diff --git a/bsd-user/signal.c b/bsd-user/signal.c
index 0502a6a..52441c4 100644
--- a/bsd-user/signal.c
+++ b/bsd-user/signal.c
@@ -31,7 +31,7 @@
 #include "qemu.h"
 #include "target_signal.h"
 
-// #define DEBUG_SIGNAL
+//#define DEBUG_SIGNAL
 
 #ifndef _NSIG
 #define _NSIG	128
@@ -441,7 +441,7 @@ host_signal_handler(int host_signum, siginfo_t *info, void *puc)
 	 * we forward to it some signals.
 	 */
 	if ((host_signum == SIGSEGV || host_signum == SIGBUS) &&
-	    info->si_code > 0) {
+	    info->si_code < 0x10000) {
 		if (cpu_signal_handler(host_signum, info, puc))
 			return;
 	}
@@ -1099,6 +1099,7 @@ signal_init(void)
 
 	sigfillset(&act.sa_mask);
 	act.sa_sigaction = host_signal_handler;
+	act.sa_flags = SA_SIGINFO;
 
 	for (i = 1; i <= TARGET_NSIG; i++) {
 		host_sig = target_to_host_signal(i);
diff --git a/bsd-user/syscall.c b/bsd-user/syscall.c
index c627c62..625c3cf 100644
--- a/bsd-user/syscall.c
+++ b/bsd-user/syscall.c
@@ -3544,6 +3544,30 @@ do_stat:
 	 }
 	 break;
 
+#ifdef TARGET_FREEBSD_NR_pdwait4
+    case TARGET_FREEBSD_NR_pdwait4:
+	 {
+		 int status;
+		 abi_long status_ptr = arg2;
+		 struct rusage rusage, *rusage_ptr;
+		 abi_long target_rusage = arg4;
+
+		 if (target_rusage)
+			 rusage_ptr = &rusage;
+		 else
+			 rusage_ptr = NULL;
+		 ret = get_errno(wait4(arg1, &status, arg3, rusage_ptr));
+		 if (!is_error(ret)) {
+			 status = host_to_target_waitstatus(status);
+			 if (put_user_s32(status, status_ptr))
+				 goto efault;
+			 if (target_rusage)
+				 host_to_target_rusage(target_rusage, &rusage);
+		 }
+	 }
+	 break;
+#endif /* TARGET_FREEBSD_NR_pdwait4 */
+
     case TARGET_FREEBSD_NR_accept:
 	 ret = do_accept(arg1, arg2, arg3);
 	 break;
@@ -3803,6 +3827,20 @@ do_stat:
 	 break;
 #endif
 
+    case TARGET_FREEBSD_NR_pdkill:
+	 ret = get_errno(pdkill(arg1, target_to_host_signal(arg2)));
+	 break;
+
+    case TARGET_FREEBSD_NR_pdgetpid:
+	 {
+		 pid_t pid;
+
+		 ret = get_errno(pdgetpid(arg1, &pid));
+		 if (put_user_u32(pid, arg2))
+			 goto efault;
+	 }
+	 break;
+
     case TARGET_FREEBSD_NR_sigaction:
 	 {
 		 struct target_sigaction *old_act, act, oact, *pact;
@@ -4014,27 +4052,88 @@ do_stat:
 
 #ifdef TARGET_FREEBSD_NR_aio_read
     case TARGET_FREEBSD_NR_aio_read:
+	 ret = unimplemented(num);
+	 break;
 #endif
 #ifdef TARGET_FREEBSD_NR_aio_write
     case TARGET_FREEBSD_NR_aio_write:
+	 ret = unimplemented(num);
+	 break;
 #endif
 #ifdef TARGET_FREEBSD_NR_aio_return
     case TARGET_FREEBSD_NR_aio_return:
+	 ret = unimplemented(num);
+	 break;
 #endif
 #ifdef TARGET_FREEBSD_NR_aio_suspend
     case TARGET_FREEBSD_NR_aio_suspend:
+	 ret = unimplemented(num);
+	 break;
 #endif
 #ifdef TARGET_FREEBSD_NR_aio_cancel
     case TARGET_FREEBSD_NR_aio_cancel:
+	 ret = unimplemented(num);
+	 break;
 #endif
 #ifdef TARGET_FREEBSD_NR_aio_error
     case TARGET_FREEBSD_NR_aio_error:
+	 ret = unimplemented(num);
+	 break;
 #endif
 #ifdef TARGET_FREEBSD_NR_aio_waitcomplete
     case TARGET_FREEBSD_NR_aio_waitcomplete:
+	 ret = unimplemented(num);
+	 break;
 #endif
 #ifdef TARGET_FREEBSD_NR_lio_listio
     case TARGET_FREEBSD_NR_lio_listio:
+	 ret = unimplemented(num);
+	 break;
+#endif
+
+#if 0 /* XXX not supported in libc yet, it seems (10.0 addition). */
+    case TARGET_FREEBSD_NR_posix_fadvise:
+	 {
+		 off_t offset = arg2, len = arg3;
+		 int advice = arg4;
+
+#if TARGET_ABI_BITS == 32
+		 if (regpairs_aligned(cpu_env)) {
+			 offset = target_offset64(arg3, arg4);
+			 len = target_offset64(arg5, arg6);
+			 advice = arg7;
+		 } else {
+			 offset = target_offset64(arg2, arg3);
+			 len = target_offset64(arg4, arg5);
+			 advice = arg6;
+		 }
+#endif
+		 ret = get_errno(posix_fadvise(arg1, offset, len, advice));
+	 }
+	 break;
+#endif
+
+    case TARGET_FREEBSD_NR_posix_fallocate:
+	 {
+		 off_t offset = arg2, len = arg3;
+
+#if TARGET_ABI_BITS == 32
+		 if (regpairs_aligned(cpu_env)) {
+			 offset = target_offset64(arg3, arg4);
+			 len = target_offset64(arg5, arg6);
+		 } else {
+			 offset = target_offset64(arg2, arg3);
+			 len = target_offset64(arg4, arg5);
+		 }
+#endif
+		 ret = get_errno(posix_fallocate(arg1, offset, len));
+	 }
+	 break;
+
+#ifdef TARGET_FREEBSD_posix_openpt
+    case TARGET_FREEBSD_posix_openpt:
+	 ret = get_errno(posix_openpt(arg1));
+	 break;
 #endif
 
     case TARGET_FREEBSD_NR_yield:
@@ -4054,9 +4153,6 @@ do_stat:
     case TARGET_FREEBSD_NR_swapon:
     case TARGET_FREEBSD_NR_swapoff:
 
-    case TARGET_FREEBSD_NR_pdkill:
-    case TARGET_FREEBSD_NR_pdgetpid:
-
     case TARGET_FREEBSD_NR_thr_create:
     case TARGET_FREEBSD_NR_thr_exit:
     case TARGET_FREEBSD_NR_thr_self:
@@ -4080,9 +4176,6 @@ do_stat:
     case TARGET_FREEBSD_NR__umtx_lock:
     case TARGET_FREEBSD_NR__umtx_unlock:
 
-    case TARGET_FREEBSD_NR_posix_fadvise:
-    case TARGET_FREEBSD_NR_posix_fallocate:
-
     case TARGET_FREEBSD_NR_rctl_get_racct:
     case TARGET_FREEBSD_NR_rctl_get_rules:
     case TARGET_FREEBSD_NR_rctl_add_rule:
diff --git a/user-exec.c b/user-exec.c
index 9ad4858..bf29e84 100644
--- a/user-exec.c
+++ b/user-exec.c
@@ -38,7 +38,7 @@
 #include <sys/ucontext.h>
 #endif
 
-#define DEBUG_SIGNAL
+//#define DEBUG_SIGNAL
 
 static void exception_action(CPUArchState *env1)
 {
@@ -103,7 +103,7 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
     }
 #endif
 #if defined(DEBUG_SIGNAL)
-    qemu_printf("qemu: SIGSEGV pc=0x%08lx address=%08lx w=%d oldset=0x%08lx\n",
+    qemu_printf("qemu: SIGSEGV pc=0x%08lx address=0x%08lx w=%d oldset=0x%08lx\n",
                 pc, address, is_write, *(unsigned long *)old_set);
 #endif
     /* XXX: locking issue */