From 8ed20890709ac160e5c4549196d8c101120529c4 Mon Sep 17 00:00:00 2001
From: Elad <18193363+elad335@users.noreply.github.com>
Date: Thu, 6 Mar 2025 18:03:32 +0200
Subject: [PATCH] RSX: Fix UB in FIFO_control::get_current_arg_ptr()

---
 rpcs3/Emu/RSX/RSXFIFO.cpp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/rpcs3/Emu/RSX/RSXFIFO.cpp b/rpcs3/Emu/RSX/RSXFIFO.cpp
index 3f6889bdaa..f9a63efa6c 100644
--- a/rpcs3/Emu/RSX/RSXFIFO.cpp
+++ b/rpcs3/Emu/RSX/RSXFIFO.cpp
@@ -233,7 +233,11 @@ namespace rsx
 			else
 			{
 				// Return a raw pointer with no limited access
-				return {static_cast<const u32*>(vm::base(m_iotable->get_addr(m_internal_get))), 0x10000};
+				constexpr u32 _1m = 0x100000;
+				const u32 base = m_iotable->get_addr(m_internal_get);
+				const u32 base_1m = m_iotable->get_addr(m_internal_get + _1m);
+
+				return {static_cast<const u32*>(vm::base(base)), (base_1m - _1m == base ? _1m : (_1m - (m_internal_get % _1m))) / 4 };
 			}
 		}