grpc 1.55.3 → 1.56.0.pre3

data/src/core/lib/security/certificate_provider/certificate_provider_factory.h

@@ -23,12 +23,15 @@
 
 #include <string>
 
+#include "absl/strings/string_view.h"
+
 #include <grpc/grpc_security.h>
 
 #include "src/core/lib/gprpp/ref_counted.h"
 #include "src/core/lib/gprpp/ref_counted_ptr.h"
-#include "src/core/lib/iomgr/error.h"
+#include "src/core/lib/gprpp/validation_errors.h"
 #include "src/core/lib/json/json.h"
+#include "src/core/lib/json/json_args.h"
 
 namespace grpc_core {
 
@@ -43,7 +46,7 @@ class CertificateProviderFactory {
 
     // Name of the type of the CertificateProvider. Unique to each type of
     // config.
-    virtual const char* name() const = 0;
+    virtual absl::string_view name() const = 0;
 
     virtual std::string ToString() const = 0;
   };
@@ -51,10 +54,11 @@ class CertificateProviderFactory {
   virtual ~CertificateProviderFactory() = default;
 
   // Name of the plugin.
-  virtual const char* name() const = 0;
+  virtual absl::string_view name() const = 0;
 
   virtual RefCountedPtr<Config> CreateCertificateProviderConfig(
-      const Json& config_json, grpc_error_handle* error) = 0;
+      const Json& config_json, const JsonArgs& args,
+      ValidationErrors* errors) = 0;
 
   // Create a CertificateProvider instance from config.
   virtual RefCountedPtr<grpc_tls_certificate_provider>

data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc

@@ -20,11 +20,8 @@
 
 #include "src/core/lib/security/certificate_provider/certificate_provider_registry.h"
 
-#include <string.h>
-
-#include <algorithm>
+#include <string>
 #include <utility>
-#include <vector>
 
 #include <grpc/support/log.h>
 
@@ -32,29 +29,22 @@ namespace grpc_core {
 
 void CertificateProviderRegistry::Builder::RegisterCertificateProviderFactory(
     std::unique_ptr<CertificateProviderFactory> factory) {
+  absl::string_view name = factory->name();
   gpr_log(GPR_DEBUG, "registering certificate provider factory for \"%s\"",
-          factory->name());
-  for (size_t i = 0; i < factories_.size(); ++i) {
-    GPR_ASSERT(strcmp(factories_[i]->name(), factory->name()) != 0);
-  }
-  factories_.push_back(std::move(factory));
+          std::string(name).c_str());
+  GPR_ASSERT(factories_.emplace(name, std::move(factory)).second);
 }
 
 CertificateProviderRegistry CertificateProviderRegistry::Builder::Build() {
-  CertificateProviderRegistry r;
-  r.factories_ = std::move(factories_);
-  return r;
+  return CertificateProviderRegistry(std::move(factories_));
 }
 
 CertificateProviderFactory*
 CertificateProviderRegistry::LookupCertificateProviderFactory(
     absl::string_view name) const {
-  for (size_t i = 0; i < factories_.size(); ++i) {
-    if (name == factories_[i]->name()) {
-      return factories_[i].get();
-    }
-  }
-  return nullptr;
+  auto it = factories_.find(name);
+  if (it == factories_.end()) return nullptr;
+  return it->second.get();
 }
 
 }  // namespace grpc_core

data/src/core/lib/security/certificate_provider/certificate_provider_registry.h

@@ -21,8 +21,9 @@
 
 #include <grpc/support/port_platform.h>
 
+#include <map>
 #include <memory>
-#include <vector>
+#include <utility>
 
 #include "absl/strings/string_view.h"
 
@@ -32,20 +33,24 @@ namespace grpc_core {
 
 // Global registry for all the certificate provider plugins.
 class CertificateProviderRegistry {
+ private:
+  using FactoryMap =
+      std::map<absl::string_view, std::unique_ptr<CertificateProviderFactory>>;
+
  public:
   class Builder {
    public:
-    // Register a provider with the registry. Can only be called after calling
-    // InitRegistry(). The key of the factory is extracted from factory
-    // parameter with method CertificateProviderFactory::name. If the same key
-    // is registered twice, an exception is raised.
+    // Register a provider with the registry. The key of the factory is
+    // extracted from factory parameter with method
+    // CertificateProviderFactory::name. The registry with a given name
+    // cannot be registered twice.
     void RegisterCertificateProviderFactory(
         std::unique_ptr<CertificateProviderFactory> factory);
 
     CertificateProviderRegistry Build();
 
    private:
-    std::vector<std::unique_ptr<CertificateProviderFactory>> factories_;
+    FactoryMap factories_;
   };
 
   CertificateProviderRegistry(const CertificateProviderRegistry&) = delete;
@@ -60,9 +65,10 @@ class CertificateProviderRegistry {
       absl::string_view name) const;
 
  private:
-  CertificateProviderRegistry() = default;
+  explicit CertificateProviderRegistry(FactoryMap factories)
+      : factories_(std::move(factories)) {}
 
-  std::vector<std::unique_ptr<CertificateProviderFactory>> factories_;
+  FactoryMap factories_;
 };
 
 }  // namespace grpc_core

data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc

@@ -34,6 +34,7 @@
 #include <grpc/grpc.h>
 #include <grpc/grpc_security.h>
 #include <grpc/support/alloc.h>
+#include <grpc/support/json.h>
 #include <grpc/support/log.h>
 #include <grpc/support/string_util.h>
 
@@ -487,19 +488,25 @@ void AwsExternalAccountCredentials::BuildSubjectToken() {
   }
   // Construct subject token
   Json::Array headers;
-  headers.push_back(Json(
-      {{"key", "Authorization"}, {"value", signed_headers["Authorization"]}}));
-  headers.push_back(Json({{"key", "host"}, {"value", signed_headers["host"]}}));
+  headers.push_back(Json::FromObject(
+      {{"key", Json::FromString("Authorization")},
+       {"value", Json::FromString(signed_headers["Authorization"])}}));
   headers.push_back(
-      Json({{"key", "x-amz-date"}, {"value", signed_headers["x-amz-date"]}}));
-  headers.push_back(Json({{"key", "x-amz-security-token"},
-                          {"value", signed_headers["x-amz-security-token"]}}));
-  headers.push_back(
-      Json({{"key", "x-goog-cloud-target-resource"}, {"value", audience_}}));
-  Json::Object object{{"url", Json(cred_verification_url_)},
-                      {"method", Json("POST")},
-                      {"headers", Json(headers)}};
-  Json subject_token_json(object);
+      Json::FromObject({{"key", Json::FromString("host")},
+                        {"value", Json::FromString(signed_headers["host"])}}));
+  headers.push_back(Json::FromObject(
+      {{"key", Json::FromString("x-amz-date")},
+       {"value", Json::FromString(signed_headers["x-amz-date"])}}));
+  headers.push_back(Json::FromObject(
+      {{"key", Json::FromString("x-amz-security-token")},
+       {"value", Json::FromString(signed_headers["x-amz-security-token"])}}));
+  headers.push_back(Json::FromObject(
+      {{"key", Json::FromString("x-goog-cloud-target-resource")},
+       {"value", Json::FromString(audience_)}}));
+  Json subject_token_json =
+      Json::FromObject({{"url", Json::FromString(cred_verification_url_)},
+                        {"method", Json::FromString("POST")},
+                        {"headers", Json::FromArray(headers)}});
   std::string subject_token = UrlEncode(JsonDump(subject_token_json));
   FinishRetrieveSubjectToken(subject_token, absl::OkStatus());
 }

data/src/core/lib/security/credentials/external/external_account_credentials.cc

@@ -40,6 +40,7 @@
 #include <grpc/grpc.h>
 #include <grpc/grpc_security.h>
 #include <grpc/support/alloc.h>
+#include <grpc/support/json.h>
 #include <grpc/support/log.h>
 #include <grpc/support/string_util.h>
 
@@ -328,9 +329,10 @@ void ExternalAccountCredentials::ExchangeToken(
   Json::Object addtional_options_json_object;
   if (options_.client_id.empty() && options_.client_secret.empty()) {
     addtional_options_json_object["userProject"] =
-        options_.workforce_pool_user_project;
+        Json::FromString(options_.workforce_pool_user_project);
   }
-  Json addtional_options_json(std::move(addtional_options_json_object));
+  Json addtional_options_json =
+      Json::FromObject(std::move(addtional_options_json_object));
   body_parts.push_back(absl::StrFormat(
       "options=%s", UrlEncode(JsonDump(addtional_options_json)).c_str()));
   std::string body = absl::StrJoin(body_parts, "&");

data/src/core/lib/security/credentials/external/file_external_account_credentials.cc

@@ -25,6 +25,7 @@
 #include "absl/strings/string_view.h"
 
 #include <grpc/slice.h>
+#include <grpc/support/json.h>
 
 #include "src/core/lib/iomgr/load_file.h"
 #include "src/core/lib/json/json.h"

data/src/core/lib/security/credentials/external/url_external_account_credentials.cc

@@ -33,6 +33,7 @@
 #include <grpc/grpc.h>
 #include <grpc/grpc_security.h>
 #include <grpc/support/alloc.h>
+#include <grpc/support/json.h>
 #include <grpc/support/log.h>
 #include <grpc/support/string_util.h>
 

data/src/core/lib/security/credentials/google_default/google_default_credentials.cc

@@ -34,6 +34,7 @@
 #include <grpc/grpc_security_constants.h>
 #include <grpc/slice.h>
 #include <grpc/support/alloc.h>
+#include <grpc/support/json.h>
 #include <grpc/support/log.h>
 #include <grpc/support/sync.h>
 

data/src/core/lib/security/credentials/jwt/json_token.cc

@@ -36,6 +36,7 @@
 
 #include <grpc/grpc_security.h>
 #include <grpc/support/alloc.h>
+#include <grpc/support/json.h>
 #include <grpc/support/log.h>
 #include <grpc/support/time.h>
 
@@ -165,12 +166,12 @@ void grpc_auth_json_key_destruct(grpc_auth_json_key* json_key) {
 // --- jwt encoding and signature. ---
 
 static char* encoded_jwt_header(const char* key_id, const char* algorithm) {
-  Json json = Json::Object{
-      {"alg", algorithm},
-      {"typ", GRPC_JWT_TYPE},
-      {"kid", key_id},
-  };
-  std::string json_str = JsonDump(json);
+  Json json = Json::FromObject({
+      {"alg", Json::FromString(algorithm)},
+      {"typ", Json::FromString(GRPC_JWT_TYPE)},
+      {"kid", Json::FromString(key_id)},
+  });
+  std::string json_str = grpc_core::JsonDump(json);
   return grpc_base64_encode(json_str.c_str(), json_str.size(), 1, 0);
 }
 
@@ -185,20 +186,20 @@ static char* encoded_jwt_claim(const grpc_auth_json_key* json_key,
   }
 
   Json::Object object = {
-      {"iss", json_key->client_email},
-      {"aud", audience},
-      {"iat", now.tv_sec},
-      {"exp", expiration.tv_sec},
+      {"iss", Json::FromString(json_key->client_email)},
+      {"aud", Json::FromString(audience)},
+      {"iat", Json::FromNumber(now.tv_sec)},
+      {"exp", Json::FromNumber(expiration.tv_sec)},
   };
   if (scope != nullptr) {
-    object["scope"] = scope;
+    object["scope"] = Json::FromString(scope);
   } else {
     // Unscoped JWTs need a sub field.
-    object["sub"] = json_key->client_email;
+    object["sub"] = Json::FromString(json_key->client_email);
   }
 
-  Json json(object);
-  std::string json_str = JsonDump(json);
+  std::string json_str =
+      grpc_core::JsonDump(Json::FromObject(std::move(object)));
   return grpc_base64_encode(json_str.c_str(), json_str.size(), 1, 0);
 }
 

data/src/core/lib/security/credentials/jwt/jwt_credentials.cc

@@ -30,6 +30,7 @@
 #include "absl/strings/str_cat.h"
 
 #include <grpc/support/alloc.h>
+#include <grpc/support/json.h>
 #include <grpc/support/log.h>
 #include <grpc/support/string_util.h>
 #include <grpc/support/sync.h>
@@ -145,9 +146,10 @@ static char* redact_private_key(const char* json_key) {
     return gpr_strdup("<Json failed to parse.>");
   }
   Json::Object object = json->object();
-  object["private_key"] = "<redacted>";
+  object["private_key"] = Json::FromString("<redacted>");
   return gpr_strdup(
-      grpc_core::JsonDump(Json(std::move(object)), /*indent=*/2).c_str());
+      grpc_core::JsonDump(Json::FromObject(std::move(object)), /*indent=*/2)
+          .c_str());
 }
 
 grpc_call_credentials* grpc_service_account_jwt_access_credentials_create(

data/src/core/lib/security/credentials/jwt/jwt_verifier.cc

@@ -45,6 +45,7 @@
 #include <grpc/grpc.h>
 #include <grpc/slice.h>
 #include <grpc/support/alloc.h>
+#include <grpc/support/json.h>
 #include <grpc/support/log.h>
 #include <grpc/support/string_util.h>
 #include <grpc/support/time.h>

data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc

@@ -39,6 +39,7 @@
 #include <grpc/grpc_security.h>
 #include <grpc/slice.h>
 #include <grpc/support/alloc.h>
+#include <grpc/support/json.h>
 #include <grpc/support/log.h>
 #include <grpc/support/string_util.h>
 #include <grpc/support/time.h>

data/src/core/lib/security/security_connector/alts/alts_security_connector.cc

@@ -130,11 +130,7 @@ class grpc_alts_channel_security_connector final
   }
 
   grpc_core::ArenaPromise<absl::Status> CheckCallHost(
-      absl::string_view host, grpc_auth_context*) override {
-    if (host.empty() || host != target_name_) {
-      return grpc_core::Immediate(absl::UnauthenticatedError(
-          "ALTS call host does not match target name"));
-    }
+      absl::string_view, grpc_auth_context*) override {
     return grpc_core::ImmediateOkStatus();
   }
 

data/src/core/lib/security/util/json_util.cc

@@ -26,6 +26,7 @@
 
 #include "absl/strings/str_cat.h"
 
+#include <grpc/support/json.h>
 #include <grpc/support/string_util.h>
 
 #include "src/core/lib/iomgr/error.h"

data/src/core/lib/service_config/service_config_call_data.h

@@ -21,14 +21,14 @@
 
 #include <stddef.h>
 
-#include <map>
 #include <memory>
 #include <utility>
 
-#include "absl/strings/string_view.h"
-
+#include "src/core/lib/channel/context.h"
+#include "src/core/lib/gprpp/chunked_vector.h"
 #include "src/core/lib/gprpp/ref_counted_ptr.h"
 #include "src/core/lib/gprpp/unique_type_name.h"
+#include "src/core/lib/resource_quota/arena.h"
 #include "src/core/lib/service_config/service_config.h"
 #include "src/core/lib/service_config/service_config_parser.h"
 
@@ -38,43 +38,72 @@ namespace grpc_core {
 /// A pointer to this object is stored in the call_context
 /// GRPC_CONTEXT_SERVICE_CONFIG_CALL_DATA element, so that filters can
 /// easily access method and global parameters for the call.
+///
+/// Must be accessed when holding the call combiner (legacy filter) or from
+/// inside the activity (promise-based filter).
 class ServiceConfigCallData {
  public:
-  using CallAttributes = std::map<UniqueTypeName, absl::string_view>;
+  class CallAttributeInterface {
+   public:
+    virtual ~CallAttributeInterface() = default;
+    virtual UniqueTypeName type() const = 0;
+  };
+
+  ServiceConfigCallData(Arena* arena, grpc_call_context_element* call_context)
+      : call_attributes_(arena) {
+    call_context[GRPC_CONTEXT_SERVICE_CONFIG_CALL_DATA].value = this;
+    call_context[GRPC_CONTEXT_SERVICE_CONFIG_CALL_DATA].destroy = Destroy;
+  }
 
-  ServiceConfigCallData() : method_configs_(nullptr) {}
+  virtual ~ServiceConfigCallData() = default;
 
-  ServiceConfigCallData(
+  void SetServiceConfig(
       RefCountedPtr<ServiceConfig> service_config,
-      const ServiceConfigParser::ParsedConfigVector* method_configs,
-      CallAttributes call_attributes)
-      : service_config_(std::move(service_config)),
-        method_configs_(method_configs),
-        call_attributes_(std::move(call_attributes)) {}
+      const ServiceConfigParser::ParsedConfigVector* method_configs) {
+    service_config_ = std::move(service_config);
+    method_configs_ = method_configs;
+  }
 
   ServiceConfig* service_config() { return service_config_.get(); }
 
   ServiceConfigParser::ParsedConfig* GetMethodParsedConfig(size_t index) const {
-    return method_configs_ != nullptr ? (*method_configs_)[index].get()
-                                      : nullptr;
+    if (method_configs_ == nullptr) return nullptr;
+    return (*method_configs_)[index].get();
   }
 
   ServiceConfigParser::ParsedConfig* GetGlobalParsedConfig(size_t index) const {
+    if (service_config_ == nullptr) return nullptr;
     return service_config_->GetGlobalParsedConfig(index);
   }
 
-  const CallAttributes& call_attributes() const { return call_attributes_; }
+  void SetCallAttribute(CallAttributeInterface* value) {
+    // Overwrite existing entry if we already have one for this type.
+    for (CallAttributeInterface*& attribute : call_attributes_) {
+      if (value->type() == attribute->type()) {
+        attribute = value;
+        return;
+      }
+    }
+    // Otherwise, add a new entry.
+    call_attributes_.EmplaceBack(value);
+  }
 
-  // Must be called when holding the call combiner (legacy filter) or from
-  // inside the activity (promise-based filter).
-  void SetCallAttribute(UniqueTypeName name, absl::string_view value) {
-    call_attributes_[name] = value;
+  CallAttributeInterface* GetCallAttribute(UniqueTypeName type) const {
+    for (CallAttributeInterface* attribute : call_attributes_) {
+      if (attribute->type() == type) return attribute;
+    }
+    return nullptr;
   }
 
  private:
+  static void Destroy(void* ptr) {
+    auto* self = static_cast<ServiceConfigCallData*>(ptr);
+    self->~ServiceConfigCallData();
+  }
+
   RefCountedPtr<ServiceConfig> service_config_;
-  const ServiceConfigParser::ParsedConfigVector* method_configs_;
-  CallAttributes call_attributes_;
+  const ServiceConfigParser::ParsedConfigVector* method_configs_ = nullptr;
+  ChunkedVector<CallAttributeInterface*, 4> call_attributes_;
 };
 
 }  // namespace grpc_core

data/src/core/lib/service_config/service_config_impl.cc

@@ -121,7 +121,8 @@ RefCountedPtr<ServiceConfig> ServiceConfigImpl::Create(
     service_config->parsed_method_config_vectors_storage_.reserve(
         method_configs->size());
     for (size_t i = 0; i < method_configs->size(); ++i) {
-      const Json::Object& method_config_json = (*method_configs)[i];
+      const Json method_config_json =
+          Json::FromObject(std::move((*method_configs)[i]));
       ValidationErrors::ScopedField field(
           errors, absl::StrCat(".methodConfig[", i, "]"));
       // Have each parser read this method config.

data/src/core/lib/surface/call.cc

@@ -195,7 +195,7 @@ class Call : public CppImplOf<Call, grpc_call> {
 
   ParentCall* GetOrCreateParentCall();
   ParentCall* parent_call();
-  Channel* channel() {
+  Channel* channel() const {
     GPR_DEBUG_ASSERT(channel_ != nullptr);
     return channel_.get();
   }
@@ -445,6 +445,8 @@ void Call::PrepareOutgoingInitialMetadata(const grpc_op& op,
   }
   // Ignore any te metadata key value pairs specified.
   md.Remove(TeMetadata());
+  // Should never come from applications
+  md.Remove(GrpcLbClientStatsMetadata());
 }
 
 void Call::ProcessIncomingInitialMetadata(grpc_metadata_batch& md) {
@@ -1047,8 +1049,8 @@ void FilterStackCall::CancelWithError(grpc_error_handle error) {
 
 void FilterStackCall::SetFinalStatus(grpc_error_handle error) {
   if (GRPC_TRACE_FLAG_ENABLED(grpc_call_error_trace)) {
-    gpr_log(GPR_DEBUG, "set_final_status %s", is_client() ? "CLI" : "SVR");
-    gpr_log(GPR_DEBUG, "%s", StatusToString(error).c_str());
+    gpr_log(GPR_DEBUG, "set_final_status %s %s", is_client() ? "CLI" : "SVR",
+            StatusToString(error).c_str());
   }
   if (is_client()) {
     std::string status_details;
@@ -1295,8 +1297,9 @@ void FilterStackCall::BatchControl::PostCompletion() {
   FilterStackCall* call = call_;
   grpc_error_handle error = batch_error_.get();
   if (grpc_call_trace.enabled()) {
-    gpr_log(GPR_DEBUG, "tag:%p batch_error=%s", completion_data_.notify_tag.tag,
-            error.ToString().c_str());
+    gpr_log(GPR_DEBUG, "tag:%p batch_error=%s op:%s",
+            completion_data_.notify_tag.tag, error.ToString().c_str(),
+            grpc_transport_stream_op_batch_string(&op_, false).c_str());
   }
 
   if (op_.send_initial_metadata) {
@@ -1314,16 +1317,16 @@ void FilterStackCall::BatchControl::PostCompletion() {
   if (op_.send_trailing_metadata) {
     call->send_trailing_metadata_.Clear();
   }
+  if (!error.ok() && op_.recv_message && *call->receiving_buffer_ != nullptr) {
+    grpc_byte_buffer_destroy(*call->receiving_buffer_);
+    *call->receiving_buffer_ = nullptr;
+  }
   if (op_.recv_trailing_metadata) {
     // propagate cancellation to any interested children
     gpr_atm_rel_store(&call->received_final_op_atm_, 1);
     call->PropagateCancellationToChildren();
     error = absl::OkStatus();
   }
-  if (!error.ok() && op_.recv_message && *call->receiving_buffer_ != nullptr) {
-    grpc_byte_buffer_destroy(*call->receiving_buffer_);
-    *call->receiving_buffer_ = nullptr;
-  }
   batch_error_.set(absl::OkStatus());
 
   if (completion_data_.notify_tag.is_closure) {
@@ -2010,6 +2013,10 @@ class PromiseBasedCall : public Call,
     return failed_before_recv_message_.load(std::memory_order_relaxed);
   }
 
+  grpc_event_engine::experimental::EventEngine* event_engine() const final {
+    return channel()->event_engine();
+  }
+
   using Call::arena;
 
  protected:
@@ -2183,7 +2190,7 @@ class PromiseBasedCall : public Call,
   void StartRecvMessage(const grpc_op& op, const Completion& completion,
                         FirstPromise first,
                         PipeReceiver<MessageHandle>* receiver,
-                        Party::BulkSpawner& spawner);
+                        bool cancel_on_error, Party::BulkSpawner& spawner);
   void StartSendMessage(const grpc_op& op, const Completion& completion,
                         PipeSender<MessageHandle>* sender,
                         Party::BulkSpawner& spawner);
@@ -2538,7 +2545,8 @@ template <typename FirstPromiseFactory>
 void PromiseBasedCall::StartRecvMessage(
     const grpc_op& op, const Completion& completion,
     FirstPromiseFactory first_promise_factory,
-    PipeReceiver<MessageHandle>* receiver, Party::BulkSpawner& spawner) {
+    PipeReceiver<MessageHandle>* receiver, bool cancel_on_error,
+    Party::BulkSpawner& spawner) {
   if (grpc_call_trace.enabled()) {
     gpr_log(GPR_INFO, "%s[call] Start RecvMessage: %s", DebugTag().c_str(),
             CompletionString(completion).c_str());
@@ -2549,7 +2557,7 @@ void PromiseBasedCall::StartRecvMessage(
       [first_promise_factory = std::move(first_promise_factory), receiver]() {
         return Seq(first_promise_factory(), receiver->Next());
       },
-      [this,
+      [this, cancel_on_error,
        completion = AddOpToCompletion(completion, PendingOp::kReceiveMessage)](
           NextResult<MessageHandle> result) mutable {
         if (result.has_value()) {
@@ -2580,6 +2588,7 @@ void PromiseBasedCall::StartRecvMessage(
           }
           failed_before_recv_message_.store(true);
           FailCompletion(completion);
+          if (cancel_on_error) CancelWithError(absl::CancelledError());
           *recv_message_ = nullptr;
         } else {
           if (grpc_call_trace.enabled()) {
@@ -2873,7 +2882,7 @@ void ClientPromiseBasedCall::CommitBatch(const grpc_op* ops, size_t nops,
             [this]() {
               return server_initial_metadata_.receiver.AwaitClosed();
             },
-            &server_to_client_messages_.receiver, spawner);
+            &server_to_client_messages_.receiver, false, spawner);
         break;
       case GRPC_OP_SEND_CLOSE_FROM_CLIENT:
         spawner.Spawn(
@@ -3218,14 +3227,6 @@ void ServerPromiseBasedCall::Finish(ServerMetadataHandle result) {
             DebugTag().c_str(), recv_close_op_cancel_state_.ToString().c_str(),
             result->DebugString().c_str());
   }
-  if (recv_close_op_cancel_state_.CompleteCallWithCancelledSetTo(
-          result->get(GrpcCallWasCancelled()).value_or(true))) {
-    FinishOpOnCompletion(&recv_close_completion_,
-                         PendingOp::kReceiveCloseOnServer);
-  }
-  if (server_initial_metadata_ != nullptr) {
-    server_initial_metadata_->Close();
-  }
   const auto status =
       result->get(GrpcStatusMetadata()).value_or(GRPC_STATUS_UNKNOWN);
   channelz::ServerNode* channelz_node = server_->channelz_node();
@@ -3236,6 +3237,14 @@ void ServerPromiseBasedCall::Finish(ServerMetadataHandle result) {
       channelz_node->RecordCallFailed();
     }
   }
+  if (recv_close_op_cancel_state_.CompleteCallWithCancelledSetTo(
+          result->get(GrpcCallWasCancelled()).value_or(true))) {
+    FinishOpOnCompletion(&recv_close_completion_,
+                         PendingOp::kReceiveCloseOnServer);
+  }
+  if (server_initial_metadata_ != nullptr) {
+    server_initial_metadata_->Close();
+  }
   absl::string_view message_string;
   if (Slice* message = result->get_pointer(GrpcMessageMetadata())) {
     message_string = message->as_string_view();
@@ -3328,7 +3337,7 @@ void ServerPromiseBasedCall::CommitBatch(const grpc_op* ops, size_t nops,
         }
         StartRecvMessage(
             op, completion, []() { return []() { return Empty{}; }; },
-            client_to_server_messages_, spawner);
+            client_to_server_messages_, true, spawner);
         break;
       case GRPC_OP_SEND_STATUS_FROM_SERVER: {
         auto metadata = arena()->MakePooled<ServerMetadata>(arena());
@@ -3521,6 +3530,9 @@ grpc_call* grpc_call_from_top_element(grpc_call_element* surface_element) {
 grpc_call_error grpc_call_cancel(grpc_call* call, void* reserved) {
   GRPC_API_TRACE("grpc_call_cancel(call=%p, reserved=%p)", 2, (call, reserved));
   GPR_ASSERT(reserved == nullptr);
+  if (call == nullptr) {
+    return GRPC_CALL_ERROR;
+  }
   grpc_core::ApplicationCallbackExecCtx callback_exec_ctx;
   grpc_core::ExecCtx exec_ctx;
   grpc_core::Call::FromC(call)->CancelWithError(absl::CancelledError());
@@ -3536,6 +3548,9 @@ grpc_call_error grpc_call_cancel_with_status(grpc_call* c,
       "c=%p, status=%d, description=%s, reserved=%p)",
       4, (c, (int)status, description, reserved));
   GPR_ASSERT(reserved == nullptr);
+  if (c == nullptr) {
+    return GRPC_CALL_ERROR;
+  }
   grpc_core::ApplicationCallbackExecCtx callback_exec_ctx;
   grpc_core::ExecCtx exec_ctx;
   grpc_core::Call::FromC(c)->CancelWithStatus(status, description);
@@ -3576,7 +3591,7 @@ grpc_call_error grpc_call_start_batch(grpc_call* call, const grpc_op* ops,
       "reserved=%p)",
       5, (call, ops, (unsigned long)nops, tag, reserved));
 
-  if (reserved != nullptr) {
+  if (reserved != nullptr || call == nullptr) {
     return GRPC_CALL_ERROR;
   } else {
     grpc_core::ApplicationCallbackExecCtx callback_exec_ctx;