On Tue, Aug 25, 2020 at 05:04:14PM +0300, Gal Pressman wrote: > Right, as always, the error code would probably not contain much information, > but there's a big difference between returning error code X/Y vs returning > success instead of an error. To me that just feels wrong, at least in cases > where we can prevent that. >From user perspective it is a success. The purpose of the destroy kernel command is to allow userspace to release the memory underlying the object. The only valid reason to return a failure from destroy to userspace is if userspace has a programming error - eg destroying a PD while QPs exist does fail today for all drivers. Userspace should treat destroy failure as a serious error and crash - there is no possible recovery from it beyond leaking memory. Userspace should NOT be exposed to device failure via destroy. Failed devices trigger an ASYNC EVENT and destroy MUST succeed after the device fatal event. Jason
