Index: loader/wrapper.S
===================================================================
--- loader/wrapper.S    (revision 27458)
+++ loader/wrapper.S    (working copy)
@@ -1,4 +1,4 @@
-.section .data
+    .data
 .globl caller_return
 caller_return:
    .long 0
@@ -12,7 +12,7 @@
 wrapper_target:    
    .long null_call
 
-.section .text
+    .text
 .globl null_call
    .type null_call, @function
    .balign 16,0x90
Index: loader/ldt_keeper.c
===================================================================
--- loader/ldt_keeper.c (revision 27458)
+++ loader/ldt_keeper.c (working copy)
@@ -281,6 +281,11 @@
     }
 #endif
 
+#ifdef __OS2__
+    /* convert flat addr to sel idx for LDT_SEL() */
+    fs_ldt = ( unsigned int )(( unsigned long )fs_seg  >> 16 );
+#endif
+
     Setup_FS_Segment();
 
     ldt_fs->prev_struct = malloc(8);
Index: loader/module.c
===================================================================
--- loader/module.c (revision 27458)
+++ loader/module.c (working copy)
@@ -744,6 +744,50 @@
 
 #ifdef EMU_QTX_API
 
+#ifdef __OS2__
+uint32_t _System DosQueryMem( void *, uint32_t *, uint32_t * );
+
+static int isInvalidPtr( void *p )
+{
+    uint32_t cb = 1;
+    uint32_t fl;
+
+    if( DosQueryMem( p, &cb, &fl ))
+        return 1;
+
+#ifdef DEBUG_QTX_API
+    printf("addr = %p, cb = %d, fl = %08X : ", p, cb, fl );
+    if( fl & 0x10 )
+        printf("COMMIT ");
+    if( fl & 0x2000 )
+        printf("SHARED ");
+    if( fl & 0x4000 )
+        printf("FREE ");
+    if( fl & 0x10000 )
+        printf("BASE ");
+    if( fl & 0x01 )
+        printf("READ ");
+    if( fl & 0x02 )
+        printf("WRITE ");
+    if( fl & 0x04 )
+        printf("EXEC ");
+    if( fl & 0x08 )
+        printf("GUARD ");
+    printf("\n");
+#endif
+
+    // Occasionally, ptr with 'EXEC' attr is passed.
+    // On OS/2, however, malloc() never set 'EXEC' attr.
+    // So ptr with 'EXEC' attr is invalid.
+    if( fl & 0x04 )
+        return 1;
+
+    return 0;
+}
+#else
+#define isInvalidPtr( p ) (( uint32_t )( p ) >= 0x60000000 )
+#endif
+
 static uint32_t ret_array[4096];
 static int ret_i=0;
 
@@ -758,6 +802,7 @@
   int plen=-1;
   // find the code:
   
+#ifndef __OS2__
   dptr=0x62b67ae0;dptr+=2*((reg->eax>>16)&255);
 //  printf("FUNC: flag=%d ptr=%p\n",dptr[0],dptr[1]);
   if(dptr[0]&255){
@@ -792,6 +837,7 @@
      pwrapper=dptr[1];
       }
   }
+#endif
 
   for(i=0;qt_fv_list[i].name;i++){
           if(qt_fv_list[i].id==reg->eax){
@@ -844,7 +890,7 @@
 #endif
       return 1;
   case 0x15002f: //DisposePtr
-      if(((uint32_t *)stack_base)[1]>=0x60000000)
+      if(isInvalidPtr((void *)((uint32_t *)stack_base)[1]))
           printf("WARNING! Invalid Ptr handle!\n");
       else
           free((void *)((uint32_t *)stack_base)[1]);
Index: loader/wrapper.h
===================================================================
--- loader/wrapper.h    (revision 27458)
+++ loader/wrapper.h    (working copy)
@@ -9,12 +9,12 @@
 
 typedef int (*wrapper_func_t)(void *stack_base, int stack_size, reg386_t *reg,  uint32_t *flags);
 
-extern wrapper_func_t report_entry, report_ret;
+extern wrapper_func_t report_entry asm("report_entry"), report_ret asm("report_ret");
 
-extern void (*wrapper_target)(void);
+extern void (*wrapper_target)(void) asm("wrapper_target");
 
-extern int wrapper(void);
-extern int null_call(void);
+extern int wrapper(void) asm("wrapper");
+extern int null_call(void) asm("null_call");
 
 #endif /* MPLAYER_WRAPPER_H */