Index: qemu/linux-user/syscall.c
===================================================================
--- qemu.orig/linux-user/syscall.c
+++ qemu/linux-user/syscall.c
@@ -1573,9 +1732,19 @@ static long do_ipc(long call, long first
 
     switch (call) {
     case IPCOP_semop:
-        ret = get_errno(semop(first,(struct sembuf *) ptr, second));
+    {
+	struct sembuf *target_sops;
+	int i;
+	lock_user_struct(target_sops, ptr, 0);
+	for(i=0; i<second; i++) {
+		target_sops[i].sem_num = tswap16(target_sops[i].sem_num);
+		target_sops[i].sem_op  = tswap16(target_sops[i].sem_op);
+		target_sops[i].sem_flg = tswap16(target_sops[i].sem_flg);
+	}
+        ret = get_errno(semop(first, target_sops, second));
+	unlock_user_struct(target_sops, ptr, 0);
         break;
-
+    }
     case IPCOP_semget:
         ret = get_errno(semget(first, second, third));
         break;