I noticed that grpc-go behaves differently from http server in handling panic. In http server, a panic in handler will stop the goroutine but not the whole server; while a panic in grpc-go rpc will crash the whole server. This is a problem because panic might be from the standard or 3rd party packages the programmer can't control.
Crash the server because of panic in one goroutine is not acceptable for a robust service.