Page MenuHomeFreeBSD

D39132.id118947.diff
No OneTemporary

D39132.id118947.diff

diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile
--- a/share/man/man9/Makefile
+++ b/share/man/man9/Makefile
@@ -1732,7 +1732,8 @@
osd.9 osd_reserve.9 \
osd.9 osd_set.9 \
osd.9 osd_set_reserved.9
-MLINKS+=panic.9 vpanic.9
+MLINKS+=panic.9 vpanic.9 \
+ panic.9 KERNEL_PANICKED.9
MLINKS+=pci.9 pci_alloc_msi.9 \
pci.9 pci_alloc_msix.9 \
pci.9 pci_disable_busmaster.9 \
diff --git a/share/man/man9/panic.9 b/share/man/man9/panic.9
--- a/share/man/man9/panic.9
+++ b/share/man/man9/panic.9
@@ -1,7 +1,13 @@
.\" $NetBSD: panic.9,v 1.2 1996/10/09 17:20:04 explorer Exp $
.\"
+.\" SPDX-License-Identifier: BSD-4-Clause
+.\"
.\" Copyright (c) 1996 Michael Graff.
.\" All rights reserved.
+.\" Copyright (c) 2023 The FreeBSD Foundation
+.\"
+.\" Portions of this documentation were written by Mitchell Horne
+.\" under sponsorship from the FreeBSD Foundation.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
@@ -15,7 +21,7 @@
.\" must display the following acknowledgement:
.\" This product includes software developed by Michael Graff
.\" for the NetBSD Project.
-.\" 3. The name of the author may not be used to endorse or promote products
+.\" 4. The name of the author may not be used to endorse or promote products
.\" derived from this software without specific prior written permission
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
@@ -31,7 +37,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd April 23, 2015
+.Dd February 24, 2023
.Dt PANIC 9
.Os
.Sh NAME
@@ -39,11 +45,13 @@
.Nd bring down system on fatal error
.Sh SYNOPSIS
.In sys/types.h
-.In sys/systm.h
+.In sys/kassert.h
+.Vt extern char *panicstr;
.Ft void
.Fn panic "const char *fmt" ...
.Ft void
.Fn vpanic "const char *fmt" "va_list ap"
+.Fn KERNEL_PANICKED
.Sh DESCRIPTION
The
.Fn panic
@@ -55,20 +63,86 @@
is a
.Xr printf 3
style format string.
-The message is printed to the console and the location
-.Fa panicstr
-is set to the address of the message text for retrieval from the OS
-core dump.
+The message is printed to the console and
+.Va panicstr
+is set pointing to the address of the message text.
+This can be retrieved from a core dump at a later time.
.Pp
-If the kernel debugger is installed control is passed to it, otherwise
-an attempt to save a core dump of the OS to a configured dump device
-is made.
+When entering the
+.Fn panic
+function the panicking thread takes its spinlock.
+This prevents it from being preempted or interrupted while the system is still
+in a running state.
+Next, if this is the first time calling the function, it will instruct the
+other CPUs in the system to stop.
+This synchronizes with other threads to prevent concurrent panic conditions
+from interfering with one another.
+In this unlikely case, only one panicking thread will proceed.
+.Pp
+Control will be passed to the kernel debugger via
+.Fn kdb_enter .
+This is conditional on a debugger being installed and enabled; see
+.Xr ddb 4
+and
+.Xr gdb 4 .
+The debugger may initiate a system reset, or it may eventually return.
.Pp
+Finally,
+.Xr kern_reboot 9
+is called to restart the system.
+A kernel dump will be requested.
If
.Fn panic
-is called twice (from the disk sync routines, for example) the system is
-rebooted without syncing the disks.
+is called more than once (from the disk sync routines, for example),
+.Fn kern_reboot
+will be instructed not to sync the disks.
+.Pp
+The
+.Fn KERNEL_PANICKED
+macro is the preferred way to determine if the system has panicked.
+It returns a boolean value.
+Most often this is used to avoid taking an action that cannot possibly succeed
+in a panic context.
+.Sh EXECUTION CONTEXT
+.\" TODO: This text describes the kernel debugger / kernel dump execution
+.\" context as well. It could be moved to a future kdb(9) page, and this
+.\" section would become a pointer.
+Once the panic has been initiated, code executing in a panic context is subject
+to the following restrictions:
+.Bl -bullet
+.It
+Single-threaded execution.
+The scheduler is disabled, and other CPUs are stopped/forced idle.
+Functions that manipulate the scheduler state must be avoided.
+This includes, but is not limited to,
+.Xr wakeup 9
+and
+.Xr sleepqueue 9
+functions.
+.It
+Interrupts are disabled.
+Device I/O (e.g. console) must be achieved with polling.
+.It
+Dynamic memory allocation cannot be relied on, and must be avoided.
+.It
+Lock acquisition/release will be ignored, meaning these calls will appear to
+succeed.
+.It
+Sleeping on a resource is not strictly prohibited, but will result in an
+immediate return from the sleep function.
+Time-based sleeps such as
+.Xr pause 9
+may be performed as a busy-wait.
+.El
.Sh RETURN VALUES
The
.Fn panic
-function does not return.
+and
+.Fn vpanic
+functions do not return.
+.Sh SEE ALSO
+.Xr printf 3 ,
+.Xr ddb 4 ,
+.Xr gdb 4 ,
+.Xr KASSERT 9 ,
+.Xr kern_reboot 9

File Metadata

Mime Type
text/plain
Expires
Sat, Nov 16, 5:32 AM (20 h, 36 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
14653729
Default Alt Text
D39132.id118947.diff (4 KB)

Event Timeline