command/retroarch: clarify lifecycle comments around

LibretroAdmin · LibretroAdmin · commit 4666d70029ce · 2026-05-03T12:06:33.000+02:00
reinit and core deinit

Two minor doc cleanups - no behavioral change.

command.c: the comment on the cached_snapshot static buffer
in command_event_reinit claimed the buffer is 'freed at
shutdown', but no shutdown free path exists. Update the comment
to describe what actually happens: the static is not freed,
but it's bounded at one framebuffer's worth of memory and
reclaimed by the OS at process exit. Note explicitly that
adding a teardown hook would require wiring the static into
retroarch_deinit_drivers and that we deliberately don't.

retroarch.c: the CMD_EVENT_CORE_DEINIT handler recursively
calls command_event(CMD_EVENT_UNPAUSE, NULL) at its top,
re-entering the same dispatcher. The current UNPAUSE branch
is small enough that the self-call is safe, but the safety
constraint isn't documented. Add a comment so future changes
to UNPAUSE that would touch core state get noticed during
review (we're mid-deinit; touching core state from there
would be a UAF).
diff --git a/command.c b/command.c
@@ -2521,8 +2521,13 @@ void command_event_reinit(const int flags)
    /* Restore the snapshot and ask the new driver to replay it so the
     * paused-core background appears in the first post-reinit frame.
     * The buffer stays live across subsequent frame_cb calls from the
-    * core (which overwrite the pointer) and is either reused on the
-    * next reinit or freed at shutdown. */
+    * core (which overwrite the pointer) and is reused on the next
+    * reinit.  The static cached_snapshot itself is not freed at
+    * shutdown - it's a one-shot leak bounded at one framebuffer's
+    * worth of memory, reclaimed by the OS on process exit.  Adding
+    * a teardown hook would mean wiring command_event_reinit's
+    * statics into retroarch_deinit_drivers; the size cap makes the
+    * leak benign in practice, so we leave it. */
    if (cached_snapshot_p && cached_snapshot_h)
    {
       video_st->frame_cache_data   = cached_snapshot;
diff --git a/retroarch.c b/retroarch.c
@@ -4362,7 +4362,12 @@ bool command_event(enum event_command cmd, void *data)
                *video_st                         = video_state_get_ptr();
             rarch_system_info_t *sys_info        = &runloop_st->system;
             
-            /* Restore unpaused state */
+            /* Restore unpaused state. The recursive command_event call
+             * here re-enters this dispatcher; the UNPAUSE branch is
+             * deliberately small (clears flags, resumes audio) and
+             * does not touch core state, so the self-call is safe.
+             * Any future addition to the UNPAUSE handler that would
+             * touch core state must consider that we're mid-deinit. */
             runloop_st->paused_hotkey = false;
             command_event(CMD_EVENT_UNPAUSE, NULL);
 
