Index: loader/ldt_keeper.c
===================================================================
--- loader/ldt_keeper.c	(revision 30526)
+++ loader/ldt_keeper.c	(working copy)
@@ -271,6 +271,9 @@
 	    printf("Couldn't install fs segment, expect segfault\n");
 	}
     }
+#elif defined(__OS2__)
+    /* convert flat addr to sel idx for LDT_SEL() */
+    fs_ldt = (uintptr_t)fs_seg >> 16;
 #endif

     Setup_FS_Segment();
Index: loader/module.c
===================================================================
--- loader/module.c	(revision 30526)
+++ loader/module.c	(working copy)
@@ -744,6 +744,31 @@

 #ifdef EMU_QTX_API

+#ifdef __OS2__
+uint32_t _System DosQueryMem(void *, uint32_t *, uint32_t *);
+#endif
+
+static int is_invalid_ptr_handle(void *p)
+{
+#ifdef __OS2__
+    uint32_t cb = 1;
+    uint32_t fl;
+
+    if(DosQueryMem(p, &cb, &fl))
+        return 1;
+
+    // Occasionally, ptr with 'EXEC' attr is passed.
+    // On OS/2, however, malloc() never sets 'EXEC' attr.
+    // So ptr with 'EXEC' attr is invalid.
+    if(fl & 0x04)
+        return 1;
+
+    return 0;
+#else
+    return (uint32_t)p >= 0x60000000;
+#endif
+}
+
 static uint32_t ret_array[4096];
 static int ret_i=0;

@@ -844,10 +892,10 @@
 #endif
       return 1;
   case 0x15002f: //DisposePtr
-      if(((uint32_t *)stack_base)[1]>=0x60000000)
+      if(is_invalid_ptr_handle(((void **)stack_base)[1]))
           printf("WARNING! Invalid Ptr handle!\n");
       else
-          free((void *)((uint32_t *)stack_base)[1]);
+          free(((void **)stack_base)[1]);
       reg->eax=0;
 #ifdef DEBUG_QTX_API
       printf("%*sLEAVE(%d): EMULATED! 0x%X\n",ret_i*2,"",ret_i, reg->eax);