diff --git a/target-mips/helper.c b/target-mips/helper.c
index 014f35d2d622b89b953ab2d3c6fd8be704b91a4a..8b60b2ce9f15e9cedc48ebba65e17272047299fe 100644
--- a/target-mips/helper.c
+++ b/target-mips/helper.c
@@ -231,7 +231,7 @@ int cpu_mips_handle_mmu_fault (CPUState *env, target_ulong address, int rw,
         env->CP0_Context = (env->CP0_Context & 0xff800000) |
 	                   ((address >> 9) &   0x007ffff0);
         env->CP0_EntryHi =
-            (env->CP0_EntryHi & 0xFF) | (address & 0xFFFFF000);
+            (env->CP0_EntryHi & 0xFF) | (address & 0xFFFFE000);
         env->exception_index = exception;
         env->error_code = error_code;
         ret = 1;
diff --git a/target-mips/op_helper.c b/target-mips/op_helper.c
index 03e13a40f877512678be74b089eb324432f140f7..fbd693fb23c08a75deda45f6ad3d7c2520ba4b58 100644
--- a/target-mips/op_helper.c
+++ b/target-mips/op_helper.c
@@ -342,7 +342,7 @@ void do_mtc0 (int reg, int sel)
         rn = "EntryLo1";
         break;
     case 4:
-        val = (env->CP0_Context & 0xFF000000) | (T0 & 0x00FFFFF0);
+        val = (env->CP0_Context & 0xFF800000) | (T0 & 0x007FFFF0);
         old = env->CP0_Context;
         env->CP0_Context = val;
         rn = "Context";
@@ -366,7 +366,7 @@ void do_mtc0 (int reg, int sel)
         rn = "Count";
         break;
     case 10:
-        val = T0 & 0xFFFFF0FF;
+        val = T0 & 0xFFFFE0FF;
         old = env->CP0_EntryHi;
         env->CP0_EntryHi = val;
 	/* If the ASID changes, flush qemu's TLB.  */