diff --git a/qemu/target/arm/translate-a64.c b/qemu/target/arm/translate-a64.c
index aeb4db0d..0304289d 100644
--- a/qemu/target/arm/translate-a64.c
+++ b/qemu/target/arm/translate-a64.c
@@ -397,7 +397,7 @@ static inline void gen_goto_tb(DisasContext *s, int n, uint64_t dest)
         } else if (s->base.singlestep_enabled) {
             gen_exception_internal(s, EXCP_DEBUG);
         } else {
-            tcg_gen_lookup_and_goto_ptr(tcg_ctx, tcg_ctx->cpu_pc);
+            tcg_gen_lookup_and_goto_ptr(tcg_ctx);
             s->base.is_jmp = DISAS_NORETURN;
         }
     }
@@ -11613,7 +11613,7 @@ static void aarch64_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
             gen_a64_set_pc_im(dc, dc->pc);
             /* fall through */
         case DISAS_JUMP:
-            tcg_gen_lookup_and_goto_ptr(tcg_ctx, tcg_ctx->cpu_pc);
+            tcg_gen_lookup_and_goto_ptr(tcg_ctx);
             break;
         case DISAS_EXIT:
             tcg_gen_exit_tb(tcg_ctx, 0);
diff --git a/qemu/target/arm/translate.c b/qemu/target/arm/translate.c
index 8648f648..1a08c39d 100644
--- a/qemu/target/arm/translate.c
+++ b/qemu/target/arm/translate.c
@@ -4283,7 +4283,7 @@ static void gen_goto_ptr(DisasContext *s)
 
     TCGv addr = tcg_temp_new(tcg_ctx);
     tcg_gen_extu_i32_tl(tcg_ctx, addr, tcg_ctx->cpu_R[15]);
-    tcg_gen_lookup_and_goto_ptr(tcg_ctx, addr);
+    tcg_gen_lookup_and_goto_ptr(tcg_ctx);
     tcg_temp_free(tcg_ctx, addr);
 }
 
diff --git a/qemu/target/i386/translate.c b/qemu/target/i386/translate.c
index 3b3450ab..7bda964c 100644
--- a/qemu/target/i386/translate.c
+++ b/qemu/target/i386/translate.c
@@ -2847,7 +2847,7 @@ static void gen_bnd_jmp(DisasContext *s)
    If RECHECK_TF, emit a rechecking helper for #DB, ignoring the state of
    S->TF.  This is used by the syscall/sysret insns.  */
 static void
-do_gen_eob_worker(DisasContext *s, bool inhibit, bool recheck_tf, TCGv jr)
+do_gen_eob_worker(DisasContext *s, bool inhibit, bool recheck_tf, bool jr)
 {
     TCGContext *tcg_ctx = s->uc->tcg_ctx;
 
@@ -2870,12 +2870,8 @@ do_gen_eob_worker(DisasContext *s, bool inhibit, bool recheck_tf, TCGv jr)
         tcg_gen_exit_tb(tcg_ctx, 0);
     } else if (s->tf) {
         gen_helper_single_step(tcg_ctx, tcg_ctx->cpu_env);
-    } else if (!TCGV_IS_UNUSED(jr)) {
-        TCGv vaddr = tcg_temp_new(tcg_ctx);
-
-        tcg_gen_add_tl(tcg_ctx, vaddr, jr, tcg_ctx->cpu_seg_base[R_CS]);
-        tcg_gen_lookup_and_goto_ptr(tcg_ctx, vaddr);
-        tcg_temp_free(tcg_ctx, vaddr);
+    } else if (jr) {
+        tcg_gen_lookup_and_goto_ptr(tcg_ctx);
     } else {
         tcg_gen_exit_tb(tcg_ctx, 0);
     }
@@ -2885,10 +2881,7 @@ do_gen_eob_worker(DisasContext *s, bool inhibit, bool recheck_tf, TCGv jr)
 static inline void
 gen_eob_worker(DisasContext *s, bool inhibit, bool recheck_tf)
 {
-    TCGv unused;
-
-    TCGV_UNUSED(unused);
-    do_gen_eob_worker(s, inhibit, recheck_tf, unused);
+    do_gen_eob_worker(s, inhibit, recheck_tf, false);
 }
 
 /* End of block.
@@ -2907,7 +2900,7 @@ static void gen_eob(DisasContext *s)
 /* Jump to register */
 static void gen_jr(DisasContext *s, TCGv dest)
 {
-    do_gen_eob_worker(s, false, false, dest);
+    do_gen_eob_worker(s, false, false, true);
 }
 
 /* generate a jump to eip. No segment change must happen before as a
diff --git a/qemu/target/mips/translate.c b/qemu/target/mips/translate.c
index 9aa19fea..478681fd 100644
--- a/qemu/target/mips/translate.c
+++ b/qemu/target/mips/translate.c
@@ -4364,7 +4364,7 @@ static inline void gen_goto_tb(DisasContext *ctx, int n, target_ulong dest)
             save_cpu_state(ctx, 0);
             gen_helper_raise_exception_debug(tcg_ctx, tcg_ctx->cpu_env);
         }
-        tcg_gen_lookup_and_goto_ptr(tcg_ctx, tcg_ctx->cpu_PC);
+        tcg_gen_lookup_and_goto_ptr(tcg_ctx);
     }
 }
 
@@ -11002,7 +11002,7 @@ static void gen_branch(DisasContext *ctx, int insn_bytes)
                 save_cpu_state(ctx, 0);
                 gen_helper_raise_exception_debug(tcg_ctx, tcg_ctx->cpu_env);
             }
-            tcg_gen_lookup_and_goto_ptr(tcg_ctx, tcg_ctx->cpu_PC);
+            tcg_gen_lookup_and_goto_ptr(tcg_ctx);
             break;
         default:
             fprintf(stderr, "unknown branch 0x%x\n", proc_hflags);
diff --git a/qemu/tcg-runtime.c b/qemu/tcg-runtime.c
index 8cba0715..5fec77ca 100644
--- a/qemu/tcg-runtime.c
+++ b/qemu/tcg-runtime.c
@@ -143,35 +143,35 @@ uint64_t HELPER(ctpop_i64)(uint64_t arg)
     return ctpop64(arg);
 }
 
-void *HELPER(lookup_tb_ptr)(CPUArchState *env, target_ulong addr)
+void *HELPER(lookup_tb_ptr)(CPUArchState *env)
 {
     TCGContext *tcg_ctx = env->uc->tcg_ctx;
     CPUState *cpu = ENV_GET_CPU(env);
     TranslationBlock *tb;
     target_ulong cs_base, pc;
-    uint32_t flags, addr_hash;
+    uint32_t flags, hash;
 
-    addr_hash = tb_jmp_cache_hash_func(addr);
-    // Unicorn: atomic_read used instead of atomic_rcu_read
-    tb = atomic_read(&cpu->tb_jmp_cache[addr_hash]);
     cpu_get_tb_cpu_state(env, &pc, &cs_base, &flags);
+    hash = tb_jmp_cache_hash_func(pc);
+    // Unicorn: atomic_read used instead of atomic_rcu_read
+    tb = atomic_read(&cpu->tb_jmp_cache[hash]);
 
     if (unlikely(!(tb
-                   && tb->pc == addr
+                   && tb->pc == pc
                    && tb->cs_base == cs_base
                    && tb->flags == flags))) {
-        tb = tb_htable_lookup(cpu, addr, cs_base, flags);
+        tb = tb_htable_lookup(cpu, pc, cs_base, flags);
         if (!tb) {
             return tcg_ctx->code_gen_epilogue;
         }
-        atomic_set(&cpu->tb_jmp_cache[addr_hash], tb);
+        atomic_set(&cpu->tb_jmp_cache[hash], tb);
     }
 
     // Unicorn: commented out
-    //qemu_log_mask_and_addr(CPU_LOG_EXEC, addr,
+    //qemu_log_mask_and_addr(CPU_LOG_EXEC, pc,
     //                       "Chain %p [%d: " TARGET_FMT_lx "] %s\n",
-    //                       tb->tc_ptr, cpu->cpu_index, addr,
-    //                       lookup_symbol(addr));
+    //                       tb->tc_ptr, cpu->cpu_index, pc,
+    //                       lookup_symbol(pc));
     return tb->tc_ptr;
 }
 
diff --git a/qemu/tcg/tcg-op.c b/qemu/tcg/tcg-op.c
index 22a51026..be0d1872 100644
--- a/qemu/tcg/tcg-op.c
+++ b/qemu/tcg/tcg-op.c
@@ -2602,11 +2602,11 @@ void tcg_gen_goto_tb(TCGContext *s, unsigned idx)
     tcg_gen_op1i(s, INDEX_op_goto_tb, idx);
 }
 
-void tcg_gen_lookup_and_goto_ptr(TCGContext *s, TCGv addr)
+void tcg_gen_lookup_and_goto_ptr(TCGContext *s)
 {
     if (TCG_TARGET_HAS_goto_ptr && !qemu_loglevel_mask(CPU_LOG_TB_NOCHAIN)) {
         TCGv_ptr ptr = tcg_temp_new_ptr(s);
-        gen_helper_lookup_tb_ptr(s, ptr, s->tcg_env, addr);
+        gen_helper_lookup_tb_ptr(s, ptr, s->tcg_env);
         tcg_gen_op1i(s, INDEX_op_goto_ptr, GET_TCGV_PTR(ptr));
         tcg_temp_free_ptr(s, ptr);
     } else {
diff --git a/qemu/tcg/tcg-op.h b/qemu/tcg/tcg-op.h
index c09cc7fa..02bd7a81 100644
--- a/qemu/tcg/tcg-op.h
+++ b/qemu/tcg/tcg-op.h
@@ -805,7 +805,7 @@ void tcg_gen_goto_tb(TCGContext *s, unsigned idx);
  * This operation is optional. If the TCG backend does not implement goto_ptr,
  * this op is equivalent to calling tcg_gen_exit_tb() with 0 as the argument.
  */
-void tcg_gen_lookup_and_goto_ptr(TCGContext *s, TCGv addr);
+void tcg_gen_lookup_and_goto_ptr(TCGContext *s);
 
 #if TARGET_LONG_BITS == 32
 #define tcg_temp_new(s) tcg_temp_new_i32(s)
diff --git a/qemu/tcg/tcg-runtime.h b/qemu/tcg/tcg-runtime.h
index 6ce1e95c..7d75431d 100644
--- a/qemu/tcg/tcg-runtime.h
+++ b/qemu/tcg/tcg-runtime.h
@@ -24,7 +24,7 @@ DEF_HELPER_FLAGS_1(clrsb_i64, TCG_CALL_NO_RWG_SE, i64, i64)
 DEF_HELPER_FLAGS_1(ctpop_i32, TCG_CALL_NO_RWG_SE, i32, i32)
 DEF_HELPER_FLAGS_1(ctpop_i64, TCG_CALL_NO_RWG_SE, i64, i64)
 
-DEF_HELPER_FLAGS_2(lookup_tb_ptr, TCG_CALL_NO_WG_SE, ptr, env, tl)
+DEF_HELPER_FLAGS_1(lookup_tb_ptr, TCG_CALL_NO_WG_SE, ptr, env)
 
 DEF_HELPER_FLAGS_1(exit_atomic, TCG_CALL_NO_WG, noreturn, env)