The
panic() function terminates the
NetBSD system. The message
fmt is a
printf(3) style format string which is printed to the console and saved in the variable
panicstr for later retrieval via core dump inspection. A newline character is added at the end automatically, and is thus not needed in the format string.
If a kernel debugger is installed, control is passed to it after the message is printed. If the kernel debugger is
ddb(4), control may be passed to it, depending on the value of
ddb.onpanic. See
options(4) for more details on setting
ddb.onpanic. If control is not passed through to
ddb(4), a
ddb(4)-specific function is used to print the kernel stack trace, and then control returns to
panic().
If control remains in
panic(), an attempt is made to save an image of system memory on the configured dump device.
If during the process of handling the panic,
panic() is called again (from the filesystem synchronization routines, for example), the system is rebooted immediately without synchronizing any filesystems.
panic() is meant to be used in situations where something unexpected has happened and it is difficult to recover the system to a stable state, or in situations where proceeding might make the things worse, leading to data corruption/loss. It is not meant to be used in scenarios where the system could easily ignore and/or isolate the condition/subsystem and proceed.
In general developers should try to reduce the number of
panic() calls in the kernel to improve stability.