s)
      */
     ram_write_tracking_stop();
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     switch (s->state) {
     case MIGRATION_STATUS_COMPLETED:
         migration_calculate_complete(s);
@@ -XXX,XX +XXX,XX @@ static void bg_migration_iteration_finish(MigrationState *s)
     }
 
     migrate_fd_cleanup_schedule(s);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 /*
@@ -XXX,XX +XXX,XX @@ static void *migration_thread(void *opaque)
     object_ref(OBJECT(s));
     update_iteration_initial_status(s);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     qemu_savevm_state_header(s->to_dst_file);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     /*
      * If we opened the return path, we need to make sure dst has it
@@ -XXX,XX +XXX,XX @@ static void *migration_thread(void *opaque)
         qemu_savevm_send_colo_enable(s->to_dst_file);
     }
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     qemu_savevm_state_setup(s->to_dst_file);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     qemu_savevm_wait_unplug(s, MIGRATION_STATUS_SETUP,
                                MIGRATION_STATUS_ACTIVE);
@@ -XXX,XX +XXX,XX @@ static void *bg_migration_thread(void *opaque)
     ram_write_tracking_prepare();
 #endif
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     qemu_savevm_state_header(s->to_dst_file);
     qemu_savevm_state_setup(s->to_dst_file);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     qemu_savevm_wait_unplug(s, MIGRATION_STATUS_SETUP,
                                MIGRATION_STATUS_ACTIVE);
@@ -XXX,XX +XXX,XX @@ static void *bg_migration_thread(void *opaque)
     trace_migration_thread_setup_complete();
     migration_downtime_start(s);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     s->vm_old_state = runstate_get();
 
@@ -XXX,XX +XXX,XX @@ static void *bg_migration_thread(void *opaque)
     s->vm_start_bh = qemu_bh_new(bg_migration_vm_start_bh, s);
     qemu_bh_schedule(s->vm_start_bh);
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     while (migration_is_active(s)) {
         MigIterateState iter_state = bg_migration_iteration_run(s);
@@ -XXX,XX +XXX,XX @@ fail:
     if (early_fail) {
         migrate_set_state(&s->state, MIGRATION_STATUS_ACTIVE,
                 MIGRATION_STATUS_FAILED);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 
     bg_migration_iteration_finish(s);
diff --git a/migration/ram.c b/migration/ram.c
index XXXXXXX..XXXXXXX 100644
--- a/migration/ram.c
+++ b/migration/ram.c
@@ -XXX,XX +XXX,XX @@ static int ram_save_setup(QEMUFile *f, void *opaque)
     migration_ops = g_malloc0(sizeof(MigrationOps));
     migration_ops->ram_save_target_page = ram_save_target_page_legacy;
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     ret = multifd_send_sync_main(f);
-    qemu_mutex_lock_iothread();
+    bql_lock();
     if (ret < 0) {
         return ret;
     }
@@ -XXX,XX +XXX,XX @@ static void ram_state_pending_exact(void *opaque, uint64_t *must_precopy,
     uint64_t remaining_size = rs->migration_dirty_pages * TARGET_PAGE_SIZE;
 
     if (!migration_in_postcopy() && remaining_size < s->threshold_size) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
         WITH_RCU_READ_LOCK_GUARD() {
             migration_bitmap_sync_precopy(rs, false);
         }
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         remaining_size = rs->migration_dirty_pages * TARGET_PAGE_SIZE;
     }
 
@@ -XXX,XX +XXX,XX @@ void colo_incoming_start_dirty_log(void)
 {
     RAMBlock *block = NULL;
     /* For memory_global_dirty_log_start below. */
-    qemu_mutex_lock_iothread();
+    bql_lock();
     qemu_mutex_lock_ramlist();
 
     memory_global_dirty_log_sync(false);
@@ -XXX,XX +XXX,XX @@ void colo_incoming_start_dirty_log(void)
     }
     ram_state->migration_dirty_pages = 0;
     qemu_mutex_unlock_ramlist();
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 /* It is need to hold the global lock to call this helper */
diff --git a/replay/replay-internal.c b/replay/replay-internal.c
index XXXXXXX..XXXXXXX 100644
--- a/replay/replay-internal.c
+++ b/replay/replay-internal.c
@@ -XXX,XX +XXX,XX @@ void replay_mutex_lock(void)
 {
     if (replay_mode != REPLAY_MODE_NONE) {
         unsigned long id;
-        g_assert(!qemu_mutex_iothread_locked());
+        g_assert(!bql_locked());
         g_assert(!replay_mutex_locked());
         qemu_mutex_lock(&lock);
         id = mutex_tail++;
diff --git a/semihosting/console.c b/semihosting/console.c
index XXXXXXX..XXXXXXX 100644
--- a/semihosting/console.c
+++ b/semihosting/console.c
@@ -XXX,XX +XXX,XX @@ static SemihostingConsole console;
 static int console_can_read(void *opaque)
 {
     SemihostingConsole *c = opaque;
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     return (int)fifo8_num_free(&c->fifo);
 }
 
@@ -XXX,XX +XXX,XX @@ static void console_wake_up(gpointer data, gpointer user_data)
 static void console_read(void *opaque, const uint8_t *buf, int size)
 {
     SemihostingConsole *c = opaque;
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     while (size-- && !fifo8_is_full(&c->fifo)) {
         fifo8_push(&c->fifo, *buf++);
     }
@@ -XXX,XX +XXX,XX @@ bool qemu_semihosting_console_ready(void)
 {
     SemihostingConsole *c = &console;
 
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     return !fifo8_is_empty(&c->fifo);
 }
 
@@ -XXX,XX +XXX,XX @@ void qemu_semihosting_console_block_until_ready(CPUState *cs)
 {
     SemihostingConsole *c = &console;
 
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
 
     /* Block if the fifo is completely empty. */
     if (fifo8_is_empty(&c->fifo)) {
diff --git a/stubs/iothread-lock.c b/stubs/iothread-lock.c
index XXXXXXX..XXXXXXX 100644
--- a/stubs/iothread-lock.c
+++ b/stubs/iothread-lock.c
@@ -XXX,XX +XXX,XX @@
 #include "qemu/osdep.h"
 #include "qemu/main-loop.h"
 
-bool qemu_mutex_iothread_locked(void)
+bool bql_locked(void)
 {
     return false;
 }
 
-void qemu_mutex_lock_iothread_impl(const char *file, int line)
+void bql_lock_impl(const char *file, int line)
 {
 }
 
-void qemu_mutex_unlock_iothread(void)
+void bql_unlock(void)
 {
 }
diff --git a/system/cpu-throttle.c b/system/cpu-throttle.c
index XXXXXXX..XXXXXXX 100644
--- a/system/cpu-throttle.c
+++ b/system/cpu-throttle.c
@@ -XXX,XX +XXX,XX @@ static void cpu_throttle_thread(CPUState *cpu, run_on_cpu_data opaque)
             qemu_cond_timedwait_iothread(cpu->halt_cond,
                                          sleeptime_ns / SCALE_MS);
         } else {
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             g_usleep(sleeptime_ns / SCALE_US);
-            qemu_mutex_lock_iothread();
+            bql_lock();
         }
         sleeptime_ns = endtime_ns - qemu_clock_get_ns(QEMU_CLOCK_REALTIME);
     }
diff --git a/system/cpus.c b/system/cpus.c
index XXXXXXX..XXXXXXX 100644
--- a/system/cpus.c
+++ b/system/cpus.c
@@ -XXX,XX +XXX,XX @@
 
 #endif /* CONFIG_LINUX */
 
-static QemuMutex qemu_global_mutex;
+/* The Big QEMU Lock (BQL) */
+static QemuMutex bql;
 
 /*
  * The chosen accelerator is supposed to register this.
@@ -XXX,XX +XXX,XX @@ void qemu_init_cpu_loop(void)
     qemu_init_sigbus();
     qemu_cond_init(&qemu_cpu_cond);
     qemu_cond_init(&qemu_pause_cond);
-    qemu_mutex_init(&qemu_global_mutex);
+    qemu_mutex_init(&bql);
 
     qemu_thread_get_self(&io_thread);
 }
 
 void run_on_cpu(CPUState *cpu, run_on_cpu_func func, run_on_cpu_data data)
 {
-    do_run_on_cpu(cpu, func, data, &qemu_global_mutex);
+    do_run_on_cpu(cpu, func, data, &bql);
 }
 
 static void qemu_cpu_stop(CPUState *cpu, bool exit)
@@ -XXX,XX +XXX,XX @@ void qemu_wait_io_event(CPUState *cpu)
             slept = true;
             qemu_plugin_vcpu_idle_cb(cpu);
         }
-        qemu_cond_wait(cpu->halt_cond, &qemu_global_mutex);
+        qemu_cond_wait(cpu->halt_cond, &bql);
     }
     if (slept) {
         qemu_plugin_vcpu_resume_cb(cpu);
@@ -XXX,XX +XXX,XX @@ bool qemu_in_vcpu_thread(void)
     return current_cpu && qemu_cpu_is_self(current_cpu);
 }
 
-QEMU_DEFINE_STATIC_CO_TLS(bool, iothread_locked)
+QEMU_DEFINE_STATIC_CO_TLS(bool, bql_locked)
 
-bool qemu_mutex_iothread_locked(void)
+bool bql_locked(void)
 {
-    return get_iothread_locked();
+    return get_bql_locked();
 }
 
 bool qemu_in_main_thread(void)
 {
-    return qemu_mutex_iothread_locked();
+    return bql_locked();
 }
 
 /*
  * The BQL is taken from so many places that it is worth profiling the
  * callers directly, instead of funneling them all through a single function.
  */
-void qemu_mutex_lock_iothread_impl(const char *file, int line)
+void bql_lock_impl(const char *file, int line)
 {
-    QemuMutexLockFunc bql_lock = qatomic_read(&qemu_bql_mutex_lock_func);
+    QemuMutexLockFunc bql_lock_fn = qatomic_read(&bql_mutex_lock_func);
 
-    g_assert(!qemu_mutex_iothread_locked());
-    bql_lock(&qemu_global_mutex, file, line);
-    set_iothread_locked(true);
+    g_assert(!bql_locked());
+    bql_lock_fn(&bql, file, line);
+    set_bql_locked(true);
 }
 
-void qemu_mutex_unlock_iothread(void)
+void bql_unlock(void)
 {
-    g_assert(qemu_mutex_iothread_locked());
-    set_iothread_locked(false);
-    qemu_mutex_unlock(&qemu_global_mutex);
+    g_assert(bql_locked());
+    set_bql_locked(false);
+    qemu_mutex_unlock(&bql);
 }
 
 void qemu_cond_wait_iothread(QemuCond *cond)
 {
-    qemu_cond_wait(cond, &qemu_global_mutex);
+    qemu_cond_wait(cond, &bql);
 }
 
 void qemu_cond_timedwait_iothread(QemuCond *cond, int ms)
 {
-    qemu_cond_timedwait(cond, &qemu_global_mutex, ms);
+    qemu_cond_timedwait(cond, &bql, ms);
 }
 
 /* signal CPU creation */
@@ -XXX,XX +XXX,XX @@ void pause_all_vcpus(void)
     replay_mutex_unlock();
 
     while (!all_vcpus_paused()) {
-        qemu_cond_wait(&qemu_pause_cond, &qemu_global_mutex);
+        qemu_cond_wait(&qemu_pause_cond, &bql);
         CPU_FOREACH(cpu) {
             qemu_cpu_kick(cpu);
         }
     }
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     replay_mutex_lock();
-    qemu_mutex_lock_iothread();
+    bql_lock();
 }
 
 void cpu_resume(CPUState *cpu)
@@ -XXX,XX +XXX,XX @@ void cpu_remove_sync(CPUState *cpu)
     cpu->stop = true;
     cpu->unplug = true;
     qemu_cpu_kick(cpu);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     qemu_thread_join(cpu->thread);
-    qemu_mutex_lock_iothread();
+    bql_lock();
 }
 
 void cpus_register_accel(const AccelOpsClass *ops)
@@ -XXX,XX +XXX,XX @@ void qemu_init_vcpu(CPUState *cpu)
     cpus_accel->create_vcpu_thread(cpu);
 
     while (!cpu->created) {
-        qemu_cond_wait(&qemu_cpu_cond, &qemu_global_mutex);
+        qemu_cond_wait(&qemu_cpu_cond, &bql);
     }
 }
 
diff --git a/system/dirtylimit.c b/system/dirtylimit.c
index XXXXXXX..XXXXXXX 100644
--- a/system/dirtylimit.c
+++ b/system/dirtylimit.c
@@ -XXX,XX +XXX,XX @@ void vcpu_dirty_rate_stat_stop(void)
 {
     qatomic_set(&vcpu_dirty_rate_stat->running, 0);
     dirtylimit_state_unlock();
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     qemu_thread_join(&vcpu_dirty_rate_stat->thread);
-    qemu_mutex_lock_iothread();
+    bql_lock();
     dirtylimit_state_lock();
 }
 
diff --git a/system/memory.c b/system/memory.c
index XXXXXXX..XXXXXXX 100644
--- a/system/memory.c
+++ b/system/memory.c
@@ -XXX,XX +XXX,XX @@ void memory_region_transaction_commit(void)
     AddressSpace *as;
 
     assert(memory_region_transaction_depth);
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     --memory_region_transaction_depth;
     if (!memory_region_transaction_depth) {
diff --git a/system/physmem.c b/system/physmem.c
index XXXXXXX..XXXXXXX 100644
--- a/system/physmem.c
+++ b/system/physmem.c
@@ -XXX,XX +XXX,XX @@ bool prepare_mmio_access(MemoryRegion *mr)
 {
     bool release_lock = false;
 
-    if (!qemu_mutex_iothread_locked()) {
-        qemu_mutex_lock_iothread();
+    if (!bql_locked()) {
+        bql_lock();
         release_lock = true;
     }
     if (mr->flush_coalesced_mmio) {
@@ -XXX,XX +XXX,XX @@ static MemTxResult flatview_write_continue(FlatView *fv, hwaddr addr,
         }
 
         if (release_lock) {
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             release_lock = false;
         }
 
@@ -XXX,XX +XXX,XX @@ MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr,
         }
 
         if (release_lock) {
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             release_lock = false;
         }
 
diff --git a/system/runstate.c b/system/runstate.c
index XXXXXXX..XXXXXXX 100644
--- a/system/runstate.c
+++ b/system/runstate.c
@@ -XXX,XX +XXX,XX @@ void qemu_init_subsystems(void)
 
     qemu_init_cpu_list();
     qemu_init_cpu_loop();
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     atexit(qemu_run_exit_notifiers);
 
diff --git a/system/watchpoint.c b/system/watchpoint.c
index XXXXXXX..XXXXXXX 100644
--- a/system/watchpoint.c
+++ b/system/watchpoint.c
@@ -XXX,XX +XXX,XX @@ void cpu_check_watchpoint(CPUState *cpu, vaddr addr, vaddr len,
          * Now raise the debug interrupt so that it will
          * trigger after the current instruction.
          */
-        qemu_mutex_lock_iothread();
+        bql_lock();
         cpu_interrupt(cpu, CPU_INTERRUPT_DEBUG);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         return;
     }
 
diff --git a/target/arm/arm-powerctl.c b/target/arm/arm-powerctl.c
index XXXXXXX..XXXXXXX 100644
--- a/target/arm/arm-powerctl.c
+++ b/target/arm/arm-powerctl.c
@@ -XXX,XX +XXX,XX @@ static void arm_set_cpu_on_async_work(CPUState *target_cpu_state,
     g_free(info);
 
     /* Finally set the power status */
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
     target_cpu->power_state = PSCI_ON;
 }
 
@@ -XXX,XX +XXX,XX @@ int arm_set_cpu_on(uint64_t cpuid, uint64_t entry, uint64_t context_id,
     ARMCPU *target_cpu;
     struct CpuOnInfo *info;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     DPRINTF("cpu %" PRId64 " (EL %d, %s) @ 0x%" PRIx64 " with R0 = 0x%" PRIx64
             "\n", cpuid, target_el, target_aa64 ? "aarch64" : "aarch32", entry,
@@ -XXX,XX +XXX,XX @@ static void arm_set_cpu_on_and_reset_async_work(CPUState *target_cpu_state,
     target_cpu_state->halted = 0;
 
     /* Finally set the power status */
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
     target_cpu->power_state = PSCI_ON;
 }
 
@@ -XXX,XX +XXX,XX @@ int arm_set_cpu_on_and_reset(uint64_t cpuid)
     CPUState *target_cpu_state;
     ARMCPU *target_cpu;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     /* Retrieve the cpu we are powering up */
     target_cpu_state = arm_get_cpu_by_id(cpuid);
@@ -XXX,XX +XXX,XX @@ static void arm_set_cpu_off_async_work(CPUState *target_cpu_state,
 {
     ARMCPU *target_cpu = ARM_CPU(target_cpu_state);
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
     target_cpu->power_state = PSCI_OFF;
     target_cpu_state->halted = 1;
     target_cpu_state->exception_index = EXCP_HLT;
@@ -XXX,XX +XXX,XX @@ int arm_set_cpu_off(uint64_t cpuid)
     CPUState *target_cpu_state;
     ARMCPU *target_cpu;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     DPRINTF("cpu %" PRId64 "\n", cpuid);
 
@@ -XXX,XX +XXX,XX @@ int arm_reset_cpu(uint64_t cpuid)
     CPUState *target_cpu_state;
     ARMCPU *target_cpu;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     DPRINTF("cpu %" PRId64 "\n", cpuid);
 
diff --git a/target/arm/helper.c b/target/arm/helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -XXX,XX +XXX,XX @@ static void do_hcr_write(CPUARMState *env, uint64_t value, uint64_t valid_mask)
      * VFIQ are masked unless running at EL0 or EL1, and HCR
      * can only be written at EL2.
      */
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     arm_cpu_update_virq(cpu);
     arm_cpu_update_vfiq(cpu);
     arm_cpu_update_vserr(cpu);
@@ -XXX,XX +XXX,XX @@ void arm_cpu_do_interrupt(CPUState *cs)
      * BQL needs to be held for any modification of
      * cs->interrupt_request.
      */
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
 
     arm_call_pre_el_change_hook(cpu);
 
diff --git a/target/arm/hvf/hvf.c b/target/arm/hvf/hvf.c
index XXXXXXX..XXXXXXX 100644
--- a/target/arm/hvf/hvf.c
+++ b/target/arm/hvf/hvf.c
@@ -XXX,XX +XXX,XX @@ static void hvf_wait_for_ipi(CPUState *cpu, struct timespec *ts)
      * sleeping.
      */
     qatomic_set_mb(&cpu->thread_kicked, false);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     pselect(0, 0, 0, 0, ts, &cpu->accel->unblock_ipi_mask);
-    qemu_mutex_lock_iothread();
+    bql_lock();
 }
 
 static void hvf_wfi(CPUState *cpu)
@@ -XXX,XX +XXX,XX @@ int hvf_vcpu_exec(CPUState *cpu)
 
     flush_cpu_state(cpu);
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     assert_hvf_ok(hv_vcpu_run(cpu->accel->fd));
 
     /* handle VMEXIT */
@@ -XXX,XX +XXX,XX @@ int hvf_vcpu_exec(CPUState *cpu)
     uint32_t ec = syn_get_ec(syndrome);
 
     ret = 0;
-    qemu_mutex_lock_iothread();
+    bql_lock();
     switch (exit_reason) {
     case HV_EXIT_REASON_EXCEPTION:
         /* This is the main one, handle below. */
diff --git a/target/arm/kvm.c b/target/arm/kvm.c
index XXXXXXX..XXXXXXX 100644
--- a/target/arm/kvm.c
+++ b/target/arm/kvm.c
@@ -XXX,XX +XXX,XX @@ MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
     if (run->s.regs.device_irq_level != cpu->device_irq_level) {
         switched_level = cpu->device_irq_level ^ run->s.regs.device_irq_level;
 
-        qemu_mutex_lock_iothread();
+        bql_lock();
 
         if (switched_level & KVM_ARM_DEV_EL1_VTIMER) {
             qemu_set_irq(cpu->gt_timer_outputs[GTIMER_VIRT],
@@ -XXX,XX +XXX,XX @@ MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
 
         /* We also mark unknown levels as processed to not waste cycles */
         cpu->device_irq_level = run->s.regs.device_irq_level;
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 
     return MEMTXATTRS_UNSPECIFIED;
@@ -XXX,XX +XXX,XX @@ static bool kvm_arm_handle_debug(ARMCPU *cpu,
     env->exception.syndrome = debug_exit->hsr;
     env->exception.vaddress = debug_exit->far;
     env->exception.target_el = 1;
-    qemu_mutex_lock_iothread();
+    bql_lock();
     arm_cpu_do_interrupt(cs);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     return false;
 }
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
index XXXXXXX..XXXXXXX 100644
--- a/target/arm/ptw.c
+++ b/target/arm/ptw.c
@@ -XXX,XX +XXX,XX @@ static uint64_t arm_casq_ptw(CPUARMState *env, uint64_t old_val,
 #if !TCG_OVERSIZED_GUEST
 # error "Unexpected configuration"
 #endif
-    bool locked = qemu_mutex_iothread_locked();
+    bool locked = bql_locked();
     if (!locked) {
-       qemu_mutex_lock_iothread();
+        bql_lock();
     }
     if (ptw->out_be) {
         cur_val = ldq_be_p(host);
@@ -XXX,XX +XXX,XX @@ static uint64_t arm_casq_ptw(CPUARMState *env, uint64_t old_val,
         }
     }
     if (!locked) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 #endif
 
diff --git a/target/arm/tcg/helper-a64.c b/target/arm/tcg/helper-a64.c
index XXXXXXX..XXXXXXX 100644
--- a/target/arm/tcg/helper-a64.c
+++ b/target/arm/tcg/helper-a64.c
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc)
         goto illegal_return;
     }
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     arm_call_pre_el_change_hook(env_archcpu(env));
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     if (!return_to_aa64) {
         env->aarch64 = false;
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc)
      */
     aarch64_sve_change_el(env, cur_el, new_el, return_to_aa64);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     arm_call_el_change_hook(env_archcpu(env));
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     return;
 
diff --git a/target/arm/tcg/m_helper.c b/target/arm/tcg/m_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/arm/tcg/m_helper.c
+++ b/target/arm/tcg/m_helper.c
@@ -XXX,XX +XXX,XX @@ void HELPER(v7m_preserve_fp_state)(CPUARMState *env)
     bool ts = is_secure && (env->v7m.fpccr[M_REG_S] & R_V7M_FPCCR_TS_MASK);
     bool take_exception;
 
-    /* Take the iothread lock as we are going to touch the NVIC */
-    qemu_mutex_lock_iothread();
+    /* Take the BQL as we are going to touch the NVIC */
+    bql_lock();
 
     /* Check the background context had access to the FPU */
     if (!v7m_cpacr_pass(env, is_secure, is_priv)) {
@@ -XXX,XX +XXX,XX @@ void HELPER(v7m_preserve_fp_state)(CPUARMState *env)
     take_exception = !stacked_ok &&
         armv7m_nvic_can_take_pending_exception(env->nvic);
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     if (take_exception) {
         raise_exception_ra(env, EXCP_LAZYFP, 0, 1, GETPC());
diff --git a/target/arm/tcg/op_helper.c b/target/arm/tcg/op_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/arm/tcg/op_helper.c
+++ b/target/arm/tcg/op_helper.c
@@ -XXX,XX +XXX,XX @@ void HELPER(cpsr_write_eret)(CPUARMState *env, uint32_t val)
 {
     uint32_t mask;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     arm_call_pre_el_change_hook(env_archcpu(env));
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     mask = aarch32_cpsr_valid_mask(env->features, &env_archcpu(env)->isar);
     cpsr_write(env, val, mask, CPSRWriteExceptionReturn);
@@ -XXX,XX +XXX,XX @@ void HELPER(cpsr_write_eret)(CPUARMState *env, uint32_t val)
     env->regs[15] &= (env->thumb ? ~1 : ~3);
     arm_rebuild_hflags(env);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     arm_call_el_change_hook(env_archcpu(env));
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 /* Access to user mode registers from privileged modes.  */
@@ -XXX,XX +XXX,XX @@ void HELPER(set_cp_reg)(CPUARMState *env, const void *rip, uint32_t value)
     const ARMCPRegInfo *ri = rip;
 
     if (ri->type & ARM_CP_IO) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
         ri->writefn(env, ri, value);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     } else {
         ri->writefn(env, ri, value);
     }
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(get_cp_reg)(CPUARMState *env, const void *rip)
     uint32_t res;
 
     if (ri->type & ARM_CP_IO) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
         res = ri->readfn(env, ri);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     } else {
         res = ri->readfn(env, ri);
     }
@@ -XXX,XX +XXX,XX @@ void HELPER(set_cp_reg64)(CPUARMState *env, const void *rip, uint64_t value)
     const ARMCPRegInfo *ri = rip;
 
     if (ri->type & ARM_CP_IO) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
         ri->writefn(env, ri, value);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     } else {
         ri->writefn(env, ri, value);
     }
@@ -XXX,XX +XXX,XX @@ uint64_t HELPER(get_cp_reg64)(CPUARMState *env, const void *rip)
     uint64_t res;
 
     if (ri->type & ARM_CP_IO) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
         res = ri->readfn(env, ri);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     } else {
         res = ri->readfn(env, ri);
     }
diff --git a/target/arm/tcg/psci.c b/target/arm/tcg/psci.c
index XXXXXXX..XXXXXXX 100644
--- a/target/arm/tcg/psci.c
+++ b/target/arm/tcg/psci.c
@@ -XXX,XX +XXX,XX @@ void arm_handle_psci_call(ARMCPU *cpu)
             }
             target_cpu = ARM_CPU(target_cpu_state);
 
-            g_assert(qemu_mutex_iothread_locked());
+            g_assert(bql_locked());
             ret = target_cpu->power_state;
             break;
         default:
diff --git a/target/hppa/int_helper.c b/target/hppa/int_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/hppa/int_helper.c
+++ b/target/hppa/int_helper.c
@@ -XXX,XX +XXX,XX @@ void hppa_cpu_alarm_timer(void *opaque)
 void HELPER(write_eirr)(CPUHPPAState *env, target_ulong val)
 {
     env->cr[CR_EIRR] &= ~val;
-    qemu_mutex_lock_iothread();
+    bql_lock();
     eval_interrupt(env_archcpu(env));
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(write_eiem)(CPUHPPAState *env, target_ulong val)
 {
     env->cr[CR_EIEM] = val;
-    qemu_mutex_lock_iothread();
+    bql_lock();
     eval_interrupt(env_archcpu(env));
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void hppa_cpu_do_interrupt(CPUState *cs)
diff --git a/target/i386/hvf/hvf.c b/target/i386/hvf/hvf.c
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/hvf/hvf.c
+++ b/target/i386/hvf/hvf.c
@@ -XXX,XX +XXX,XX @@ int hvf_vcpu_exec(CPUState *cpu)
         }
         vmx_update_tpr(cpu);
 
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         if (!cpu_is_bsp(X86_CPU(cpu)) && cpu->halted) {
-            qemu_mutex_lock_iothread();
+            bql_lock();
             return EXCP_HLT;
         }
 
@@ -XXX,XX +XXX,XX @@ int hvf_vcpu_exec(CPUState *cpu)
         rip = rreg(cpu->accel->fd, HV_X86_RIP);
         env->eflags = rreg(cpu->accel->fd, HV_X86_RFLAGS);
 
-        qemu_mutex_lock_iothread();
+        bql_lock();
 
         update_apic_tpr(cpu);
         current_cpu = cpu;
diff --git a/target/i386/kvm/hyperv.c b/target/i386/kvm/hyperv.c
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/kvm/hyperv.c
+++ b/target/i386/kvm/hyperv.c
@@ -XXX,XX +XXX,XX @@ void hyperv_x86_synic_update(X86CPU *cpu)
 
 static void async_synic_update(CPUState *cs, run_on_cpu_data data)
 {
-    qemu_mutex_lock_iothread();
+    bql_lock();
     hyperv_x86_synic_update(X86_CPU(cs));
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 int kvm_hv_handle_exit(X86CPU *cpu, struct kvm_hyperv_exit *exit)
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -XXX,XX +XXX,XX @@ void kvm_arch_pre_run(CPUState *cpu, struct kvm_run *run)
     /* Inject NMI */
     if (cpu->interrupt_request & (CPU_INTERRUPT_NMI | CPU_INTERRUPT_SMI)) {
         if (cpu->interrupt_request & CPU_INTERRUPT_NMI) {
-            qemu_mutex_lock_iothread();
+            bql_lock();
             cpu->interrupt_request &= ~CPU_INTERRUPT_NMI;
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             DPRINTF("injected NMI\n");
             ret = kvm_vcpu_ioctl(cpu, KVM_NMI);
             if (ret < 0) {
@@ -XXX,XX +XXX,XX @@ void kvm_arch_pre_run(CPUState *cpu, struct kvm_run *run)
             }
         }
         if (cpu->interrupt_request & CPU_INTERRUPT_SMI) {
-            qemu_mutex_lock_iothread();
+            bql_lock();
             cpu->interrupt_request &= ~CPU_INTERRUPT_SMI;
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             DPRINTF("injected SMI\n");
             ret = kvm_vcpu_ioctl(cpu, KVM_SMI);
             if (ret < 0) {
@@ -XXX,XX +XXX,XX @@ void kvm_arch_pre_run(CPUState *cpu, struct kvm_run *run)
     }
 
     if (!kvm_pic_in_kernel()) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
     }
 
     /* Force the VCPU out of its inner loop to process any INIT requests
@@ -XXX,XX +XXX,XX @@ void kvm_arch_pre_run(CPUState *cpu, struct kvm_run *run)
         DPRINTF("setting tpr\n");
         run->cr8 = cpu_get_apic_tpr(x86_cpu->apic_state);
 
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 }
 
@@ -XXX,XX +XXX,XX @@ MemTxAttrs kvm_arch_post_run(CPUState *cpu, struct kvm_run *run)
     /* We need to protect the apic state against concurrent accesses from
      * different threads in case the userspace irqchip is used. */
     if (!kvm_irqchip_in_kernel()) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
     }
     cpu_set_apic_tpr(x86_cpu->apic_state, run->cr8);
     cpu_set_apic_base(x86_cpu->apic_state, run->apic_base);
     if (!kvm_irqchip_in_kernel()) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
     return cpu_get_mem_attrs(env);
 }
@@ -XXX,XX +XXX,XX @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
     switch (run->exit_reason) {
     case KVM_EXIT_HLT:
         DPRINTF("handle_hlt\n");
-        qemu_mutex_lock_iothread();
+        bql_lock();
         ret = kvm_handle_halt(cpu);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         break;
     case KVM_EXIT_SET_TPR:
         ret = 0;
         break;
     case KVM_EXIT_TPR_ACCESS:
-        qemu_mutex_lock_iothread();
+        bql_lock();
         ret = kvm_handle_tpr_access(cpu);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         break;
     case KVM_EXIT_FAIL_ENTRY:
         code = run->fail_entry.hardware_entry_failure_reason;
@@ -XXX,XX +XXX,XX @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
         break;
     case KVM_EXIT_DEBUG:
         DPRINTF("kvm_exit_debug\n");
-        qemu_mutex_lock_iothread();
+        bql_lock();
         ret = kvm_handle_debug(cpu, &run->debug.arch);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         break;
     case KVM_EXIT_HYPERV:
         ret = kvm_hv_handle_exit(cpu, &run->hyperv);
diff --git a/target/i386/kvm/xen-emu.c b/target/i386/kvm/xen-emu.c
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/kvm/xen-emu.c
+++ b/target/i386/kvm/xen-emu.c
@@ -XXX,XX +XXX,XX @@ void kvm_xen_maybe_deassert_callback(CPUState *cs)
 
     /* If the evtchn_upcall_pending flag is cleared, turn the GSI off. */
     if (!vi->evtchn_upcall_pending) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
         /*
          * Check again now we have the lock, because it may have been
          * asserted in the interim. And we don't want to take the lock
@@ -XXX,XX +XXX,XX @@ void kvm_xen_maybe_deassert_callback(CPUState *cs)
             X86_CPU(cs)->env.xen_callback_asserted = false;
             xen_evtchn_set_callback_level(0);
         }
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 }
 
@@ -XXX,XX +XXX,XX @@ static bool handle_set_param(struct kvm_xen_exit *exit, X86CPU *cpu,
 
     switch (hp.index) {
     case HVM_PARAM_CALLBACK_IRQ:
-        qemu_mutex_lock_iothread();
+        bql_lock();
         err = xen_evtchn_set_callback_param(hp.value);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         xen_set_long_mode(exit->u.hcall.longmode);
         break;
     default:
@@ -XXX,XX +XXX,XX @@ int kvm_xen_soft_reset(void)
     CPUState *cpu;
     int err;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     trace_kvm_xen_soft_reset();
 
@@ -XXX,XX +XXX,XX @@ static int schedop_shutdown(CPUState *cs, uint64_t arg)
         break;
 
     case SHUTDOWN_soft_reset:
-        qemu_mutex_lock_iothread();
+        bql_lock();
         ret = kvm_xen_soft_reset();
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         break;
 
     default:
diff --git a/target/i386/nvmm/nvmm-accel-ops.c b/target/i386/nvmm/nvmm-accel-ops.c
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/nvmm/nvmm-accel-ops.c
+++ b/target/i386/nvmm/nvmm-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void *qemu_nvmm_cpu_thread_fn(void *arg)
 
     rcu_register_thread();
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     qemu_thread_get_self(cpu->thread);
     cpu->thread_id = qemu_get_thread_id();
     current_cpu = cpu;
@@ -XXX,XX +XXX,XX @@ static void *qemu_nvmm_cpu_thread_fn(void *arg)
 
     nvmm_destroy_vcpu(cpu);
     cpu_thread_signal_destroyed(cpu);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     rcu_unregister_thread();
     return NULL;
 }
diff --git a/target/i386/nvmm/nvmm-all.c b/target/i386/nvmm/nvmm-all.c
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/nvmm/nvmm-all.c
+++ b/target/i386/nvmm/nvmm-all.c
@@ -XXX,XX +XXX,XX @@ nvmm_vcpu_pre_run(CPUState *cpu)
     uint8_t tpr;
     int ret;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     tpr = cpu_get_apic_tpr(x86_cpu->apic_state);
     if (tpr != qcpu->tpr) {
@@ -XXX,XX +XXX,XX @@ nvmm_vcpu_pre_run(CPUState *cpu)
         }
     }
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 /*
@@ -XXX,XX +XXX,XX @@ nvmm_vcpu_post_run(CPUState *cpu, struct nvmm_vcpu_exit *exit)
     tpr = exit->exitstate.cr8;
     if (qcpu->tpr != tpr) {
         qcpu->tpr = tpr;
-        qemu_mutex_lock_iothread();
+        bql_lock();
         cpu_set_apic_tpr(x86_cpu->apic_state, qcpu->tpr);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 }
 
@@ -XXX,XX +XXX,XX @@ nvmm_handle_halted(struct nvmm_machine *mach, CPUState *cpu,
     CPUX86State *env = cpu_env(cpu);
     int ret = 0;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     if (!((cpu->interrupt_request & CPU_INTERRUPT_HARD) &&
           (env->eflags & IF_MASK)) &&
@@ -XXX,XX +XXX,XX @@ nvmm_handle_halted(struct nvmm_machine *mach, CPUState *cpu,
         ret = 1;
     }
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     return ret;
 }
@@ -XXX,XX +XXX,XX @@ nvmm_vcpu_loop(CPUState *cpu)
         return 0;
     }
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     cpu_exec_start(cpu);
 
     /*
@@ -XXX,XX +XXX,XX @@ nvmm_vcpu_loop(CPUState *cpu)
             error_report("NVMM: Unexpected VM exit code 0x%lx [hw=0x%lx]",
                 exit->reason, exit->u.inv.hwcode);
             nvmm_get_registers(cpu);
-            qemu_mutex_lock_iothread();
+            bql_lock();
             qemu_system_guest_panicked(cpu_get_crash_info(cpu));
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             ret = -1;
             break;
         }
     } while (ret == 0);
 
     cpu_exec_end(cpu);
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     qatomic_set(&cpu->exit_request, false);
 
diff --git a/target/i386/tcg/sysemu/fpu_helper.c b/target/i386/tcg/sysemu/fpu_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/tcg/sysemu/fpu_helper.c
+++ b/target/i386/tcg/sysemu/fpu_helper.c
@@ -XXX,XX +XXX,XX @@ void x86_register_ferr_irq(qemu_irq irq)
 void fpu_check_raise_ferr_irq(CPUX86State *env)
 {
     if (ferr_irq && !(env->hflags2 & HF2_IGNNE_MASK)) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
         qemu_irq_raise(ferr_irq);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         return;
     }
 }
@@ -XXX,XX +XXX,XX @@ void cpu_set_ignne(void)
 {
     CPUX86State *env = &X86_CPU(first_cpu)->env;
 
-    assert(qemu_mutex_iothread_locked());
+    assert(bql_locked());
 
     env->hflags2 |= HF2_IGNNE_MASK;
     /*
diff --git a/target/i386/tcg/sysemu/misc_helper.c b/target/i386/tcg/sysemu/misc_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/tcg/sysemu/misc_helper.c
+++ b/target/i386/tcg/sysemu/misc_helper.c
@@ -XXX,XX +XXX,XX @@ void helper_write_crN(CPUX86State *env, int reg, target_ulong t0)
         break;
     case 8:
         if (!(env->hflags2 & HF2_VINTR_MASK)) {
-            qemu_mutex_lock_iothread();
+            bql_lock();
             cpu_set_apic_tpr(env_archcpu(env)->apic_state, t0);
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
         }
         env->int_ctl = (env->int_ctl & ~V_TPR_MASK) | (t0 & V_TPR_MASK);
 
diff --git a/target/i386/whpx/whpx-accel-ops.c b/target/i386/whpx/whpx-accel-ops.c
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/whpx/whpx-accel-ops.c
+++ b/target/i386/whpx/whpx-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void *whpx_cpu_thread_fn(void *arg)
 
     rcu_register_thread();
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     qemu_thread_get_self(cpu->thread);
     cpu->thread_id = qemu_get_thread_id();
     current_cpu = cpu;
@@ -XXX,XX +XXX,XX @@ static void *whpx_cpu_thread_fn(void *arg)
 
     whpx_destroy_vcpu(cpu);
     cpu_thread_signal_destroyed(cpu);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     rcu_unregister_thread();
     return NULL;
 }
diff --git a/target/i386/whpx/whpx-all.c b/target/i386/whpx/whpx-all.c
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/whpx/whpx-all.c
+++ b/target/i386/whpx/whpx-all.c
@@ -XXX,XX +XXX,XX @@ static int whpx_first_vcpu_starting(CPUState *cpu)
     struct whpx_state *whpx = &whpx_global;
     HRESULT hr;
 
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
 
     if (!QTAILQ_EMPTY(&cpu->breakpoints) ||
             (whpx->breakpoints.breakpoints &&
@@ -XXX,XX +XXX,XX @@ static int whpx_handle_halt(CPUState *cpu)
     CPUX86State *env = cpu_env(cpu);
     int ret = 0;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     if (!((cpu->interrupt_request & CPU_INTERRUPT_HARD) &&
           (env->eflags & IF_MASK)) &&
         !(cpu->interrupt_request & CPU_INTERRUPT_NMI)) {
@@ -XXX,XX +XXX,XX @@ static int whpx_handle_halt(CPUState *cpu)
         cpu->halted = true;
         ret = 1;
     }
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     return ret;
 }
@@ -XXX,XX +XXX,XX @@ static void whpx_vcpu_pre_run(CPUState *cpu)
     memset(&new_int, 0, sizeof(new_int));
     memset(reg_values, 0, sizeof(reg_values));
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     /* Inject NMI */
     if (!vcpu->interruption_pending &&
@@ -XXX,XX +XXX,XX @@ static void whpx_vcpu_pre_run(CPUState *cpu)
         reg_count += 1;
     }
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     vcpu->ready_for_pic_interrupt = false;
 
     if (reg_count) {
@@ -XXX,XX +XXX,XX @@ static void whpx_vcpu_post_run(CPUState *cpu)
     uint64_t tpr = vcpu->exit_ctx.VpContext.Cr8;
     if (vcpu->tpr != tpr) {
         vcpu->tpr = tpr;
-        qemu_mutex_lock_iothread();
+        bql_lock();
         cpu_set_apic_tpr(x86_cpu->apic_state, whpx_cr8_to_apic_tpr(vcpu->tpr));
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 
     vcpu->interruption_pending =
@@ -XXX,XX +XXX,XX @@ static int whpx_vcpu_run(CPUState *cpu)
     WhpxStepMode exclusive_step_mode = WHPX_STEP_NONE;
     int ret;
 
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
 
     if (whpx->running_cpus++ == 0) {
         /* Insert breakpoints into memory, update exception exit bitmap. */
@@ -XXX,XX +XXX,XX @@ static int whpx_vcpu_run(CPUState *cpu)
         }
     }
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     if (exclusive_step_mode != WHPX_STEP_NONE) {
         start_exclusive();
@@ -XXX,XX +XXX,XX @@ static int whpx_vcpu_run(CPUState *cpu)
             error_report("WHPX: Unexpected VP exit code %d",
                          vcpu->exit_ctx.ExitReason);
             whpx_get_registers(cpu);
-            qemu_mutex_lock_iothread();
+            bql_lock();
             qemu_system_guest_panicked(cpu_get_crash_info(cpu));
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             break;
         }
 
@@ -XXX,XX +XXX,XX @@ static int whpx_vcpu_run(CPUState *cpu)
         cpu_exec_end(cpu);
     }
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     current_cpu = cpu;
 
     if (--whpx->running_cpus == 0) {
diff --git a/target/loongarch/tcg/csr_helper.c b/target/loongarch/tcg/csr_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/loongarch/tcg/csr_helper.c
+++ b/target/loongarch/tcg/csr_helper.c
@@ -XXX,XX +XXX,XX @@ target_ulong helper_csrwr_ticlr(CPULoongArchState *env, target_ulong val)
     int64_t old_v = 0;
 
     if (val & 0x1) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
         loongarch_cpu_set_irq(cpu, IRQ_TIMER, 0);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
     return old_v;
 }
diff --git a/target/mips/kvm.c b/target/mips/kvm.c
index XXXXXXX..XXXXXXX 100644
--- a/target/mips/kvm.c
+++ b/target/mips/kvm.c
@@ -XXX,XX +XXX,XX @@ void kvm_arch_pre_run(CPUState *cs, struct kvm_run *run)
     int r;
     struct kvm_mips_interrupt intr;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     if ((cs->interrupt_request & CPU_INTERRUPT_HARD) &&
             cpu_mips_io_interrupts_pending(cpu)) {
@@ -XXX,XX +XXX,XX @@ void kvm_arch_pre_run(CPUState *cs, struct kvm_run *run)
         }
     }
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
diff --git a/target/mips/tcg/sysemu/cp0_helper.c b/target/mips/tcg/sysemu/cp0_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/mips/tcg/sysemu/cp0_helper.c
+++ b/target/mips/tcg/sysemu/cp0_helper.c
@@ -XXX,XX +XXX,XX @@ static inline void mips_vpe_wake(MIPSCPU *c)
      * because there might be other conditions that state that c should
      * be sleeping.
      */
-    qemu_mutex_lock_iothread();
+    bql_lock();
     cpu_interrupt(CPU(c), CPU_INTERRUPT_WAKE);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 static inline void mips_vpe_sleep(MIPSCPU *cpu)
diff --git a/target/openrisc/sys_helper.c b/target/openrisc/sys_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/openrisc/sys_helper.c
+++ b/target/openrisc/sys_helper.c
@@ -XXX,XX +XXX,XX @@ void HELPER(mtspr)(CPUOpenRISCState *env, target_ulong spr, target_ulong rb)
         break;
     case TO_SPR(9, 0):  /* PICMR */
         env->picmr = rb;
-        qemu_mutex_lock_iothread();
+        bql_lock();
         if (env->picsr & env->picmr) {
             cpu_interrupt(cs, CPU_INTERRUPT_HARD);
         } else {
             cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD);
         }
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         break;
     case TO_SPR(9, 2):  /* PICSR */
         env->picsr &= ~rb;
         break;
     case TO_SPR(10, 0): /* TTMR */
         {
-            qemu_mutex_lock_iothread();
+            bql_lock();
             if ((env->ttmr & TTMR_M) ^ (rb & TTMR_M)) {
                 switch (rb & TTMR_M) {
                 case TIMER_NONE:
@@ -XXX,XX +XXX,XX @@ void HELPER(mtspr)(CPUOpenRISCState *env, target_ulong spr, target_ulong rb)
                 cs->interrupt_request &= ~CPU_INTERRUPT_TIMER;
             }
             cpu_openrisc_timer_update(cpu);
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
         }
         break;
 
     case TO_SPR(10, 1): /* TTCR */
-        qemu_mutex_lock_iothread();
+        bql_lock();
         cpu_openrisc_count_set(cpu, rb);
         cpu_openrisc_timer_update(cpu);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         break;
     }
 #endif
@@ -XXX,XX +XXX,XX @@ target_ulong HELPER(mfspr)(CPUOpenRISCState *env, target_ulong rd,
         return env->ttmr;
 
     case TO_SPR(10, 1): /* TTCR */
-        qemu_mutex_lock_iothread();
+        bql_lock();
         cpu_openrisc_count_update(cpu);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         return cpu_openrisc_count_get(cpu);
     }
 #endif
diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/ppc/excp_helper.c
+++ b/target/ppc/excp_helper.c
@@ -XXX,XX +XXX,XX @@ void helper_msgsnd(target_ulong rb)
         return;
     }
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     CPU_FOREACH(cs) {
         PowerPCCPU *cpu = POWERPC_CPU(cs);
         CPUPPCState *cenv = &cpu->env;
@@ -XXX,XX +XXX,XX @@ void helper_msgsnd(target_ulong rb)
             ppc_set_irq(cpu, irq, 1);
         }
     }
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 /* Server Processor Control */
@@ -XXX,XX +XXX,XX @@ static void book3s_msgsnd_common(int pir, int irq)
 {
     CPUState *cs;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     CPU_FOREACH(cs) {
         PowerPCCPU *cpu = POWERPC_CPU(cs);
         CPUPPCState *cenv = &cpu->env;
@@ -XXX,XX +XXX,XX @@ static void book3s_msgsnd_common(int pir, int irq)
             ppc_set_irq(cpu, irq, 1);
         }
     }
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void helper_book3s_msgsnd(target_ulong rb)
@@ -XXX,XX +XXX,XX @@ void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb)
     }
 
     /* Does iothread need to be locked for walking CPU list? */
-    qemu_mutex_lock_iothread();
+    bql_lock();
     THREAD_SIBLING_FOREACH(cs, ccs) {
         PowerPCCPU *ccpu = POWERPC_CPU(ccs);
         uint32_t thread_id = ppc_cpu_tir(ccpu);
 
         if (ttir == thread_id) {
             ppc_set_irq(ccpu, PPC_INTERRUPT_DOORBELL, 1);
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             return;
         }
     }
diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c
index XXXXXXX..XXXXXXX 100644
--- a/target/ppc/kvm.c
+++ b/target/ppc/kvm.c
@@ -XXX,XX +XXX,XX @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
     CPUPPCState *env = &cpu->env;
     int ret;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     switch (run->exit_reason) {
     case KVM_EXIT_DCR:
@@ -XXX,XX +XXX,XX @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
         break;
     }
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     return ret;
 }
 
diff --git a/target/ppc/misc_helper.c b/target/ppc/misc_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/ppc/misc_helper.c
+++ b/target/ppc/misc_helper.c
@@ -XXX,XX +XXX,XX @@ target_ulong helper_load_dpdes(CPUPPCState *env)
         return dpdes;
     }
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     THREAD_SIBLING_FOREACH(cs, ccs) {
         PowerPCCPU *ccpu = POWERPC_CPU(ccs);
         CPUPPCState *cenv = &ccpu->env;
@@ -XXX,XX +XXX,XX @@ target_ulong helper_load_dpdes(CPUPPCState *env)
             dpdes |= (0x1 << thread_id);
         }
     }
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     return dpdes;
 }
@@ -XXX,XX +XXX,XX @@ void helper_store_dpdes(CPUPPCState *env, target_ulong val)
     }
 
     /* Does iothread need to be locked for walking CPU list? */
-    qemu_mutex_lock_iothread();
+    bql_lock();
     THREAD_SIBLING_FOREACH(cs, ccs) {
         PowerPCCPU *ccpu = POWERPC_CPU(ccs);
         uint32_t thread_id = ppc_cpu_tir(ccpu);
 
         ppc_set_irq(cpu, PPC_INTERRUPT_DOORBELL, val & (0x1 << thread_id));
     }
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 #endif /* defined(TARGET_PPC64) */
 
diff --git a/target/ppc/timebase_helper.c b/target/ppc/timebase_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/ppc/timebase_helper.c
+++ b/target/ppc/timebase_helper.c
@@ -XXX,XX +XXX,XX @@ target_ulong helper_load_dcr(CPUPPCState *env, target_ulong dcrn)
     } else {
         int ret;
 
-        qemu_mutex_lock_iothread();
+        bql_lock();
         ret = ppc_dcr_read(env->dcr_env, (uint32_t)dcrn, &val);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         if (unlikely(ret != 0)) {
             qemu_log_mask(LOG_GUEST_ERROR, "DCR read error %d %03x\n",
                           (uint32_t)dcrn, (uint32_t)dcrn);
@@ -XXX,XX +XXX,XX @@ void helper_store_dcr(CPUPPCState *env, target_ulong dcrn, target_ulong val)
                                POWERPC_EXCP_INVAL_INVAL, GETPC());
     } else {
         int ret;
-        qemu_mutex_lock_iothread();
+        bql_lock();
         ret = ppc_dcr_write(env->dcr_env, (uint32_t)dcrn, (uint32_t)val);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         if (unlikely(ret != 0)) {
             qemu_log_mask(LOG_GUEST_ERROR, "DCR write error %d %03x\n",
                           (uint32_t)dcrn, (uint32_t)dcrn);
diff --git a/target/s390x/kvm/kvm.c b/target/s390x/kvm/kvm.c
index XXXXXXX..XXXXXXX 100644
--- a/target/s390x/kvm/kvm.c
+++ b/target/s390x/kvm/kvm.c
@@ -XXX,XX +XXX,XX @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
     S390CPU *cpu = S390_CPU(cs);
     int ret = 0;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     kvm_cpu_synchronize_state(cs);
 
@@ -XXX,XX +XXX,XX @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
             fprintf(stderr, "Unknown KVM exit: %d\n", run->exit_reason);
             break;
     }
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     if (ret == 0) {
         ret = EXCP_INTERRUPT;
diff --git a/target/s390x/tcg/misc_helper.c b/target/s390x/tcg/misc_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/s390x/tcg/misc_helper.c
+++ b/target/s390x/tcg/misc_helper.c
@@ -XXX,XX +XXX,XX @@ uint64_t HELPER(stck)(CPUS390XState *env)
 /* SCLP service call */
 uint32_t HELPER(servc)(CPUS390XState *env, uint64_t r1, uint64_t r2)
 {
-    qemu_mutex_lock_iothread();
+    bql_lock();
     int r = sclp_service_call(env_archcpu(env), r1, r2);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     if (r < 0) {
         tcg_s390_program_interrupt(env, -r, GETPC());
     }
@@ -XXX,XX +XXX,XX @@ void HELPER(diag)(CPUS390XState *env, uint32_t r1, uint32_t r3, uint32_t num)
     switch (num) {
     case 0x500:
         /* KVM hypercall */
-        qemu_mutex_lock_iothread();
+        bql_lock();
         r = s390_virtio_hypercall(env);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         break;
     case 0x44:
         /* yield */
@@ -XXX,XX +XXX,XX @@ void HELPER(diag)(CPUS390XState *env, uint32_t r1, uint32_t r3, uint32_t num)
         break;
     case 0x308:
         /* ipl */
-        qemu_mutex_lock_iothread();
+        bql_lock();
         handle_diag_308(env, r1, r3, GETPC());
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         r = 0;
         break;
     case 0x288:
@@ -XXX,XX +XXX,XX @@ static void update_ckc_timer(CPUS390XState *env)
 
     /* stop the timer and remove pending CKC IRQs */
     timer_del(env->tod_timer);
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
     env->pending_int &= ~INTERRUPT_EXT_CLOCK_COMPARATOR;
 
     /* the tod has to exceed the ckc, this can never happen if ckc is all 1's */
@@ -XXX,XX +XXX,XX @@ void HELPER(sckc)(CPUS390XState *env, uint64_t ckc)
 {
     env->ckc = ckc;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     update_ckc_timer(env);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void tcg_s390_tod_updated(CPUState *cs, run_on_cpu_data opaque)
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(sck)(CPUS390XState *env, uint64_t tod_low)
         .low = tod_low,
     };
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     tdc->set(td, &tod, &error_abort);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     return 0;
 }
 
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(sigp)(CPUS390XState *env, uint64_t order_code, uint32_t r1,
     int cc;
 
     /* TODO: needed to inject interrupts  - push further down */
-    qemu_mutex_lock_iothread();
+    bql_lock();
     cc = handle_sigp(env, order_code & SIGP_ORDER_MASK, r1, r3);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     return cc;
 }
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(sigp)(CPUS390XState *env, uint64_t order_code, uint32_t r1,
 void HELPER(xsch)(CPUS390XState *env, uint64_t r1)
 {
     S390CPU *cpu = env_archcpu(env);
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ioinst_handle_xsch(cpu, r1, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(csch)(CPUS390XState *env, uint64_t r1)
 {
     S390CPU *cpu = env_archcpu(env);
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ioinst_handle_csch(cpu, r1, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(hsch)(CPUS390XState *env, uint64_t r1)
 {
     S390CPU *cpu = env_archcpu(env);
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ioinst_handle_hsch(cpu, r1, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(msch)(CPUS390XState *env, uint64_t r1, uint64_t inst)
 {
     S390CPU *cpu = env_archcpu(env);
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ioinst_handle_msch(cpu, r1, inst >> 16, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(rchp)(CPUS390XState *env, uint64_t r1)
 {
     S390CPU *cpu = env_archcpu(env);
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ioinst_handle_rchp(cpu, r1, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(rsch)(CPUS390XState *env, uint64_t r1)
 {
     S390CPU *cpu = env_archcpu(env);
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ioinst_handle_rsch(cpu, r1, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(sal)(CPUS390XState *env, uint64_t r1)
 {
     S390CPU *cpu = env_archcpu(env);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ioinst_handle_sal(cpu, r1, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(schm)(CPUS390XState *env, uint64_t r1, uint64_t r2, uint64_t inst)
 {
     S390CPU *cpu = env_archcpu(env);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ioinst_handle_schm(cpu, r1, r2, inst >> 16, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(ssch)(CPUS390XState *env, uint64_t r1, uint64_t inst)
 {
     S390CPU *cpu = env_archcpu(env);
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ioinst_handle_ssch(cpu, r1, inst >> 16, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(stcrw)(CPUS390XState *env, uint64_t inst)
 {
     S390CPU *cpu = env_archcpu(env);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ioinst_handle_stcrw(cpu, inst >> 16, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(stsch)(CPUS390XState *env, uint64_t r1, uint64_t inst)
 {
     S390CPU *cpu = env_archcpu(env);
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ioinst_handle_stsch(cpu, r1, inst >> 16, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 uint32_t HELPER(tpi)(CPUS390XState *env, uint64_t addr)
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(tpi)(CPUS390XState *env, uint64_t addr)
         tcg_s390_program_interrupt(env, PGM_SPECIFICATION, ra);
     }
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     io = qemu_s390_flic_dequeue_io(flic, env->cregs[6]);
     if (!io) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
         return 0;
     }
 
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(tpi)(CPUS390XState *env, uint64_t addr)
         if (s390_cpu_virt_mem_write(cpu, addr, 0, &intc, sizeof(intc))) {
             /* writing failed, reinject and properly clean up */
             s390_io_interrupt(io->id, io->nr, io->parm, io->word);
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             g_free(io);
             s390_cpu_virt_mem_handle_exc(cpu, ra);
             return 0;
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(tpi)(CPUS390XState *env, uint64_t addr)
     }
 
     g_free(io);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     return 1;
 }
 
 void HELPER(tsch)(CPUS390XState *env, uint64_t r1, uint64_t inst)
 {
     S390CPU *cpu = env_archcpu(env);
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ioinst_handle_tsch(cpu, r1, inst >> 16, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(chsc)(CPUS390XState *env, uint64_t inst)
 {
     S390CPU *cpu = env_archcpu(env);
-    qemu_mutex_lock_iothread();
+    bql_lock();
     ioinst_handle_chsc(cpu, inst >> 16, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 #endif
 
@@ -XXX,XX +XXX,XX @@ void HELPER(clp)(CPUS390XState *env, uint32_t r2)
 {
     S390CPU *cpu = env_archcpu(env);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     clp_service_call(cpu, r2, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(pcilg)(CPUS390XState *env, uint32_t r1, uint32_t r2)
 {
     S390CPU *cpu = env_archcpu(env);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     pcilg_service_call(cpu, r1, r2, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(pcistg)(CPUS390XState *env, uint32_t r1, uint32_t r2)
 {
     S390CPU *cpu = env_archcpu(env);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     pcistg_service_call(cpu, r1, r2, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(stpcifc)(CPUS390XState *env, uint32_t r1, uint64_t fiba,
@@ -XXX,XX +XXX,XX @@ void HELPER(stpcifc)(CPUS390XState *env, uint32_t r1, uint64_t fiba,
 {
     S390CPU *cpu = env_archcpu(env);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     stpcifc_service_call(cpu, r1, fiba, ar, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(sic)(CPUS390XState *env, uint64_t r1, uint64_t r3)
@@ -XXX,XX +XXX,XX @@ void HELPER(sic)(CPUS390XState *env, uint64_t r1, uint64_t r3)
     S390CPU *cpu = env_archcpu(env);
     int r;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     r = css_do_sic(cpu, (r3 >> 27) & 0x7, r1 & 0xffff);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     /* css_do_sic() may actually return a PGM_xxx value to inject */
     if (r) {
         tcg_s390_program_interrupt(env, -r, GETPC());
@@ -XXX,XX +XXX,XX @@ void HELPER(rpcit)(CPUS390XState *env, uint32_t r1, uint32_t r2)
 {
     S390CPU *cpu = env_archcpu(env);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     rpcit_service_call(cpu, r1, r2, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(pcistb)(CPUS390XState *env, uint32_t r1, uint32_t r3,
@@ -XXX,XX +XXX,XX @@ void HELPER(pcistb)(CPUS390XState *env, uint32_t r1, uint32_t r3,
 {
     S390CPU *cpu = env_archcpu(env);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     pcistb_service_call(cpu, r1, r3, gaddr, ar, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(mpcifc)(CPUS390XState *env, uint32_t r1, uint64_t fiba,
@@ -XXX,XX +XXX,XX @@ void HELPER(mpcifc)(CPUS390XState *env, uint32_t r1, uint64_t fiba,
 {
     S390CPU *cpu = env_archcpu(env);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     mpcifc_service_call(cpu, r1, fiba, ar, GETPC());
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 #endif
diff --git a/target/sparc/int32_helper.c b/target/sparc/int32_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/sparc/int32_helper.c
+++ b/target/sparc/int32_helper.c
@@ -XXX,XX +XXX,XX @@ void cpu_check_irqs(CPUSPARCState *env)
     CPUState *cs;
 
     /* We should be holding the BQL before we mess with IRQs */
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
 
     if (env->pil_in && (env->interrupt_index == 0 ||
                         (env->interrupt_index & ~15) == TT_EXTINT)) {
diff --git a/target/sparc/int64_helper.c b/target/sparc/int64_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/sparc/int64_helper.c
+++ b/target/sparc/int64_helper.c
@@ -XXX,XX +XXX,XX @@ void cpu_check_irqs(CPUSPARCState *env)
                   (env->softint & ~(SOFTINT_TIMER | SOFTINT_STIMER));
 
     /* We should be holding the BQL before we mess with IRQs */
-    g_assert(qemu_mutex_iothread_locked());
+    g_assert(bql_locked());
 
     /* TT_IVEC has a higher priority (16) than TT_EXTINT (31..17) */
     if (env->ivec_status & 0x20) {
@@ -XXX,XX +XXX,XX @@ static bool do_modify_softint(CPUSPARCState *env, uint32_t value)
         env->softint = value;
 #if !defined(CONFIG_USER_ONLY)
         if (cpu_interrupts_enabled(env)) {
-            qemu_mutex_lock_iothread();
+            bql_lock();
             cpu_check_irqs(env);
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
         }
 #endif
         return true;
diff --git a/target/sparc/win_helper.c b/target/sparc/win_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/sparc/win_helper.c
+++ b/target/sparc/win_helper.c
@@ -XXX,XX +XXX,XX @@ void helper_wrpsr(CPUSPARCState *env, target_ulong new_psr)
         cpu_raise_exception_ra(env, TT_ILL_INSN, GETPC());
     } else {
         /* cpu_put_psr may trigger interrupts, hence BQL */
-        qemu_mutex_lock_iothread();
+        bql_lock();
         cpu_put_psr(env, new_psr);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 }
 
@@ -XXX,XX +XXX,XX @@ void helper_wrpstate(CPUSPARCState *env, target_ulong new_state)
 
 #if !defined(CONFIG_USER_ONLY)
     if (cpu_interrupts_enabled(env)) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
         cpu_check_irqs(env);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 #endif
 }
@@ -XXX,XX +XXX,XX @@ void helper_wrpil(CPUSPARCState *env, target_ulong new_pil)
     env->psrpil = new_pil;
 
     if (cpu_interrupts_enabled(env)) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
         cpu_check_irqs(env);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 #endif
 }
@@ -XXX,XX +XXX,XX @@ void helper_done(CPUSPARCState *env)
 
 #if !defined(CONFIG_USER_ONLY)
     if (cpu_interrupts_enabled(env)) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
         cpu_check_irqs(env);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 #endif
 }
@@ -XXX,XX +XXX,XX @@ void helper_retry(CPUSPARCState *env)
 
 #if !defined(CONFIG_USER_ONLY)
     if (cpu_interrupts_enabled(env)) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
         cpu_check_irqs(env);
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 #endif
 }
diff --git a/target/xtensa/exc_helper.c b/target/xtensa/exc_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/xtensa/exc_helper.c
+++ b/target/xtensa/exc_helper.c
@@ -XXX,XX +XXX,XX @@ void HELPER(waiti)(CPUXtensaState *env, uint32_t pc, uint32_t intlevel)
     env->sregs[PS] = (env->sregs[PS] & ~PS_INTLEVEL) |
         (intlevel << PS_INTLEVEL_SHIFT);
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     check_interrupts(env);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     if (env->pending_irq_level) {
         cpu_loop_exit(cpu);
@@ -XXX,XX +XXX,XX @@ void HELPER(waiti)(CPUXtensaState *env, uint32_t pc, uint32_t intlevel)
 
 void HELPER(check_interrupts)(CPUXtensaState *env)
 {
-    qemu_mutex_lock_iothread();
+    bql_lock();
     check_interrupts(env);
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 }
 
 void HELPER(intset)(CPUXtensaState *env, uint32_t v)
diff --git a/ui/spice-core.c b/ui/spice-core.c
index XXXXXXX..XXXXXXX 100644
--- a/ui/spice-core.c
+++ b/ui/spice-core.c
@@ -XXX,XX +XXX,XX @@ static void channel_event(int event, SpiceChannelEventInfo *info)
      */
     bool need_lock = !qemu_thread_is_self(&me);
     if (need_lock) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
     }
 
     if (info->flags & SPICE_CHANNEL_EVENT_FLAG_ADDR_EXT) {
@@ -XXX,XX +XXX,XX @@ static void channel_event(int event, SpiceChannelEventInfo *info)
     }
 
     if (need_lock) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 
     qapi_free_SpiceServerInfo(server);
diff --git a/util/async.c b/util/async.c
index XXXXXXX..XXXXXXX 100644
--- a/util/async.c
+++ b/util/async.c
@@ -XXX,XX +XXX,XX @@ AioContext *qemu_get_current_aio_context(void)
     if (ctx) {
         return ctx;
     }
-    if (qemu_mutex_iothread_locked()) {
+    if (bql_locked()) {
         /* Possibly in a vCPU thread.  */
         return qemu_get_aio_context();
     }
diff --git a/util/main-loop.c b/util/main-loop.c
index XXXXXXX..XXXXXXX 100644
--- a/util/main-loop.c
+++ b/util/main-loop.c
@@ -XXX,XX +XXX,XX @@ static int os_host_main_loop_wait(int64_t timeout)
 
     glib_pollfds_fill(&timeout);
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     replay_mutex_unlock();
 
     ret = qemu_poll_ns((GPollFD *)gpollfds->data, gpollfds->len, timeout);
 
     replay_mutex_lock();
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     glib_pollfds_poll();
 
@@ -XXX,XX +XXX,XX @@ static int os_host_main_loop_wait(int64_t timeout)
 
     poll_timeout_ns = qemu_soonest_timeout(poll_timeout_ns, timeout);
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
 
     replay_mutex_unlock();
 
@@ -XXX,XX +XXX,XX @@ static int os_host_main_loop_wait(int64_t timeout)
 
     replay_mutex_lock();
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
     if (g_poll_ret > 0) {
         for (i = 0; i < w->num; i++) {
             w->revents[i] = poll_fds[n_poll_fds + i].revents;
diff --git a/util/qsp.c b/util/qsp.c
index XXXXXXX..XXXXXXX 100644
--- a/util/qsp.c
+++ b/util/qsp.c
@@ -XXX,XX +XXX,XX @@ static const char * const qsp_typenames[] = {
     [QSP_CONDVAR]   = "condvar",
 };
 
-QemuMutexLockFunc qemu_bql_mutex_lock_func = qemu_mutex_lock_impl;
+QemuMutexLockFunc bql_mutex_lock_func = qemu_mutex_lock_impl;
 QemuMutexLockFunc qemu_mutex_lock_func = qemu_mutex_lock_impl;
 QemuMutexTrylockFunc qemu_mutex_trylock_func = qemu_mutex_trylock_impl;
 QemuRecMutexLockFunc qemu_rec_mutex_lock_func = qemu_rec_mutex_lock_impl;
@@ -XXX,XX +XXX,XX @@ void qsp_enable(void)
 {
     qatomic_set(&qemu_mutex_lock_func, qsp_mutex_lock);
     qatomic_set(&qemu_mutex_trylock_func, qsp_mutex_trylock);
-    qatomic_set(&qemu_bql_mutex_lock_func, qsp_bql_mutex_lock);
+    qatomic_set(&bql_mutex_lock_func, qsp_bql_mutex_lock);
     qatomic_set(&qemu_rec_mutex_lock_func, qsp_rec_mutex_lock);
     qatomic_set(&qemu_rec_mutex_trylock_func, qsp_rec_mutex_trylock);
     qatomic_set(&qemu_cond_wait_func, qsp_cond_wait);
@@ -XXX,XX +XXX,XX @@ void qsp_disable(void)
 {
     qatomic_set(&qemu_mutex_lock_func, qemu_mutex_lock_impl);
     qatomic_set(&qemu_mutex_trylock_func, qemu_mutex_trylock_impl);
-    qatomic_set(&qemu_bql_mutex_lock_func, qemu_mutex_lock_impl);
+    qatomic_set(&bql_mutex_lock_func, qemu_mutex_lock_impl);
     qatomic_set(&qemu_rec_mutex_lock_func, qemu_rec_mutex_lock_impl);
     qatomic_set(&qemu_rec_mutex_trylock_func, qemu_rec_mutex_trylock_impl);
     qatomic_set(&qemu_cond_wait_func, qemu_cond_wait_impl);
diff --git a/util/rcu.c b/util/rcu.c
index XXXXXXX..XXXXXXX 100644
--- a/util/rcu.c
+++ b/util/rcu.c
@@ -XXX,XX +XXX,XX @@ static void *call_rcu_thread(void *opaque)
 
         qatomic_sub(&rcu_call_count, n);
         synchronize_rcu();
-        qemu_mutex_lock_iothread();
+        bql_lock();
         while (n > 0) {
             node = try_dequeue();
             while (!node) {
-                qemu_mutex_unlock_iothread();
+                bql_unlock();
                 qemu_event_reset(&rcu_call_ready_event);
                 node = try_dequeue();
                 if (!node) {
                     qemu_event_wait(&rcu_call_ready_event);
                     node = try_dequeue();
                 }
-                qemu_mutex_lock_iothread();
+                bql_lock();
             }
 
             n--;
             node->func(node);
         }
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
     abort();
 }
@@ -XXX,XX +XXX,XX @@ static void drain_rcu_callback(struct rcu_head *node)
 void drain_call_rcu(void)
 {
     struct rcu_drain rcu_drain;
-    bool locked = qemu_mutex_iothread_locked();
+    bool locked = bql_locked();
 
     memset(&rcu_drain, 0, sizeof(struct rcu_drain));
     qemu_event_init(&rcu_drain.drain_complete_event, false);
 
     if (locked) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 
 
@@ -XXX,XX +XXX,XX @@ void drain_call_rcu(void)
     qatomic_dec(&in_drain_call_rcu);
 
     if (locked) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
     }
 
 }
diff --git a/audio/coreaudio.m b/audio/coreaudio.m
index XXXXXXX..XXXXXXX 100644
--- a/audio/coreaudio.m
+++ b/audio/coreaudio.m
@@ -XXX,XX +XXX,XX @@ static OSStatus handle_voice_change(
 {
     coreaudioVoiceOut *core = in_client_data;
 
-    qemu_mutex_lock_iothread();
+    bql_lock();
 
     if (core->outputDeviceID) {
         fini_out_device(core);
@@ -XXX,XX +XXX,XX @@ static OSStatus handle_voice_change(
         update_device_playback_state(core);
     }
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     return 0;
 }
 
diff --git a/memory_ldst.c.inc b/memory_ldst.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/memory_ldst.c.inc
+++ b/memory_ldst.c.inc
@@ -XXX,XX +XXX,XX @@ static inline uint32_t glue(address_space_ldl_internal, SUFFIX)(ARG1_DECL,
         *result = r;
     }
     if (release_lock) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
     RCU_READ_UNLOCK();
     return val;
@@ -XXX,XX +XXX,XX @@ static inline uint64_t glue(address_space_ldq_internal, SUFFIX)(ARG1_DECL,
         *result = r;
     }
     if (release_lock) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
     RCU_READ_UNLOCK();
     return val;
@@ -XXX,XX +XXX,XX @@ uint8_t glue(address_space_ldub, SUFFIX)(ARG1_DECL,
         *result = r;
     }
     if (release_lock) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
     RCU_READ_UNLOCK();
     return val;
@@ -XXX,XX +XXX,XX @@ static inline uint16_t glue(address_space_lduw_internal, SUFFIX)(ARG1_DECL,
         *result = r;
     }
     if (release_lock) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
     RCU_READ_UNLOCK();
     return val;
@@ -XXX,XX +XXX,XX @@ void glue(address_space_stl_notdirty, SUFFIX)(ARG1_DECL,
         *result = r;
     }
     if (release_lock) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
     RCU_READ_UNLOCK();
 }
@@ -XXX,XX +XXX,XX @@ static inline void glue(address_space_stl_internal, SUFFIX)(ARG1_DECL,
         *result = r;
     }
     if (release_lock) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
     RCU_READ_UNLOCK();
 }
@@ -XXX,XX +XXX,XX @@ void glue(address_space_stb, SUFFIX)(ARG1_DECL,
         *result = r;
     }
     if (release_lock) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
     RCU_READ_UNLOCK();
 }
@@ -XXX,XX +XXX,XX @@ static inline void glue(address_space_stw_internal, SUFFIX)(ARG1_DECL,
         *result = r;
     }
     if (release_lock) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
     RCU_READ_UNLOCK();
 }
@@ -XXX,XX +XXX,XX @@ static void glue(address_space_stq_internal, SUFFIX)(ARG1_DECL,
         *result = r;
     }
     if (release_lock) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
     RCU_READ_UNLOCK();
 }
diff --git a/target/i386/hvf/README.md b/target/i386/hvf/README.md
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/hvf/README.md
+++ b/target/i386/hvf/README.md
@@ -XXX,XX +XXX,XX @@ These sources (and ../hvf-all.c) are adapted from Veertu Inc's vdhh (Veertu Desk
 
 1. Adapt to our current QEMU's `CPUState` structure and `address_space_rw` API; many struct members have been moved around (emulated x86 state, xsave_buf) due to historical differences + QEMU needing to handle more emulation targets.
 2. Removal of `apic_page` and hyperv-related functionality.
-3. More relaxed use of `qemu_mutex_lock_iothread`.
+3. More relaxed use of `bql_lock`.
diff --git a/ui/cocoa.m b/ui/cocoa.m
index XXXXXXX..XXXXXXX 100644
--- a/ui/cocoa.m
+++ b/ui/cocoa.m
@@ -XXX,XX +XXX,XX @@ static void cocoa_switch(DisplayChangeListener *dcl,
 typedef void (^CodeBlock)(void);
 typedef bool (^BoolCodeBlock)(void);
 
-static void with_iothread_lock(CodeBlock block)
+static void with_bql(CodeBlock block)
 {
-    bool locked = qemu_mutex_iothread_locked();
+    bool locked = bql_locked();
     if (!locked) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
     }
     block();
     if (!locked) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
 }
 
-static bool bool_with_iothread_lock(BoolCodeBlock block)
+static bool bool_with_bql(BoolCodeBlock block)
 {
-    bool locked = qemu_mutex_iothread_locked();
+    bool locked = bql_locked();
     bool val;
 
     if (!locked) {
-        qemu_mutex_lock_iothread();
+        bql_lock();
     }
     val = block();
     if (!locked) {
-        qemu_mutex_unlock_iothread();
+        bql_unlock();
     }
     return val;
 }
@@ -XXX,XX +XXX,XX @@ - (void) updateUIInfo
         return;
     }
 
-    with_iothread_lock(^{
+    with_bql(^{
         [self updateUIInfoLocked];
     });
 }
@@ -XXX,XX +XXX,XX @@ - (void) handleMonitorInput:(NSEvent *)event
 
 - (bool) handleEvent:(NSEvent *)event
 {
-    return bool_with_iothread_lock(^{
+    return bool_with_bql(^{
         return [self handleEventLocked:event];
     });
 }
@@ -XXX,XX +XXX,XX @@ - (QEMUScreen) gscreen {return screen;}
  */
 - (void) raiseAllKeys
 {
-    with_iothread_lock(^{
+    with_bql(^{
         qkbd_state_lift_all_keys(kbd);
     });
 }
@@ -XXX,XX +XXX,XX @@ - (void)applicationWillTerminate:(NSNotification *)aNotification
 {
     COCOA_DEBUG("QemuCocoaAppController: applicationWillTerminate\n");
 
-    with_iothread_lock(^{
+    with_bql(^{
         shutdown_action = SHUTDOWN_ACTION_POWEROFF;
         qemu_system_shutdown_request(SHUTDOWN_CAUSE_HOST_UI);
     });
@@ -XXX,XX +XXX,XX @@ - (void)displayConsole:(id)sender
 /* Pause the guest */
 - (void)pauseQEMU:(id)sender
 {
-    with_iothread_lock(^{
+    with_bql(^{
         qmp_stop(NULL);
     });
     [sender setEnabled: NO];
@@ -XXX,XX +XXX,XX @@ - (void)pauseQEMU:(id)sender
 /* Resume running the guest operating system */
 - (void)resumeQEMU:(id) sender
 {
-    with_iothread_lock(^{
+    with_bql(^{
         qmp_cont(NULL);
     });
     [sender setEnabled: NO];
@@ -XXX,XX +XXX,XX @@ - (void)removePause
 /* Restarts QEMU */
 - (void)restartQEMU:(id)sender
 {
-    with_iothread_lock(^{
+    with_bql(^{
         qmp_system_reset(NULL);
     });
 }
@@ -XXX,XX +XXX,XX @@ - (void)restartQEMU:(id)sender
 /* Powers down QEMU */
 - (void)powerDownQEMU:(id)sender
 {
-    with_iothread_lock(^{
+    with_bql(^{
         qmp_system_powerdown(NULL);
     });
 }
@@ -XXX,XX +XXX,XX @@ - (void)ejectDeviceMedia:(id)sender
     }
 
     __block Error *err = NULL;
-    with_iothread_lock(^{
+    with_bql(^{
         qmp_eject([drive cStringUsingEncoding: NSASCIIStringEncoding],
                   NULL, false, false, &err);
     });
@@ -XXX,XX +XXX,XX @@ - (void)changeDeviceMedia:(id)sender
         }
 
         __block Error *err = NULL;
-        with_iothread_lock(^{
+        with_bql(^{
             qmp_blockdev_change_medium([drive cStringUsingEncoding:
                                                   NSASCIIStringEncoding],
                                        NULL,
@@ -XXX,XX +XXX,XX @@ - (void)adjustSpeed:(id)sender
     // get the throttle percentage
     throttle_pct = [sender tag];
 
-    with_iothread_lock(^{
+    with_bql(^{
         cpu_throttle_set(throttle_pct);
     });
     COCOA_DEBUG("cpu throttling at %d%c\n", cpu_throttle_get_percentage(), '%');
@@ -XXX,XX +XXX,XX @@ - (void)pasteboard:(NSPasteboard *)sender provideDataForType:(NSPasteboardType)t
         return;
     }
 
-    with_iothread_lock(^{
+    with_bql(^{
         QemuClipboardInfo *info = qemu_clipboard_info_ref(cbinfo);
         qemu_event_reset(&cbevent);
         qemu_clipboard_request(info, QEMU_CLIPBOARD_TYPE_TEXT);
@@ -XXX,XX +XXX,XX @@ - (void)pasteboard:(NSPasteboard *)sender provideDataForType:(NSPasteboardType)t
         while (info == cbinfo &&
                info->types[QEMU_CLIPBOARD_TYPE_TEXT].available &&
                info->types[QEMU_CLIPBOARD_TYPE_TEXT].data == NULL) {
-            qemu_mutex_unlock_iothread();
+            bql_unlock();
             qemu_event_wait(&cbevent);
-            qemu_mutex_lock_iothread();
+            bql_lock();
         }
 
         if (info == cbinfo) {
@@ -XXX,XX +XXX,XX @@ static void cocoa_clipboard_request(QemuClipboardInfo *info,
     int status;
 
     COCOA_DEBUG("Second thread: calling qemu_default_main()\n");
-    qemu_mutex_lock_iothread();
+    bql_lock();
     status = qemu_default_main();
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     COCOA_DEBUG("Second thread: qemu_default_main() returned, exiting\n");
     [cbowner release];
     exit(status);
@@ -XXX,XX +XXX,XX @@ static int cocoa_main(void)
 
     COCOA_DEBUG("Entered %s()\n", __func__);
 
-    qemu_mutex_unlock_iothread();
+    bql_unlock();
     qemu_thread_create(&thread, "qemu_main", call_qemu_main,
                        NULL, QEMU_THREAD_DETACHED);
 
-- 
2.43.0

The name "iothread" is overloaded. Use the term Big QEMU Lock (BQL)
instead, it is already widely used and unambiguous.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paul Durrant <paul@xen.org>
Acked-by: David Woodhouse <dwmw@amazon.co.uk>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Message-id: 20240102153529.486531-3-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 include/qemu/main-loop.h  | 19 +++++++++----------
 hw/i386/kvm/xen_evtchn.c  | 14 +++++++-------
 hw/i386/kvm/xen_gnttab.c  |  2 +-
 hw/mips/mips_int.c        |  2 +-
 hw/ppc/ppc.c              |  2 +-
 target/i386/kvm/xen-emu.c |  2 +-
 target/ppc/excp_helper.c  |  2 +-
 target/ppc/helper_regs.c  |  2 +-
 target/riscv/cpu_helper.c |  4 ++--
 9 files changed, 24 insertions(+), 25 deletions(-)

diff --git a/include/qemu/main-loop.h b/include/qemu/main-loop.h
index XXXXXXX..XXXXXXX 100644
--- a/include/qemu/main-loop.h
+++ b/include/qemu/main-loop.h
@@ -XXX,XX +XXX,XX @@ void bql_lock_impl(const char *file, int line);
 void bql_unlock(void);
 
 /**
- * QEMU_IOTHREAD_LOCK_GUARD
+ * BQL_LOCK_GUARD
  *
  * Wrap a block of code in a conditional bql_{lock,unlock}.
  */
-typedef struct IOThreadLockAuto IOThreadLockAuto;
+typedef struct BQLLockAuto BQLLockAuto;
 
-static inline IOThreadLockAuto *qemu_iothread_auto_lock(const char *file,
-                                                        int line)
+static inline BQLLockAuto *bql_auto_lock(const char *file, int line)
 {
     if (bql_locked()) {
         return NULL;
     }
     bql_lock_impl(file, line);
     /* Anything non-NULL causes the cleanup function to be called */
-    return (IOThreadLockAuto *)(uintptr_t)1;
+    return (BQLLockAuto *)(uintptr_t)1;
 }
 
-static inline void qemu_iothread_auto_unlock(IOThreadLockAuto *l)
+static inline void bql_auto_unlock(BQLLockAuto *l)
 {
     bql_unlock();
 }
 
-G_DEFINE_AUTOPTR_CLEANUP_FUNC(IOThreadLockAuto, qemu_iothread_auto_unlock)
+G_DEFINE_AUTOPTR_CLEANUP_FUNC(BQLLockAuto, bql_auto_unlock)
 
-#define QEMU_IOTHREAD_LOCK_GUARD() \
-    g_autoptr(IOThreadLockAuto) _iothread_lock_auto __attribute__((unused)) \
-        = qemu_iothread_auto_lock(__FILE__, __LINE__)
+#define BQL_LOCK_GUARD() \
+    g_autoptr(BQLLockAuto) _bql_lock_auto __attribute__((unused)) \
+        = bql_auto_lock(__FILE__, __LINE__)
 
 /*
  * qemu_cond_wait_iothread: Wait on condition for the main loop mutex
diff --git a/hw/i386/kvm/xen_evtchn.c b/hw/i386/kvm/xen_evtchn.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/i386/kvm/xen_evtchn.c
+++ b/hw/i386/kvm/xen_evtchn.c
@@ -XXX,XX +XXX,XX @@ int xen_evtchn_reset_op(struct evtchn_reset *reset)
         return -ESRCH;
     }
 
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
     return xen_evtchn_soft_reset();
 }
 
@@ -XXX,XX +XXX,XX @@ int xen_evtchn_close_op(struct evtchn_close *close)
         return -EINVAL;
     }
 
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
     qemu_mutex_lock(&s->port_lock);
 
     ret = close_port(s, close->port, &flush_kvm_routes);
@@ -XXX,XX +XXX,XX @@ int xen_evtchn_bind_pirq_op(struct evtchn_bind_pirq *pirq)
         return -EINVAL;
     }
 
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
 
     if (s->pirq[pirq->pirq].port) {
         return -EBUSY;
@@ -XXX,XX +XXX,XX @@ int xen_physdev_map_pirq(struct physdev_map_pirq *map)
         return -ENOTSUP;
     }
 
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
     QEMU_LOCK_GUARD(&s->port_lock);
 
     if (map->domid != DOMID_SELF && map->domid != xen_domid) {
@@ -XXX,XX +XXX,XX @@ int xen_physdev_unmap_pirq(struct physdev_unmap_pirq *unmap)
         return -EINVAL;
     }
 
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
     qemu_mutex_lock(&s->port_lock);
 
     if (!pirq_inuse(s, pirq)) {
@@ -XXX,XX +XXX,XX @@ int xen_physdev_eoi_pirq(struct physdev_eoi *eoi)
         return -ENOTSUP;
     }
 
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
     QEMU_LOCK_GUARD(&s->port_lock);
 
     if (!pirq_inuse(s, pirq)) {
@@ -XXX,XX +XXX,XX @@ int xen_physdev_query_pirq(struct physdev_irq_status_query *query)
         return -ENOTSUP;
     }
 
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
     QEMU_LOCK_GUARD(&s->port_lock);
 
     if (!pirq_inuse(s, pirq)) {
diff --git a/hw/i386/kvm/xen_gnttab.c b/hw/i386/kvm/xen_gnttab.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/i386/kvm/xen_gnttab.c
+++ b/hw/i386/kvm/xen_gnttab.c
@@ -XXX,XX +XXX,XX @@ int xen_gnttab_map_page(uint64_t idx, uint64_t gfn)
         return -EINVAL;
     }
 
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
     QEMU_LOCK_GUARD(&s->gnt_lock);
 
     xen_overlay_do_map_page(&s->gnt_aliases[idx], gpa);
diff --git a/hw/mips/mips_int.c b/hw/mips/mips_int.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/mips/mips_int.c
+++ b/hw/mips/mips_int.c
@@ -XXX,XX +XXX,XX @@ static void cpu_mips_irq_request(void *opaque, int irq, int level)
         return;
     }
 
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
 
     if (level) {
         env->CP0_Cause |= 1 << (irq + CP0Ca_IP);
diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/ppc/ppc.c
+++ b/hw/ppc/ppc.c
@@ -XXX,XX +XXX,XX @@ void ppc_set_irq(PowerPCCPU *cpu, int irq, int level)
     unsigned int old_pending;
 
     /* We may already have the BQL if coming from the reset path */
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
 
     old_pending = env->pending_interrupts;
 
diff --git a/target/i386/kvm/xen-emu.c b/target/i386/kvm/xen-emu.c
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/kvm/xen-emu.c
+++ b/target/i386/kvm/xen-emu.c
@@ -XXX,XX +XXX,XX @@ static int xen_set_shared_info(uint64_t gfn)
     uint64_t gpa = gfn << TARGET_PAGE_BITS;
     int i, err;
 
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
 
     /*
      * The xen_overlay device tells KVM about it too, since it had to
diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/ppc/excp_helper.c
+++ b/target/ppc/excp_helper.c
@@ -XXX,XX +XXX,XX @@ static int ppc_next_unmasked_interrupt(CPUPPCState *env)
 void ppc_maybe_interrupt(CPUPPCState *env)
 {
     CPUState *cs = env_cpu(env);
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
 
     if (ppc_next_unmasked_interrupt(env)) {
         cpu_interrupt(cs, CPU_INTERRUPT_HARD);
diff --git a/target/ppc/helper_regs.c b/target/ppc/helper_regs.c
index XXXXXXX..XXXXXXX 100644
--- a/target/ppc/helper_regs.c
+++ b/target/ppc/helper_regs.c
@@ -XXX,XX +XXX,XX @@ void cpu_interrupt_exittb(CPUState *cs)
      * unless running with TCG.
      */
     if (tcg_enabled()) {
-        QEMU_IOTHREAD_LOCK_GUARD();
+        BQL_LOCK_GUARD();
         cpu_interrupt(cs, CPU_INTERRUPT_EXITTB);
     }
 }
diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/riscv/cpu_helper.c
+++ b/target/riscv/cpu_helper.c
@@ -XXX,XX +XXX,XX @@ void riscv_cpu_interrupt(CPURISCVState *env)
     uint64_t gein, vsgein = 0, vstip = 0, irqf = 0;
     CPUState *cs = env_cpu(env);
 
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
 
     if (env->virt_enabled) {
         gein = get_field(env->hstatus, HSTATUS_VGEIN);
@@ -XXX,XX +XXX,XX @@ uint64_t riscv_cpu_update_mip(CPURISCVState *env, uint64_t mask, uint64_t value)
     /* No need to update mip for VSTIP */
     mask = ((mask == MIP_VSTIP) && env->vstime_irq) ? 0 : mask;
 
-    QEMU_IOTHREAD_LOCK_GUARD();
+    BQL_LOCK_GUARD();
 
     env->mip = (env->mip & ~mask) | (value & mask);
 
-- 
2.43.0

The name "iothread" is overloaded. Use the term Big QEMU Lock (BQL)
instead, it is already widely used and unambiguous.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Paul Durrant <paul@xen.org>
Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Message-id: 20240102153529.486531-4-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 include/qemu/main-loop.h          | 10 +++++-----
 accel/tcg/tcg-accel-ops-rr.c      |  4 ++--
 hw/display/virtio-gpu.c           |  2 +-
 hw/ppc/spapr_events.c             |  2 +-
 system/cpu-throttle.c             |  2 +-
 system/cpus.c                     |  4 ++--
 target/i386/nvmm/nvmm-accel-ops.c |  2 +-
 target/i386/whpx/whpx-accel-ops.c |  2 +-
 8 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/include/qemu/main-loop.h b/include/qemu/main-loop.h
index XXXXXXX..XXXXXXX 100644
--- a/include/qemu/main-loop.h
+++ b/include/qemu/main-loop.h
@@ -XXX,XX +XXX,XX @@ G_DEFINE_AUTOPTR_CLEANUP_FUNC(BQLLockAuto, bql_auto_unlock)
         = bql_auto_lock(__FILE__, __LINE__)
 
 /*
- * qemu_cond_wait_iothread: Wait on condition for the main loop mutex
+ * qemu_cond_wait_bql: Wait on condition for the Big QEMU Lock (BQL)
  *
- * This function atomically releases the main loop mutex and causes
+ * This function atomically releases the Big QEMU Lock (BQL) and causes
  * the calling thread to block on the condition.
  */
-void qemu_cond_wait_iothread(QemuCond *cond);
+void qemu_cond_wait_bql(QemuCond *cond);
 
 /*
- * qemu_cond_timedwait_iothread: like the previous, but with timeout
+ * qemu_cond_timedwait_bql: like the previous, but with timeout
  */
-void qemu_cond_timedwait_iothread(QemuCond *cond, int ms);
+void qemu_cond_timedwait_bql(QemuCond *cond, int ms);
 
 /* internal interfaces */
 
diff --git a/accel/tcg/tcg-accel-ops-rr.c b/accel/tcg/tcg-accel-ops-rr.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/tcg-accel-ops-rr.c
+++ b/accel/tcg/tcg-accel-ops-rr.c
@@ -XXX,XX +XXX,XX @@ static void rr_wait_io_event(void)
 
     while (all_cpu_threads_idle()) {
         rr_stop_kick_timer();
-        qemu_cond_wait_iothread(first_cpu->halt_cond);
+        qemu_cond_wait_bql(first_cpu->halt_cond);
     }
 
     rr_start_kick_timer();
@@ -XXX,XX +XXX,XX @@ static void *rr_cpu_thread_fn(void *arg)
 
     /* wait for initial kick-off after machine start */
     while (first_cpu->stopped) {
-        qemu_cond_wait_iothread(first_cpu->halt_cond);
+        qemu_cond_wait_bql(first_cpu->halt_cond);
 
         /* process any pending work */
         CPU_FOREACH(cpu) {
diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/display/virtio-gpu.c
+++ b/hw/display/virtio-gpu.c
@@ -XXX,XX +XXX,XX @@ void virtio_gpu_reset(VirtIODevice *vdev)
         g->reset_finished = false;
         qemu_bh_schedule(g->reset_bh);
         while (!g->reset_finished) {
-            qemu_cond_wait_iothread(&g->reset_cond);
+            qemu_cond_wait_bql(&g->reset_cond);
         }
     } else {
         virtio_gpu_reset_bh(g);
diff --git a/hw/ppc/spapr_events.c b/hw/ppc/spapr_events.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/ppc/spapr_events.c
+++ b/hw/ppc/spapr_events.c
@@ -XXX,XX +XXX,XX @@ void spapr_mce_req_event(PowerPCCPU *cpu, bool recovered)
             }
             return;
         }
-        qemu_cond_wait_iothread(&spapr->fwnmi_machine_check_interlock_cond);
+        qemu_cond_wait_bql(&spapr->fwnmi_machine_check_interlock_cond);
         if (spapr->fwnmi_machine_check_addr == -1) {
             /*
              * If the machine was reset while waiting for the interlock,
diff --git a/system/cpu-throttle.c b/system/cpu-throttle.c
index XXXXXXX..XXXXXXX 100644
--- a/system/cpu-throttle.c
+++ b/system/cpu-throttle.c
@@ -XXX,XX +XXX,XX @@ static void cpu_throttle_thread(CPUState *cpu, run_on_cpu_data opaque)
     endtime_ns = qemu_clock_get_ns(QEMU_CLOCK_REALTIME) + sleeptime_ns;
     while (sleeptime_ns > 0 && !cpu->stop) {
         if (sleeptime_ns > SCALE_MS) {
-            qemu_cond_timedwait_iothread(cpu->halt_cond,
+            qemu_cond_timedwait_bql(cpu->halt_cond,
                                          sleeptime_ns / SCALE_MS);
         } else {
             bql_unlock();
diff --git a/system/cpus.c b/system/cpus.c
index XXXXXXX..XXXXXXX 100644
--- a/system/cpus.c
+++ b/system/cpus.c
@@ -XXX,XX +XXX,XX @@ void bql_unlock(void)
     qemu_mutex_unlock(&bql);
 }
 
-void qemu_cond_wait_iothread(QemuCond *cond)
+void qemu_cond_wait_bql(QemuCond *cond)
 {
     qemu_cond_wait(cond, &bql);
 }
 
-void qemu_cond_timedwait_iothread(QemuCond *cond, int ms)
+void qemu_cond_timedwait_bql(QemuCond *cond, int ms)
 {
     qemu_cond_timedwait(cond, &bql, ms);
 }
diff --git a/target/i386/nvmm/nvmm-accel-ops.c b/target/i386/nvmm/nvmm-accel-ops.c
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/nvmm/nvmm-accel-ops.c
+++ b/target/i386/nvmm/nvmm-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void *qemu_nvmm_cpu_thread_fn(void *arg)
             }
         }
         while (cpu_thread_is_idle(cpu)) {
-            qemu_cond_wait_iothread(cpu->halt_cond);
+            qemu_cond_wait_bql(cpu->halt_cond);
         }
         qemu_wait_io_event_common(cpu);
     } while (!cpu->unplug || cpu_can_run(cpu));
diff --git a/target/i386/whpx/whpx-accel-ops.c b/target/i386/whpx/whpx-accel-ops.c
index XXXXXXX..XXXXXXX 100644
--- a/target/i386/whpx/whpx-accel-ops.c
+++ b/target/i386/whpx/whpx-accel-ops.c
@@ -XXX,XX +XXX,XX @@ static void *whpx_cpu_thread_fn(void *arg)
             }
         }
         while (cpu_thread_is_idle(cpu)) {
-            qemu_cond_wait_iothread(cpu->halt_cond);
+            qemu_cond_wait_bql(cpu->halt_cond);
         }
         qemu_wait_io_event_common(cpu);
     } while (!cpu->unplug || cpu_can_run(cpu));
-- 
2.43.0

The term "iothread lock" is obsolete. The APIs use Big QEMU Lock (BQL)
in their names. Update the code comments to use "BQL" instead of
"iothread lock".

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Paul Durrant <paul@xen.org>
Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
Message-id: 20240102153529.486531-5-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 docs/devel/reset.rst             |  2 +-
 hw/display/qxl.h                 |  2 +-
 include/exec/cpu-common.h        |  2 +-
 include/exec/memory.h            |  4 ++--
 include/exec/ramblock.h          |  2 +-
 include/migration/register.h     |  8 ++++----
 target/arm/internals.h           |  4 ++--
 accel/tcg/cputlb.c               |  4 ++--
 accel/tcg/tcg-accel-ops-icount.c |  2 +-
 hw/remote/mpqemu-link.c          |  2 +-
 migration/block-dirty-bitmap.c   | 10 +++++-----
 migration/block.c                | 22 +++++++++++-----------
 migration/colo.c                 |  2 +-
 migration/migration.c            |  2 +-
 migration/ram.c                  |  4 ++--
 system/physmem.c                 |  6 +++---
 target/arm/helper.c              |  2 +-
 ui/spice-core.c                  |  2 +-
 util/rcu.c                       |  2 +-
 audio/coreaudio.m                |  4 ++--
 ui/cocoa.m                       |  6 +++---
 21 files changed, 47 insertions(+), 47 deletions(-)

diff --git a/docs/devel/reset.rst b/docs/devel/reset.rst
index XXXXXXX..XXXXXXX 100644
--- a/docs/devel/reset.rst
+++ b/docs/devel/reset.rst
@@ -XXX,XX +XXX,XX @@ Triggering reset
 
 This section documents the APIs which "users" of a resettable object should use
 to control it. All resettable control functions must be called while holding
-the iothread lock.
+the BQL.
 
 You can apply a reset to an object using ``resettable_assert_reset()``. You need
 to call ``resettable_release_reset()`` to release the object from reset. To
diff --git a/hw/display/qxl.h b/hw/display/qxl.h
index XXXXXXX..XXXXXXX 100644
--- a/hw/display/qxl.h
+++ b/hw/display/qxl.h
@@ -XXX,XX +XXX,XX @@ OBJECT_DECLARE_SIMPLE_TYPE(PCIQXLDevice, PCI_QXL)
  *
  * Use with care; by the time this function returns, the returned pointer is
  * not protected by RCU anymore.  If the caller is not within an RCU critical
- * section and does not hold the iothread lock, it must have other means of
+ * section and does not hold the BQL, it must have other means of
  * protecting the pointer, such as a reference to the region that includes
  * the incoming ram_addr_t.
  *
diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/cpu-common.h
+++ b/include/exec/cpu-common.h
@@ -XXX,XX +XXX,XX @@ RAMBlock *qemu_ram_block_by_name(const char *name);
  *
  * By the time this function returns, the returned pointer is not protected
  * by RCU anymore.  If the caller is not within an RCU critical section and
- * does not hold the iothread lock, it must have other means of protecting the
+ * does not hold the BQL, it must have other means of protecting the
  * pointer, such as a reference to the memory region that owns the RAMBlock.
  */
 RAMBlock *qemu_ram_block_from_host(void *ptr, bool round_offset,
diff --git a/include/exec/memory.h b/include/exec/memory.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -XXX,XX +XXX,XX @@ int memory_region_get_fd(MemoryRegion *mr);
  *
  * Use with care; by the time this function returns, the returned pointer is
  * not protected by RCU anymore.  If the caller is not within an RCU critical
- * section and does not hold the iothread lock, it must have other means of
+ * section and does not hold the BQL, it must have other means of
  * protecting the pointer, such as a reference to the region that includes
  * the incoming ram_addr_t.
  *
@@ -XXX,XX +XXX,XX @@ MemoryRegion *memory_region_from_host(void *ptr, ram_addr_t *offset);
  *
  * Use with care; by the time this function returns, the returned pointer is
  * not protected by RCU anymore.  If the caller is not within an RCU critical
- * section and does not hold the iothread lock, it must have other means of
+ * section and does not hold the BQL, it must have other means of
  * protecting the pointer, such as a reference to the region that includes
  * the incoming ram_addr_t.
  *
diff --git a/include/exec/ramblock.h b/include/exec/ramblock.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/ramblock.h
+++ b/include/exec/ramblock.h
@@ -XXX,XX +XXX,XX @@ struct RAMBlock {
     ram_addr_t max_length;
     void (*resized)(const char*, uint64_t length, void *host);
     uint32_t flags;
-    /* Protected by iothread lock.  */
+    /* Protected by the BQL.  */
     char idstr[256];
     /* RCU-enabled, writes protected by the ramlist lock */
     QLIST_ENTRY(RAMBlock) next;
diff --git a/include/migration/register.h b/include/migration/register.h
index XXXXXXX..XXXXXXX 100644
--- a/include/migration/register.h
+++ b/include/migration/register.h
@@ -XXX,XX +XXX,XX @@
 #include "hw/vmstate-if.h"
 
 typedef struct SaveVMHandlers {
-    /* This runs inside the iothread lock.  */
+    /* This runs inside the BQL.  */
     SaveStateHandler *save_state;
 
     /*
@@ -XXX,XX +XXX,XX @@ typedef struct SaveVMHandlers {
     int (*save_live_complete_postcopy)(QEMUFile *f, void *opaque);
     int (*save_live_complete_precopy)(QEMUFile *f, void *opaque);
 
-    /* This runs both outside and inside the iothread lock.  */
+    /* This runs both outside and inside the BQL.  */
     bool (*is_active)(void *opaque);
     bool (*has_postcopy)(void *opaque);
 
@@ -XXX,XX +XXX,XX @@ typedef struct SaveVMHandlers {
      */
     bool (*is_active_iterate)(void *opaque);
 
-    /* This runs outside the iothread lock in the migration case, and
+    /* This runs outside the BQL in the migration case, and
      * within the lock in the savevm case.  The callback had better only
      * use data that is local to the migration thread or protected
      * by other locks.
      */
     int (*save_live_iterate)(QEMUFile *f, void *opaque);
 
-    /* This runs outside the iothread lock!  */
+    /* This runs outside the BQL!  */
     /* Note for save_live_pending:
      * must_precopy:
      * - must be migrated in precopy or in stopped state
diff --git a/target/arm/internals.h b/target/arm/internals.h
index XXXXXXX..XXXXXXX 100644
--- a/target/arm/internals.h
+++ b/target/arm/internals.h
@@ -XXX,XX +XXX,XX @@ static inline const char *aarch32_mode_name(uint32_t psr)
  *
  * Update the CPU_INTERRUPT_VIRQ bit in cs->interrupt_request, following
  * a change to either the input VIRQ line from the GIC or the HCR_EL2.VI bit.
- * Must be called with the iothread lock held.
+ * Must be called with the BQL held.
  */
 void arm_cpu_update_virq(ARMCPU *cpu);
 
@@ -XXX,XX +XXX,XX @@ void arm_cpu_update_virq(ARMCPU *cpu);
  *
  * Update the CPU_INTERRUPT_VFIQ bit in cs->interrupt_request, following
  * a change to either the input VFIQ line from the GIC or the HCR_EL2.VF bit.
- * Must be called with the iothread lock held.
+ * Must be called with the BQL held.
  */
 void arm_cpu_update_vfiq(ARMCPU *cpu);
 
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -XXX,XX +XXX,XX @@ static void *atomic_mmu_lookup(CPUState *cpu, vaddr addr, MemOpIdx oi,
  * @size: number of bytes
  * @mmu_idx: virtual address context
  * @ra: return address into tcg generated code, or 0
- * Context: iothread lock held
+ * Context: BQL held
  *
  * Load @size bytes from @addr, which is memory-mapped i/o.
  * The bytes are concatenated in big-endian order with @ret_be.
@@ -XXX,XX +XXX,XX @@ static Int128 do_ld16_mmu(CPUState *cpu, vaddr addr,
  * @size: number of bytes
  * @mmu_idx: virtual address context
  * @ra: return address into tcg generated code, or 0
- * Context: iothread lock held
+ * Context: BQL held
  *
  * Store @size bytes at @addr, which is memory-mapped i/o.
  * The bytes to store are extracted in little-endian order from @val_le;
diff --git a/accel/tcg/tcg-accel-ops-icount.c b/accel/tcg/tcg-accel-ops-icount.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/tcg-accel-ops-icount.c
+++ b/accel/tcg/tcg-accel-ops-icount.c
@@ -XXX,XX +XXX,XX @@ void icount_prepare_for_run(CPUState *cpu, int64_t cpu_budget)
 
     if (cpu->icount_budget == 0) {
         /*
-         * We're called without the iothread lock, so must take it while
+         * We're called without the BQL, so must take it while
          * we're calling timer handlers.
          */
         bql_lock();
diff --git a/hw/remote/mpqemu-link.c b/hw/remote/mpqemu-link.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/remote/mpqemu-link.c
+++ b/hw/remote/mpqemu-link.c
@@ -XXX,XX +XXX,XX @@ bool mpqemu_msg_send(MPQemuMsg *msg, QIOChannel *ioc, Error **errp)
     assert(qemu_in_coroutine() || !iothread);
 
     /*
-     * Skip unlocking/locking iothread lock when the IOThread is running
+     * Skip unlocking/locking BQL when the IOThread is running
      * in co-routine context. Co-routine context is asserted above
      * for IOThread case.
      * Also skip lock handling while in a co-routine in the main context.
diff --git a/migration/block-dirty-bitmap.c b/migration/block-dirty-bitmap.c
index XXXXXXX..XXXXXXX 100644
--- a/migration/block-dirty-bitmap.c
+++ b/migration/block-dirty-bitmap.c
@@ -XXX,XX +XXX,XX @@ static void send_bitmap_bits(QEMUFile *f, DBMSaveState *s,
     g_free(buf);
 }
 
-/* Called with iothread lock taken.  */
+/* Called with the BQL taken.  */
 static void dirty_bitmap_do_save_cleanup(DBMSaveState *s)
 {
     SaveBitmapState *dbms;
@@ -XXX,XX +XXX,XX @@ static void dirty_bitmap_do_save_cleanup(DBMSaveState *s)
     }
 }
 
-/* Called with iothread lock taken. */
+/* Called with the BQL taken. */
 static int add_bitmaps_to_list(DBMSaveState *s, BlockDriverState *bs,
                                const char *bs_name, GHashTable *alias_map)
 {
@@ -XXX,XX +XXX,XX @@ static int add_bitmaps_to_list(DBMSaveState *s, BlockDriverState *bs,
     return 0;
 }
 
-/* Called with iothread lock taken. */
+/* Called with the BQL taken. */
 static int init_dirty_bitmap_migration(DBMSaveState *s)
 {
     BlockDriverState *bs;
@@ -XXX,XX +XXX,XX @@ static int init_dirty_bitmap_migration(DBMSaveState *s)
     BlockBackend *blk;
     GHashTable *alias_map = NULL;
 
-    /* Runs in the migration thread, but holds the iothread lock */
+    /* Runs in the migration thread, but holds the BQL */
     GLOBAL_STATE_CODE();
     GRAPH_RDLOCK_GUARD_MAINLOOP();
 
@@ -XXX,XX +XXX,XX @@ static int dirty_bitmap_save_iterate(QEMUFile *f, void *opaque)
     return s->bulk_completed;
 }
 
-/* Called with iothread lock taken.  */
+/* Called with the BQL taken.  */
 
 static int dirty_bitmap_save_complete(QEMUFile *f, void *opaque)
 {
diff --git a/migration/block.c b/migration/block.c
index XXXXXXX..XXXXXXX 100644
--- a/migration/block.c
+++ b/migration/block.c
@@ -XXX,XX +XXX,XX @@ typedef struct BlkMigState {
     int prev_progress;
     int bulk_completed;
 
-    /* Lock must be taken _inside_ the iothread lock.  */
+    /* Lock must be taken _inside_ the BQL.  */
     QemuMutex lock;
 } BlkMigState;
 
@@ -XXX,XX +XXX,XX @@ static void blk_mig_unlock(void)
     qemu_mutex_unlock(&block_mig_state.lock);
 }
 
-/* Must run outside of the iothread lock during the bulk phase,
+/* Must run outside of the BQL during the bulk phase,
  * or the VM will stall.
  */
 
@@ -XXX,XX +XXX,XX @@ static int mig_save_device_bulk(QEMUFile *f, BlkMigDevState *bmds)
     return (bmds->cur_sector >= total_sectors);
 }
 
-/* Called with iothread lock taken.  */
+/* Called with the BQL taken.  */
 
 static int set_dirty_tracking(void)
 {
@@ -XXX,XX +XXX,XX @@ fail:
     return ret;
 }
 
-/* Called with iothread lock taken.  */
+/* Called with the BQL taken.  */
 
 static void unset_dirty_tracking(void)
 {
@@ -XXX,XX +XXX,XX @@ static void blk_mig_reset_dirty_cursor(void)
     }
 }
 
-/* Called with iothread lock taken.  */
+/* Called with the BQL taken.  */
 
 static int mig_save_device_dirty(QEMUFile *f, BlkMigDevState *bmds,
                                  int is_async)
@@ -XXX,XX +XXX,XX @@ error:
     return ret;
 }
 
-/* Called with iothread lock taken.
+/* Called with the BQL taken.
  *
  * return value:
  * 0: too much data for max_downtime
@@ -XXX,XX +XXX,XX @@ static int flush_blks(QEMUFile *f)
     return ret;
 }
 
-/* Called with iothread lock taken.  */
+/* Called with the BQL taken.  */
 
 static int64_t get_remaining_dirty(void)
 {
@@ -XXX,XX +XXX,XX @@ static int64_t get_remaining_dirty(void)
 
 
 
-/* Called with iothread lock taken.  */
+/* Called with the BQL taken.  */
 static void block_migration_cleanup_bmds(void)
 {
     BlkMigDevState *bmds;
@@ -XXX,XX +XXX,XX @@ static void block_migration_cleanup_bmds(void)
     }
 }
 
-/* Called with iothread lock taken.  */
+/* Called with the BQL taken.  */
 static void block_migration_cleanup(void *opaque)
 {
     BlkMigBlock *blk;
@@ -XXX,XX +XXX,XX @@ static int block_save_iterate(QEMUFile *f, void *opaque)
             }
             ret = 0;
         } else {
-            /* Always called with iothread lock taken for
+            /* Always called with the BQL taken for
              * simplicity, block_save_complete also calls it.
              */
             bql_lock();
@@ -XXX,XX +XXX,XX @@ static int block_save_iterate(QEMUFile *f, void *opaque)
     return (delta_bytes > 0);
 }
 
-/* Called with iothread lock taken.  */
+/* Called with the BQL taken.  */
 
 static int block_save_complete(QEMUFile *f, void *opaque)
 {
diff --git a/migration/colo.c b/migration/colo.c
index XXXXXXX..XXXXXXX 100644
--- a/migration/colo.c
+++ b/migration/colo.c
@@ -XXX,XX +XXX,XX @@ int coroutine_fn colo_incoming_co(void)
     qemu_thread_join(&th);
     bql_lock();
 
-    /* We hold the global iothread lock, so it is safe here */
+    /* We hold the global BQL, so it is safe here */
     colo_release_ram_cache();
 
     return 0;
diff --git a/migration/migration.c b/migration/migration.c
index XXXXXXX..XXXXXXX 100644
--- a/migration/migration.c
+++ b/migration/migration.c
@@ -XXX,XX +XXX,XX @@ fail:
 
 /**
  * migration_maybe_pause: Pause if required to by
- * migrate_pause_before_switchover called with the iothread locked
+ * migrate_pause_before_switchover called with the BQL locked
  * Returns: 0 on success
  */
 static int migration_maybe_pause(MigrationState *s,
diff --git a/migration/ram.c b/migration/ram.c
index XXXXXXX..XXXXXXX 100644
--- a/migration/ram.c
+++ b/migration/ram.c
@@ -XXX,XX +XXX,XX @@ static void ram_save_cleanup(void *opaque)
 
     /* We don't use dirty log with background snapshots */
     if (!migrate_background_snapshot()) {
-        /* caller have hold iothread lock or is in a bh, so there is
+        /* caller have hold BQL or is in a bh, so there is
          * no writing race against the migration bitmap
          */
         if (global_dirty_tracking & GLOBAL_DIRTY_MIGRATION) {
@@ -XXX,XX +XXX,XX @@ out:
  *
  * Returns zero to indicate success or negative on error
  *
- * Called with iothread lock
+ * Called with the BQL
  *
  * @f: QEMUFile where to send the data
  * @opaque: RAMState pointer
diff --git a/system/physmem.c b/system/physmem.c
index XXXXXXX..XXXXXXX 100644
--- a/system/physmem.c
+++ b/system/physmem.c
@@ -XXX,XX +XXX,XX @@ static RAMBlock *qemu_get_ram_block(ram_addr_t addr)
     abort();
 
 found:
-    /* It is safe to write mru_block outside the iothread lock.  This
+    /* It is safe to write mru_block outside the BQL.  This
      * is what happens:
      *
      *     mru_block = xxx
@@ -XXX,XX +XXX,XX @@ int qemu_ram_get_fd(RAMBlock *rb)
     return rb->fd;
 }
 
-/* Called with iothread lock held.  */
+/* Called with the BQL held.  */
 void qemu_ram_set_idstr(RAMBlock *new_block, const char *name, DeviceState *dev)
 {
     RAMBlock *block;
@@ -XXX,XX +XXX,XX @@ void qemu_ram_set_idstr(RAMBlock *new_block, const char *name, DeviceState *dev)
     }
 }
 
-/* Called with iothread lock held.  */
+/* Called with the BQL held.  */
 void qemu_ram_unset_idstr(RAMBlock *block)
 {
     /* FIXME: arch_init.c assumes that this is not called throughout
diff --git a/target/arm/helper.c b/target/arm/helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -XXX,XX +XXX,XX @@ static void do_hcr_write(CPUARMState *env, uint64_t value, uint64_t valid_mask)
      * Updates to VI and VF require us to update the status of
      * virtual interrupts, which are the logical OR of these bits
      * and the state of the input lines from the GIC. (This requires
-     * that we have the iothread lock, which is done by marking the
+     * that we have the BQL, which is done by marking the
      * reginfo structs as ARM_CP_IO.)
      * Note that if a write to HCR pends a VIRQ or VFIQ it is never
      * possible for it to be taken immediately, because VIRQ and
diff --git a/ui/spice-core.c b/ui/spice-core.c
index XXXXXXX..XXXXXXX 100644
--- a/ui/spice-core.c
+++ b/ui/spice-core.c
@@ -XXX,XX +XXX,XX @@ static void channel_event(int event, SpiceChannelEventInfo *info)
      * not do that.  It isn't that easy to fix it in spice and even
      * when it is fixed we still should cover the already released
      * spice versions.  So detect that we've been called from another
-     * thread and grab the iothread lock if so before calling qemu
+     * thread and grab the BQL if so before calling qemu
      * functions.
      */
     bool need_lock = !qemu_thread_is_self(&me);
diff --git a/util/rcu.c b/util/rcu.c
index XXXXXXX..XXXXXXX 100644
--- a/util/rcu.c
+++ b/util/rcu.c
@@ -XXX,XX +XXX,XX @@ static void rcu_init_complete(void)
 
     qemu_event_init(&rcu_call_ready_event, false);
 
-    /* The caller is assumed to have iothread lock, so the call_rcu thread
+    /* The caller is assumed to have BQL, so the call_rcu thread
      * must have been quiescent even after forking, just recreate it.
      */
     qemu_thread_create(&thread, "call_rcu", call_rcu_thread,
diff --git a/audio/coreaudio.m b/audio/coreaudio.m
index XXXXXXX..XXXXXXX 100644
--- a/audio/coreaudio.m
+++ b/audio/coreaudio.m
@@ -XXX,XX +XXX,XX @@ static ret_type glue(coreaudio_, name)args_decl             \
 #undef COREAUDIO_WRAPPER_FUNC
 
 /*
- * callback to feed audiooutput buffer. called without iothread lock.
+ * callback to feed audiooutput buffer. called without BQL.
  * allowed to lock "buf_mutex", but disallowed to have any other locks.
  */
 static OSStatus audioDeviceIOProc(
@@ -XXX,XX +XXX,XX @@ static void update_device_playback_state(coreaudioVoiceOut *core)
     }
 }
 
-/* called without iothread lock. */
+/* called without BQL. */
 static OSStatus handle_voice_change(
     AudioObjectID in_object_id,
     UInt32 in_number_addresses,
diff --git a/ui/cocoa.m b/ui/cocoa.m
index XXXXXXX..XXXXXXX 100644
--- a/ui/cocoa.m
+++ b/ui/cocoa.m
@@ -XXX,XX +XXX,XX @@ static void cocoa_switch(DisplayChangeListener *dcl,
 static QemuClipboardInfo *cbinfo;
 static QemuEvent cbevent;
 
-// Utility functions to run specified code block with iothread lock held
+// Utility functions to run specified code block with the BQL held
 typedef void (^CodeBlock)(void);
 typedef bool (^BoolCodeBlock)(void);
 
@@ -XXX,XX +XXX,XX @@ - (void) setContentDimensions
 
 - (void) updateUIInfoLocked
 {
-    /* Must be called with the iothread lock, i.e. via updateUIInfo */
+    /* Must be called with the BQL, i.e. via updateUIInfo */
     NSSize frameSize;
     QemuUIInfo info;
 
@@ -XXX,XX +XXX,XX @@ static void cocoa_display_init(DisplayState *ds, DisplayOptions *opts)
      * Create the menu entries which depend on QEMU state (for consoles
      * and removable devices). These make calls back into QEMU functions,
      * which is OK because at this point we know that the second thread
-     * holds the iothread lock and is synchronously waiting for us to
+     * holds the BQL and is synchronously waiting for us to
      * finish.
      */
     add_console_menu_entries();
-- 
2.43.0

The term "QEMU global mutex" is identical to the more widely used Big
QEMU Lock ("BQL"). Update the code comments and documentation to use
"BQL" instead of "QEMU global mutex".

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Acked-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Paul Durrant <paul@xen.org>
Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
Message-id: 20240102153529.486531-6-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 docs/devel/multi-thread-tcg.rst   |  7 +++----
 docs/devel/qapi-code-gen.rst      |  2 +-
 docs/devel/replay.rst             |  2 +-
 docs/devel/multiple-iothreads.txt | 14 +++++++-------
 include/block/blockjob.h          |  6 +++---
 include/io/task.h                 |  2 +-
 include/qemu/coroutine-core.h     |  2 +-
 include/qemu/coroutine.h          |  2 +-
 hw/block/dataplane/virtio-blk.c   |  8 ++++----
 hw/block/virtio-blk.c             |  2 +-
 hw/scsi/virtio-scsi-dataplane.c   |  6 +++---
 net/tap.c                         |  2 +-
 12 files changed, 27 insertions(+), 28 deletions(-)

diff --git a/docs/devel/multi-thread-tcg.rst b/docs/devel/multi-thread-tcg.rst
index XXXXXXX..XXXXXXX 100644
--- a/docs/devel/multi-thread-tcg.rst
+++ b/docs/devel/multi-thread-tcg.rst
@@ -XXX,XX +XXX,XX @@ instruction. This could be a future optimisation.
 Emulated hardware state
 -----------------------
 
-Currently thanks to KVM work any access to IO memory is automatically
-protected by the global iothread mutex, also known as the BQL (Big
-QEMU Lock). Any IO region that doesn't use global mutex is expected to
-do its own locking.
+Currently thanks to KVM work any access to IO memory is automatically protected
+by the BQL (Big QEMU Lock). Any IO region that doesn't use the BQL is expected
+to do its own locking.
 
 However IO memory isn't the only way emulated hardware state can be
 modified. Some architectures have model specific registers that
diff --git a/docs/devel/qapi-code-gen.rst b/docs/devel/qapi-code-gen.rst
index XXXXXXX..XXXXXXX 100644
--- a/docs/devel/qapi-code-gen.rst
+++ b/docs/devel/qapi-code-gen.rst
@@ -XXX,XX +XXX,XX @@ blocking the guest and other background operations.
 Coroutine safety can be hard to prove, similar to thread safety.  Common
 pitfalls are:
 
-- The global mutex isn't held across ``qemu_coroutine_yield()``, so
+- The BQL isn't held across ``qemu_coroutine_yield()``, so
   operations that used to assume that they execute atomically may have
   to be more careful to protect against changes in the global state.
 
diff --git a/docs/devel/replay.rst b/docs/devel/replay.rst
index XXXXXXX..XXXXXXX 100644
--- a/docs/devel/replay.rst
+++ b/docs/devel/replay.rst
@@ -XXX,XX +XXX,XX @@ modes.
 Reading and writing requests are created by CPU thread of QEMU. Later these
 requests proceed to block layer which creates "bottom halves". Bottom
 halves consist of callback and its parameters. They are processed when
-main loop locks the global mutex. These locks are not synchronized with
+main loop locks the BQL. These locks are not synchronized with
 replaying process because main loop also processes the events that do not
 affect the virtual machine state (like user interaction with monitor).
 
diff --git a/docs/devel/multiple-iothreads.txt b/docs/devel/multiple-iothreads.txt
index XXXXXXX..XXXXXXX 100644
--- a/docs/devel/multiple-iothreads.txt
+++ b/docs/devel/multiple-iothreads.txt
@@ -XXX,XX +XXX,XX @@ the COPYING file in the top-level directory.
 
 
 This document explains the IOThread feature and how to write code that runs
-outside the QEMU global mutex.
+outside the BQL.
 
 The main loop and IOThreads
 ---------------------------
@@ -XXX,XX +XXX,XX @@ scalability bottleneck on hosts with many CPUs.  Work can be spread across
 several IOThreads instead of just one main loop.  When set up correctly this
 can improve I/O latency and reduce jitter seen by the guest.
 
-The main loop is also deeply associated with the QEMU global mutex, which is a
-scalability bottleneck in itself.  vCPU threads and the main loop use the QEMU
-global mutex to serialize execution of QEMU code.  This mutex is necessary
-because a lot of QEMU's code historically was not thread-safe.
+The main loop is also deeply associated with the BQL, which is a
+scalability bottleneck in itself.  vCPU threads and the main loop use the BQL
+to serialize execution of QEMU code.  This mutex is necessary because a lot of
+QEMU's code historically was not thread-safe.
 
 The fact that all I/O processing is done in a single main loop and that the
-QEMU global mutex is contended by all vCPU threads and the main loop explain
+BQL is contended by all vCPU threads and the main loop explain
 why it is desirable to place work into IOThreads.
 
 The experimental virtio-blk data-plane implementation has been benchmarked and
@@ -XXX,XX +XXX,XX @@ There are several old APIs that use the main loop AioContext:
 
 Since they implicitly work on the main loop they cannot be used in code that
 runs in an IOThread.  They might cause a crash or deadlock if called from an
-IOThread since the QEMU global mutex is not held.
+IOThread since the BQL is not held.
 
 Instead, use the AioContext functions directly (see include/block/aio.h):
  * aio_set_fd_handler() - monitor a file descriptor
diff --git a/include/block/blockjob.h b/include/block/blockjob.h
index XXXXXXX..XXXXXXX 100644
--- a/include/block/blockjob.h
+++ b/include/block/blockjob.h
@@ -XXX,XX +XXX,XX @@ typedef struct BlockJob {
 
     /**
      * Speed that was set with @block_job_set_speed.
-     * Always modified and read under QEMU global mutex (GLOBAL_STATE_CODE).
+     * Always modified and read under the BQL (GLOBAL_STATE_CODE).
      */
     int64_t speed;
 
@@ -XXX,XX +XXX,XX @@ typedef struct BlockJob {
 
     /**
      * Block other operations when block job is running.
-     * Always modified and read under QEMU global mutex (GLOBAL_STATE_CODE).
+     * Always modified and read under the BQL (GLOBAL_STATE_CODE).
      */
     Error *blocker;
 
@@ -XXX,XX +XXX,XX @@ typedef struct BlockJob {
 
     /**
      * BlockDriverStates that are involved in this block job.
-     * Always modified and read under QEMU global mutex (GLOBAL_STATE_CODE).
+     * Always modified and read under the BQL (GLOBAL_STATE_CODE).
      */
     GSList *nodes;
 } BlockJob;
diff --git a/include/io/task.h b/include/io/task.h
index XXXXXXX..XXXXXXX 100644
--- a/include/io/task.h
+++ b/include/io/task.h
@@ -XXX,XX +XXX,XX @@ typedef void (*QIOTaskWorker)(QIOTask *task,
  * lookups) to be easily run non-blocking. Reporting the
  * results in the main thread context means that the caller
  * typically does not need to be concerned about thread
- * safety wrt the QEMU global mutex.
+ * safety wrt the BQL.
  *
  * For example, the socket_listen() method will block the caller
  * while DNS lookups take place if given a name, instead of IP
diff --git a/include/qemu/coroutine-core.h b/include/qemu/coroutine-core.h
index XXXXXXX..XXXXXXX 100644
--- a/include/qemu/coroutine-core.h
+++ b/include/qemu/coroutine-core.h
@@ -XXX,XX +XXX,XX @@
  * rather than callbacks, for operations that need to give up control while
  * waiting for events to complete.
  *
- * These functions are re-entrant and may be used outside the global mutex.
+ * These functions are re-entrant and may be used outside the BQL.
  *
  * Functions that execute in coroutine context cannot be called
  * directly from normal functions.  Use @coroutine_fn to mark such
diff --git a/include/qemu/coroutine.h b/include/qemu/coroutine.h
index XXXXXXX..XXXXXXX 100644
--- a/include/qemu/coroutine.h
+++ b/include/qemu/coroutine.h
@@ -XXX,XX +XXX,XX @@
  * rather than callbacks, for operations that need to give up control while
  * waiting for events to complete.
  *
- * These functions are re-entrant and may be used outside the global mutex.
+ * These functions are re-entrant and may be used outside the BQL.
  *
  * Functions that execute in coroutine context cannot be called
  * directly from normal functions.  Use @coroutine_fn to mark such
diff --git a/hw/block/dataplane/virtio-blk.c b/hw/block/dataplane/virtio-blk.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/block/dataplane/virtio-blk.c
+++ b/hw/block/dataplane/virtio-blk.c
@@ -XXX,XX +XXX,XX @@ apply_vq_mapping(IOThreadVirtQueueMappingList *iothread_vq_mapping_list,
     }
 }
 
-/* Context: QEMU global mutex held */
+/* Context: BQL held */
 bool virtio_blk_data_plane_create(VirtIODevice *vdev, VirtIOBlkConf *conf,
                                   VirtIOBlockDataPlane **dataplane,
                                   Error **errp)
@@ -XXX,XX +XXX,XX @@ bool virtio_blk_data_plane_create(VirtIODevice *vdev, VirtIOBlkConf *conf,
     return true;
 }
 
-/* Context: QEMU global mutex held */
+/* Context: BQL held */
 void virtio_blk_data_plane_destroy(VirtIOBlockDataPlane *s)
 {
     VirtIOBlock *vblk;
@@ -XXX,XX +XXX,XX @@ void virtio_blk_data_plane_destroy(VirtIOBlockDataPlane *s)
     g_free(s);
 }
 
-/* Context: QEMU global mutex held */
+/* Context: BQL held */
 int virtio_blk_data_plane_start(VirtIODevice *vdev)
 {
     VirtIOBlock *vblk = VIRTIO_BLK(vdev);
@@ -XXX,XX +XXX,XX @@ static void virtio_blk_data_plane_stop_vq_bh(void *opaque)
     virtio_queue_host_notifier_read(host_notifier);
 }
 
-/* Context: QEMU global mutex held */
+/* Context: BQL held */
 void virtio_blk_data_plane_stop(VirtIODevice *vdev)
 {
     VirtIOBlock *vblk = VIRTIO_BLK(vdev);
diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -XXX,XX +XXX,XX @@ static void virtio_blk_resize(void *opaque)
     VirtIODevice *vdev = VIRTIO_DEVICE(opaque);
 
     /*
-     * virtio_notify_config() needs to acquire the global mutex,
+     * virtio_notify_config() needs to acquire the BQL,
      * so it can't be called from an iothread. Instead, schedule
      * it to be run in the main context BH.
      */
diff --git a/hw/scsi/virtio-scsi-dataplane.c b/hw/scsi/virtio-scsi-dataplane.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/scsi/virtio-scsi-dataplane.c
+++ b/hw/scsi/virtio-scsi-dataplane.c
@@ -XXX,XX +XXX,XX @@
 #include "scsi/constants.h"
 #include "hw/virtio/virtio-bus.h"
 
-/* Context: QEMU global mutex held */
+/* Context: BQL held */
 void virtio_scsi_dataplane_setup(VirtIOSCSI *s, Error **errp)
 {
     VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(s);
@@ -XXX,XX +XXX,XX @@ static void virtio_scsi_dataplane_stop_bh(void *opaque)
     }
 }
 
-/* Context: QEMU global mutex held */
+/* Context: BQL held */
 int virtio_scsi_dataplane_start(VirtIODevice *vdev)
 {
     int i;
@@ -XXX,XX +XXX,XX @@ fail_guest_notifiers:
     return -ENOSYS;
 }
 
-/* Context: QEMU global mutex held */
+/* Context: BQL held */
 void virtio_scsi_dataplane_stop(VirtIODevice *vdev)
 {
     BusState *qbus = qdev_get_parent_bus(DEVICE(vdev));
diff --git a/net/tap.c b/net/tap.c
index XXXXXXX..XXXXXXX 100644
--- a/net/tap.c
+++ b/net/tap.c
@@ -XXX,XX +XXX,XX @@ static void tap_send(void *opaque)
 
         /*
          * When the host keeps receiving more packets while tap_send() is
-         * running we can hog the QEMU global mutex.  Limit the number of
+         * running we can hog the BQL.  Limit the number of
          * packets that are processed per tap_send() callback to prevent
          * stalling the guest.
          */
-- 
2.43.0

The following changes since commit b384cd95eb9c6f73ad84ed1bb0717a26e29cc78f:

Merge remote-tracking branch 'remotes/ehabkost/tags/machine-next-pull-request' into staging (2018-01-19 16:35:25 +0000)

are available in the Git repository at:

git://github.com/stefanha/qemu.git tags/block-pull-request

for you to fetch changes up to bcbb3866da19cce4360c828b6ec1c2a137757927:

block/parallels: add backing support to readv/writev (2018-01-22 14:02:33 +0000)

----------------------------------------------------------------
Pull request

v2:
 * Drop merge failure from a previous pull request that broke virtio-blk on ARM
   guests
 * Add Parallels XML patch series

----------------------------------------------------------------

Edgar Kaziakhmedov (1):
  block/parallels: add backing support to readv/writev

Klim Kireev (4):
  docs/interop/prl-xml: description of Parallels Disk format
  configure: add dependency
  block/parallels: move some structures into header
  block/parallels: replace some magic numbers

Stefan Hajnoczi (1):
  block: add block_set_io_throttle virtio-blk-pci QMP example

docs/interop/prl-xml.txt | 158 +++++++++++++++++++++++++++++++++++++++++++++++
 qapi/block-core.json     |  18 ++++++
 configure                |  27 ++++++++
 block/Makefile.objs      |   2 +
 block/parallels.h        |  88 ++++++++++++++++++++++++++
 block/parallels.c        | 108 ++++++++++++++------------------
 scripts/checkpatch.pl    |   1 +
 7 files changed, 342 insertions(+), 60 deletions(-)
 create mode 100644 docs/interop/prl-xml.txt
 create mode 100644 block/parallels.h

-- 
2.14.3

The block_set_io_throttle command can look up BlockBackends by the
attached qdev device ID.  virtio-blk-pci is a special case because the
actual VirtIOBlock device is the "/virtio-backend" child of the PCI
adapter device.

Add a QMP schema example so clients will know how to use
block_set_io_throttle on the virtio-blk-pci device.

The alternative is to implement some sort of aliasing for qmp_get_blk()
but that is likely to cause confusion and could break future use cases.
Let's not go there.

Cc: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Message-id: 20180117090700.25811-1-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 qapi/block-core.json | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/qapi/block-core.json b/qapi/block-core.json
index XXXXXXX..XXXXXXX 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -XXX,XX +XXX,XX @@
 # Example:
 #
 # -> { "execute": "block_set_io_throttle",
+#      "arguments": { "id": "virtio-blk-pci0/virtio-backend",
+#                     "bps": 0,
+#                     "bps_rd": 0,
+#                     "bps_wr": 0,
+#                     "iops": 512,
+#                     "iops_rd": 0,
+#                     "iops_wr": 0,
+#                     "bps_max": 0,
+#                     "bps_rd_max": 0,
+#                     "bps_wr_max": 0,
+#                     "iops_max": 0,
+#                     "iops_rd_max": 0,
+#                     "iops_wr_max": 0,
+#                     "bps_max_length": 0,
+#                     "iops_size": 0 } }
+# <- { "return": {} }
+#
+# -> { "execute": "block_set_io_throttle",
 #      "arguments": { "id": "ide0-1-0",
 #                     "bps": 1000000,
 #                     "bps_rd": 0,
-- 
2.14.3

From: Klim Kireev <klim.kireev@virtuozzo.com>

This patch adds main information about Parallels Disk
format, which consists of DiskDescriptor.xml and other files.

Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
Message-id: 20180112090122.1702-2-klim.kireev@virtuozzo.com
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 docs/interop/prl-xml.txt | 158 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 158 insertions(+)
 create mode 100644 docs/interop/prl-xml.txt

diff --git a/docs/interop/prl-xml.txt b/docs/interop/prl-xml.txt
new file mode 100644
index XXXXXXX..XXXXXXX
--- /dev/null
+++ b/docs/interop/prl-xml.txt
@@ -XXX,XX +XXX,XX @@
+= License =
+
+Copyright (c) 2015-2017, Virtuozzo, Inc.
+Authors:
+        2015 Denis Lunev <den@openvz.org>
+        2015 Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
+        2016-2017 Klim Kireev <klim.kireev@virtuozzo.com>
+        2016-2017 Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
+
+This work is licensed under the terms of the GNU GPL, version 2 or later.
+See the COPYING file in the top-level directory.
+
+This specification contains minimal information about Parallels Disk Format,
+which is enough to proper work with QEMU. Nevertheless, Parallels Cloud Server
+and Parallels Desktop are able to add some unspecified nodes to xml and use
+them, but they are for internal work and don't affect functionality. Also it
+uses auxiliary xml "Snapshot.xml", which allows to store optional snapshot
+information, but it doesn't influence open/read/write functionality. QEMU and
+other software should not use fields not covered in this document and
+Snapshot.xml file and must leave them as is.
+
+= Parallels Disk Format =
+
+Parallels disk consists of two parts: the set of snapshots and the disk
+descriptor file, which stores information about all files and snapshots.
+
+== Definitions ==
+    Snapshot       a record of the contents captured at a particular time,
+                   capable of storing current state. A snapshot has UUID and
+                   parent UUID.
+
+ Snapshot image    an overlay representing the difference between this
+                   snapshot and some earlier snapshot.
+
+    Overlay        an image storing the different sectors between two captured
+                   states.
+
+   Root image      snapshot image with no parent, the root of snapshot tree.
+
+    Storage        the backing storage for a subset of the virtual disk. When
+                   there is more than one storage in a Parallels disk then that
+                   is referred to as a split image. In this case every storage
+                   covers specific address space area of the disk and has its
+                   particular root image. Split images are not considered here
+                   and are not supported. Each storage consists of disk
+                   parameters and a list of images. The list of images always
+                   contains a root image and may also contain overlays. The
+                   root image can be an expandable Parallels image file or
+                   plain. Overlays must be expandable.
+
+  Description      DiskDescriptor.xml stores information about disk parameters,
+     file          snapshots, storages.
+
+     Top           The overlay between actual state and some previous snapshot.
+   Snapshot        It is not a snapshot in the classical sense because it
+                   serves as the active image that the guest writes to.
+
+    Sector         a 512-byte data chunk.
+
+== Description file ==
+All information is placed in a single XML element Parallels_disk_image.
+The element has only one attribute "Version", that must be 1.0.
+Schema of DiskDescriptor.xml:
+
+<Parallels_disk_image Version="1.0">
+    <Disk_Parameters>
+        ...
+    </Disk_Parameters>
+    <StorageData>
+        ...
+    </StorageData>
+    <Snapshots>
+        ...
+    </Snapshots>
+</Parallels_disk_image>
+
+== Disk_Parameters element ==
+The Disk_Parameters element describes the physical layout of the virtual disk
+and some general settings.
+
+The Disk_Parameters element MUST contain the following child elements:
+    * Disk_size - number of sectors in the disk,
+                  desired size of the disk.
+    * Cylinders - number of the disk cylinders.
+    * Heads     - number of the disk heads.
+    * Sectors   - number of the disk sectors per cylinder
+                  (sector size is 512 bytes)
+                  Limitation: Product of the Heads, Sectors and Cylinders
+                  values MUST be equal to the value of the Disk_size parameter.
+    * Padding   - must be 0. Parallels Cloud Server and Parallels Desktop may
+                  use padding set to 1, however this case is not covered
+                  by this spec, QEMU and other software should not open
+                  such disks and should not create them.
+
+== StorageData element ==
+This element of the file describes the root image and all snapshot images.
+
+The StorageData element consists of the Storage child element, as shown below:
+<StorageData>
+    <Storage>
+        ...
+    </Storage>
+</StorageData>
+
+A Storage element has following child elements:
+    * Start     - start sector of the storage, in case of non split storage
+                  equals to 0.
+    * End       - number of sector following the last sector, in case of non
+                  split storage equals to Disk_size.
+    * Blocksize - storage cluster size, number of sectors per one cluster.
+                  Cluster size for each "Compressed" (see below) image in
+                  parallels disk must be equal to this field. Note: cluster
+                  size for Parallels Expandable Image is in 'tracks' field of
+                  its header (see docs/interop/parallels.txt).
+    * Several Image child elements.
+
+Each Image element has following child elements:
+    * GUID - image identifier, UUID in curly brackets.
+             For instance, {12345678-9abc-def1-2345-6789abcdef12}.
+             The GUID is used by the Snapshots element to reference images
+             (see below)
+    * Type - image type of the element. It can be:
+             "Plain" for raw files.
+             "Compressed" for expanding disks.
+    * File - path to image file. Path can be relative to DiskDecriptor.xml or
+             absolute.
+
+== Snapshots element ==
+The Snapshots element describes the snapshot relations with the snapshot tree.
+
+The element contains the set of Shot child elements, as shown below:
+<Snapshots>
+    <TopGUID> ... </TopGUID> /* Optional child element */
+    <Shot>
+        ...
+    </Shot>
+    <Shot>
+        ...
+    </Shot>
+    ...
+</Snapshots>
+
+Each Shot element contains the following child elements:
+    * GUID       - an image GUID.
+    * ParentGUID - GUID of the image of the parent snapshot.
+
+The software may traverse snapshots from child to parent using <ParentGUID>
+field as reference. ParentGUID of root snapshot is
+{00000000-0000-0000-0000-000000000000}. There should be only one root
+snapshot. Top snapshot could be described via two ways: via TopGUID child
+element of the Snapshots element or via predefined GUID
+{5fbaabe3-6958-40ff-92a7-860e329aab41}. If TopGUID is defined, predefined GUID is
+interpreted as usual GUID. All snapshot images (except Top Snapshot) should be
+opened read-only. There is another predefined GUID,
+BackupID = {704718e1-2314-44c8-9087-d78ed36b0f4e}, which is used by original and
+some third-party software for backup, QEMU and other software may operate with
+images with GUID = BackupID as usual, however, it is not recommended to use this
+GUID for new disks. Top snapshot cannot have this GUID.
-- 
2.14.3

From: Klim Kireev <klim.kireev@virtuozzo.com>

This dependency is required for adequate Parallels images support.
Typically the disk consists of several images which are glued by
XML disk descriptor. Also XML hides inside several important parameters
which are not available in the image header.

The patch also adds clause to checkpatch.pl to understand libxml2 types.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-id: 20180112090122.1702-3-klim.kireev@virtuozzo.com
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 configure             | 27 +++++++++++++++++++++++++++
 block/Makefile.objs   |  2 ++
 scripts/checkpatch.pl |  1 +
 3 files changed, 30 insertions(+)

diff --git a/configure b/configure
index XXXXXXX..XXXXXXX 100755
--- a/configure
+++ b/configure
@@ -XXX,XX +XXX,XX @@ tcmalloc="no"
 jemalloc="no"
 replication="yes"
 vxhs=""
+libxml2=""
 
 supported_cpu="no"
 supported_os="no"
@@ -XXX,XX +XXX,XX @@ for opt do
   ;;
   --enable-numa) numa="yes"
   ;;
+  --disable-libxml2) libxml2="no"
+  ;;
+  --enable-libxml2) libxml2="yes"
+  ;;
   --disable-tcmalloc) tcmalloc="no"
   ;;
   --enable-tcmalloc) tcmalloc="yes"
@@ -XXX,XX +XXX,XX @@ disabled with --disable-FEATURE, default is enabled if available:
   tpm             TPM support
   libssh2         ssh block device support
   numa            libnuma support
+  libxml2         for Parallels image format
   tcmalloc        tcmalloc support
   jemalloc        jemalloc support
   replication     replication support
@@ -XXX,XX +XXX,XX @@ EOF
   fi
 fi
 
+##########################################
+# libxml2 probe
+if test "$libxml2" != "no" ; then
+    if $pkg_config --exists libxml-2.0; then
+        libxml2="yes"
+        libxml2_cflags=$($pkg_config --cflags libxml-2.0)
+        libxml2_libs=$($pkg_config --libs libxml-2.0)
+    else
+        if test "$libxml2" = "yes"; then
+            feature_not_found "libxml2" "Install libxml2 devel"
+        fi
+        libxml2="no"
+    fi
+fi
 
 ##########################################
 # glusterfs probe
@@ -XXX,XX +XXX,XX @@ echo "lzo support       $lzo"
 echo "snappy support    $snappy"
 echo "bzip2 support     $bzip2"
 echo "NUMA host support $numa"
+echo "libxml2           $libxml2"
 echo "tcmalloc support  $tcmalloc"
 echo "jemalloc support  $jemalloc"
 echo "avx2 optimization $avx2_opt"
@@ -XXX,XX +XXX,XX @@ if test "$have_rtnetlink" = "yes" ; then
   echo "CONFIG_RTNETLINK=y" >> $config_host_mak
 fi
 
+if test "$libxml2" = "yes" ; then
+  echo "CONFIG_LIBXML2=y" >> $config_host_mak
+  echo "LIBXML2_CFLAGS=$libxml2_cflags" >> $config_host_mak
+  echo "LIBXML2_LIBS=$libxml2_libs" >> $config_host_mak
+fi
+
 if test "$replication" = "yes" ; then
   echo "CONFIG_REPLICATION=y" >> $config_host_mak
 fi
diff --git a/block/Makefile.objs b/block/Makefile.objs
index XXXXXXX..XXXXXXX 100644
--- a/block/Makefile.objs
+++ b/block/Makefile.objs
@@ -XXX,XX +XXX,XX @@ block-obj-$(if $(CONFIG_BZIP2),m,n) += dmg-bz2.o
 dmg-bz2.o-libs     := $(BZIP2_LIBS)
 qcow.o-libs        := -lz
 linux-aio.o-libs   := -laio
+parallels.o-cflags := $(LIBXML2_CFLAGS)
+parallels.o-libs   := $(LIBXML2_LIBS)
diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index XXXXXXX..XXXXXXX 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -XXX,XX +XXX,XX @@ our @typeList = (
 	qr{${Ident}_handler_fn},
 	qr{target_(?:u)?long},
 	qr{hwaddr},
+	qr{xml${Ident}},
 );
 
 # This can be modified by sub possible.  Since it can be empty, be careful
-- 
2.14.3

From: Klim Kireev <klim.kireev@virtuozzo.com>

To implement xml format, some defines and structures
from parallels.c are required.

Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
Message-id: 20180112090122.1702-4-klim.kireev@virtuozzo.com
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 block/parallels.h | 86 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 block/parallels.c | 53 +---------------------------------
 2 files changed, 87 insertions(+), 52 deletions(-)
 create mode 100644 block/parallels.h

diff --git a/block/parallels.h b/block/parallels.h
new file mode 100644
index XXXXXXX..XXXXXXX
--- /dev/null
+++ b/block/parallels.h
@@ -XXX,XX +XXX,XX @@
+/*
+* Block driver for Parallels disk image format
+*
+* Copyright (c) 2015-2017 Virtuozzo, Inc.
+* Authors:
+*         2016-2017 Klim S. Kireev <klim.kireev@virtuozzo.com>
+*         2015 Denis V. Lunev <den@openvz.org>
+*
+* This code was originally based on comparing different disk images created
+* by Parallels. Currently it is based on opened OpenVZ sources
+* available at
+*     https://github.com/OpenVZ/ploop
+*
+* Permission is hereby granted, free of charge, to any person obtaining a copy
+* of this software and associated documentation files (the "Software"), to deal
+* in the Software without restriction, including without limitation the rights
+* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+* copies of the Software, and to permit persons to whom the Software is
+* furnished to do so, subject to the following conditions:
+*
+* The above copyright notice and this permission notice shall be included in
+* all copies or substantial portions of the Software.
+*
+* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+* THE SOFTWARE.
+*/
+#ifndef BLOCK_PARALLELS_H
+#define BLOCK_PARALLELS_H
+#include "qemu/coroutine.h"
+#include "qemu/typedefs.h"
+
+#define DEFAULT_CLUSTER_SIZE 1048576        /* 1 MiB */
+
+/* always little-endian */
+typedef struct ParallelsHeader {
+    char magic[16]; /* "WithoutFreeSpace" */
+    uint32_t version;
+    uint32_t heads;
+    uint32_t cylinders;
+    uint32_t tracks;
+    uint32_t bat_entries;
+    uint64_t nb_sectors;
+    uint32_t inuse;
+    uint32_t data_off;
+    char padding[12];
+} QEMU_PACKED ParallelsHeader;
+
+typedef enum ParallelsPreallocMode {
+    PRL_PREALLOC_MODE_FALLOCATE = 0,
+    PRL_PREALLOC_MODE_TRUNCATE = 1,
+    PRL_PREALLOC_MODE__MAX = 2,
+} ParallelsPreallocMode;
+
+typedef struct BDRVParallelsState {
+    /** Locking is conservative, the lock protects
+     *   - image file extending (truncate, fallocate)
+     *   - any access to block allocation table
+     */
+    CoMutex lock;
+
+    ParallelsHeader *header;
+    uint32_t header_size;
+    bool header_unclean;
+
+    unsigned long *bat_dirty_bmap;
+    unsigned int  bat_dirty_block;
+
+    uint32_t *bat_bitmap;
+    unsigned int bat_size;
+
+    int64_t  data_end;
+    uint64_t prealloc_size;
+    ParallelsPreallocMode prealloc_mode;
+
+    unsigned int tracks;
+
+    unsigned int off_multiplier;
+    Error *migration_blocker;
+} BDRVParallelsState;
+
+#endif
diff --git a/block/parallels.c b/block/parallels.c
index XXXXXXX..XXXXXXX 100644
--- a/block/parallels.c
+++ b/block/parallels.c
@@ -XXX,XX +XXX,XX @@
 #include "qemu/bswap.h"
 #include "qemu/bitmap.h"
 #include "migration/blocker.h"
+#include "parallels.h"
 
 /**************************************************************/
 
@@ -XXX,XX +XXX,XX @@
 #define HEADER_INUSE_MAGIC  (0x746F6E59)
 #define MAX_PARALLELS_IMAGE_FACTOR (1ull << 32)
 
-#define DEFAULT_CLUSTER_SIZE 1048576        /* 1 MiB */
-
-
-// always little-endian
-typedef struct ParallelsHeader {
-    char magic[16]; // "WithoutFreeSpace"
-    uint32_t version;
-    uint32_t heads;
-    uint32_t cylinders;
-    uint32_t tracks;
-    uint32_t bat_entries;
-    uint64_t nb_sectors;
-    uint32_t inuse;
-    uint32_t data_off;
-    char padding[12];
-} QEMU_PACKED ParallelsHeader;
-
-
-typedef enum ParallelsPreallocMode {
-    PRL_PREALLOC_MODE_FALLOCATE = 0,
-    PRL_PREALLOC_MODE_TRUNCATE = 1,
-    PRL_PREALLOC_MODE__MAX = 2,
-} ParallelsPreallocMode;
-
 static QEnumLookup prealloc_mode_lookup = {
     .array = (const char *const[]) {
         "falloc",
@@ -XXX,XX +XXX,XX @@ static QEnumLookup prealloc_mode_lookup = {
     .size = PRL_PREALLOC_MODE__MAX
 };
 
-typedef struct BDRVParallelsState {
-    /** Locking is conservative, the lock protects
-     *   - image file extending (truncate, fallocate)
-     *   - any access to block allocation table
-     */
-    CoMutex lock;
-
-    ParallelsHeader *header;
-    uint32_t header_size;
-    bool header_unclean;
-
-    unsigned long *bat_dirty_bmap;
-    unsigned int  bat_dirty_block;
-
-    uint32_t *bat_bitmap;
-    unsigned int bat_size;
-
-    int64_t  data_end;
-    uint64_t prealloc_size;
-    ParallelsPreallocMode prealloc_mode;
-
-    unsigned int tracks;
-
-    unsigned int off_multiplier;
-    Error *migration_blocker;
-} BDRVParallelsState;
-
-
 #define PARALLELS_OPT_PREALLOC_MODE     "prealloc-mode"
 #define PARALLELS_OPT_PREALLOC_SIZE     "prealloc-size"
 
-- 
2.14.3

From: Klim Kireev <klim.kireev@virtuozzo.com>

Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
Message-id: 20180112090122.1702-5-klim.kireev@virtuozzo.com
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 block/parallels.h | 2 ++
 block/parallels.c | 5 +++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/block/parallels.h b/block/parallels.h
index XXXXXXX..XXXXXXX 100644
--- a/block/parallels.h
+++ b/block/parallels.h
@@ -XXX,XX +XXX,XX @@
 #include "qemu/coroutine.h"
 #include "qemu/typedefs.h"
 
+#define HEADS_NUMBER 16
+#define SEC_IN_CYL 32
 #define DEFAULT_CLUSTER_SIZE 1048576        /* 1 MiB */
 
 /* always little-endian */
diff --git a/block/parallels.c b/block/parallels.c
index XXXXXXX..XXXXXXX 100644
--- a/block/parallels.c
+++ b/block/parallels.c
@@ -XXX,XX +XXX,XX @@ static int parallels_create(const char *filename, QemuOpts *opts, Error **errp)
     memcpy(header.magic, HEADER_MAGIC2, sizeof(header.magic));
     header.version = cpu_to_le32(HEADER_VERSION);
     /* don't care much about geometry, it is not used on image level */
-    header.heads = cpu_to_le32(16);
-    header.cylinders = cpu_to_le32(total_size / BDRV_SECTOR_SIZE / 16 / 32);
+    header.heads = cpu_to_le32(HEADS_NUMBER);
+    header.cylinders = cpu_to_le32(total_size / BDRV_SECTOR_SIZE
+                                   / HEADS_NUMBER / SEC_IN_CYL);
     header.tracks = cpu_to_le32(cl_size >> BDRV_SECTOR_BITS);
     header.bat_entries = cpu_to_le32(bat_entries);
     header.nb_sectors = cpu_to_le64(DIV_ROUND_UP(total_size, BDRV_SECTOR_SIZE));
-- 
2.14.3

From: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>

Since parallels format supports backing files, refine
readv/writev (allocate_clusters) to redirect read/write requests
to a backing file (if cluster is not available in the current bs).

Signed-off-by: Edgar Kaziakhmedov <edgar.kaziakhmedov@virtuozzo.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Klim Kireev <klim.kireev@virtuozzo.com>
Message-id: 20180112090122.1702-6-klim.kireev@virtuozzo.com
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 block/parallels.c | 50 ++++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 44 insertions(+), 6 deletions(-)

diff --git a/block/parallels.c b/block/parallels.c
index XXXXXXX..XXXXXXX 100644
--- a/block/parallels.c
+++ b/block/parallels.c
@@ -XXX,XX +XXX,XX @@ static int64_t block_status(BDRVParallelsState *s, int64_t sector_num,
 static int64_t allocate_clusters(BlockDriverState *bs, int64_t sector_num,
                                  int nb_sectors, int *pnum)
 {
+    int ret;
     BDRVParallelsState *s = bs->opaque;
     int64_t pos, space, idx, to_allocate, i, len;
 
@@ -XXX,XX +XXX,XX @@ static int64_t allocate_clusters(BlockDriverState *bs, int64_t sector_num,
         return len;
     }
     if (s->data_end + space > (len >> BDRV_SECTOR_BITS)) {
-        int ret;
         space += s->prealloc_size;
         if (s->prealloc_mode == PRL_PREALLOC_MODE_FALLOCATE) {
             ret = bdrv_pwrite_zeroes(bs->file,
@@ -XXX,XX +XXX,XX @@ static int64_t allocate_clusters(BlockDriverState *bs, int64_t sector_num,
         }
     }
 
+    /* Try to read from backing to fill empty clusters
+     * FIXME: 1. previous write_zeroes may be redundant
+     *        2. most of data we read from backing will be rewritten by
+     *           parallels_co_writev. On aligned-to-cluster write we do not need
+     *           this read at all.
+     *        3. it would be good to combine write of data from backing and new
+     *           data into one write call */
+    if (bs->backing) {
+        int64_t nb_cow_sectors = to_allocate * s->tracks;
+        int64_t nb_cow_bytes = nb_cow_sectors << BDRV_SECTOR_BITS;
+        QEMUIOVector qiov;
+        struct iovec iov = {
+            .iov_len = nb_cow_bytes,
+            .iov_base = qemu_blockalign(bs, nb_cow_bytes)
+        };
+        qemu_iovec_init_external(&qiov, &iov, 1);
+
+        ret = bdrv_co_readv(bs->backing, idx * s->tracks, nb_cow_sectors,
+                            &qiov);
+        if (ret < 0) {
+            qemu_vfree(iov.iov_base);
+            return ret;
+        }
+
+        ret = bdrv_co_writev(bs->file, s->data_end, nb_cow_sectors, &qiov);
+        qemu_vfree(iov.iov_base);
+        if (ret < 0) {
+            return ret;
+        }
+    }
+
     for (i = 0; i < to_allocate; i++) {
         s->bat_bitmap[idx + i] = cpu_to_le32(s->data_end / s->off_multiplier);
         s->data_end += s->tracks;
@@ -XXX,XX +XXX,XX @@ static coroutine_fn int parallels_co_readv(BlockDriverState *bs,
 
         nbytes = n << BDRV_SECTOR_BITS;
 
+        qemu_iovec_reset(&hd_qiov);
+        qemu_iovec_concat(&hd_qiov, qiov, bytes_done, nbytes);
+
         if (position < 0) {
-            qemu_iovec_memset(qiov, bytes_done, 0, nbytes);
+            if (bs->backing) {
+                ret = bdrv_co_readv(bs->backing, sector_num, n, &hd_qiov);
+                if (ret < 0) {
+                    break;
+                }
+            } else {
+                qemu_iovec_memset(&hd_qiov, 0, 0, nbytes);
+            }
         } else {
-            qemu_iovec_reset(&hd_qiov);
-            qemu_iovec_concat(&hd_qiov, qiov, bytes_done, nbytes);
-
             ret = bdrv_co_readv(bs->file, position, n, &hd_qiov);
             if (ret < 0) {
                 break;
@@ -XXX,XX +XXX,XX @@ static BlockDriver bdrv_parallels = {
     .bdrv_co_flush_to_os      = parallels_co_flush_to_os,
     .bdrv_co_readv  = parallels_co_readv,
     .bdrv_co_writev = parallels_co_writev,
-
+    .supports_backing = true,
     .bdrv_create    = parallels_create,
     .bdrv_check     = parallels_check,
     .create_opts    = &parallels_create_opts,
-- 
2.14.3