Index: target-i386/helper.h
===================================================================
--- target-i386/helper.h	(revision 4744)
+++ target-i386/helper.h	(working copy)
@@ -60,7 +60,7 @@
 DEF_HELPER(void, helper_syscall, (int next_eip_addend))
 DEF_HELPER(void, helper_sysret, (int dflag))
 #endif
-DEF_HELPER(void, helper_hlt, (void))
+DEF_HELPER(void, helper_hlt, (int next_eip_addend))
 DEF_HELPER(void, helper_monitor, (target_ulong ptr))
 DEF_HELPER(void, helper_mwait, (void))
 DEF_HELPER(void, helper_debug, (void))
Index: target-i386/op_helper.c
===================================================================
--- target-i386/op_helper.c	(revision 4744)
+++ target-i386/op_helper.c	(working copy)
@@ -4547,9 +4547,10 @@
 }
 #endif
 
-void helper_hlt(void)
+void helper_hlt(int next_eip_addend)
 {
     helper_svm_check_intercept_param(SVM_EXIT_HLT, 0);
+    EIP+=next_eip_addend;
     
     env->hflags &= ~HF_INHIBIT_IRQ_MASK; /* needed if sti is just before */
     env->halted = 1;
@@ -4575,7 +4576,7 @@
         /* more than one CPU: do not sleep because another CPU may
            wake this one */
     } else {
-        helper_hlt();
+        helper_hlt(0);
     }
 }
 
Index: target-i386/translate.c
===================================================================
--- target-i386/translate.c	(revision 4744)
+++ target-i386/translate.c	(working copy)
@@ -6420,8 +6420,8 @@
         } else {
             if (s->cc_op != CC_OP_DYNAMIC)
                 gen_op_set_cc_op(s->cc_op);
-            gen_jmp_im(s->pc - s->cs_base);
-            tcg_gen_helper_0_0(helper_hlt);
+            gen_jmp_im(pc_start - s->cs_base);
+            tcg_gen_helper_0_1(helper_hlt, tcg_const_i32(s->pc - pc_start));
             s->is_jmp = 3;
         }
         break;