From 9f0c0e6eede6aedb60e12888fc9751c40b364dc9 Mon Sep 17 00:00:00 2001
From: John Baldwin <jhb@FreeBSD.org>
Date: Wed, 21 Dec 2022 10:45:26 -0800
Subject: [PATCH] mrsas: Don't leak a stack pointer value in the softc.

mrsas_issue_blocked_cmd stores a pointer to an on-stack variable
in its softc so that the driver can call wakeup() on the correct
pointer.  Once the loop around tsleep() has finished however, the
pointer is no longer needed and any further use would be invalid.
Clear sc->chan to NULL after the loop.

Reported by:	GCC -Wdangling-pointer
Differential Revision:	https://reviews.freebsd.org/D37628
---
 sys/dev/mrsas/mrsas.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sys/dev/mrsas/mrsas.c b/sys/dev/mrsas/mrsas.c
index 6247cc2b142..2f531bb4467 100644
--- a/sys/dev/mrsas/mrsas.c
+++ b/sys/dev/mrsas/mrsas.c
@@ -3980,6 +3980,7 @@ mrsas_issue_blocked_cmd(struct mrsas_softc *sc, struct mrsas_mfi_cmd *cmd)
 			}
 		}
 	}
+	sc->chan = NULL;
 
 	if (cmd->cmd_status == 0xFF) {
 		device_printf(sc->mrsas_dev, "DCMD timed out after %d "