fftools/ffmpeg_demux: don't flag timestamps as unreliable if they are generated

Regardless of the source being an AVFMT_NOTIMESTAMPS format, if the timestamps are generated like when using the use_wallclock_as_timestamps demuxer option, then they are reliable. Fixes ticket #11268 Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit 1787fade20)
avformat/iamf_parse: prevent overreads in update_extradata
2025-07-10 11:16:32 -03:00 · 2025-06-24 14:50:09 -03:00 · 2025-06-24 14:50:08 -03:00 · 2025-06-11 17:29:50 +02:00 · 2025-06-11 17:29:50 +02:00 · 2025-06-11 17:29:50 +02:00
195 changed files with 3387 additions and 2398 deletions
--- a/226
+++ b/226
@ -1,6 +1,223 @@
 Entries are sorted chronologically from oldest to youngest within each release,
 releases are sorted from youngest to oldest.

+version 7.1.1:
+ avformat/hls: Partially revert "reduce default max reload to 3"
+ avformat/mov: (v4) fix get_eia608_packet
+ avformat/iff: Check that we have a stream in read_dst_frame()
+ avcodec/aac/aacdec_lpd: Limit get_unary()
+ avcodec/aac/aacdec_usac: Simplify decode_usac_scale_factors()
+ avcodec/aac/aacdec: Clear SFO on error
+ avformat/mlvdec: fix size checks
+ avformat/wavdec: Fix overflow of intermediate in block_align check
+ avformat/mxfdec: Check edit unit for overflow in mxf_set_current_edit_unit()
+ avformat/hls: Fix twitter
+ avcodec/vvc/refs: fix negative pps_scaling_win offsets
+ libavformat/hls: Be more restrictive on mpegts extensions
+ avformat/hls: .ts is always ok even if its a mov/mp4
+ avcodec/h263dec: Check against previous dimensions instead of coded
+ avformat/hls: Print input format in error message
+ avformat/hls: Be more picky on extensions
+ avformat/iamf_parse: ensure there's at most one of each parameter types in audio elements
+ avformat/iamf_parse: add missing constrains for num_parameters in audio_element_oub()
+ avformat/iamf_parse: add missing av_free() call on failure path
+ lavc/hevcdec: unbreak WPP/progress2 code
+ fate: Add a dependency on ffprobe for fate-flcl1905
+ checkasm: aacencdsp: Actually test nonzero values in quant_bands
+ x86: aacencdsp: Fix negating signed values in aac_quantize_bands
+ rtmpproto: Avoid rare crashes in the fail: codepath in rtmp_open
+ configure: Improve the check for the rsync --contimeout option
+ avutil/downmix_info: add missing semicolon
+ doc/t2h: Support texinfo 7.1 and 7.2 pretest
+ avfilter/drawtext: fix memory leak when using "reinit" runtime command
+ avutil/downmix_info: zero the allocated buffer
+ avformat/mov: fix overflow in drift timestamp calculation
+ Changelog: update
+ avformat/mxfdec: Check avio_read() success in mxf_decrypt_triplet()
+ avcodec/huffyuvdec: Initialize whole output for decode_gray_bitstream()
+ avformat/iamf_reader: Initialize padding and check read in ff_iamf_read_packet()
+ avformat/ipmovie: Check signature_buffer read
+ avformat/wtvdec: Initialize buf
+ avcodec/cbs_vp9: Initialize VP9RawSuperframeIndex
+ avformat/vqf: Propagate errors from add_metadata()
+ avformat/vqf: Check avio_read() in add_metadata()
+ avcodec/ffv1enc: Fix RCT for GBR colorspace
+ avformat/dashdec: Check whitelist
+ avutil/avstring: dont mess with NULL pointers in av_match_list()
+ avfilter/vf_v360: Fix NULL pointer use
+ avcodec/mpegvideo_enc: Check FLV1 resolution limits
+ avcodec/ffv1enc: Fix handling of 32bit unsigned symbols
+ avformat/mov: perform sanity checks for heif before index building
+ avformat/mov: Factorize sanity check out
+ avcodec/vc1dec: Clear block_index in vc1_decode_reset()
+ avcodec/aacsbr_template: Clear n_q on error
+ avformat/iamf_parse: Check output_channel_count
+ avcodec/osq: Fixes several undefined overflows in do_decode()
+ swscale/output: Fix undefined overflow in yuv2rgba64_full_X_c_template()
+ avfilter/af_pan: Fix sscanf() use
+ avfilter/vf_grayworld: Use the correct pointer for av_log()
+ avfilter/vf_addroi: Add missing NULL termination to addroi_var_names[]()
+ avcodec/get_buffer: Use av_buffer_mallocz() for audio same as its done for video
+ avformat/jpegxl_anim_dec: clear buffer padding
+ avformat/rmdec: check that buf if completely filled
+ avcodec/cfhdenc: Clear dwt_tmp
+ avcodec/hapdec: Clear tex buffer
+ avformat/mxfdec: Check that key was read sucessfull
+ avformat/hevc: fix writing hvcC when no arrays are provided in hvcC-formatted input
+ avformat/rtpdec: int overflow in start_time_realtime
+ avcodec/decode: Fix incorrect enum type used in side_data_map()
+ avformat/mov: fix crash when trying to get a fragment time for a non-existing fragment
+ avformat/libssh: fix credential variables typo
+ avformat/hlsenc: check return value of avcodec_parameters_copy()
+ avformat/dashdec: format open_demux_for_component()
+ avformat/dashdec: check return code of avcodec_parameters_copy()
+ avformat/dashdec: return ret directly in open_demux_for_component()
+ avformat/smoothstreamingenc: check return value of avcodec_parameters_copy()
+ avcodec/cbs_av1: fix variable shadowing in cbs_av1_split_fragment()
+ doc/demuxers/dvdvideo: seeking is supported, remove outdated statement
+ avformat/dvdvideodec: check return code of ff_dvdclut_yuv_to_rgb()
+ avformat/dvdvideodec: fix missing last chapter marker due to off-by-one
+ avformat/dvdvideodec: don't allow seeking beyond dvdnav reported duration
+ avformat/dvdvideodec: discard duplicate or partial AC3 samples
+ avformat/dvdvideodec: drop packets with unset PTS or DTS
+ avformat/dvdvideodec: remove unnecessary need_parsing argument
+ avformat/dvdvideodec: open subdemuxer after initializing IFO headers
+ avformat/dvdvideodec: remove auto value for menu_lu option
+ avformat/dvdvideodec: default menu_vts option to 1 and clarify description
+ avformat/dvdvideodec: check the length of a NAV packet when reading titles
+ avformat/dvdvideodec: reset the subdemuxer on discontinuity instead of flushing
+ avformat/dvdvideodec: simplify dvdvideo_read_packet()
+ avformat/dvdvideodec: enable chapter calculation for menus
+ avformat/dvdvideodec: standardize the NAV packet event signal
+ avformat/dvdvideodec: move memcpy below missed NAV packet warning
+ avformat/dvdvideodec: remove "auto" value for -pg option, default to 1
+ avformat/dvdvideodec: measure duration of the current menu VOBU in state
+ avformat/dvdvideodec: fix menu PGC number off-by-one in state
+ avformat/dvdvideodec: remove unused headers
+ lavc/aarch64: Fix ff_pred16x16_plane_neon_10
+ lavc/aarch64: Fix ff_pred8x8_plane_neon_10
+ aarch64/vvc: Fix clip in alf
+ vp9: recon: Use emulated edge to prevent buffer overflows
+ arm: vp9mc: Load only 12 pixels in the 4 pixel wide horizontal filter
+ aarch64: vp9mc: Load only 12 pixels in the 4 pixel wide horizontal filter
+ avformat/rpl: Fix check for negative values
+ avformat/mlvdec: Check avio_read()
+ avcodec/aac/aacdec: Free channel layout
+ avformat/mov: dereference pointer after null check
+ avcodec/utils: Fix block align overflow for ADPCM_IMA_WAV
+ avformat/matroskadec: Check pre_ns for overflow
+ tools/target_dec_fuzzer: Adjust threshold for EACMV
+ tools/target_dec_fuzzer: Adjust threshold for MVC1
+ tools/target_dec_fuzzer: Adjust Threshold for indeo5
+ avutil/timecode: Avoid fps overflow in av_timecode_get_smpte_from_framenum()
+ avcodec/aac/aacdec_usac: Dont leave type at a invalid value
+ avcodec/aac/aacdec_usac: Clean ics2->max_sfb when first SCE fails
+ avcodec/webp: Check ref_x/y
+ avcodec/ilbcdec: Initialize tempbuff2
+ swscale/swscale_unscaled: Fix odd height with nv24_to_yuv420p_chroma()
+ avcodec/hevc/hevcdec: initialize qp_y_tab
+ avformat/qcp: Check for read failure in header
+ avcodec/eatgq: Check bytestream2_get_buffer() for failure
+ avformat/dxa: check bpc
+ swscale/slice: clear allocated memory in alloc_lines()
+ avcodec/h2645_parse: Ignore NAL with nuh_layer_id == 63
+ MAINTAINERS: Lauri is still available but is really low on time nowadays
+ MAINTAINERS: Remove Guillaume Poirier and Romain Dolbeau
+ avcodec/mjpegdec: Disallow progressive bayer images
+ avformat/icodec: fix integer overflow with nb_pal
+ doc/developer: Document relationship between git accounts and MAINTAINERS
+ doc/infra: Document trac backup system
+ doc/infra: Document gitolite
+ avformat/vividas: Check avio_read() for failure
+ avformat/ilbc: Check avio_read() for failure
+ avformat/nistspheredec: Clear buffer
+ avformat/mccdec: Initialize and check rate.den
+ avformat/rpl: check channels
+ INSTALL: explain the circular dependency issue and solution
+ avformat/mpegts: Initialize predefined_SLConfigDescriptor_seen
+ avformat/mxfdec: Fix overflow in midpoint computation
+ swscale/output: used unsigned for bit accumulation
+ swscale/rgb2rgb_template: Fix ff_rgb24toyv12_c() with odd height
+ avcodec/rangecoder: only perform renorm check/loop for callers that need it
+ avcodec/ffv1: add a named constant for the quant table size
+ avcodec/ffv1: RCT is only possible with RGB
+ avcodec/ffv1enc: Fix RCT with RGB64
+ avcodec/ffv1dec: Fix end computation with ec=2
+ avcodec/ffv1enc: Move slice termination into threads
+ avcodec/ffv1enc: Prevent generation of files with broken slices
+ avformat/matroskadec: Check desc_bytes so bits fit in 64bit
+ avformat/mov: Avoid overflow in dts
+ avcodec/ffv1enc: Correct error message about unsupported version
+ avcodec/ffv1: Store and reuse sx/sy
+ avcodec/ffv1enc: Slice combination is unsupported
+ avcodec/ffv1enc: 2Pass mode is not possible with golomb coding
+ avfilter/buffersrc: check for valid sample rate
+ avcodec/libdav1d: clear the buffered Dav1dData on decoding failure
+ avformat/iamf_writer: ensure the stream groups are not empty
+ avformat/iamf_writer: fix setting num_samples_per_frame for OPUS
+ avformat/iamf_parse: fix setting duration for the last subblock in a parameter definition
+ avformat/iamf_parse: add checks to parameter definition durations
+ avformat/iamf_parse: reject ambisonics mode > 1
+ checkasm: Print benchmarks of C-only functions
+ avcodec/ac3dec: fix downmix logic for eac3
+ avcodec/codec_desc: remove Intra Only prop for AAC
+ avcodec/mediacodecdec: set set keyframe flag in output frames
+ avcodec/libfdk-aacenc: set keyframe in output packets
+ avcodec/libfdk-aacdec: set keyframe flag and profile in output frames
+ avcodec/audiotoolboxnec: set set keyframe flag in output packets
+ avcodec/audiotoolboxdec: set set keyframe flag in output frames
+ avcodec/aacenc: set keyframe flag in output packets
+ avcodec/aac/aacdec: set keyframe flag in output frames
+ avcodec/aac_parser: set key_frame and profile
+ avformat/mov: don't unconditionally set all audio packets in fragments as key frames
+ avformat/matroskadec: set all frames in a keyframe simple box as keyframes
+ avformat/test/movenc: set audio packets as key frames
+ avformat/movenc: write stss boxes for xHE-AAC
+ avformat/spdifdec: parse headers for audio codecs
+ avformat/movenc: don't disable edit lists when writing CMAF output
+ avcodec/libfdk-aacenc: export CPB properties
+ avformat/movenc: don't write a calculated avgBitrate when the provided one is unset
+ libavutil/riscv: Make use of elf_aux_info() on FreeBSD / OpenBSD riscv
+ libavutil/ppc: defines involving bit shifts should be unsigned
+ libavutil/ppc: Include the hardware feature flags like the other archs
+ lavu/riscv: fix compilation without Vector support
+ avfilter/f_loop: fix aloop activate logic
+ avfilter/f_loop: fix length of aloop leftover buffer
+ avfilter/vf_zscale: align the frame buffers
+ lavfi/vf_zscale: fix call to av_pix_fmt_count_planes
+ lavfi/vf_zscale: fix tmp buffer ptr alignment for zimg_filter_graph_process
+ avfilter/framepool: align the frame buffers
+ avcodec/h2645_sei: use the RefStruct API for film_grain_characteristics
+ avcodec/aom_film_grain: allocate film grain metadata dynamically
+ avformat/mov: use an array of pointers for heif_item
+ avformat/mov: split off heif item initialization to its own function
+ avformat/mov: factorize getting the current item
+ lavc/h264idct: fix RISC-V group multiplier
+ lavc/h264dsp: move RISC-V fn pointers to .data.rel.ro
+ avcodec/jpegxl_parser: fix reading lz77-pair as initial entropy symbol
+ avcodec/jpegxl_parser: check entropy_decoder_read_symbol return value
+ avcodec/cbs_h266: Fix regression in DVB clip introduced by 93281630a71c06642adfebebb0d4b105a4e02e91
+ avcodec/x86/vvc: add prototypes for OF functions
+ Document stream specifier syntax change from 46cbe4ab5c
+ fftools/ffplay: fix crash when vk renderer is null
+ avutil/wchar_filename: re-introduce explicit cast of void* to char*
+ fate/ffmpeg: add samples dependency to fate-ffmpeg-spec-disposition
+ fftools/ffmpeg_filter: treat apad filter as a source
+ lavc/avcodec: fix global/private option precendence
+ avfilter/framesync: fix forward EOF pts
+ avcodec/vaapi_encode: fix compilation without CONFIG_VAAPI_1
+ libavcodec: x86: Remove an explicit include of config.asm
+ checkasm: lls: Use relative tolerances rather than absolute ones
+ arm: Consistently use proper interworking function returns
+ avcodec/libx265: unbreak build for X265_BUILD >= 213
+ fftools: log unconnected filter output label
+ fftools: do not access out of bounds filtergraph
+ avcodec/mediacodecenc: Fix access of uninitialized value
+ avformat/img2enc: Fix integer truncation when frame_pts is enabled
+ avformat/internal: Add ff_get_frame_filename
+ avformat/mov: don't return the latest stream when an item stream is expected
+
+
 version 7.1:
 - Raw Captions with Time (RCWT) closed caption demuxer
 - LC3/LC3plus decoding/encoding using external library liblc3
@ -27,6 +244,15 @@ version 7.1:
 - LCEVC enhancement data exporting in H.26x and MP4/ISOBMFF
 - LCEVC filter
 - MV-HEVC decoding
+- minor stream specifier syntax changes:
+    - when matching by metadata (:m:<key>:<val>), the colon character
+      in keys or values now has to be backslash-escaped
+    - in optional maps (-map ....?) with a metadata-matching stream specifier,
+      the value has to be separated from the question mark by a colon, i.e.
+      -map ....:m:<key>:<val>:? (otherwise it would be ambiguous whether the
+      question mark is a part of <val> or not)
+    - multiple stream types in a single specifier (e.g. :s:s:0) now cause an
+      error, as such a specifier makes no sense


 version 7.0:
--- a/INSTALL.md
+++ b/INSTALL.md
@ -15,3 +15,11 @@ NOTICE
 ------

 - Non system dependencies (e.g. libx264, libvpx) are disabled by default.
+
+NOTICE for Package Maintainers
+------------------------------
+
+ - It is recommended to build FFmpeg twice, first with minimal external dependencies so
+   that 3rd party packages, which depend on FFmpegs libavutil/libavfilter/libavcodec/libavformat
+   can then be built. And last build FFmpeg with full dependancies (which may in turn depend on
+   some of these 3rd party packages). This avoids circular dependencies during build.
--- a/5
+++ b/5
@ -56,6 +56,7 @@ presets                             [0]
 metadata subsystem                      Aurelien Jacobs
 release management                      Michael Niedermayer
 API tests                           [0]
+samples-request                     [2] Thilo Borgmann, James Almer, Ben Littler


 Communication
@ -511,9 +512,9 @@ Operating systems / CPU architectures
 Alpha                               [0]
 MIPS                                    Manojkumar Bhosale, Shiyou Yin
 LoongArch                           [2] Shiyou Yin
-Mac OS X / PowerPC                      Romain Dolbeau, Guillaume Poirier
+Mac OS X / PowerPC                  [0]
 Amiga / PowerPC                         Colin Ward
-Linux / PowerPC                         Lauri Kasanen
+Linux / PowerPC                     [1] Lauri Kasanen
 RISC-V                              [2] Rémi Denis-Courmont
 Windows MinGW                           Alex Beregszaszi, Ramiro Polla
 Windows Cygwin                          Victor Paesa
--- a/2
+++ b/2
@ -1 +1 @@
-7.0.git
+7.1.1
--- a/15
+++ b/15
@ -0,0 +1,15 @@
+
+            ┌──────────────────────────────────────┐
+            │ RELEASE NOTES for FFmpeg 7.1 "Péter" │
+            └──────────────────────────────────────┘
+
+   The FFmpeg Project proudly presents FFmpeg 7.1 "Péter", about 6
+   months after the release of FFmpeg 7.0.
+
+   A complete Changelog is available at the root of the project, and the
+   complete Git history on https://git.ffmpeg.org/gitweb/ffmpeg.git
+
+   We hope you will like this release as much as we enjoyed working on it, and
+   as usual, if you have any questions about it, or any FFmpeg related topic,
+   feel free to join us on the #ffmpeg IRC channel (on irc.libera.chat) or ask
+   on the mailing-lists.
--- a/28
+++ b/28
@ -434,7 +434,9 @@ Advanced options (experts only):
  --enable-hardcoded-tables use hardcoded tables instead of runtime generation
  --disable-safe-bitstream-reader
                           disable buffer boundary checking in bitreaders
-                           (faster, but may crash)
+                           (This disables some security checks and can cause undefined behavior,
+                            crashes and arbitrary code execution, it may be faster, but
+                            should only be used with trusted input)
  --sws-max-filter-size=N  the max filter size swscale uses [$sws_max_filter_size_default]

 Optimization options (experts only):
@ -2212,6 +2214,7 @@ ARCH_EXT_LIST_PPC="
    ldbrx
    power8
    ppc4xx
+    vec_xl
    vsx
 "

@ -2759,6 +2762,7 @@ altivec_deps="ppc"
 dcbzl_deps="ppc"
 ldbrx_deps="ppc"
 ppc4xx_deps="ppc"
+vec_xl_deps="altivec"
 vsx_deps="altivec"
 power8_deps="vsx"

@ -4110,6 +4114,8 @@ if test "$target_os_default" = aix; then
    arch_default=$(uname -p)
    strip_default="strip -X32_64"
    nm_default="nm -g -X32_64"
+elif test "$MSYSTEM_CARCH" != ""; then
+    arch_default="$MSYSTEM_CARCH"
 else
    arch_default=$(uname -m)
 fi
@ -5805,6 +5811,13 @@ case $target_os in
            clang_version=$($cc -dumpversion)
            test ${clang_version%%.*} -eq 11 && add_cflags -fno-stack-check
        fi
+
+        # Xcode Clang doesn't default to -fno-common while upstream llvm.org
+        # Clang (and GCC) do. This avoids linker warnings on Xcode 16.3 about
+        # "reducing alignment of section __DATA,__common from 0x8000 to 0x4000
+        # because it exceeds segment maximum alignment".
+        check_cflags -fno-common
+
        ;;
    msys*)
        die "Native MSYS builds are discouraged, please use the MINGW environment."
@ -6389,6 +6402,11 @@ elif enabled ppc; then
        check_cpp_condition power8 "altivec.h" "defined(_ARCH_PWR8)"
    fi

+    if enabled altivec; then
+        check_cc vec_xl altivec.h "const unsigned char *y1i = { 0 };
+                                   vector unsigned char y0 = vec_xl(0, y1i);"
+    fi
+
 elif enabled riscv; then

    enabled rv && check_inline_asm rv '".option arch, +zbb\nrev8 t0, t1"'
@ -6480,6 +6498,9 @@ check_cc intrinsics_sse2 emmintrin.h "__m128i test = _mm_setzero_si128()"

 check_ldflags -Wl,--as-needed
 check_ldflags -Wl,-z,noexecstack
+if [ $target_os = "darwin" ]; then
+    check_ldflags -Wl,-no_warn_duplicate_libraries
+fi

 if ! disabled network; then
    check_func getaddrinfo $network_extralibs
@ -7175,7 +7196,7 @@ enabled makeinfo \
 disabled makeinfo_html && texi2html --help 2> /dev/null | grep -q 'init-file' && enable texi2html || disable texi2html
 perl -v            > /dev/null 2>&1 && enable perl      || disable perl
 pod2man --help     > /dev/null 2>&1 && enable pod2man   || disable pod2man
-rsync --help 2> /dev/null | grep -q 'contimeout' && enable rsync_contimeout || disable rsync_contimeout
+rsync --help 2> /dev/null | grep -q 'contimeout=' && enable rsync_contimeout || disable rsync_contimeout
 xmllint --version  > /dev/null 2>&1 && enable xmllint   || disable xmllint

 check_headers linux/fb.h
@ -7941,6 +7962,7 @@ if enabled ppc; then
    echo "POWER8 enabled            ${power8-no}"
    echo "PPC 4xx optimizations     ${ppc4xx-no}"
    echo "dcbzl available           ${dcbzl-no}"
+    echo "vec_xl available          ${vec_xl-no}"
 fi
 if enabled loongarch; then
    echo "LSX enabled               ${lsx-no}"
@ -8191,7 +8213,7 @@ cat > $TMPH <<EOF
 #define FFMPEG_CONFIG_H
 #define FFMPEG_CONFIGURATION "$(c_escape $FFMPEG_CONFIGURATION)"
 #define FFMPEG_LICENSE "$(c_escape $license)"
-#define CONFIG_THIS_YEAR 2024
+#define CONFIG_THIS_YEAR 2025
 #define FFMPEG_DATADIR "$(eval c_escape $datadir)"
 #define AVCONV_DATADIR "$(eval c_escape $datadir)"
 #define CC_IDENT "$(c_escape ${cc_ident:-Unknown compiler})"
--- a/doc/Doxyfile
+++ b/doc/Doxyfile
@ -38,7 +38,7 @@ PROJECT_NAME           = FFmpeg
 # could be handy for archiving the generated documentation or if some version
 # control system is used.

-PROJECT_NUMBER         =
+PROJECT_NUMBER         = 7.1.1

 # Using the PROJECT_BRIEF tag one can provide an optional one line description
 # for a project that appears at the top of each page and should give viewer a
--- a/doc/demuxers.texi
+++ b/doc/demuxers.texi
@ -292,7 +292,6 @@ DVD-Video demuxer, powered by libdvdnav and libdvdread.
 Can directly ingest DVD titles, specifically sequential PGCs, into
 a conversion pipeline. Menu assets, such as background video or audio,
 can also be demuxed given the menu's coordinates (at best effort).
-Seeking is not supported at this time.

 Block devices (DVD drives), ISO files, and directory structures are accepted.
 Activate with @code{-f dvdvideo} in front of one of these inputs.
@ -380,11 +379,11 @@ Default is false.

@item menu_lu @var{int}
 The menu language to demux. In DVD, menus are grouped by language.
-Default is 0, the first language unit.
+Default is 1, the first language unit.

@item menu_vts @var{int}
 The VTS where the menu lives, or 0 if it is a VMG menu (root-level).
-Default is 0, VMG menu.
+Default is 1, menu of the first VTS.

@item pgc @var{int}
 The entry PGC to start playback, in conjunction with @option{pg}.
@ -397,8 +396,7 @@ Default is 0, automatically resolve from value of @option{title}.
 The entry PG to start playback, in conjunction with @option{pgc}.
 Alternative to setting @option{title}.
 Chapter markers are not supported at this time.
-Default is 0, automatically resolve from value of @option{title}, or
-start from the beginning (PG 1) of the menu.
+Default is 1, the first PG of the PGC.

@item preindex @var{bool}
 Enable this to have accurate chapter (PTT) markers and duration measurement,
@ -406,7 +404,6 @@ which requires a slow second pass read in order to index the chapter marker
 timestamps from NAV packets. This is non-ideal extra work for real optical drives.
 It is recommended and faster to use this option with a backup of the DVD structure
 stored on a hard drive. Not compatible with @option{pgc} and @option{pg}.
-Not applicable to menus.
 Default is 0, false.

@item trim @var{bool}
@ -567,6 +564,13 @@ prefer to use #EXT-X-START if it's in playlist instead of live_start_index.
@item allowed_extensions
 ',' separated list of file extensions that hls is allowed to access.

+@item extension_picky
+This blocks disallowed extensions from probing
+It also requires all available segments to have matching extensions to the format
+except mpegts, which is always allowed.
+It is recommended to set the whitelists correctly instead of depending on extensions
+Enabled by default.
+
@item max_reload
 Maximum number of times a insufficient list is attempted to be reloaded.
 Default value is 1000.
--- a/doc/developer.texi
+++ b/doc/developer.texi
@ -927,6 +927,25 @@ In case you need finer control over how valgrind is invoked, use the
@code{--target-exec='valgrind <your_custom_valgrind_options>} option in
 your configure line instead.

+@anchor{Maintenance}
+@chapter Maintenance process
+
+@anchor{MAINTAINERS}
+@section MAINTAINERS
+
+The developers maintaining each part of the codebase are listed in @file{MAINTAINERS}.
+Being listed in @file{MAINTAINERS}, gives one the right to have git write access to
+the specific repository.
+
+@anchor{Becoming a maintainer}
+@section Becoming a maintainer
+
+People add themselves to @file{MAINTAINERS} by sending a patch like any other code
+change. These get reviewed by the community like any other patch. It is expected
+that, if someone has an objection to a new maintainer, she is willing to object
+in public with her full name and is willing to take over maintainership for the area.
+
+
@anchor{Release process}
@chapter Release process

--- a/doc/fate_config.sh.template
+++ b/doc/fate_config.sh.template
@ -1,5 +1,5 @@
 slot=                                    # some unique identifier
-repo=git://source.ffmpeg.org/ffmpeg.git  # the source repository
+repo=https://git.ffmpeg.org/ffmpeg.git   # the source repository
 #branch=release/2.6                       # the branch to test
 samples=                                 # path to samples directory
 workdir=                                 # directory in which to do all the work
--- a/doc/ffmpeg.texi
+++ b/doc/ffmpeg.texi
@ -1799,7 +1799,7 @@ Set the size of the canvas used to render subtitles.
@section Advanced options

@table @option
-@item -map [-]@var{input_file_id}[:@var{stream_specifier}][:@var{view_specifier}][?] | @var{[linklabel]} (@emph{output})
+@item -map [-]@var{input_file_id}[:@var{stream_specifier}][:@var{view_specifier}][:?] | @var{[linklabel]} (@emph{output})

 Create one or more streams in the output file. This option has two forms for
 specifying the data source(s): the first selects one or more streams from some
--- a/doc/fftools-common-opts.texi
+++ b/doc/fftools-common-opts.texi
@ -78,7 +78,8 @@ Match the stream by stream id (e.g. PID in MPEG-TS container).
@item m:@var{key}[:@var{value}]
 Matches streams with the metadata tag @var{key} having the specified value. If
@var{value} is not given, matches streams that contain the given tag with any
-value.
+value. The colon character ':' in @var{key} or @var{value} needs to be
+backslash-escaped.
@item disp:@var{dispositions}[:@var{additional_stream_specifier}]
 Matches streams with the given disposition(s). @var{dispositions} is a list of
 one or more dispositions (as printed by the @option{-dispositions} option)
--- a/doc/git-howto.texi
+++ b/doc/git-howto.texi
@ -143,7 +143,7 @@ git log <filename(s)>
@end example

 You may also use the graphical tools like @command{gitview} or @command{gitk}
-or the web interface available at @url{http://source.ffmpeg.org/}.
+or the web interface available at @url{https://git.ffmpeg.org/ffmpeg.git}.

@section Checking source tree status

--- a/doc/infra.txt
+++ b/doc/infra.txt
@ -23,6 +23,8 @@ Web, mail, and public facing git, also website git
 fftrac VM:
 ----------
 trac.ffmpeg.org         Issue tracking
+gpg encrypted backups of the trac repositories are created once a day
+and can be downloaded by any of the admins.


 ffaux VM:
@ -65,6 +67,9 @@ Github mirrors are redundantly synced by multiple people

 You need a new git repository related to FFmpeg ? contact root at ffmpeg.org

+git repositories are managed by gitolite, every change to permissions is
+logged, including when, what and by whom
+

 Fate:
 ~~~~~
--- a/doc/t2h.pm
+++ b/doc/t2h.pm
@ -54,12 +54,24 @@ sub get_formatting_function($$) {
 }

 # determine texinfo version
-my $program_version_num = version->declare(ff_get_conf('PACKAGE_VERSION'))->numify;
+my $package_version = ff_get_conf('PACKAGE_VERSION');
+$package_version =~ s/\+dev$//;
+my $program_version_num = version->declare($package_version)->numify;
 my $program_version_6_8 = $program_version_num >= 6.008000;

 # no navigation elements
 ff_set_from_init_file('HEADERS', 0);

+my %sectioning_commands = %Texinfo::Common::sectioning_commands;
+if (scalar(keys(%sectioning_commands)) == 0) {
+  %sectioning_commands = %Texinfo::Commands::sectioning_heading_commands;
+}
+
+my %root_commands = %Texinfo::Common::root_commands;
+if (scalar(keys(%root_commands)) == 0) {
+  %root_commands = %Texinfo::Commands::root_commands;
+}
+
 sub ffmpeg_heading_command($$$$$)
 {
    my $self = shift;
@ -77,6 +89,9 @@ sub ffmpeg_heading_command($$$$$)
        return $result;
    }

+    # no need to set it as the $element_id is output unconditionally
+    my $heading_id;
+
    my $element_id = $self->command_id($command);
    $result .= "<a name=\"$element_id\"></a>\n"
        if (defined($element_id) and $element_id ne '');
@ -84,24 +99,40 @@ sub ffmpeg_heading_command($$$$$)
    print STDERR "Process $command "
        .Texinfo::Structuring::_print_root_command_texi($command)."\n"
            if ($self->get_conf('DEBUG'));
-    my $element;
-    if ($Texinfo::Common::root_commands{$command->{'cmdname'}}
-        and $command->{'parent'}
-        and $command->{'parent'}->{'type'}
-        and $command->{'parent'}->{'type'} eq 'element') {
-        $element = $command->{'parent'};
+    my $output_unit;
+    if ($root_commands{$command->{'cmdname'}}) {
+        if ($command->{'associated_unit'}) {
+          $output_unit = $command->{'associated_unit'};
+        } elsif ($command->{'structure'}
+                 and $command->{'structure'}->{'associated_unit'}) {
+          $output_unit = $command->{'structure'}->{'associated_unit'};
+        } elsif ($command->{'parent'}
+                 and $command->{'parent'}->{'type'}
+                 and $command->{'parent'}->{'type'} eq 'element') {
+          $output_unit = $command->{'parent'};
+        }
    }
-    if ($element) {
+
+    if ($output_unit) {
        $result .= &{get_formatting_function($self, 'format_element_header')}($self, $cmdname,
-                                                       $command, $element);
+                                                       $command, $output_unit);
    }

    my $heading_level;
    # node is used as heading if there is nothing else.
    if ($cmdname eq 'node') {
-        if (!$element or (!$element->{'extra'}->{'section'}
-            and $element->{'extra'}->{'node'}
-            and $element->{'extra'}->{'node'} eq $command
+        if (!$output_unit or
+            (((!$output_unit->{'extra'}->{'section'}
+              and $output_unit->{'extra'}->{'node'}
+              and $output_unit->{'extra'}->{'node'} eq $command)
+             or
+             ((($output_unit->{'extra'}->{'unit_command'}
+                and $output_unit->{'extra'}->{'unit_command'} eq $command)
+               or
+               ($output_unit->{'unit_command'}
+                and $output_unit->{'unit_command'} eq $command))
+              and $command->{'extra'}
+              and not $command->{'extra'}->{'associated_section'}))
             # bogus node may not have been normalized
            and defined($command->{'extra'}->{'normalized'}))) {
            if ($command->{'extra'}->{'normalized'} eq 'Top') {
@ -111,7 +142,15 @@ sub ffmpeg_heading_command($$$$$)
            }
        }
    } else {
-        $heading_level = $command->{'level'};
+        if (defined($command->{'extra'})
+            and defined($command->{'extra'}->{'section_level'})) {
+          $heading_level = $command->{'extra'}->{'section_level'};
+        } elsif ($command->{'structure'}
+                 and defined($command->{'structure'}->{'section_level'})) {
+          $heading_level = $command->{'structure'}->{'section_level'};
+        } else {
+          $heading_level = $command->{'level'};
+        }
    }

    my $heading = $self->command_text($command);
@ -119,8 +158,8 @@ sub ffmpeg_heading_command($$$$$)
    # if there is an error in the node.
    if (defined($heading) and $heading ne '' and defined($heading_level)) {

-        if ($Texinfo::Common::root_commands{$cmdname}
-            and $Texinfo::Common::sectioning_commands{$cmdname}) {
+        if ($root_commands{$cmdname}
+            and $sectioning_commands{$cmdname}) {
            my $content_href = $self->command_contents_href($command, 'contents',
                                                            $self->{'current_filename'});
            if ($content_href) {
@ -140,7 +179,13 @@ sub ffmpeg_heading_command($$$$$)
            }
        }

-        if ($self->in_preformatted()) {
+        my $in_preformatted;
+        if ($program_version_num >= 7.001090) {
+          $in_preformatted = $self->in_preformatted_context();
+        } else {
+          $in_preformatted = $self->in_preformatted();
+        }
+        if ($in_preformatted) {
            $result .= $heading."\n";
        } else {
            # if the level was changed, set the command name right
@ -149,21 +194,25 @@ sub ffmpeg_heading_command($$$$$)
                $cmdname
                    = $Texinfo::Common::level_to_structuring_command{$cmdname}->[$heading_level];
            }
-            # format_heading_text expects an array of headings for texinfo >= 7.0
            if ($program_version_num >= 7.000000) {
-                $heading = [$heading];
-            }
-            $result .= &{get_formatting_function($self,'format_heading_text')}(
+                $result .= &{get_formatting_function($self,'format_heading_text')}($self,
+                     $cmdname, [$cmdname], $heading,
+                     $heading_level +$self->get_conf('CHAPTER_HEADER_LEVEL') -1,
+                     $heading_id, $command);
+
+            } else {
+              $result .= &{get_formatting_function($self,'format_heading_text')}(
                        $self, $cmdname, $heading,
                        $heading_level +
                        $self->get_conf('CHAPTER_HEADER_LEVEL') - 1, $command);
+            }
        }
    }
    $result .= $content if (defined($content));
    return $result;
 }

-foreach my $command (keys(%Texinfo::Common::sectioning_commands), 'node') {
+foreach my $command (keys(%sectioning_commands), 'node') {
    texinfo_register_command_formatting($command, \&ffmpeg_heading_command);
 }

@ -188,28 +237,56 @@ sub ffmpeg_begin_file($$$)
    my $filename = shift;
    my $element = shift;

-    my $command;
-    if ($element and $self->get_conf('SPLIT')) {
-        $command = $self->element_command($element);
+    my ($element_command, $node_command, $command_for_title);
+    if ($element) {
+        if ($element->{'unit_command'}) {
+          $element_command = $element->{'unit_command'};
+        } elsif ($self->can('tree_unit_element_command')) {
+          $element_command = $self->tree_unit_element_command($element);
+        } elsif ($self->can('tree_unit_element_command')) {
+          $element_command = $self->element_command($element);
+        }
+
+       $node_command = $element_command;
+       if ($element_command and $element_command->{'cmdname'}
+           and $element_command->{'cmdname'} ne 'node'
+           and $element_command->{'extra'}
+           and $element_command->{'extra'}->{'associated_node'}) {
+         $node_command = $element_command->{'extra'}->{'associated_node'};
+       }
+
+       $command_for_title = $element_command if ($self->get_conf('SPLIT'));
    }

-    my ($title, $description, $encoding, $date, $css_lines,
-        $doctype, $bodytext, $copying_comment, $after_body_open,
-        $extra_head, $program_and_version, $program_homepage,
+    my ($title, $description, $keywords, $encoding, $date, $css_lines, $doctype,
+        $root_html_element_attributes, $body_attributes, $copying_comment,
+        $after_body_open, $extra_head, $program_and_version, $program_homepage,
        $program, $generator);
-    if ($program_version_num >= 7.000000) {
-        ($title, $description, $encoding, $date, $css_lines,
-         $doctype, $bodytext, $copying_comment, $after_body_open,
+    if ($program_version_num >= 7.001090) {
+        ($title, $description, $keywords, $encoding, $date, $css_lines, $doctype,
+         $root_html_element_attributes, $body_attributes, $copying_comment,
+         $after_body_open, $extra_head, $program_and_version, $program_homepage,
+         $program, $generator) = $self->_file_header_information($command_for_title,
+                                                                 $filename);
+    } elsif ($program_version_num >= 7.000000) {
+        ($title, $description, $encoding, $date, $css_lines, $doctype,
+         $root_html_element_attributes, $copying_comment, $after_body_open,
         $extra_head, $program_and_version, $program_homepage,
-         $program, $generator) = $self->_file_header_information($command);
+         $program, $generator) = $self->_file_header_information($command_for_title,
+                                                                 $filename);
    } else {
        ($title, $description, $encoding, $date, $css_lines,
-         $doctype, $bodytext, $copying_comment, $after_body_open,
-         $extra_head, $program_and_version, $program_homepage,
-         $program, $generator) = $self->_file_header_informations($command);
+         $doctype, $root_html_element_attributes, $copying_comment,
+         $after_body_open, $extra_head, $program_and_version, $program_homepage,
+         $program, $generator) = $self->_file_header_informations($command_for_title);
    }

-    my $links = $self->_get_links ($filename, $element);
+    my $links;
+    if ($program_version_num >= 7.000000) {
+      $links = $self->_get_links($filename, $element, $node_command);
+    } else {
+      $links = $self->_get_links ($filename, $element);
+    }

    my $head1 = $ENV{"FFMPEG_HEADER1"} || <<EOT;
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
@ -252,13 +329,25 @@ sub ffmpeg_program_string($)
  if (defined($self->get_conf('PROGRAM'))
      and $self->get_conf('PROGRAM') ne ''
      and defined($self->get_conf('PACKAGE_URL'))) {
-    return $self->convert_tree(
+    if ($program_version_num >= 7.001090) {
+     return $self->convert_tree(
+      $self->cdt('This document was generated using @uref{{program_homepage}, @emph{{program}}}.',
+         { 'program_homepage' => {'text' => $self->get_conf('PACKAGE_URL')},
+           'program' => {'text' => $self->get_conf('PROGRAM') }}));
+    } else {
+     return $self->convert_tree(
      $self->gdt('This document was generated using @uref{{program_homepage}, @emph{{program}}}.',
-         { 'program_homepage' => $self->get_conf('PACKAGE_URL'),
-           'program' => $self->get_conf('PROGRAM') }));
+         { 'program_homepage' => {'text' => $self->get_conf('PACKAGE_URL')},
+           'program' => {'text' => $self->get_conf('PROGRAM') }}));
+    }
  } else {
-    return $self->convert_tree(
-      $self->gdt('This document was generated automatically.'));
+    if ($program_version_num >= 7.001090) {
+      return $self->convert_tree(
+        $self->cdt('This document was generated automatically.'));
+    } else {
+      return $self->convert_tree(
+        $self->gdt('This document was generated automatically.'));
+    }
  }
 }
 if ($program_version_6_8) {
--- a/fftools/ffmpeg_demux.c
+++ b/fftools/ffmpeg_demux.c
@ -912,9 +912,18 @@ static int ist_use(InputStream *ist, int decoding_needed,

    if (decoding_needed && ds->sch_idx_dec < 0) {
        int is_audio = ist->st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO;
+        int is_unreliable = !!(d->f.ctx->iformat->flags & AVFMT_NOTIMESTAMPS);
+        int64_t use_wallclock_as_timestamps;
+
+        ret = av_opt_get_int(d->f.ctx, "use_wallclock_as_timestamps", 0, &use_wallclock_as_timestamps);
+        if (ret < 0)
+            return ret;
+
+        if (use_wallclock_as_timestamps)
+            is_unreliable = 0;

        ds->dec_opts.flags |= (!!ist->fix_sub_duration * DECODER_FLAG_FIX_SUB_DURATION) |
-                              (!!(d->f.ctx->iformat->flags & AVFMT_NOTIMESTAMPS) * DECODER_FLAG_TS_UNRELIABLE) |
+                              (!!is_unreliable * DECODER_FLAG_TS_UNRELIABLE) |
                              (!!(d->loop && is_audio) * DECODER_FLAG_SEND_END_TS)
 #if FFMPEG_OPT_TOP
                              | ((ist->top_field_first >= 0) * DECODER_FLAG_TOP_FIELD_FIRST)
--- a/fftools/ffmpeg_filter.c
+++ b/fftools/ffmpeg_filter.c
@ -1101,8 +1101,9 @@ int fg_create(FilterGraph **pfg, char *graph_desc, Scheduler *sch)

    for (unsigned i = 0; i < graph->nb_filters; i++) {
        const AVFilter *f = graph->filters[i]->filter;
-        if (!avfilter_filter_pad_count(f, 0) &&
-            !(f->flags & AVFILTER_FLAG_DYNAMIC_INPUTS)) {
+        if ((!avfilter_filter_pad_count(f, 0) &&
+             !(f->flags & AVFILTER_FLAG_DYNAMIC_INPUTS)) ||
+            !strcmp(f->name, "apad")) {
            fgp->have_sources = 1;
            break;
        }
@ -1408,8 +1409,10 @@ int fg_finalise_bindings(void)
        for (int j = 0; j < fg->nb_outputs; j++) {
            OutputFilter *output = fg->outputs[j];
            if (!output->bound) {
-                av_log(filtergraphs[j], AV_LOG_FATAL,
-                       "Filter %s has an unconnected output\n", output->name);
+                av_log(fg, AV_LOG_FATAL,
+                       "Filter '%s' has output %d (%s) unconnected\n",
+                       output->name, j,
+                       output->linklabel ? (const char *)output->linklabel : "unlabeled");
                return AVERROR(EINVAL);
            }
        }
@ -1495,7 +1498,7 @@ static int insert_filter(AVFilterContext **last_filter, int *pad_idx,
    return 0;
 }

-static int configure_output_video_filter(FilterGraph *fg, AVFilterGraph *graph,
+static int configure_output_video_filter(FilterGraphPriv *fgp, AVFilterGraph *graph,
                                         OutputFilter *ofilter, AVFilterInOut *out)
 {
    OutputFilterPriv *ofp = ofp_from_ofilter(ofilter);
@ -1574,7 +1577,7 @@ static int configure_output_video_filter(FilterGraph *fg, AVFilterGraph *graph,
    return 0;
 }

-static int configure_output_audio_filter(FilterGraph *fg, AVFilterGraph *graph,
+static int configure_output_audio_filter(FilterGraphPriv *fgp, AVFilterGraph *graph,
                                         OutputFilter *ofilter, AVFilterInOut *out)
 {
    OutputFilterPriv *ofp = ofp_from_ofilter(ofilter);
@ -1639,8 +1642,10 @@ static int configure_output_audio_filter(FilterGraph *fg, AVFilterGraph *graph,
        pad_idx = 0;
    }

-    if (ofilter->apad)
+    if (ofilter->apad) {
        AUTO_INSERT_FILTER("-apad", "apad", ofilter->apad);
+        fgp->have_sources = 1;
+    }

    snprintf(name, sizeof(name), "trim for output %s", ofp->name);
    ret = insert_trim(ofp->trim_start_us, ofp->trim_duration_us,
@ -1656,12 +1661,12 @@ fail:
    return ret;
 }

-static int configure_output_filter(FilterGraph *fg, AVFilterGraph *graph,
+static int configure_output_filter(FilterGraphPriv *fgp, AVFilterGraph *graph,
                                   OutputFilter *ofilter, AVFilterInOut *out)
 {
    switch (ofilter->type) {
-    case AVMEDIA_TYPE_VIDEO: return configure_output_video_filter(fg, graph, ofilter, out);
-    case AVMEDIA_TYPE_AUDIO: return configure_output_audio_filter(fg, graph, ofilter, out);
+    case AVMEDIA_TYPE_VIDEO: return configure_output_video_filter(fgp, graph, ofilter, out);
+    case AVMEDIA_TYPE_AUDIO: return configure_output_audio_filter(fgp, graph, ofilter, out);
    default: av_assert0(0); return 0;
    }
 }
@ -1938,7 +1943,7 @@ static int configure_filtergraph(FilterGraph *fg, FilterGraphThread *fgt)
    avfilter_inout_free(&inputs);

    for (cur = outputs, i = 0; cur; cur = cur->next, i++) {
-        ret = configure_output_filter(fg, fgt->graph, fg->outputs[i], cur);
+        ret = configure_output_filter(fgp, fgt->graph, fg->outputs[i], cur);
        if (ret < 0) {
            avfilter_inout_free(&outputs);
            goto fail;
@ -1993,6 +1998,10 @@ static int configure_filtergraph(FilterGraph *fg, FilterGraphThread *fgt)
            if (ifp->type_src == AVMEDIA_TYPE_SUBTITLE) {
                sub2video_frame(&ifp->ifilter, tmp, !fgt->graph);
            } else {
+                if (ifp->type_src == AVMEDIA_TYPE_VIDEO) {
+                    if (ifp->displaymatrix_applied)
+                        av_frame_remove_side_data(tmp, AV_FRAME_DATA_DISPLAYMATRIX);
+                }
                ret = av_buffersrc_add_frame(ifp->filter, tmp);
            }
            av_frame_free(&tmp);
--- a/fftools/ffplay.c
+++ b/fftools/ffplay.c
@ -2607,6 +2607,11 @@ static int create_hwaccel(AVBufferRef **device_ctx)
    if (type == AV_HWDEVICE_TYPE_NONE)
        return AVERROR(ENOTSUP);

+    if (!vk_renderer) {
+        av_log(NULL, AV_LOG_ERROR, "Vulkan renderer is not available\n");
+        return AVERROR(ENOTSUP);
+    }
+
    ret = vk_renderer_get_hw_dev(vk_renderer, &vk_dev);
    if (ret < 0)
        return ret;
--- a/libavcodec/Makefile
+++ b/libavcodec/Makefile
@ -108,7 +108,7 @@ OBJS-$(CONFIG_H264PARSE)               += h264_parse.o h264_ps.o h264data.o \
                                          h2645data.o h2645_parse.o h2645_vui.o
 OBJS-$(CONFIG_H264PRED)                += h264pred.o
 OBJS-$(CONFIG_H264QPEL)                += h264qpel.o
-OBJS-$(CONFIG_H264_SEI)                += h264_sei.o h2645_sei.o
+OBJS-$(CONFIG_H264_SEI)                += h264_sei.o h2645_sei.o aom_film_grain.o
 OBJS-$(CONFIG_HEVCPARSE)               += h2645data.o h2645_parse.o h2645_vui.o
 OBJS-$(CONFIG_HEVC_SEI)                += h2645_sei.o aom_film_grain.o \
                                          dynamic_hdr_vivid.o
--- a/libavcodec/aac/aacdec.c
+++ b/libavcodec/aac/aacdec.c
@ -1102,6 +1102,8 @@ static av_cold int decode_close(AVCodecContext *avctx)

    for (int i = 0; i < 2; i++) {
        OutputConfiguration *oc = &ac->oc[i];
+        av_channel_layout_uninit(&ac->oc[i].ch_layout);
+
        AACUSACConfig *usac = &oc->usac;
        for (int j = 0; j < usac->nb_elems; j++) {
            AACUsacElemConfig *ec = &usac->elems[j];
@ -1743,6 +1745,7 @@ int ff_aac_decode_ics(AACDecContext *ac, SingleChannelElement *sce,

    return 0;
 fail:
+    memset(sce->sfo, 0, sizeof(sce->sfo));
    tns->present = 0;
    return ret;
 }
@ -2194,6 +2197,7 @@ static int aac_decode_er_frame(AVCodecContext *avctx, AVFrame *frame,

    ac->frame->nb_samples = samples;
    ac->frame->sample_rate = avctx->sample_rate;
+    ac->frame->flags |= AV_FRAME_FLAG_KEY;
    *got_frame_ptr = 1;

    skip_bits_long(gb, get_bits_left(gb));
@ -2354,6 +2358,7 @@ static int decode_frame_ga(AVCodecContext *avctx, AACDecContext *ac,
    if (samples) {
        ac->frame->nb_samples = samples;
        ac->frame->sample_rate = avctx->sample_rate;
+        ac->frame->flags |= AV_FRAME_FLAG_KEY;
        *got_frame_ptr = 1;
    } else {
        av_frame_unref(ac->frame);
--- a/libavcodec/aac/aacdec_lpd.c
+++ b/libavcodec/aac/aacdec_lpd.c
@ -62,7 +62,7 @@ static void parse_qn(GetBitContext *gb, int *qn, int nk_mode, int no_qn)
 {
    if (nk_mode == 1) {
        for (int k = 0; k < no_qn; k++) {
-            qn[k] = get_unary(gb, 0, INT32_MAX); // TODO: find proper ranges
+            qn[k] = get_unary(gb, 0, 68); // TODO: find proper ranges
            if (qn[k])
                qn[k]++;
        }
@ -75,7 +75,7 @@ static void parse_qn(GetBitContext *gb, int *qn, int nk_mode, int no_qn)
    if (nk_mode == 2) {
        for (int k = 0; k < no_qn; k++) {
            if (qn[k] > 4) {
-                qn[k] = get_unary(gb, 0, INT32_MAX);;
+                qn[k] = get_unary(gb, 0, 65);
                if (qn[k])
                    qn[k] += 4;
            }
@ -85,7 +85,7 @@ static void parse_qn(GetBitContext *gb, int *qn, int nk_mode, int no_qn)

    for (int k = 0; k < no_qn; k++) {
        if (qn[k] > 4) {
-            int qn_ext = get_unary(gb, 0, INT32_MAX);;
+            int qn_ext = get_unary(gb, 0, 65);
            switch (qn_ext) {
            case 0: qn[k] = 5; break;
            case 1: qn[k] = 6; break;
@ -114,6 +114,9 @@ static int parse_codebook_idx(GetBitContext *gb, uint32_t *kv,
        }
    }

+    if (nk > 25)
+        return AVERROR_PATCHWELCOME;
+
    skip_bits(gb, 4*n);

    if (nk > 0)
--- a/libavcodec/aac/aacdec_usac.c
+++ b/libavcodec/aac/aacdec_usac.c
@ -265,6 +265,7 @@ static int decode_usac_extension(AACDecContext *ac, AACUsacElemConfig *e,
        /* No configuration needed - fallthrough (len should be 0) */
    default:
        skip_bits(gb, 8*ext_config_len);
+        e->ext.type = ID_EXT_ELE_FILL;
        break;
    };

@ -566,15 +567,8 @@ static int decode_usac_scale_factors(AACDecContext *ac,
    int offset_sf = global_gain;
    for (int g = 0; g < ics->num_window_groups; g++) {
        for (int sfb = 0; sfb < ics->max_sfb; sfb++) {
-            /* First coefficient is just the global gain */
-            if (!g && !sfb) {
-                /* The cannonical representation of quantized scalefactors
-                 * in the spec is with 100 subtracted. */
-                sce->sfo[0] = offset_sf - 100;
-                continue;
-            }
-
-            offset_sf += get_vlc2(gb, ff_vlc_scalefactors, 7, 3) - SCALE_DIFF_ZERO;
+            if (g || sfb)
+                offset_sf += get_vlc2(gb, ff_vlc_scalefactors, 7, 3) - SCALE_DIFF_ZERO;
            if (offset_sf > 255U) {
                av_log(ac->avctx, AV_LOG_ERROR,
                       "Scalefactor (%d) out of range.\n", offset_sf);
@ -917,8 +911,10 @@ static int decode_usac_stereo_info(AACDecContext *ac, AACUSACConfig *usac,
        }

        ret = setup_sce(ac, sce1, usac);
-        if (ret < 0)
+        if (ret < 0) {
+            ics2->max_sfb = 0;
            return ret;
+        }

        ret = setup_sce(ac, sce2, usac);
        if (ret < 0)
--- a/libavcodec/aac_ac3_parser.c
+++ b/libavcodec/aac_ac3_parser.c
@ -40,6 +40,8 @@ int ff_aac_ac3_parse(AVCodecParserContext *s1,
    int new_frame_start;
    int got_frame = 0;

+    s1->key_frame = -1;
+
    if (s1->flags & PARSER_FLAG_COMPLETE_FRAMES) {
        i = buf_size;
        got_frame = 1;
@ -145,10 +147,15 @@ get_next:
        } else {
 #if CONFIG_AAC_PARSER
            AACADTSHeaderInfo hdr;
+            GetBitContext gb;
+            int profile;
+            init_get_bits8(&gb, buf, buf_size);
            if (buf_size < AV_AAC_ADTS_HEADER_SIZE ||
-                ff_adts_header_parse_buf(buf, &hdr) < 0)
+                ff_adts_header_parse(&gb, &hdr) < 0)
                return i;

+            avctx->profile = hdr.object_type - 1;
+            s1->key_frame = (avctx->profile == AV_PROFILE_AAC_USAC) ? get_bits1(&gb) : 1;
            bit_rate = hdr.bit_rate;
 #endif
        }
--- a/libavcodec/aacenc.c
+++ b/libavcodec/aacenc.c
@ -1177,6 +1177,8 @@ static int aac_encode_frame(AVCodecContext *avctx, AVPacket *avpkt,
    ff_af_queue_remove(&s->afq, avctx->frame_size, &avpkt->pts,
                       &avpkt->duration);

+    avpkt->flags |= AV_PKT_FLAG_KEY;
+
    *got_packet_ptr = 1;
    return 0;
 }
--- a/libavcodec/aacsbr_template.c
+++ b/libavcodec/aacsbr_template.c
@ -599,6 +599,7 @@ static int sbr_make_f_derived(AACDecContext *ac, SpectralBandReplication *sbr)

    if (sbr->n_q > 5) {
        av_log(ac->avctx, AV_LOG_ERROR, "Too many noise floor scale factors: %d\n", sbr->n_q);
+        sbr->n_q = 1;
        return -1;
    }

--- a/libavcodec/aarch64/h264pred_neon.S
+++ b/libavcodec/aarch64/h264pred_neon.S
@ -502,28 +502,27 @@ function ff_pred16x16_plane_neon_10, export=1
        add             v7.4h,  v7.4h,  v0.4h
        shl             v2.4h,  v7.4h,  #4
        ssubl           v2.4s,  v2.4h,  v3.4h
-        shl             v3.4h,  v4.4h,  #4
        ext             v0.16b, v0.16b, v0.16b, #14
-        ssubl           v6.4s,  v5.4h,  v3.4h
+        sxtl            v6.4s,  v5.4h          // c

        mov             v0.h[0],  wzr
        mul             v0.8h,  v0.8h,  v4.h[0]
        dup             v16.4s, v2.s[0]
        dup             v17.4s, v2.s[0]
-        dup             v2.8h,  v4.h[0]
-        dup             v3.4s,  v6.s[0]
-        shl             v2.8h,  v2.8h,  #3
+        dup             v2.8h,  v4.h[0]        // b
+        dup             v3.4s,  v6.s[0]        // c
+        sshll           v2.4s,  v2.4h,  #3     // b * 8
        saddw           v16.4s, v16.4s, v0.4h
        saddw2          v17.4s, v17.4s, v0.8h
-        saddw           v3.4s,  v3.4s,  v2.4h
+        sub             v3.4s,  v3.4s,  v2.4s

        mov             w3,      #16
        mvni            v4.8h,   #0xFC, lsl #8 // 1023 for clipping
 1:
        sqshrun         v0.4h,  v16.4s, #5
        sqshrun2        v0.8h,  v17.4s, #5
-        saddw           v16.4s, v16.4s, v2.4h
-        saddw           v17.4s, v17.4s, v2.4h
+        add             v16.4s, v16.4s, v2.4s
+        add             v17.4s, v17.4s, v2.4s
        sqshrun         v1.4h,  v16.4s, #5
        sqshrun2        v1.8h,  v17.4s, #5
        add             v16.4s, v16.4s, v3.4s
@ -595,12 +594,11 @@ function ff_pred8x8_plane_neon_10, export=1
        ssubl           v2.4s,  v2.4h,  v3.4h
        ext             v0.16b, v0.16b, v0.16b, #14
        mov             v0.h[0],  wzr
-        mul             v0.8h,  v0.8h,  v5.h[0]
        dup             v1.4s,  v2.s[0]
        dup             v2.4s,  v2.s[0]
        dup             v3.8h,  v5.h[1]
-        saddw           v1.4s,  v1.4s,  v0.4h
-        saddw2          v2.4s,  v2.4s,  v0.8h
+        smlal           v1.4s,  v0.4h,  v5.h[0]
+        smlal2          v2.4s,  v0.8h,  v5.h[0]
        mov             w3,  #8
        mvni            v4.8h,  #0xFC,  lsl #8 // 1023 for clipping
 1:
--- a/libavcodec/aarch64/vp9mc_neon.S
+++ b/libavcodec/aarch64/vp9mc_neon.S
@ -230,6 +230,9 @@ function \type\()_8tap_\size\()h_\idx1\idx2
        // reduced dst stride
 .if \size >= 16
        sub             x1,  x1,  x5
+.elseif \size == 4
+        add             x12, x2,  #8
+        add             x13, x7,  #8
 .endif
        // size >= 16 loads two qwords and increments x2,
        // for size 4/8 it's enough with one qword and no
@ -248,9 +251,14 @@ function \type\()_8tap_\size\()h_\idx1\idx2
 .if \size >= 16
        ld1             {v4.8b,  v5.8b,  v6.8b},  [x2], #24
        ld1             {v16.8b, v17.8b, v18.8b}, [x7], #24
-.else
+.elseif \size == 8
        ld1             {v4.8b,  v5.8b},  [x2]
        ld1             {v16.8b, v17.8b}, [x7]
+.else // \size == 4
+        ld1             {v4.8b},  [x2]
+        ld1             {v16.8b}, [x7]
+        ld1             {v5.s}[0],  [x12], x3
+        ld1             {v17.s}[0], [x13], x3
 .endif
        uxtl            v4.8h,  v4.8b
        uxtl            v5.8h,  v5.8b
--- a/libavcodec/aarch64/vvc/alf.S
+++ b/libavcodec/aarch64/vvc/alf.S
@ -148,7 +148,7 @@
        sqxtun          v20.8b, v20.8h
        str             d20, [dst]
    .else
-        smin            v20.8h, v20.8h, v25.8h
+        umin            v20.8h, v20.8h, v25.8h
        str             q20, [dst]
    .endif
        ret
@ -249,7 +249,7 @@
        sqxtun          v20.8b, v20.8h
        str             s20, [dst]
    .else
-        smin            v20.4h, v20.4h, v25.4h
+        umin            v20.4h, v20.4h, v25.4h
        str             d20, [dst]
    .endif
        ret
--- a/libavcodec/ac3dec.c
+++ b/libavcodec/ac3dec.c
@ -199,7 +199,6 @@ static void ac3_downmix(AVCodecContext *avctx)
        av_channel_layout_uninit(&avctx->ch_layout);
        avctx->ch_layout = (AVChannelLayout)AV_CHANNEL_LAYOUT_STEREO;
    }
-    s->downmixed = 1;
 }

 /**
@ -241,6 +240,7 @@ static av_cold int ac3_decode_init(AVCodecContext *avctx)
        avctx->sample_fmt = AV_SAMPLE_FMT_FLTP;

    ac3_downmix(avctx);
+    s->downmixed = 1;

    for (i = 0; i < AC3_MAX_CHANNELS; i++) {
        s->xcfptr[i] = s->transform_coeffs[i];
--- a/libavcodec/aom_film_grain.c
+++ b/libavcodec/aom_film_grain.c
@ -26,7 +26,9 @@
 */

 #include "libavutil/avassert.h"
+#include "libavutil/buffer.h"
 #include "libavutil/imgutils.h"
+#include "libavutil/mem.h"

 #include "aom_film_grain.h"
 #include "get_bits.h"
@ -124,7 +126,7 @@ int ff_aom_parse_film_grain_sets(AVFilmGrainAFGS1Params *s,
 {
    GetBitContext gbc, *gb = &gbc;
    AVFilmGrainAOMParams *aom;
-    AVFilmGrainParams *fgp, *ref = NULL;
+    AVFilmGrainParams *fgp = NULL, *ref = NULL;
    int ret, num_sets, n, i, uv, num_y_coeffs, update_grain, luma_only;

    ret = init_get_bits8(gb, payload, payload_size);
@ -135,28 +137,38 @@ int ff_aom_parse_film_grain_sets(AVFilmGrainAFGS1Params *s,
    if (!s->enable)
        return 0;

+    for (int i = 0; i < FF_ARRAY_ELEMS(s->sets); i++)
+        av_buffer_unref(&s->sets[i]);
+
    skip_bits(gb, 4); // reserved
    num_sets = get_bits(gb, 3) + 1;
    for (n = 0; n < num_sets; n++) {
        int payload_4byte, payload_size, set_idx, apply_units_log2, vsc_flag;
        int predict_scaling, predict_y_scaling, predict_uv_scaling[2];
        int payload_bits, start_position;
+        size_t fgp_size;

        start_position = get_bits_count(gb);
        payload_4byte = get_bits1(gb);
        payload_size = get_bits(gb, payload_4byte ? 2 : 8);
        set_idx = get_bits(gb, 3);
-        fgp = &s->sets[set_idx];
+        fgp = av_film_grain_params_alloc(&fgp_size);
+        if (!fgp)
+            goto error;
        aom = &fgp->codec.aom;

        fgp->type = get_bits1(gb) ? AV_FILM_GRAIN_PARAMS_AV1 : AV_FILM_GRAIN_PARAMS_NONE;
-        if (!fgp->type)
+        if (!fgp->type) {
+            av_freep(&fgp);
            continue;
+        }

        fgp->seed = get_bits(gb, 16);
        update_grain = get_bits1(gb);
-        if (!update_grain)
+        if (!update_grain) {
+            av_freep(&fgp);
            continue;
+        }

        apply_units_log2  = get_bits(gb, 4);
        fgp->width  = get_bits(gb, 12) << apply_units_log2;
@ -330,32 +342,49 @@ int ff_aom_parse_film_grain_sets(AVFilmGrainAFGS1Params *s,
        if (payload_bits > payload_size * 8)
            goto error;
        skip_bits(gb, payload_size * 8 - payload_bits);
+
+        av_buffer_unref(&s->sets[set_idx]);
+        s->sets[set_idx] = av_buffer_create((uint8_t *)fgp, fgp_size, NULL, NULL, 0);
+        if (!s->sets[set_idx])
+            goto error;
    }
    return 0;

 error:
-    memset(s, 0, sizeof(*s));
+    av_free(fgp);
+    ff_aom_uninit_film_grain_params(s);
    return AVERROR_INVALIDDATA;
 }

 int ff_aom_attach_film_grain_sets(const AVFilmGrainAFGS1Params *s, AVFrame *frame)
 {
-    AVFilmGrainParams *fgp;
    if (!s->enable)
        return 0;

    for (int i = 0; i < FF_ARRAY_ELEMS(s->sets); i++) {
-        if (s->sets[i].type != AV_FILM_GRAIN_PARAMS_AV1)
+        AVBufferRef *buf;
+
+        if (!s->sets[i])
            continue;
-        fgp = av_film_grain_params_create_side_data(frame);
-        if (!fgp)
+
+        buf = av_buffer_ref(s->sets[i]);
+        if (!buf || !av_frame_new_side_data_from_buf(frame,
+                                                     AV_FRAME_DATA_FILM_GRAIN_PARAMS, buf)) {
+            av_buffer_unref(&buf);
            return AVERROR(ENOMEM);
-        memcpy(fgp, &s->sets[i], sizeof(*fgp));
+        }
    }

    return 0;
 }

+void ff_aom_uninit_film_grain_params(AVFilmGrainAFGS1Params *s)
+{
+    for (int i = 0; i < FF_ARRAY_ELEMS(s->sets); i++)
+        av_buffer_unref(&s->sets[i]);
+    s->enable = 0;
+}
+
 // Taken from the AV1 spec. Range is [-2048, 2047], mean is 0 and stddev is 512
 static const int16_t gaussian_sequence[2048] = {
    56,    568,   -180,  172,   124,   -84,   172,   -64,   -900,  24,   820,
--- a/libavcodec/aom_film_grain.h
+++ b/libavcodec/aom_film_grain.h
@ -28,11 +28,12 @@
 #ifndef AVCODEC_AOM_FILM_GRAIN_H
 #define AVCODEC_AOM_FILM_GRAIN_H

+#include "libavutil/buffer.h"
 #include "libavutil/film_grain_params.h"

 typedef struct AVFilmGrainAFGS1Params {
    int enable;
-    AVFilmGrainParams sets[8];
+    AVBufferRef *sets[8];
 } AVFilmGrainAFGS1Params;

 // Synthesizes film grain on top of `in` and stores the result to `out`. `out`
@ -48,4 +49,7 @@ int ff_aom_parse_film_grain_sets(AVFilmGrainAFGS1Params *s,
 // Attach all valid film grain param sets to `frame`.
 int ff_aom_attach_film_grain_sets(const AVFilmGrainAFGS1Params *s, AVFrame *frame);

+// Free all allocations in `s` and zero the entire struct.
+void ff_aom_uninit_film_grain_params(AVFilmGrainAFGS1Params *s);
+
 #endif /* AVCODEC_AOM_FILM_GRAIN_H */
--- a/libavcodec/arm/vp9mc_neon.S
+++ b/libavcodec/arm/vp9mc_neon.S
@ -279,11 +279,13 @@ function \type\()_8tap_\size\()h_\idx1\idx2
        sub             r1,  r1,  r5
 .endif
        @ size >= 16 loads two qwords and increments r2,
-        @ for size 4/8 it's enough with one qword and no
-        @ postincrement
+        @ size 4 loads 1 d word, increments r2 and loads 1 32-bit lane
+        @ for size 8 it's enough with one qword and no postincrement
 .if \size >= 16
        sub             r3,  r3,  r5
        sub             r3,  r3,  #8
+.elseif \size == 4
+        sub             r3,  r3,  #8
 .endif
        @ Load the filter vector
        vld1.16         {q0},  [r12,:128]
@ -295,9 +297,14 @@ function \type\()_8tap_\size\()h_\idx1\idx2
 .if \size >= 16
        vld1.8          {d18, d19, d20}, [r2]!
        vld1.8          {d24, d25, d26}, [r7]!
-.else
+.elseif \size == 8
        vld1.8          {q9},  [r2]
        vld1.8          {q12}, [r7]
+.else @ size == 4
+        vld1.8          {d18}, [r2]!
+        vld1.8          {d24}, [r7]!
+        vld1.32         {d19[0]}, [r2]
+        vld1.32         {d25[0]}, [r7]
 .endif
        vmovl.u8        q8,  d18
        vmovl.u8        q9,  d19
--- a/libavcodec/audiotoolboxdec.c
+++ b/libavcodec/audiotoolboxdec.c
@ -542,6 +542,8 @@ static int ffat_decode(AVCodecContext *avctx, AVFrame *frame,

    frame->nb_samples = avctx->frame_size;

+    frame->flags |= AV_FRAME_FLAG_KEY;
+
    out_buffers.mBuffers[0].mData = at->decoded_data;

    ret = AudioConverterFillComplexBuffer(at->converter, ffat_decode_callback, avctx,
--- a/libavcodec/audiotoolboxenc.c
+++ b/libavcodec/audiotoolboxenc.c
@ -576,6 +576,7 @@ static int ffat_encode(AVCodecContext *avctx, AVPacket *avpkt,
                                     avctx->frame_size,
                           &avpkt->pts,
                           &avpkt->duration);
+        avpkt->flags |= AV_PKT_FLAG_KEY;
    } else if (ret && ret != 1) {
        av_log(avctx, AV_LOG_ERROR, "Encode error: %i\n", ret);
        return AVERROR_EXTERNAL;
--- a/libavcodec/avcodec.c
+++ b/libavcodec/avcodec.c
@ -145,6 +145,7 @@ int attribute_align_arg avcodec_open2(AVCodecContext *avctx, const AVCodec *code
    int ret = 0;
    AVCodecInternal *avci;
    const FFCodec *codec2;
+    const AVDictionaryEntry *e;

    if (avcodec_is_open(avctx))
        return 0;
@ -175,8 +176,14 @@ int attribute_align_arg avcodec_open2(AVCodecContext *avctx, const AVCodec *code
    if (avctx->extradata_size < 0 || avctx->extradata_size >= FF_MAX_EXTRADATA_SIZE)
        return AVERROR(EINVAL);

-    if ((ret = av_opt_set_dict(avctx, options)) < 0)
-        return ret;
+    // set the whitelist from provided options dict,
+    // so we can check it immediately
+    e = options ? av_dict_get(*options, "codec_whitelist", NULL, 0) : NULL;
+    if (e) {
+        ret = av_opt_set(avctx, e->key, e->value, 0);
+        if (ret < 0)
+            return ret;
+    }

    if (avctx->codec_whitelist && av_match_list(codec->name, avctx->codec_whitelist, ',') <= 0) {
        av_log(avctx, AV_LOG_ERROR, "Codec (%s) not on whitelist \'%s\'\n", codec->name, avctx->codec_whitelist);
@ -211,12 +218,14 @@ int attribute_align_arg avcodec_open2(AVCodecContext *avctx, const AVCodec *code
                av_opt_set_defaults(avctx->priv_data);
            }
        }
-        if (codec->priv_class && (ret = av_opt_set_dict(avctx->priv_data, options)) < 0)
-            goto free_and_end;
    } else {
        avctx->priv_data = NULL;
    }

+    ret = av_opt_set_dict2(avctx, options, AV_OPT_SEARCH_CHILDREN);
+    if (ret < 0)
+        goto free_and_end;
+
    // only call ff_set_dimensions() for non H.264/VP6F/DXV codecs so as not to overwrite previously setup dimensions
    if (!(avctx->coded_width && avctx->coded_height && avctx->width && avctx->height &&
          (avctx->codec_id == AV_CODEC_ID_H264 || avctx->codec_id == AV_CODEC_ID_VP6F || avctx->codec_id == AV_CODEC_ID_DXV))) {
--- a/libavcodec/bsf/h264_mp4toannexb.c
+++ b/libavcodec/bsf/h264_mp4toannexb.c
@ -93,6 +93,11 @@ static int h264_extradata_to_annexb(AVBSFContext *ctx,
    const int padding                   = AV_INPUT_BUFFER_PADDING_SIZE;
    int length_size, pps_offset = 0;

+    if (extradata_size < 7) {
+        av_log(ctx, AV_LOG_ERROR, "Invalid extradata size: %d\n", extradata_size);
+        return AVERROR_INVALIDDATA;
+    }
+
    bytestream2_init(gb, extradata, extradata_size);

    bytestream2_skipu(gb, 4);
@ -262,16 +267,11 @@ static int h264_mp4toannexb_init(AVBSFContext *ctx)
        (extra_size >= 4 && AV_RB32(ctx->par_in->extradata) == 1)) {
        av_log(ctx, AV_LOG_VERBOSE,
               "The input looks like it is Annex B already\n");
-    } else if (extra_size >= 7) {
-        return h264_extradata_to_annexb(ctx,
-                                        ctx->par_in->extradata,
-                                        ctx->par_in->extradata_size);
-    } else {
-        av_log(ctx, AV_LOG_ERROR, "Invalid extradata size: %d\n", extra_size);
-        return AVERROR_INVALIDDATA;
+        return 0;
    }
-
-    return 0;
+    return h264_extradata_to_annexb(ctx,
+                                    ctx->par_in->extradata,
+                                    ctx->par_in->extradata_size);
 }

 static int h264_mp4toannexb_filter(AVBSFContext *ctx, AVPacket *opkt)
@ -293,10 +293,12 @@ static int h264_mp4toannexb_filter(AVBSFContext *ctx, AVPacket *opkt)

    extradata = av_packet_get_side_data(in, AV_PKT_DATA_NEW_EXTRADATA,
                                        &extradata_size);
-    if (extradata) {
+    if (extradata && extradata[0] == 1) {
        ret = h264_extradata_to_annexb(ctx, extradata, extradata_size);
        if (ret < 0)
            goto fail;
+        av_packet_side_data_remove(in->side_data, &in->side_data_elems,
+                                   AV_PKT_DATA_NEW_EXTRADATA);
    }

    /* nothing to filter */
--- a/libavcodec/cbs_av1.c
+++ b/libavcodec/cbs_av1.c
@ -728,16 +728,16 @@ static int cbs_av1_split_fragment(CodedBitstreamContext *ctx,
    }

    while (size > 0) {
-        AV1RawOBUHeader header;
+        AV1RawOBUHeader obu_header;
        uint64_t obu_size;

        init_get_bits(&gbc, data, 8 * size);

-        err = cbs_av1_read_obu_header(ctx, &gbc, &header);
+        err = cbs_av1_read_obu_header(ctx, &gbc, &obu_header);
        if (err < 0)
            goto fail;

-        if (header.obu_has_size_field) {
+        if (obu_header.obu_has_size_field) {
            if (get_bits_left(&gbc) < 8) {
                av_log(ctx->log_ctx, AV_LOG_ERROR, "Invalid OBU: fragment "
                       "too short (%"SIZE_SPECIFIER" bytes).\n", size);
@ -748,7 +748,7 @@ static int cbs_av1_split_fragment(CodedBitstreamContext *ctx,
            if (err < 0)
                goto fail;
        } else
-            obu_size = size - 1 - header.obu_extension_flag;
+            obu_size = size - 1 - obu_header.obu_extension_flag;

        pos = get_bits_count(&gbc);
        av_assert0(pos % 8 == 0 && pos / 8 <= size);
@ -763,7 +763,7 @@ static int cbs_av1_split_fragment(CodedBitstreamContext *ctx,
            goto fail;
        }

-        err = ff_cbs_append_unit_data(frag, header.obu_type,
+        err = ff_cbs_append_unit_data(frag, obu_header.obu_type,
                                      data, obu_length, frag->data_ref);
        if (err < 0)
            goto fail;
--- a/libavcodec/cbs_h265.h
+++ b/libavcodec/cbs_h265.h
@ -725,14 +725,14 @@ typedef struct H265RawSEI3DReferenceDisplaysInfo {
    uint8_t ref_viewing_distance_flag;
    uint8_t prec_ref_viewing_dist;
    uint8_t num_ref_displays_minus1;
-    uint8_t left_view_id[31];
-    uint8_t right_view_id[31];
-    uint8_t exponent_ref_display_width[31];
-    uint8_t mantissa_ref_display_width[31];
-    uint8_t exponent_ref_viewing_distance[31];
-    uint8_t mantissa_ref_viewing_distance[31];
-    uint8_t additional_shift_present_flag[31];
-    uint16_t num_sample_shift_plus512[31];
+    uint16_t left_view_id[32];
+    uint16_t right_view_id[32];
+    uint8_t exponent_ref_display_width[32];
+    uint8_t mantissa_ref_display_width[32];
+    uint8_t exponent_ref_viewing_distance[32];
+    uint8_t mantissa_ref_viewing_distance[32];
+    uint8_t additional_shift_present_flag[32];
+    uint16_t num_sample_shift_plus512[32];
    uint8_t three_dimensional_reference_displays_extension_flag;
 } H265RawSEI3DReferenceDisplaysInfo;

--- a/libavcodec/cbs_h265_syntax_template.c
+++ b/libavcodec/cbs_h265_syntax_template.c
@ -2299,8 +2299,8 @@ SEI_FUNC(sei_3d_reference_displays_info, (CodedBitstreamContext *ctx, RWContext
        ue(prec_ref_viewing_dist, 0, 31);
    ue(num_ref_displays_minus1, 0, 31);
    for (i = 0; i <= current->num_ref_displays_minus1; i++) {
-        ues(left_view_id[i], 0, UINT8_MAX, 1, i);
-        ues(right_view_id[i], 0, UINT8_MAX, 1, i);
+        ues(left_view_id[i], 0, MAX_UINT_BITS(15), 1, i);
+        ues(right_view_id[i], 0, MAX_UINT_BITS(15), 1, i);
        us(6, exponent_ref_display_width[i], 0, 62, 1, i);
        if (!current->exponent_ref_display_width[i])
            length = FFMAX(0, (int)current->prec_ref_display_width - 30);
--- a/libavcodec/cbs_h266_syntax_template.c
+++ b/libavcodec/cbs_h266_syntax_template.c
@ -1162,7 +1162,7 @@ static int FUNC(sps)(CodedBitstreamContext *ctx, RWContext *rw,
            for (i = 1; i <= current->sps_num_subpics_minus1; i++) {
                if (!current->sps_subpic_same_size_flag) {
                    if (current->sps_pic_width_max_in_luma_samples > ctb_size_y) {
-                        const unsigned int win_right_edge =
+                        const int win_right_edge =
                            current->sps_pic_width_max_in_luma_samples
                          - current->sps_conf_win_right_offset * sub_width_c;
                        us(wlen, sps_subpic_ctu_top_left_x[i], 0,
@ -1172,7 +1172,7 @@ static int FUNC(sps)(CodedBitstreamContext *ctx, RWContext *rw,
                        infer(sps_subpic_ctu_top_left_x[i], 0);
                    if (current->sps_pic_height_max_in_luma_samples >
                        ctb_size_y) {
-                        const unsigned int win_bottom_edge =
+                        const int win_bottom_edge =
                            current->sps_pic_height_max_in_luma_samples
                          - current->sps_conf_win_bottom_offset * sub_height_c;
                        us(hlen, sps_subpic_ctu_top_left_y[i], 0,
@ -1183,9 +1183,9 @@ static int FUNC(sps)(CodedBitstreamContext *ctx, RWContext *rw,
                    if (i < current->sps_num_subpics_minus1 &&
                        current->sps_pic_width_max_in_luma_samples >
                        ctb_size_y) {
-                        const unsigned int win_left_edge =
+                        const int win_left_edge =
                            current->sps_conf_win_left_offset * sub_width_c;
-                        const unsigned int win_left_edge_ctus =
+                        const int win_left_edge_ctus =
                            AV_CEIL_RSHIFT(win_left_edge, ctb_log2_size_y);
                        us(wlen, sps_subpic_width_minus1[i],
                           win_left_edge_ctus > current->sps_subpic_ctu_top_left_x[i]
@ -1200,9 +1200,9 @@ static int FUNC(sps)(CodedBitstreamContext *ctx, RWContext *rw,
                    if (i < current->sps_num_subpics_minus1 &&
                        current->sps_pic_height_max_in_luma_samples >
                        ctb_size_y) {
-                        const unsigned int win_top_edge =
+                        const int win_top_edge =
                            current->sps_conf_win_top_offset * sub_height_c;
-                        const unsigned int win_top_edge_ctus =
+                        const int win_top_edge_ctus =
                            AV_CEIL_RSHIFT(win_top_edge, ctb_log2_size_y);
                        us(hlen, sps_subpic_height_minus1[i],
                           win_top_edge_ctus > current->sps_subpic_ctu_top_left_y[i]
--- a/libavcodec/cbs_vp9.c
+++ b/libavcodec/cbs_vp9.c
@ -375,7 +375,7 @@ static int cbs_vp9_split_fragment(CodedBitstreamContext *ctx,
    superframe_header = frag->data[frag->data_size - 1];

    if ((superframe_header & 0xe0) == 0xc0) {
-        VP9RawSuperframeIndex sfi;
+        VP9RawSuperframeIndex sfi = {0};
        GetBitContext gbc;
        size_t index_size, pos;
        int i;
--- a/libavcodec/cfhdenc.c
+++ b/libavcodec/cfhdenc.c
@ -285,7 +285,7 @@ static av_cold int cfhd_encode_init(AVCodecContext *avctx)
        s->plane[i].dwt_buf =
            av_calloc(h8 * 8 * w8 * 8, sizeof(*s->plane[i].dwt_buf));
        s->plane[i].dwt_tmp =
-            av_malloc_array(h8 * 8 * w8 * 8, sizeof(*s->plane[i].dwt_tmp));
+            av_calloc(h8 * 8 * w8 * 8, sizeof(*s->plane[i].dwt_tmp));
        if (!s->plane[i].dwt_buf || !s->plane[i].dwt_tmp)
            return AVERROR(ENOMEM);

--- a/libavcodec/codec_desc.c
+++ b/libavcodec/codec_desc.c
@ -2697,7 +2697,7 @@ static const AVCodecDescriptor codec_descriptors[] = {
        .type      = AVMEDIA_TYPE_AUDIO,
        .name      = "aac",
        .long_name = NULL_IF_CONFIG_SMALL("AAC (Advanced Audio Coding)"),
-        .props     = AV_CODEC_PROP_INTRA_ONLY | AV_CODEC_PROP_LOSSY,
+        .props     = AV_CODEC_PROP_LOSSY,
        .profiles  = NULL_IF_CONFIG_SMALL(ff_aac_profiles),
    },
    {
@ -3031,7 +3031,7 @@ static const AVCodecDescriptor codec_descriptors[] = {
        .type      = AVMEDIA_TYPE_AUDIO,
        .name      = "aac_latm",
        .long_name = NULL_IF_CONFIG_SMALL("AAC LATM (Advanced Audio Coding LATM syntax)"),
-        .props     = AV_CODEC_PROP_INTRA_ONLY | AV_CODEC_PROP_LOSSY,
+        .props     = AV_CODEC_PROP_LOSSY,
        .profiles  = NULL_IF_CONFIG_SMALL(ff_aac_profiles),
    },
    {
--- a/libavcodec/decode.c
+++ b/libavcodec/decode.c
@ -1466,8 +1466,8 @@ static int side_data_map(AVFrame *dst,

 {
    for (int i = 0; map[i].packet < AV_PKT_DATA_NB; i++) {
-        const enum AVFrameSideDataType type_pkt   = map[i].packet;
-        const enum AVFrameSideDataType type_frame = map[i].frame;
+        const enum AVPacketSideDataType type_pkt   = map[i].packet;
+        const enum AVFrameSideDataType  type_frame = map[i].frame;
        const AVPacketSideData *sd_pkt;
        AVFrameSideData *sd_frame;

@ -1671,22 +1671,49 @@ static void update_frame_props(AVCodecContext *avctx, AVFrame *frame)
    }
 }

-static void attach_post_process_data(AVCodecContext *avctx, AVFrame *frame)
+static int attach_post_process_data(AVCodecContext *avctx, AVFrame *frame)
 {
    AVCodecInternal    *avci = avctx->internal;
    DecodeContext        *dc = decode_ctx(avci);

    if (dc->lcevc_frame) {
        FrameDecodeData *fdd = (FrameDecodeData*)frame->private_ref->data;
+        FFLCEVCFrame *frame_ctx;
+        int ret;

-        fdd->post_process_opaque = ff_refstruct_ref(dc->lcevc);
-        fdd->post_process_opaque_free = ff_lcevc_unref;
-        fdd->post_process = ff_lcevc_process;
+        frame_ctx = av_mallocz(sizeof(*frame_ctx));
+        if (!frame_ctx)
+            return AVERROR(ENOMEM);
+
+        frame_ctx->frame = av_frame_alloc();
+        if (!frame_ctx->frame) {
+            av_free(frame_ctx);
+            return AVERROR(ENOMEM);
+        }
+
+        frame_ctx->lcevc = ff_refstruct_ref(dc->lcevc);
+        frame_ctx->frame->width  = frame->width;
+        frame_ctx->frame->height = frame->height;
+        frame_ctx->frame->format = frame->format;

        frame->width  = dc->width;
        frame->height = dc->height;
+
+        ret = avctx->get_buffer2(avctx, frame_ctx->frame, 0);
+        if (ret < 0) {
+            ff_lcevc_unref(frame_ctx);
+            return ret;
+        }
+
+        validate_avframe_allocation(avctx, frame_ctx->frame);
+
+        fdd->post_process_opaque = frame_ctx;
+        fdd->post_process_opaque_free = ff_lcevc_unref;
+        fdd->post_process = ff_lcevc_process;
    }
    dc->lcevc_frame = 0;
+
+    return 0;
 }

 int ff_get_buffer(AVCodecContext *avctx, AVFrame *frame, int flags)
@ -1747,7 +1774,9 @@ int ff_get_buffer(AVCodecContext *avctx, AVFrame *frame, int flags)
    if (ret < 0)
        goto fail;

-    attach_post_process_data(avctx, frame);
+    ret = attach_post_process_data(avctx, frame);
+    if (ret < 0)
+        goto fail;

 end:
    if (avctx->codec_type == AVMEDIA_TYPE_VIDEO && !override_dimensions &&
--- a/libavcodec/eatgq.c
+++ b/libavcodec/eatgq.c
@ -178,7 +178,8 @@ static int tgq_decode_mb(TgqContext *s, GetByteContext *gbyte,
            dc[4] = bytestream2_get_byte(gbyte);
            dc[5] = bytestream2_get_byte(gbyte);
        } else if (mode == 6) {
-            bytestream2_get_buffer(gbyte, dc, 6);
+            if (bytestream2_get_buffer(gbyte, dc, 6) != 6)
+                return AVERROR_INVALIDDATA;
        } else if (mode == 12) {
            for (i = 0; i < 6; i++) {
                dc[i] = bytestream2_get_byte(gbyte);
--- a/libavcodec/ffv1.c
+++ b/libavcodec/ffv1.c
@ -119,6 +119,13 @@ av_cold int ff_ffv1_init_slices_state(FFV1Context *f)
    return 0;
 }

+int ff_need_new_slices(int width, int num_h_slices, int chroma_shift) {
+    int mpw = 1<<chroma_shift;
+    int i = width * (int64_t)(num_h_slices - 1) / num_h_slices;
+
+    return width % mpw && (width - i) % mpw == 0;
+}
+
 av_cold int ff_ffv1_init_slice_contexts(FFV1Context *f)
 {
    int max_slice_count = f->num_h_slices * f->num_v_slices;
@ -144,6 +151,8 @@ av_cold int ff_ffv1_init_slice_contexts(FFV1Context *f)
        sc->slice_height = sye - sys;
        sc->slice_x      = sxs;
        sc->slice_y      = sys;
+        sc->sx           = sx;
+        sc->sy           = sy;

        sc->sample_buffer = av_malloc_array((f->width + 6), 3 * MAX_PLANES *
                                            sizeof(*sc->sample_buffer));
--- a/libavcodec/ffv1.h
+++ b/libavcodec/ffv1.h
@ -44,6 +44,8 @@
 #define CONTEXT_SIZE 32

 #define MAX_QUANT_TABLES 8
+#define MAX_QUANT_TABLE_SIZE 256
+#define MAX_QUANT_TABLE_MASK (MAX_QUANT_TABLE_SIZE - 1)
 #define MAX_CONTEXT_INPUTS 5

 #define AC_GOLOMB_RICE          0
@ -75,6 +77,7 @@ typedef struct FFV1SliceContext {
    int slice_height;
    int slice_x;
    int slice_y;
+    int sx, sy;

    int run_index;
    int slice_coding_mode;
@ -122,7 +125,7 @@ typedef struct FFV1Context {
    const AVFrame *cur_enc_frame;
    int plane_count;
    int ac;                              ///< 1=range coder <-> 0=golomb rice
-    int16_t quant_tables[MAX_QUANT_TABLES][MAX_CONTEXT_INPUTS][256];
+    int16_t quant_tables[MAX_QUANT_TABLES][MAX_CONTEXT_INPUTS][MAX_QUANT_TABLE_SIZE];
    int context_count[MAX_QUANT_TABLES];
    uint8_t state_transition[256];
    uint8_t (*initial_states[MAX_QUANT_TABLES])[32];
@ -170,6 +173,7 @@ PlaneContext *ff_ffv1_planes_alloc(void);
 int ff_ffv1_allocate_initial_states(FFV1Context *f);
 void ff_ffv1_clear_slice_state(const FFV1Context *f, FFV1SliceContext *sc);
 int ff_ffv1_close(AVCodecContext *avctx);
+int ff_need_new_slices(int width, int num_h_slices, int chroma_shift);

 static av_always_inline int fold(int diff, int bits)
 {
--- a/libavcodec/ffv1_template.c
+++ b/libavcodec/ffv1_template.c
@ -29,7 +29,7 @@ static inline int RENAME(predict)(TYPE *src, TYPE *last)
    return mid_pred(L, L + T - LT, T);
 }

-static inline int RENAME(get_context)(const int16_t quant_table[MAX_CONTEXT_INPUTS][256],
+static inline int RENAME(get_context)(const int16_t quant_table[MAX_CONTEXT_INPUTS][MAX_QUANT_TABLE_SIZE],
                                      TYPE *src, TYPE *last, TYPE *last2)
 {
    const int LT = last[-1];
@ -40,14 +40,14 @@ static inline int RENAME(get_context)(const int16_t quant_table[MAX_CONTEXT_INPU
    if (quant_table[3][127] || quant_table[4][127]) {
        const int TT = last2[0];
        const int LL = src[-2];
-        return quant_table[0][(L - LT) & 0xFF] +
-               quant_table[1][(LT - T) & 0xFF] +
-               quant_table[2][(T - RT) & 0xFF] +
-               quant_table[3][(LL - L) & 0xFF] +
-               quant_table[4][(TT - T) & 0xFF];
+        return quant_table[0][(L - LT) & MAX_QUANT_TABLE_MASK] +
+               quant_table[1][(LT - T) & MAX_QUANT_TABLE_MASK] +
+               quant_table[2][(T - RT) & MAX_QUANT_TABLE_MASK] +
+               quant_table[3][(LL - L) & MAX_QUANT_TABLE_MASK] +
+               quant_table[4][(TT - T) & MAX_QUANT_TABLE_MASK];
    } else
-        return quant_table[0][(L - LT) & 0xFF] +
-               quant_table[1][(LT - T) & 0xFF] +
-               quant_table[2][(T - RT) & 0xFF];
+        return quant_table[0][(L - LT) & MAX_QUANT_TABLE_MASK] +
+               quant_table[1][(LT - T) & MAX_QUANT_TABLE_MASK] +
+               quant_table[2][(T - RT) & MAX_QUANT_TABLE_MASK];
 }

--- a/libavcodec/ffv1dec.c
+++ b/libavcodec/ffv1dec.c
@ -241,7 +241,7 @@ static int decode_slice_header(const FFV1Context *f,
    if (f->version > 3) {
        sc->slice_reset_contexts = get_rac(c, state);
        sc->slice_coding_mode = get_symbol(c, state, 0);
-        if (sc->slice_coding_mode != 1) {
+        if (sc->slice_coding_mode != 1 && f->colorspace == 1) {
            sc->slice_rct_by_coef = get_symbol(c, state, 0);
            sc->slice_rct_ry_coef = get_symbol(c, state, 0);
            if ((uint64_t)sc->slice_rct_by_coef + (uint64_t)sc->slice_rct_ry_coef > 4) {
@ -347,7 +347,7 @@ static int decode_slice(AVCodecContext *c, void *arg)
    if (f->ac != AC_GOLOMB_RICE && f->version > 2) {
        int v;
        get_rac(&sc->c, (uint8_t[]) { 129 });
-        v = sc->c.bytestream_end - sc->c.bytestream - 2 - 5*f->ec;
+        v = sc->c.bytestream_end - sc->c.bytestream - 2 - 5*!!f->ec;
        if (v) {
            av_log(f->avctx, AV_LOG_ERROR, "bytestream end mismatching by %d\n", v);
            slice_set_damaged(f, sc);
--- a/libavcodec/ffv1enc.c
+++ b/libavcodec/ffv1enc.c
@ -198,7 +198,7 @@ static av_always_inline av_flatten void put_symbol_inline(RangeCoder *c,
    } while (0)

    if (v) {
-        const int a = FFABS(v);
+        const unsigned a = is_signed ? FFABS(v) : v;
        const int e = av_log2(a);
        put_rac(c, state + 0, 0);
        if (e <= 9) {
@ -317,7 +317,7 @@ static void write_quant_table(RangeCoder *c, int16_t *quant_table)
    uint8_t state[CONTEXT_SIZE];
    memset(state, 128, sizeof(state));

-    for (i = 1; i < 128; i++)
+    for (i = 1; i < MAX_QUANT_TABLE_SIZE/2; i++)
        if (quant_table[i] != quant_table[i - 1]) {
            put_symbol(c, state, i - last - 1, 0);
            last = i;
@ -326,7 +326,7 @@ static void write_quant_table(RangeCoder *c, int16_t *quant_table)
 }

 static void write_quant_tables(RangeCoder *c,
-                               int16_t quant_table[MAX_CONTEXT_INPUTS][256])
+                               int16_t quant_table[MAX_CONTEXT_INPUTS][MAX_QUANT_TABLE_SIZE])
 {
    int i;
    for (i = 0; i < 5; i++)
@ -528,6 +528,11 @@ static av_cold int encode_init(AVCodecContext *avctx)
        avctx->slices > 1)
        s->version = FFMAX(s->version, 2);

+    if ((avctx->flags & (AV_CODEC_FLAG_PASS1 | AV_CODEC_FLAG_PASS2)) && s->ac == AC_GOLOMB_RICE) {
+        av_log(avctx, AV_LOG_ERROR, "2 Pass mode is not possible with golomb coding\n");
+        return AVERROR(EINVAL);
+    }
+
    // Unspecified level & slices, we choose version 1.2+ to ensure multithreaded decodability
    if (avctx->slices == 0 && avctx->level < 0 && avctx->width * avctx->height > 720*576)
        s->version = FFMAX(s->version, 2);
@ -552,7 +557,7 @@ static av_cold int encode_init(AVCodecContext *avctx)
        s->version = FFMAX(s->version, 3);

    if ((s->version == 2 || s->version>3) && avctx->strict_std_compliance > FF_COMPLIANCE_EXPERIMENTAL) {
-        av_log(avctx, AV_LOG_ERROR, "Version 2 needed for requested features but version 2 is experimental and not enabled\n");
+        av_log(avctx, AV_LOG_ERROR, "Version 2 or 4 needed for requested features but version 2 or 4 is experimental and not enabled\n");
        return AVERROR_INVALIDDATA;
    }

@ -713,7 +718,7 @@ static av_cold int encode_init(AVCodecContext *avctx)
            s->state_transition[i] = c.one_state[i];
    }

-    for (i = 0; i < 256; i++) {
+    for (i = 0; i < MAX_QUANT_TABLE_SIZE; i++) {
        s->quant_table_count = 2;
        if (s->bits_per_raw_sample <= 8) {
            s->quant_tables[0][0][i]=           quant11[i];
@ -724,19 +729,21 @@ static av_cold int encode_init(AVCodecContext *avctx)
            s->quant_tables[1][2][i]=     11*11*quant5 [i];
            s->quant_tables[1][3][i]=   5*11*11*quant5 [i];
            s->quant_tables[1][4][i]= 5*5*11*11*quant5 [i];
+            s->context_count[0] = (11 * 11 * 11        + 1) / 2;
+            s->context_count[1] = (11 * 11 * 5 * 5 * 5 + 1) / 2;
        } else {
            s->quant_tables[0][0][i]=           quant9_10bit[i];
-            s->quant_tables[0][1][i]=        11*quant9_10bit[i];
-            s->quant_tables[0][2][i]=     11*11*quant9_10bit[i];
+            s->quant_tables[0][1][i]=         9*quant9_10bit[i];
+            s->quant_tables[0][2][i]=       9*9*quant9_10bit[i];
            s->quant_tables[1][0][i]=           quant9_10bit[i];
-            s->quant_tables[1][1][i]=        11*quant9_10bit[i];
-            s->quant_tables[1][2][i]=     11*11*quant5_10bit[i];
-            s->quant_tables[1][3][i]=   5*11*11*quant5_10bit[i];
-            s->quant_tables[1][4][i]= 5*5*11*11*quant5_10bit[i];
+            s->quant_tables[1][1][i]=         9*quant9_10bit[i];
+            s->quant_tables[1][2][i]=       9*9*quant5_10bit[i];
+            s->quant_tables[1][3][i]=     5*9*9*quant5_10bit[i];
+            s->quant_tables[1][4][i]=   5*5*9*9*quant5_10bit[i];
+            s->context_count[0] = (9 * 9 * 9         + 1) / 2;
+            s->context_count[1] = (9 * 9 * 5 * 5 * 5 + 1) / 2;
        }
    }
-    s->context_count[0] = (11 * 11 * 11        + 1) / 2;
-    s->context_count[1] = (11 * 11 * 5 * 5 * 5 + 1) / 2;

    if ((ret = ff_ffv1_allocate_initial_states(s)) < 0)
        return ret;
@ -858,6 +865,10 @@ static av_cold int encode_init(AVCodecContext *avctx)
                    continue;
                if (maxw * maxh * (int64_t)(s->bits_per_raw_sample+1) * plane_count > 8<<24)
                    continue;
+                if (s->version < 4)
+                    if (  ff_need_new_slices(avctx->width , s->num_h_slices, s->chroma_h_shift)
+                        ||ff_need_new_slices(avctx->height, s->num_v_slices, s->chroma_v_shift))
+                        continue;
                if (avctx->slices == s->num_h_slices * s->num_v_slices && avctx->slices <= MAX_SLICES || !avctx->slices)
                    goto slices_ok;
            }
@ -916,10 +927,10 @@ static void encode_slice_header(FFV1Context *f, FFV1SliceContext *sc)
    int j;
    memset(state, 128, sizeof(state));

-    put_symbol(c, state, (sc->slice_x     +1)*f->num_h_slices / f->width   , 0);
-    put_symbol(c, state, (sc->slice_y     +1)*f->num_v_slices / f->height  , 0);
-    put_symbol(c, state, (sc->slice_width +1)*f->num_h_slices / f->width -1, 0);
-    put_symbol(c, state, (sc->slice_height+1)*f->num_v_slices / f->height-1, 0);
+    put_symbol(c, state, sc->sx, 0);
+    put_symbol(c, state, sc->sy, 0);
+    put_symbol(c, state, 0, 0);
+    put_symbol(c, state, 0, 0);
    for (j=0; j<f->plane_count; j++) {
        put_symbol(c, state, sc->plane[j].quant_table_index, 0);
        av_assert0(sc->plane[j].quant_table_index == f->context_model);
@ -935,7 +946,7 @@ static void encode_slice_header(FFV1Context *f, FFV1SliceContext *sc)
        if (sc->slice_coding_mode == 1)
            ff_ffv1_clear_slice_state(f, sc);
        put_symbol(c, state, sc->slice_coding_mode, 0);
-        if (sc->slice_coding_mode != 1) {
+        if (sc->slice_coding_mode != 1 && f->colorspace == 1) {
            put_symbol(c, state, sc->slice_rct_by_coef, 0);
            put_symbol(c, state, sc->slice_rct_ry_coef, 0);
        }
@ -969,6 +980,9 @@ static void choose_rct_params(const FFV1Context *f, FFV1SliceContext *sc,
    int x, y, i, p, best;
    int16_t *sample[3];
    int lbd = f->bits_per_raw_sample <= 8;
+    int packed = !src[1];
+    int transparency = f->transparency;
+    int packed_size = (3 + transparency)*2;

    for (y = 0; y < h; y++) {
        int lastr=0, lastg=0, lastb=0;
@ -983,6 +997,15 @@ static void choose_rct_params(const FFV1Context *f, FFV1SliceContext *sc,
                b =  v        & 0xFF;
                g = (v >>  8) & 0xFF;
                r = (v >> 16) & 0xFF;
+            } else if (packed) {
+                const uint16_t *p = ((const uint16_t*)(src[0] + x*packed_size + stride[0]*y));
+                r = p[0];
+                g = p[1];
+                b = p[2];
+            } else if (f->use32bit || transparency) {
+                g = *((const uint16_t *)(src[0] + x*2 + stride[0]*y));
+                b = *((const uint16_t *)(src[1] + x*2 + stride[1]*y));
+                r = *((const uint16_t *)(src[2] + x*2 + stride[2]*y));
            } else {
                b = *((const uint16_t*)(src[0] + x*2 + stride[0]*y));
                g = *((const uint16_t*)(src[1] + x*2 + stride[1]*y));
@ -1043,7 +1066,7 @@ static int encode_slice(AVCodecContext *c, void *arg)
                                p->data[3] ? p->data[3] + ps*x + y*p->linesize[3] : NULL};

    sc->slice_coding_mode = 0;
-    if (f->version > 3) {
+    if (f->version > 3 && f->colorspace == 1) {
        choose_rct_params(f, sc, planes, p->linesize, width, height);
    } else {
        sc->slice_rct_by_coef = 1;
@ -1086,6 +1109,13 @@ retry:
        ret = encode_rgb_frame(f, sc, planes, width, height, p->linesize);
    }

+    if (f->ac != AC_GOLOMB_RICE) {
+        sc->ac_byte_count = ff_rac_terminate(&sc->c, 1);
+    } else {
+        flush_put_bits(&sc->pb); // FIXME: nicer padding
+        sc->ac_byte_count += put_bytes_output(&sc->pb);
+    }
+
    if (ret < 0) {
        av_assert0(sc->slice_coding_mode == 0);
        if (f->version < 4 || !f->ac) {
@ -1210,14 +1240,7 @@ static int encode_frame(AVCodecContext *avctx, AVPacket *pkt,
    buf_p = pkt->data;
    for (i = 0; i < f->slice_count; i++) {
        FFV1SliceContext *sc = &f->slices[i];
-        int bytes;
-
-        if (f->ac != AC_GOLOMB_RICE) {
-            bytes = ff_rac_terminate(&sc->c, 1);
-        } else {
-            flush_put_bits(&sc->pb); // FIXME: nicer padding
-            bytes = sc->ac_byte_count + put_bytes_output(&sc->pb);
-        }
+        int bytes = sc->ac_byte_count;
        if (i > 0 || f->version > 2) {
            av_assert0(bytes < pkt->size / f->slice_count);
            memmove(buf_p, sc->c.bytestream_start, bytes);
--- a/libavcodec/get_buffer.c
+++ b/libavcodec/get_buffer.c
@ -142,7 +142,10 @@ static int update_frame_pool(AVCodecContext *avctx, AVFrame *frame)
        if (ret < 0)
            goto fail;

-        pool->pools[0] = av_buffer_pool_init(pool->linesize[0], NULL);
+        pool->pools[0] = av_buffer_pool_init(pool->linesize[0],
+                                             CONFIG_MEMORY_POISONING ?
+                                                NULL :
+                                                av_buffer_allocz);
        if (!pool->pools[0]) {
            ret = AVERROR(ENOMEM);
            goto fail;
--- a/libavcodec/h263dec.c
+++ b/libavcodec/h263dec.c
@ -431,6 +431,7 @@ int ff_h263_decode_frame(AVCodecContext *avctx, AVFrame *pict,
    MpegEncContext *s  = avctx->priv_data;
    int ret;
    int slice_ret = 0;
+    int bak_width, bak_height;

    /* no supplementary picture */
    if (buf_size == 0) {
@ -482,6 +483,9 @@ retry:
    if (ret < 0)
        return ret;

+    bak_width  = s->width;
+    bak_height = s->height;
+
    /* let's go :-) */
    if (CONFIG_WMV2_DECODER && s->msmpeg4_version == MSMP4_WMV2) {
        ret = ff_wmv2_decode_picture_header(s);
@ -501,11 +505,12 @@ retry:
    }

    if (ret < 0 || ret == FRAME_SKIPPED) {
-        if (   s->width  != avctx->coded_width
-            || s->height != avctx->coded_height) {
+        if (   s->width  != bak_width
+            || s->height != bak_height) {
                av_log(s->avctx, AV_LOG_WARNING, "Reverting picture dimensions change due to header decoding failure\n");
-                s->width = avctx->coded_width;
-                s->height= avctx->coded_height;
+                s->width = bak_width;
+                s->height= bak_height;
+
        }
    }
    if (ret == FRAME_SKIPPED)
--- a/libavcodec/h2645_parse.c
+++ b/libavcodec/h2645_parse.c
@ -581,9 +581,11 @@ int ff_h2645_packet_split(H2645Packet *pkt, const uint8_t *buf, int length,

        if (codec_id == AV_CODEC_ID_VVC)
            ret = vvc_parse_nal_header(nal, logctx);
-        else if (codec_id == AV_CODEC_ID_HEVC)
+        else if (codec_id == AV_CODEC_ID_HEVC) {
            ret = hevc_parse_nal_header(nal, logctx);
-        else
+            if (nal->nuh_layer_id == 63)
+                continue;
+        } else
            ret = h264_parse_nal_header(nal, logctx);
        if (ret < 0) {
            av_log(logctx, AV_LOG_WARNING, "Invalid NAL unit %d, skipping.\n",
--- a/libavcodec/h2645_sei.c
+++ b/libavcodec/h2645_sei.c
@ -26,6 +26,7 @@
 #include "config_components.h"

 #include "libavutil/ambient_viewing_environment.h"
+#include "libavutil/buffer.h"
 #include "libavutil/display.h"
 #include "libavutil/hdr_dynamic_metadata.h"
 #include "libavutil/film_grain_params.h"
@ -41,6 +42,7 @@
 #include "golomb.h"
 #include "h2645_sei.h"
 #include "itut35.h"
+#include "refstruct.h"

 #define IS_H264(codec_id) (CONFIG_H264_SEI && CONFIG_HEVC_SEI ? codec_id == AV_CODEC_ID_H264 : CONFIG_H264_SEI)
 #define IS_HEVC(codec_id) (CONFIG_H264_SEI && CONFIG_HEVC_SEI ? codec_id == AV_CODEC_ID_HEVC : CONFIG_HEVC_SEI)
@ -494,7 +496,11 @@ int ff_h2645_sei_message_decode(H2645SEI *h, enum SEIType type,
    case SEI_TYPE_DISPLAY_ORIENTATION:
        return decode_display_orientation(&h->display_orientation, gb);
    case SEI_TYPE_FILM_GRAIN_CHARACTERISTICS:
-        return decode_film_grain_characteristics(&h->film_grain_characteristics, codec_id, gb);
+        ff_refstruct_unref(&h->film_grain_characteristics);
+        h->film_grain_characteristics = ff_refstruct_allocz(sizeof(*h->film_grain_characteristics));
+        if (!h->film_grain_characteristics)
+            return AVERROR(ENOMEM);
+        return decode_film_grain_characteristics(h->film_grain_characteristics, codec_id, gb);
    case SEI_TYPE_FRAME_PACKING_ARRANGEMENT:
        return decode_frame_packing_arrangement(&h->frame_packing, gb, codec_id);
    case SEI_TYPE_ALTERNATIVE_TRANSFER_CHARACTERISTICS:
@ -542,6 +548,17 @@ int ff_h2645_sei_ctx_replace(H2645SEI *dst, const H2645SEI *src)
        }
    }

+    for (unsigned i = 0; i < FF_ARRAY_ELEMS(dst->aom_film_grain.sets); i++) {
+        ret = av_buffer_replace(&dst->aom_film_grain.sets[i],
+                                 src->aom_film_grain.sets[i]);
+        if (ret < 0)
+            return ret;
+    }
+    dst->aom_film_grain.enable = src->aom_film_grain.enable;
+
+    ff_refstruct_replace(&dst->film_grain_characteristics,
+                          src->film_grain_characteristics);
+
    return 0;
 }

@ -811,8 +828,8 @@ int ff_h2645_sei_to_frame(AVFrame *frame, H2645SEI *sei,
            return ret;
    }

-    if (sei->film_grain_characteristics.present) {
-        H2645SEIFilmGrainCharacteristics *fgc = &sei->film_grain_characteristics;
+    if (sei->film_grain_characteristics && sei->film_grain_characteristics->present) {
+        H2645SEIFilmGrainCharacteristics *fgc = sei->film_grain_characteristics;
        AVFilmGrainParams *fgp = av_film_grain_params_create_side_data(frame);
        AVFilmGrainH274Params *h274;

@ -913,5 +930,7 @@ void ff_h2645_sei_reset(H2645SEI *s)
    s->ambient_viewing_environment.present = 0;
    s->mastering_display.present = 0;
    s->content_light.present = 0;
-    s->aom_film_grain.enable = 0;
+
+    ff_refstruct_unref(&s->film_grain_characteristics);
+    ff_aom_uninit_film_grain_params(&s->aom_film_grain);
 }
--- a/libavcodec/h2645_sei.h
+++ b/libavcodec/h2645_sei.h
@ -135,11 +135,13 @@ typedef struct H2645SEI {
    H2645SEIFramePacking frame_packing;
    H2645SEIDisplayOrientation display_orientation;
    H2645SEIAlternativeTransfer alternative_transfer;
-    H2645SEIFilmGrainCharacteristics film_grain_characteristics;
    H2645SEIAmbientViewingEnvironment ambient_viewing_environment;
    H2645SEIMasteringDisplay mastering_display;
    H2645SEIContentLight content_light;
    AVFilmGrainAFGS1Params aom_film_grain;
+
+    // Dynamic allocations due to large size.
+    H2645SEIFilmGrainCharacteristics *film_grain_characteristics;
 } H2645SEI;

 enum {
--- a/libavcodec/h264_mb.c
+++ b/libavcodec/h264_mb.c
@ -407,7 +407,7 @@ static av_always_inline void mc_part_weighted(const H264Context *h, H264SliceCon
        /* don't optimize for luma-only case, since B-frames usually
         * use implicit weights => chroma too. */
        uint8_t *tmp_cb = sl->bipred_scratchpad;
-        uint8_t *tmp_cr = sl->bipred_scratchpad + (16 << pixel_shift);
+        uint8_t *tmp_cr = sl->bipred_scratchpad + (8 << pixel_shift + (chroma_idc == 3));
        uint8_t *tmp_y  = sl->bipred_scratchpad + 16 * sl->mb_uvlinesize;
        int refn0       = sl->ref_cache[0][scan8[n]];
        int refn1       = sl->ref_cache[1][scan8[n]];
--- a/libavcodec/h264_sei.c
+++ b/libavcodec/h264_sei.c
@ -55,7 +55,6 @@ void ff_h264_sei_uninit(H264SEIContext *h)
    h->picture_timing.present      = 0;
    h->buffering_period.present    = 0;
    h->common.frame_packing.present       = 0;
-    h->common.film_grain_characteristics.present = 0;
    h->common.display_orientation.present = 0;
    h->common.afd.present                 =  0;

--- a/libavcodec/h264_slice.c
+++ b/libavcodec/h264_slice.c
@ -191,6 +191,13 @@ static int alloc_picture(H264Context *h, H264Picture *pic)

    av_assert0(!pic->f->data[0]);

+    if (h->sei.common.lcevc.info) {
+        HEVCSEILCEVC *lcevc = &h->sei.common.lcevc;
+        ret = ff_frame_new_side_data_from_buf(h->avctx, pic->f, AV_FRAME_DATA_LCEVC, &lcevc->info);
+        if (ret < 0)
+            return ret;
+    }
+
    pic->tf.f = pic->f;
    ret = ff_thread_get_ext_buffer(h->avctx, &pic->tf,
                                   pic->reference ? AV_GET_BUFFER_FLAG_REF : 0);
@ -516,7 +523,10 @@ static int h264_frame_start(H264Context *h)
    pic->f->crop_top    = h->crop_top;
    pic->f->crop_bottom = h->crop_bottom;

-    pic->needs_fg = h->sei.common.film_grain_characteristics.present && !h->avctx->hwaccel &&
+    pic->needs_fg =
+        h->sei.common.film_grain_characteristics &&
+        h->sei.common.film_grain_characteristics->present &&
+        !h->avctx->hwaccel &&
        !(h->avctx->export_side_data & AV_CODEC_EXPORT_DATA_FILM_GRAIN);

    if ((ret = alloc_picture(h, pic)) < 0)
--- a/libavcodec/hapdec.c
+++ b/libavcodec/hapdec.c
@ -310,6 +310,7 @@ static int hap_decode(AVCodecContext *avctx, AVFrame *frame,
            ret = av_reallocp(&ctx->tex_buf, ctx->tex_size);
            if (ret < 0)
                return ret;
+            memset(ctx->tex_buf, 0, ctx->tex_size);

            avctx->execute2(avctx, decompress_chunks_thread, NULL,
                            ctx->chunk_results, ctx->chunk_count);
--- a/libavcodec/hevc/hevcdec.c
+++ b/libavcodec/hevc/hevcdec.c
@ -54,6 +54,7 @@
 #include "progressframe.h"
 #include "refstruct.h"
 #include "thread.h"
+#include "threadprogress.h"

 static const uint8_t hevc_pel_weight[65] = { [2] = 0, [4] = 1, [6] = 2, [8] = 3, [12] = 4, [16] = 5, [24] = 6, [32] = 7, [48] = 8, [64] = 9 };

@ -128,7 +129,7 @@ static int pic_arrays_init(HEVCLayerContext *l, const HEVCSPS *sps)
    l->filter_slice_edges = av_mallocz(ctb_count);
    l->tab_slice_address  = av_malloc_array(pic_size_in_ctb,
                                      sizeof(*l->tab_slice_address));
-    l->qp_y_tab           = av_malloc_array(pic_size_in_ctb,
+    l->qp_y_tab           = av_calloc(pic_size_in_ctb,
                                      sizeof(*l->qp_y_tab));
    if (!l->qp_y_tab || !l->filter_slice_edges || !l->tab_slice_address)
        goto fail;
@ -411,7 +412,7 @@ static int export_stream_params_from_sei(HEVCContext *s)
        avctx->color_trc = s->sei.common.alternative_transfer.preferred_transfer_characteristics;
    }

-    if (s->sei.common.film_grain_characteristics.present ||
+    if ((s->sei.common.film_grain_characteristics && s->sei.common.film_grain_characteristics->present) ||
        s->sei.common.aom_film_grain.enable)
        avctx->properties |= FF_CODEC_PROPERTY_FILM_GRAIN;

@ -2751,6 +2752,8 @@ static int hls_decode_entry_wpp(AVCodecContext *avctx, void *hevc_lclist,
    const uint8_t *data      = s->data + s->sh.offset[ctb_row];
    const size_t   data_size = s->sh.size[ctb_row];

+    int progress = 0;
+
    int ret;

    if (ctb_row)
@ -2762,13 +2765,15 @@ static int hls_decode_entry_wpp(AVCodecContext *avctx, void *hevc_lclist,

        hls_decode_neighbour(lc, l, pps, sps, x_ctb, y_ctb, ctb_addr_ts);

-        ff_thread_await_progress2(s->avctx, ctb_row, thread, SHIFT_CTB_WPP);
+        if (ctb_row)
+            ff_thread_progress_await(&s->wpp_progress[ctb_row - 1],
+                                     progress + SHIFT_CTB_WPP + 1);

        /* atomic_load's prototype requires a pointer to non-const atomic variable
         * (due to implementations via mutexes, where reads involve writes).
         * Of course, casting const away here is nevertheless safe. */
        if (atomic_load((atomic_int*)&s->wpp_err)) {
-            ff_thread_report_progress2(s->avctx, ctb_row , thread, SHIFT_CTB_WPP);
+            ff_thread_progress_report(&s->wpp_progress[ctb_row], INT_MAX);
            return 0;
        }

@ -2792,19 +2797,19 @@ static int hls_decode_entry_wpp(AVCodecContext *avctx, void *hevc_lclist,
        ctb_addr_ts++;

        ff_hevc_save_states(lc, pps, ctb_addr_ts);
-        ff_thread_report_progress2(s->avctx, ctb_row, thread, 1);
+        ff_thread_progress_report(&s->wpp_progress[ctb_row], ++progress);
        ff_hevc_hls_filters(lc, l, pps, x_ctb, y_ctb, ctb_size);

        if (!more_data && (x_ctb+ctb_size) < sps->width && ctb_row != s->sh.num_entry_point_offsets) {
            /* Casting const away here is safe, because it is an atomic operation. */
            atomic_store((atomic_int*)&s->wpp_err, 1);
-            ff_thread_report_progress2(s->avctx, ctb_row ,thread, SHIFT_CTB_WPP);
+            ff_thread_progress_report(&s->wpp_progress[ctb_row], INT_MAX);
            return 0;
        }

        if ((x_ctb+ctb_size) >= sps->width && (y_ctb+ctb_size) >= sps->height ) {
            ff_hevc_hls_filter(lc, l, pps, x_ctb, y_ctb, ctb_size);
-            ff_thread_report_progress2(s->avctx, ctb_row , thread, SHIFT_CTB_WPP);
+            ff_thread_progress_report(&s->wpp_progress[ctb_row], INT_MAX);
            return ctb_addr_ts;
        }
        ctb_addr_rs = pps->ctb_addr_ts_to_rs[ctb_addr_ts];
@ -2814,17 +2819,43 @@ static int hls_decode_entry_wpp(AVCodecContext *avctx, void *hevc_lclist,
            break;
        }
    }
-    ff_thread_report_progress2(s->avctx, ctb_row ,thread, SHIFT_CTB_WPP);
+    ff_thread_progress_report(&s->wpp_progress[ctb_row], INT_MAX);

    return 0;
 error:
    l->tab_slice_address[ctb_addr_rs] = -1;
    /* Casting const away here is safe, because it is an atomic operation. */
    atomic_store((atomic_int*)&s->wpp_err, 1);
-    ff_thread_report_progress2(s->avctx, ctb_row ,thread, SHIFT_CTB_WPP);
+    ff_thread_progress_report(&s->wpp_progress[ctb_row], INT_MAX);
    return ret;
 }

+static int wpp_progress_init(HEVCContext *s, unsigned count)
+{
+    if (s->nb_wpp_progress < count) {
+        void *tmp = av_realloc_array(s->wpp_progress, count,
+                                     sizeof(*s->wpp_progress));
+        if (!tmp)
+            return AVERROR(ENOMEM);
+
+        s->wpp_progress = tmp;
+        memset(s->wpp_progress + s->nb_wpp_progress, 0,
+               (count - s->nb_wpp_progress) * sizeof(*s->wpp_progress));
+
+        for (int i = s->nb_wpp_progress; i < count; i++) {
+            int ret = ff_thread_progress_init(&s->wpp_progress[i], 1);
+            if (ret < 0)
+                return ret;
+            s->nb_wpp_progress = i + 1;
+        }
+    }
+
+    for (int i = 0; i < count; i++)
+        ff_thread_progress_reset(&s->wpp_progress[i]);
+
+    return 0;
+}
+
 static int hls_slice_data_wpp(HEVCContext *s, const H2645NAL *nal)
 {
    const HEVCPPS *const pps = s->pps;
@ -2909,7 +2940,7 @@ static int hls_slice_data_wpp(HEVCContext *s, const H2645NAL *nal)
    }

    atomic_store(&s->wpp_err, 0);
-    res = ff_slice_thread_allocz_entries(s->avctx, s->sh.num_entry_point_offsets + 1);
+    res = wpp_progress_init(s, s->sh.num_entry_point_offsets + 1);
    if (res < 0)
        return res;

@ -3236,7 +3267,8 @@ static int hevc_frame_start(HEVCContext *s, HEVCLayerContext *l,
    else
        s->cur_frame->f->flags &= ~AV_FRAME_FLAG_KEY;

-    s->cur_frame->needs_fg = (s->sei.common.film_grain_characteristics.present ||
+    s->cur_frame->needs_fg = ((s->sei.common.film_grain_characteristics &&
+                               s->sei.common.film_grain_characteristics->present) ||
                              s->sei.common.aom_film_grain.enable) &&
        !(s->avctx->export_side_data & AV_CODEC_EXPORT_DATA_FILM_GRAIN) &&
        !s->avctx->hwaccel;
@ -3246,8 +3278,8 @@ static int hevc_frame_start(HEVCContext *s, HEVCLayerContext *l,
        goto fail;

    if (s->cur_frame->needs_fg &&
-        (s->sei.common.film_grain_characteristics.present &&
-         !ff_h274_film_grain_params_supported(s->sei.common.film_grain_characteristics.model_id,
+        (s->sei.common.film_grain_characteristics && s->sei.common.film_grain_characteristics->present &&
+         !ff_h274_film_grain_params_supported(s->sei.common.film_grain_characteristics->model_id,
                                              s->cur_frame->f->format) ||
         !av_film_grain_params_select(s->cur_frame->f))) {
        av_log_once(s->avctx, AV_LOG_WARNING, AV_LOG_DEBUG, &s->film_grain_warning_shown,
@ -3826,6 +3858,10 @@ static av_cold int hevc_decode_free(AVCodecContext *avctx)

    ff_hevc_ps_uninit(&s->ps);

+    for (int i = 0; i < s->nb_wpp_progress; i++)
+        ff_thread_progress_destroy(&s->wpp_progress[i]);
+    av_freep(&s->wpp_progress);
+
    av_freep(&s->sh.entry_point_offset);
    av_freep(&s->sh.offset);
    av_freep(&s->sh.size);
@ -3969,7 +4005,6 @@ static int hevc_update_thread_context(AVCodecContext *dst,
    s->sei.common.alternative_transfer = s0->sei.common.alternative_transfer;
    s->sei.common.mastering_display    = s0->sei.common.mastering_display;
    s->sei.common.content_light        = s0->sei.common.content_light;
-    s->sei.common.aom_film_grain       = s0->sei.common.aom_film_grain;
    s->sei.tdrdi                       = s0->sei.tdrdi;

    return 0;
@ -3981,12 +4016,6 @@ static av_cold int hevc_decode_init(AVCodecContext *avctx)
    HEVCContext *s = avctx->priv_data;
    int ret;

-    if (avctx->active_thread_type & FF_THREAD_SLICE) {
-        ret = ff_slice_thread_init_progress(avctx);
-        if (ret < 0)
-            return ret;
-    }
-
    ret = hevc_init_context(avctx);
    if (ret < 0)
        return ret;
--- a/libavcodec/hevc/hevcdec.h
+++ b/libavcodec/hevc/hevcdec.h
@ -540,6 +540,9 @@ typedef struct HEVCContext {
    /** The target for the common_cabac_state of the local contexts. */
    HEVCCABACState cabac;

+    struct ThreadProgress *wpp_progress;
+    unsigned            nb_wpp_progress;
+
    atomic_int wpp_err;

    const uint8_t *data;
--- a/libavcodec/hevc/ps.c
+++ b/libavcodec/hevc/ps.c
@ -612,8 +612,8 @@ static int decode_vps_ext(GetBitContext *gb, AVCodecContext *avctx, HEVCVPS *vps
    }

    /* Consequence of established layer dependencies */
-    if (layer1_id_included != ((1 << vps->layer_id_in_nuh[0]) |
-                               (1 << vps->layer_id_in_nuh[1]))) {
+    if (layer1_id_included != ((1ULL << vps->layer_id_in_nuh[0]) |
+                               (1ULL << vps->layer_id_in_nuh[1]))) {
        av_log(avctx, AV_LOG_ERROR, "Dependent layer not included in layer ID?\n");
        return AVERROR_PATCHWELCOME;
    }
--- a/libavcodec/hevc/sei.h
+++ b/libavcodec/hevc/sei.h
@ -84,14 +84,14 @@ typedef struct HEVCSEITDRDI {
    uint8_t ref_viewing_distance_flag;
    uint8_t prec_ref_viewing_dist;
    uint8_t num_ref_displays;
-    uint16_t left_view_id[31];
-    uint16_t right_view_id[31];
-    uint8_t exponent_ref_display_width[31];
-    uint8_t mantissa_ref_display_width[31];
-    uint8_t exponent_ref_viewing_distance[31];
-    uint8_t mantissa_ref_viewing_distance[31];
-    uint8_t additional_shift_present_flag[31];
-    int16_t num_sample_shift[31];
+    uint16_t left_view_id[32];
+    uint16_t right_view_id[32];
+    uint8_t exponent_ref_display_width[32];
+    uint8_t mantissa_ref_display_width[32];
+    uint8_t exponent_ref_viewing_distance[32];
+    uint8_t mantissa_ref_viewing_distance[32];
+    uint8_t additional_shift_present_flag[32];
+    int16_t num_sample_shift[32];
    uint8_t three_dimensional_reference_displays_extension_flag;
 } HEVCSEITDRDI;

--- a/libavcodec/huffyuvdec.c
+++ b/libavcodec/huffyuvdec.c
@ -783,6 +783,8 @@ static void decode_gray_bitstream(HYuvDecContext *s, int count)
        for (i = 0; i < count && BITS_LEFT(re, &s->gb) > 0; i++) {
            READ_2PIX(s->temp[0][2 * i], s->temp[0][2 * i + 1], 0);
        }
+        for (; i < count; i++)
+            s->temp[0][2 * i] = s->temp[0][2 * i + 1] = 0;
    } else {
        for (i = 0; i < count; i++) {
            READ_2PIX(s->temp[0][2 * i], s->temp[0][2 * i + 1], 0);
--- a/libavcodec/ilbcdec.c
+++ b/libavcodec/ilbcdec.c
@ -658,7 +658,7 @@ static void get_codebook(int16_t * cbvec,   /* (o) Constructed codebook vector *
    int16_t k, base_size;
    int16_t lag;
    /* Stack based */
-    int16_t tempbuff2[SUBL + 5];
+    int16_t tempbuff2[SUBL + 5] = {0};

    /* Determine size of codebook sections */
    base_size = lMem - cbveclen + 1;
--- a/libavcodec/jpegxl_parser.c
+++ b/libavcodec/jpegxl_parser.c
@ -352,6 +352,8 @@ static int decode_hybrid_varlen_uint(GetBitContext *gb, JXLEntropyDecoder *dec,

    if (bundle->lz77_enabled && token >= bundle->lz77_min_symbol) {
        const JXLSymbolDistribution *lz77dist = &bundle->dists[bundle->cluster_map[bundle->num_dist - 1]];
+        if (!dec->num_decoded)
+            return AVERROR_INVALIDDATA;
        ret = read_hybrid_uint(gb, &bundle->lz_len_conf, token - bundle->lz77_min_symbol, &dec->num_to_copy);
        if (ret < 0)
            return ret;
@ -531,6 +533,7 @@ static int read_dist_clustering(GetBitContext *gb, JXLEntropyDecoder *dec, JXLDi
        dec->state = -1;
        /* it's not going to necessarily be zero after reading */
        dec->num_to_copy = 0;
+        dec->num_decoded = 0;
        dist_bundle_close(&nested);
        if (use_mtf) {
            uint8_t mtf[256];
@ -1311,7 +1314,7 @@ static int parse_frame_header(void *avctx, JXLParseContext *ctx, GetBitContext *
    // permuted toc
    if (get_bits1(gb)) {
        JXLEntropyDecoder dec;
-        uint32_t end, lehmer = 0;
+        int64_t end, lehmer = 0;
        ret = entropy_decoder_init(avctx, gb, &dec, 8);
        if (ret < 0)
            return ret;
@ -1320,13 +1323,13 @@ static int parse_frame_header(void *avctx, JXLParseContext *ctx, GetBitContext *
            return AVERROR_BUFFER_TOO_SMALL;
        }
        end = entropy_decoder_read_symbol(gb, &dec, toc_context(toc_count));
-        if (end > toc_count) {
+        if (end < 0 || end > toc_count) {
            entropy_decoder_close(&dec);
            return AVERROR_INVALIDDATA;
        }
        for (uint32_t i = 0; i < end; i++) {
            lehmer = entropy_decoder_read_symbol(gb, &dec, toc_context(lehmer));
-            if (get_bits_left(gb) < 0) {
+            if (lehmer < 0 || get_bits_left(gb) < 0) {
                entropy_decoder_close(&dec);
                return AVERROR_BUFFER_TOO_SMALL;
            }
--- a/libavcodec/lcevcdec.c
+++ b/libavcodec/lcevcdec.c
@ -45,7 +45,7 @@ static LCEVC_ColorFormat map_format(int format)
    return LCEVC_ColorFormat_Unknown;
 }

-static int alloc_base_frame(void *logctx, LCEVC_DecoderHandle decoder,
+static int alloc_base_frame(void *logctx, FFLCEVCContext *lcevc,
                            const AVFrame *frame, LCEVC_PictureHandle *picture)
 {
    LCEVC_PictureDesc desc;
@ -68,22 +68,22 @@ static int alloc_base_frame(void *logctx, LCEVC_DecoderHandle decoder,
    desc.sampleAspectRatioDen  = frame->sample_aspect_ratio.den;

    /* Allocate LCEVC Picture */
-    res = LCEVC_AllocPicture(decoder, &desc, picture);
+    res = LCEVC_AllocPicture(lcevc->decoder, &desc, picture);
    if (res != LCEVC_Success) {
        return AVERROR_EXTERNAL;
    }
-    res = LCEVC_LockPicture(decoder, *picture, LCEVC_Access_Write, &lock);
+    res = LCEVC_LockPicture(lcevc->decoder, *picture, LCEVC_Access_Write, &lock);
    if (res != LCEVC_Success)
        return AVERROR_EXTERNAL;

-    res = LCEVC_GetPicturePlaneCount(decoder, *picture, &planes);
+    res = LCEVC_GetPicturePlaneCount(lcevc->decoder, *picture, &planes);
    if (res != LCEVC_Success)
        return AVERROR_EXTERNAL;

    for (unsigned i = 0; i < planes; i++) {
        LCEVC_PicturePlaneDesc plane;

-        res = LCEVC_GetPictureLockPlaneDesc(decoder, lock, i, &plane);
+        res = LCEVC_GetPictureLockPlaneDesc(lcevc->decoder, lock, i, &plane);
        if (res != LCEVC_Success)
            return AVERROR_EXTERNAL;

@ -94,43 +94,43 @@ static int alloc_base_frame(void *logctx, LCEVC_DecoderHandle decoder,
    av_image_copy2(data, linesizes, frame->data, frame->linesize,
                   frame->format, frame->width, frame->height);

-    res = LCEVC_UnlockPicture(decoder, lock);
+    res = LCEVC_UnlockPicture(lcevc->decoder, lock);
    if (res != LCEVC_Success)
        return AVERROR_EXTERNAL;

    return 0;
 }

-static int alloc_enhanced_frame(void *logctx, LCEVC_DecoderHandle decoder,
-                                const AVFrame *frame, LCEVC_PictureHandle *picture)
+static int alloc_enhanced_frame(void *logctx, FFLCEVCFrame *frame_ctx,
+                                LCEVC_PictureHandle *picture)
 {
+    FFLCEVCContext *lcevc = frame_ctx->lcevc;
    LCEVC_PictureDesc desc ;
-    LCEVC_ColorFormat fmt = map_format(frame->format);
+    LCEVC_ColorFormat fmt = map_format(frame_ctx->frame->format);
    LCEVC_PicturePlaneDesc planes[4] = { 0 };
-    int width = frame->width * 2 / FFMAX(frame->sample_aspect_ratio.den, 1);
-    int height = frame->height * 2 / FFMAX(frame->sample_aspect_ratio.num, 1);
    LCEVC_ReturnCode res;

-    res = LCEVC_DefaultPictureDesc(&desc, fmt, width, height);
+    res = LCEVC_DefaultPictureDesc(&desc, fmt, frame_ctx->frame->width, frame_ctx->frame->height);
    if (res != LCEVC_Success)
        return AVERROR_EXTERNAL;

    /* Set plane description */
    for (int i = 0; i < 4; i++) {
-        planes[i].firstSample = frame->data[i];
-        planes[i].rowByteStride = frame->linesize[i];
+        planes[i].firstSample = frame_ctx->frame->data[i];
+        planes[i].rowByteStride = frame_ctx->frame->linesize[i];
    }

    /* Allocate LCEVC Picture */
-    res = LCEVC_AllocPictureExternal(decoder, &desc, NULL, planes, picture);
+    res = LCEVC_AllocPictureExternal(lcevc->decoder, &desc, NULL, planes, picture);
    if (res != LCEVC_Success) {
        return AVERROR_EXTERNAL;
    }
    return 0;
 }

-static int lcevc_send_frame(void *logctx, FFLCEVCContext *lcevc, const AVFrame *in)
+static int lcevc_send_frame(void *logctx, FFLCEVCFrame *frame_ctx, const AVFrame *in)
 {
+    FFLCEVCContext *lcevc = frame_ctx->lcevc;
    const AVFrameSideData *sd = av_frame_get_side_data(in, AV_FRAME_DATA_LCEVC);
    LCEVC_PictureHandle picture;
    LCEVC_ReturnCode res;
@ -143,7 +143,7 @@ static int lcevc_send_frame(void *logctx, FFLCEVCContext *lcevc, const AVFrame *
    if (res != LCEVC_Success)
        return AVERROR_EXTERNAL;

-    ret = alloc_base_frame(logctx, lcevc->decoder, in, &picture);
+    ret = alloc_base_frame(logctx, lcevc, in, &picture);
    if (ret < 0)
        return ret;

@ -152,7 +152,7 @@ static int lcevc_send_frame(void *logctx, FFLCEVCContext *lcevc, const AVFrame *
        return AVERROR_EXTERNAL;

    memset(&picture, 0, sizeof(picture));
-    ret = alloc_enhanced_frame(logctx, lcevc->decoder, in, &picture);
+    ret = alloc_enhanced_frame(logctx, frame_ctx, &picture);
    if (ret < 0)
        return ret;

@ -163,8 +163,9 @@ static int lcevc_send_frame(void *logctx, FFLCEVCContext *lcevc, const AVFrame *
    return 0;
 }

-static int generate_output(void *logctx, FFLCEVCContext *lcevc, AVFrame *out)
+static int generate_output(void *logctx, FFLCEVCFrame *frame_ctx, AVFrame *out)
 {
+    FFLCEVCContext *lcevc = frame_ctx->lcevc;
    LCEVC_PictureDesc desc;
    LCEVC_DecodeInformation info;
    LCEVC_PictureHandle picture;
@ -184,6 +185,11 @@ static int generate_output(void *logctx, FFLCEVCContext *lcevc, AVFrame *out)
    out->crop_right = desc.cropRight;
    out->sample_aspect_ratio.num = desc.sampleAspectRatioNum;
    out->sample_aspect_ratio.den = desc.sampleAspectRatioDen;
+
+    av_frame_copy_props(frame_ctx->frame, out);
+    av_frame_unref(out);
+    av_frame_move_ref(out, frame_ctx->frame);
+
    out->width = desc.width + out->crop_left + out->crop_right;
    out->height = desc.height + out->crop_top + out->crop_bottom;

@ -194,13 +200,14 @@ static int generate_output(void *logctx, FFLCEVCContext *lcevc, AVFrame *out)
    return 0;
 }

-static int lcevc_receive_frame(void *logctx, FFLCEVCContext *lcevc, AVFrame *out)
+static int lcevc_receive_frame(void *logctx, FFLCEVCFrame *frame_ctx, AVFrame *out)
 {
+    FFLCEVCContext *lcevc = frame_ctx->lcevc;
    LCEVC_PictureHandle picture;
    LCEVC_ReturnCode res;
    int ret;

-    ret = generate_output(logctx, lcevc, out);
+    ret = generate_output(logctx, frame_ctx, out);
    if (ret < 0)
        return ret;

@ -247,12 +254,7 @@ static int lcevc_init(FFLCEVCContext *lcevc, void *logctx)
 #if CONFIG_LIBLCEVC_DEC
    LCEVC_AccelContextHandle dummy = { 0 };
    const int32_t event = LCEVC_Log;
-#endif

-    if (lcevc->initialized)
-        return 0;
-
-#if CONFIG_LIBLCEVC_DEC
    if (LCEVC_CreateDecoder(&lcevc->decoder, dummy) != LCEVC_Success) {
        av_log(logctx, AV_LOG_ERROR, "Failed to create LCEVC decoder\n");
        return AVERROR_EXTERNAL;
@ -277,7 +279,8 @@ static int lcevc_init(FFLCEVCContext *lcevc, void *logctx)
 int ff_lcevc_process(void *logctx, AVFrame *frame)
 {
    FrameDecodeData  *fdd = (FrameDecodeData*)frame->private_ref->data;
-    FFLCEVCContext *lcevc = fdd->post_process_opaque;
+    FFLCEVCFrame *frame_ctx = fdd->post_process_opaque;
+    FFLCEVCContext *lcevc = frame_ctx->lcevc;
    int ret;

    if (!lcevc->initialized) {
@ -287,11 +290,14 @@ int ff_lcevc_process(void *logctx, AVFrame *frame)
    }

 #if CONFIG_LIBLCEVC_DEC
-    ret = lcevc_send_frame(logctx, lcevc, frame);
+    av_assert0(frame_ctx->frame);
+
+
+    ret = lcevc_send_frame(logctx, frame_ctx, frame);
    if (ret)
        return ret < 0 ? ret : 0;

-    lcevc_receive_frame(logctx, lcevc, frame);
+    lcevc_receive_frame(logctx, frame_ctx, frame);
    if (ret < 0)
        return ret;

@ -315,5 +321,8 @@ int ff_lcevc_alloc(FFLCEVCContext **plcevc)

 void ff_lcevc_unref(void *opaque)
 {
-    ff_refstruct_unref(&opaque);
+    FFLCEVCFrame *lcevc = opaque;
+    ff_refstruct_unref(&lcevc->lcevc);
+    av_frame_free(&lcevc->frame);
+    av_free(opaque);
 }
--- a/libavcodec/lcevcdec.h
+++ b/libavcodec/lcevcdec.h
@ -36,6 +36,11 @@ typedef struct FFLCEVCContext {

 struct AVFrame;

+typedef struct FFLCEVCFrame {
+    FFLCEVCContext *lcevc;
+    struct AVFrame *frame;
+} FFLCEVCFrame;
+
 int ff_lcevc_alloc(FFLCEVCContext **plcevc);
 int ff_lcevc_process(void *logctx, struct AVFrame *frame);
 void ff_lcevc_unref(void *opaque);
--- a/libavcodec/libdav1d.c
+++ b/libavcodec/libdav1d.c
@ -372,9 +372,10 @@ static int libdav1d_receive_frame_internal(AVCodecContext *c, Dav1dPicture *p)

    res = dav1d_get_picture(dav1d->c, p);
    if (res < 0) {
-        if (res == AVERROR(EINVAL))
+        if (res == AVERROR(EINVAL)) {
+            dav1d_data_unref(data);
            res = AVERROR_INVALIDDATA;
-        else if (res == AVERROR(EAGAIN))
+        } else if (res == AVERROR(EAGAIN))
            res = c->internal->draining ? AVERROR_EOF : 1;
    }

--- a/libavcodec/libfdk-aacdec.c
+++ b/libavcodec/libfdk-aacdec.c
@ -111,7 +111,7 @@ static const AVClass fdk_aac_dec_class = {
    .version    = LIBAVUTIL_VERSION_INT,
 };

-static int get_stream_info(AVCodecContext *avctx)
+static int get_stream_info(AVCodecContext *avctx, AVFrame *frame)
 {
    FDKAACDecContext *s   = avctx->priv_data;
    CStreamInfo *info     = aacDecoder_GetStreamInfo(s->handle);
@ -130,6 +130,9 @@ static int get_stream_info(AVCodecContext *avctx)
    }
    avctx->sample_rate = info->sampleRate;
    avctx->frame_size  = info->frameSize;
+    avctx->profile     = info->aot - 1;
+
+    frame->flags |= AV_FRAME_FLAG_KEY * !!(info->flags & AC_INDEP);
 #if FDKDEC_VER_AT_LEAST(2, 5) // 2.5.10
    if (!s->output_delay_set && info->outputDelay) {
        // Set this only once.
@ -413,7 +416,7 @@ static int fdk_aac_decode_frame(AVCodecContext *avctx, AVFrame *frame,
        goto end;
    }

-    if ((ret = get_stream_info(avctx)) < 0)
+    if ((ret = get_stream_info(avctx, frame)) < 0)
        goto end;
    frame->nb_samples = avctx->frame_size;

--- a/libavcodec/libfdk-aacenc.c
+++ b/libavcodec/libfdk-aacenc.c
@ -178,6 +178,7 @@ static av_cold int aac_encode_init(AVCodecContext *avctx)
    AACContext *s = avctx->priv_data;
    int ret = AVERROR(EINVAL);
    AACENC_InfoStruct info = { 0 };
+    AVCPBProperties *cpb_props;
    CHANNEL_MODE mode;
    AACENC_ERROR err;
    int aot = AV_PROFILE_AAC_LOW + 1;
@ -438,6 +439,14 @@ static av_cold int aac_encode_init(AVCodecContext *avctx)

        memcpy(avctx->extradata, info.confBuf, info.confSize);
    }
+
+    cpb_props = ff_encode_add_cpb_side_data(avctx);
+    if (!cpb_props)
+        return AVERROR(ENOMEM);
+    cpb_props->max_bitrate =
+    cpb_props->min_bitrate =
+    cpb_props->avg_bitrate = avctx->bit_rate;
+
    return 0;
 error:
    aac_encode_close(avctx);
@ -540,6 +549,7 @@ static int aac_encode_frame(AVCodecContext *avctx, AVPacket *avpkt,
    }

    avpkt->size     = out_args.numOutBytes;
+    avpkt->flags   |= AV_PKT_FLAG_KEY;
    *got_packet_ptr = 1;
    return 0;
 }
--- a/libavcodec/libsvtav1.c
+++ b/libavcodec/libsvtav1.c
@ -435,7 +435,11 @@ static av_cold int eb_enc_init(AVCodecContext *avctx)

    svt_enc->eos_flag = EOS_NOT_REACHED;

+#if SVT_AV1_CHECK_VERSION(3, 0, 0)
+    svt_ret = svt_av1_enc_init_handle(&svt_enc->svt_handle, &svt_enc->enc_params);
+#else
    svt_ret = svt_av1_enc_init_handle(&svt_enc->svt_handle, svt_enc, &svt_enc->enc_params);
+#endif
    if (svt_ret != EB_ErrorNone) {
        return svt_print_error(avctx, svt_ret, "Error initializing encoder handle");
    }
--- a/libavcodec/libtheoraenc.c
+++ b/libavcodec/libtheoraenc.c
@ -234,7 +234,7 @@ static av_cold int encode_init(AVCodecContext* avc_context)
        return AVERROR_EXTERNAL;
    }

-    h->keyframe_mask = (1 << t_info.keyframe_granule_shift) - 1;
+    h->keyframe_mask = (1 << av_ceil_log2(avc_context->gop_size)) - 1;
    /* Clear up theora_info struct */
    th_info_clear(&t_info);

--- a/libavcodec/libx265.c
+++ b/libavcodec/libx265.c
@ -661,7 +661,7 @@ static int libx265_encode_frame(AVCodecContext *avctx, AVPacket *pkt,
 {
    libx265Context *ctx = avctx->priv_data;
    x265_picture x265pic;
-#if X265_BUILD >= 210
+#if (X265_BUILD >= 210) && (X265_BUILD < 213)
    x265_picture x265pic_layers_out[MAX_SCALABLE_LAYERS];
    x265_picture* x265pic_lyrptr_out[MAX_SCALABLE_LAYERS];
 #else
@ -805,7 +805,7 @@ static int libx265_encode_frame(AVCodecContext *avctx, AVPacket *pkt,
 #endif
    }

-#if X265_BUILD >= 210
+#if (X265_BUILD >= 210) && (X265_BUILD < 213)
    for (i = 0; i < MAX_SCALABLE_LAYERS; i++)
        x265pic_lyrptr_out[i] = &x265pic_layers_out[i];

@ -844,7 +844,7 @@ static int libx265_encode_frame(AVCodecContext *avctx, AVPacket *pkt,
            pkt->flags |= AV_PKT_FLAG_KEY;
    }

-#if X265_BUILD >= 210
+#if (X265_BUILD >= 210) && (X265_BUILD < 213)
    x265pic_out = x265pic_lyrptr_out[0];
 #else
    x265pic_out = &x265pic_solo_out;
--- a/libavcodec/libzvbi-teletextdec.c
+++ b/libavcodec/libzvbi-teletextdec.c
@ -91,7 +91,7 @@ static int my_ass_subtitle_header(AVCodecContext *avctx)
    if (ret < 0)
        return ret;

-    event_pos = strstr(avctx->subtitle_header, "\r\n[Events]\r\n");
+    event_pos = strstr(avctx->subtitle_header, "\n[Events]\n");
    if (!event_pos)
        return AVERROR_BUG;

@ -106,7 +106,7 @@ static int my_ass_subtitle_header(AVCodecContext *avctx)
        "0,0,"                 /* Spacing, Angle */
        "3,0.1,0,"             /* BorderStyle, Outline, Shadow */
        "5,1,1,1,"             /* Alignment, Margin[LRV] */
-        "0\r\n"                /* Encoding */
+        "0\n"                  /* Encoding */
        "Style: "
        "Subtitle,"            /* Name */
        "Monospace,16,"        /* Font{name,size} */
@ -116,7 +116,7 @@ static int my_ass_subtitle_header(AVCodecContext *avctx)
        "0,0,"                 /* Spacing, Angle */
        "1,1,1,"               /* BorderStyle, Outline, Shadow */
        "8,48,48,20,"          /* Alignment, Margin[LRV] */
-        "0\r\n"                /* Encoding */
+        "0\n"                  /* Encoding */
        , event_pos);

    if (!new_header)
--- a/libavcodec/mediacodecdec_common.c
+++ b/libavcodec/mediacodecdec_common.c
@ -416,6 +416,7 @@ static int mediacodec_wrap_sw_audio_buffer(AVCodecContext *avctx,
        frame->pts = info->presentationTimeUs;
    }
    frame->pkt_dts = AV_NOPTS_VALUE;
+    frame->flags |= AV_FRAME_FLAG_KEY;

    av_log(avctx, AV_LOG_TRACE,
           "Frame: format=%d channels=%d sample_rate=%d nb_samples=%d",
@ -593,7 +594,8 @@ static int mediacodec_dec_parse_video_format(AVCodecContext *avctx, MediaCodecDe
    AMEDIAFORMAT_GET_INT32(s->crop_right,  "crop-right",  0);

    // Try "crop" for NDK
-    if (!(s->crop_right && s->crop_bottom) && s->use_ndk_codec)
+    // MediaTek SOC return some default value like Rect(0, 0, 318, 238)
+    if (!(s->crop_right && s->crop_bottom) && s->use_ndk_codec && !strstr(s->codec_name, ".mtk."))
        ff_AMediaFormat_getRect(s->format, "crop", &s->crop_left, &s->crop_top, &s->crop_right, &s->crop_bottom);

    if (s->crop_right && s->crop_bottom) {
--- a/libavcodec/mediacodecenc.c
+++ b/libavcodec/mediacodecenc.c
@ -134,7 +134,7 @@ static int extract_extradata_support(AVCodecContext *avctx)
 static int mediacodec_init_bsf(AVCodecContext *avctx)
 {
    MediaCodecEncContext *s = avctx->priv_data;
-    char str[128];
+    char str[128] = {0};
    int ret;
    int crop_right = s->width - avctx->width;
    int crop_bottom = s->height - avctx->height;
--- a/libavcodec/mjpegdec.c
+++ b/libavcodec/mjpegdec.c
@ -468,6 +468,10 @@ int ff_mjpeg_decode_sof(MJpegDecodeContext *s)
        if (s->avctx->height <= 0)
            return AVERROR_INVALIDDATA;
    }
+    if (s->bayer && s->progressive) {
+        avpriv_request_sample(s->avctx, "progressively coded bayer picture");
+        return AVERROR_INVALIDDATA;
+    }

    if (s->got_picture && s->interlaced && (s->bottom_field == !s->interlace_polarity)) {
        if (s->progressive) {
--- a/libavcodec/mpegvideo_enc.c
+++ b/libavcodec/mpegvideo_enc.c
@ -567,6 +567,12 @@ av_cold int ff_mpv_encode_init(AVCodecContext *avctx)
        av_log(avctx, AV_LOG_ERROR, "H.263 does not support resolutions above 2048x1152\n");
        return AVERROR(EINVAL);
    }
+    if (s->codec_id == AV_CODEC_ID_FLV1 &&
+        (avctx->width  > 65535 ||
+         avctx->height > 65535 )) {
+        av_log(avctx, AV_LOG_ERROR, "FLV does not support resolutions above 16bit\n");
+        return AVERROR(EINVAL);
+    }
    if ((s->codec_id == AV_CODEC_ID_H263  ||
         s->codec_id == AV_CODEC_ID_H263P ||
         s->codec_id == AV_CODEC_ID_RV20) &&
--- a/libavcodec/osq.c
+++ b/libavcodec/osq.c
@ -190,7 +190,7 @@ static uint32_t get_urice(GetBitContext *gb, int k)

 static int32_t get_srice(GetBitContext *gb, int x)
 {
-    int32_t y = get_urice(gb, x);
+    uint32_t y = get_urice(gb, x);
    return get_bits1(gb) ? -y : y;
 }

@ -300,7 +300,7 @@ static int do_decode(AVCodecContext *avctx, AVFrame *frame, int decorrelate, int
                dst[n] += (int)(P2 + P3) / 2 + (unsigned)p;
                break;
            case 8:
-                dst[n] += (int)(P2 + P3) / 2;
+                dst[n] += (int)(P2 + P3) / 2 + 0U;
                break;
            case 9:
                dst[n] += (int)(P2 * 2 + P3) / 3 + (unsigned)p;
@ -309,13 +309,13 @@ static int do_decode(AVCodecContext *avctx, AVFrame *frame, int decorrelate, int
                dst[n] += (int)(P2 + P3 * 2) / 3 + (unsigned)p;
                break;
            case 11:
-                dst[n] += (int)((unsigned)dst[A] + dst[B]) / 2;
+                dst[n] += (int)((unsigned)dst[A] + dst[B]) / 2 + 0U;
                break;
            case 12:
                dst[n] += (unsigned)dst[B];
                break;
            case 13:
-                dst[n] += (int)(unsigned)(dst[D] + dst[B]) / 2;
+                dst[n] += (int)((unsigned)dst[D] + dst[B]) / 2 + 0U;
                break;
            case 14:
                dst[n] += (int)((unsigned)P2 + dst[A]) / 2 + (unsigned)p;
--- a/libavcodec/pthread_slice.c
+++ b/libavcodec/pthread_slice.c
@ -41,11 +41,6 @@ typedef int (action_func)(AVCodecContext *c, void *arg);
 typedef int (action_func2)(AVCodecContext *c, void *arg, int jobnr, int threadnr);
 typedef int (main_func)(AVCodecContext *c);

-typedef struct Progress {
-    pthread_cond_t  cond;
-    pthread_mutex_t mutex;
-} Progress;
-
 typedef struct SliceThreadContext {
    AVSliceThread *thread;
    action_func *func;
@ -54,11 +49,6 @@ typedef struct SliceThreadContext {
    void *args;
    int *rets;
    int job_size;
-
-    int *entries;
-    int entries_count;
-    int thread_count;
-    Progress *progress;
 } SliceThreadContext;

 static void main_function(void *priv) {
@ -82,18 +72,9 @@ static void worker_func(void *priv, int jobnr, int threadnr, int nb_jobs, int nb
 void ff_slice_thread_free(AVCodecContext *avctx)
 {
    SliceThreadContext *c = avctx->internal->thread_ctx;
-    int i;

    avpriv_slicethread_free(&c->thread);

-    for (i = 0; i < c->thread_count; i++) {
-        Progress *const progress = &c->progress[i];
-        pthread_mutex_destroy(&progress->mutex);
-        pthread_cond_destroy(&progress->cond);
-    }
-
-    av_freep(&c->entries);
-    av_freep(&c->progress);
    av_freep(&avctx->internal->thread_ctx);
 }

@ -175,86 +156,3 @@ int ff_slice_thread_init(AVCodecContext *avctx)
    avctx->execute2 = thread_execute2;
    return 0;
 }
-
-int av_cold ff_slice_thread_init_progress(AVCodecContext *avctx)
-{
-    SliceThreadContext *const p = avctx->internal->thread_ctx;
-    int err, i = 0, thread_count = avctx->thread_count;
-
-    p->progress = av_calloc(thread_count, sizeof(*p->progress));
-    if (!p->progress) {
-        err = AVERROR(ENOMEM);
-        goto fail;
-    }
-
-    for (; i < thread_count; i++) {
-        Progress *const progress = &p->progress[i];
-        err = pthread_mutex_init(&progress->mutex, NULL);
-        if (err) {
-            err = AVERROR(err);
-            goto fail;
-        }
-        err = pthread_cond_init (&progress->cond,  NULL);
-        if (err) {
-            err = AVERROR(err);
-            pthread_mutex_destroy(&progress->mutex);
-            goto fail;
-        }
-    }
-    err = 0;
-fail:
-    p->thread_count = i;
-    return err;
-}
-
-void ff_thread_report_progress2(AVCodecContext *avctx, int field, int thread, int n)
-{
-    SliceThreadContext *p = avctx->internal->thread_ctx;
-    Progress *const progress = &p->progress[thread];
-    int *entries = p->entries;
-
-    pthread_mutex_lock(&progress->mutex);
-    entries[field] +=n;
-    pthread_cond_signal(&progress->cond);
-    pthread_mutex_unlock(&progress->mutex);
-}
-
-void ff_thread_await_progress2(AVCodecContext *avctx, int field, int thread, int shift)
-{
-    SliceThreadContext *p  = avctx->internal->thread_ctx;
-    Progress *progress;
-    int *entries      = p->entries;
-
-    if (!entries || !field) return;
-
-    thread = thread ? thread - 1 : p->thread_count - 1;
-    progress = &p->progress[thread];
-
-    pthread_mutex_lock(&progress->mutex);
-    while ((entries[field - 1] - entries[field]) < shift){
-        pthread_cond_wait(&progress->cond, &progress->mutex);
-    }
-    pthread_mutex_unlock(&progress->mutex);
-}
-
-int ff_slice_thread_allocz_entries(AVCodecContext *avctx, int count)
-{
-    if (avctx->active_thread_type & FF_THREAD_SLICE)  {
-        SliceThreadContext *p = avctx->internal->thread_ctx;
-
-        if (p->entries_count == count) {
-            memset(p->entries, 0, p->entries_count * sizeof(*p->entries));
-            return 0;
-        }
-        av_freep(&p->entries);
-
-        p->entries       = av_calloc(count, sizeof(*p->entries));
-        if (!p->entries) {
-            p->entries_count = 0;
-            return AVERROR(ENOMEM);
-        }
-        p->entries_count  = count;
-    }
-
-    return 0;
-}
--- a/libavcodec/rangecoder.h
+++ b/libavcodec/rangecoder.h
@ -62,7 +62,6 @@ void ff_build_rac_states(RangeCoder *c, int factor, int max_p);
 static inline void renorm_encoder(RangeCoder *c)
 {
    // FIXME: optimize
-    while (c->range < 0x100) {
        if (c->outstanding_byte < 0) {
            c->outstanding_byte = c->low >> 8;
        } else if (c->low <= 0xFF00) {
@ -81,7 +80,6 @@ static inline void renorm_encoder(RangeCoder *c)

        c->low     = (c->low & 0xFF) << 8;
        c->range <<= 8;
-    }
 }

 static inline int get_rac_count(RangeCoder *c)
@ -108,7 +106,8 @@ static inline void put_rac(RangeCoder *c, uint8_t *const state, int bit)
        *state   = c->one_state[*state];
    }

-    renorm_encoder(c);
+    while (c->range < 0x100)
+        renorm_encoder(c);
 }

 static inline void refill(RangeCoder *c)
--- a/libavcodec/riscv/h264dsp_rvv.S
+++ b/libavcodec/riscv/h264dsp_rvv.S
@ -176,7 +176,7 @@ endfunc

        .global ff_h264_weight_funcs_8_rvv
        .hidden ff_h264_weight_funcs_8_rvv
-const ff_h264_weight_funcs_8_rvv
+const ff_h264_weight_funcs_8_rvv, relocate=1
        .irp    w, 16, 8, 4, 2
 #if __riscv_xlen == 32
        .word   ff_h264_weight_pixels\w\()_8_rvv
--- a/libavcodec/riscv/h264idct_rvv.S
+++ b/libavcodec/riscv/h264idct_rvv.S
@ -644,7 +644,7 @@ func ff_h264_idct4_add\type\()_\depth\()_rvv, zve32x
        sd      a4, 24(sp)
        ld      a0,  0(a0)                               # dest[0]
        addi    a1, a1, 16 * 4                           # &block_offset[16]
-        vsetivli    zero, 4, e8, mf4, ta, ma
+        vsetivli    zero, 4, e8, m1, ta, ma
        jal     .Lidct4_add4_\depth\()_rvv

        ld      a4, 24(sp)                               # nnzc
@ -655,7 +655,7 @@ func ff_h264_idct4_add\type\()_\depth\()_rvv, zve32x
        ld      a0,  8(a0)                               # dest[1]
        lla     t0, ff_h264_scan8 + 32
 .ifc \type, 8_422
-        vsetivli    zero, 4, e8, mf4, ta, ma
+        vsetivli    zero, 4, e8, m1, ta, ma
        jal     .Lidct4_add4_\depth\()_rvv

        ld      a4, 24(sp)                               # nnzc
@ -665,7 +665,7 @@ func ff_h264_idct4_add\type\()_\depth\()_rvv, zve32x
        addi    a1, t5, (-8 - 4) * 4                     # &block_offset[24]
        ld      a0,  0(a0)                               # dest[0]
        lla     t0, ff_h264_scan8 + 24
-        vsetivli    zero, 4, e8, mf4, ta, ma
+        vsetivli    zero, 4, e8, m1, ta, ma
        jal     .Lidct4_add4_\depth\()_rvv

        ld      a4, 24(sp)                               # nnzc
@ -679,7 +679,7 @@ func ff_h264_idct4_add\type\()_\depth\()_rvv, zve32x
        ld      ra,  8(sp)
        ld      s0,  0(sp)
        addi    sp, sp, 32
-        vsetivli    zero, 4, e8, mf4, ta, ma
+        vsetivli    zero, 4, e8, m1, ta, ma
        j       .Lidct4_add4_\depth\()_rvv
 endfunc
 .endm
--- a/libavcodec/sonic.c
+++ b/libavcodec/sonic.c
@ -924,6 +924,9 @@ static av_cold int sonic_decode_init(AVCodecContext *avctx)
    if (get_bits1(&gb)) // XXX FIXME
        av_log(avctx, AV_LOG_INFO, "Custom quant table\n");

+    if (s->num_taps > 128)
+        return AVERROR_INVALIDDATA;
+
    s->block_align = 2048LL*s->samplerate/(44100*s->downsampling);
    s->frame_size = s->channels*s->block_align*s->downsampling;
 //    avctx->frame_size = s->block_align;
--- a/libavcodec/svq3.c
+++ b/libavcodec/svq3.c
@ -1253,6 +1253,7 @@ static av_cold int svq3_decode_init(AVCodecContext *avctx)
            uint8_t *buf;

            if (watermark_height <= 0 ||
+                get_bits_left(&gb) <= 0 ||
                (uint64_t)watermark_width * 4 > UINT_MAX / watermark_height)
                return AVERROR_INVALIDDATA;

--- a/libavcodec/takdec.c
+++ b/libavcodec/takdec.c
@ -434,6 +434,9 @@ static int decode_subframe(TAKDecContext *s, int32_t *decoded,
            return AVERROR_INVALIDDATA;
    }

+    if (get_bits_left(gb) < 2*10 + 2*size)
+        return AVERROR_INVALIDDATA;
+
    s->predictors[0] = get_sbits(gb, 10);
    s->predictors[1] = get_sbits(gb, 10);
    s->predictors[2] = get_sbits(gb, size) * (1 << (10 - size));
--- a/libavcodec/thread.h
+++ b/libavcodec/thread.h
@ -56,10 +56,6 @@ int ff_thread_get_buffer(AVCodecContext *avctx, AVFrame *f, int flags);
 int ff_slice_thread_execute_with_mainfunc(AVCodecContext *avctx,
        int (*action_func2)(AVCodecContext *c, void *arg, int jobnr, int threadnr),
        int (*main_func)(AVCodecContext *c), void *arg, int *ret, int job_count);
-int ff_slice_thread_allocz_entries(AVCodecContext *avctx, int count);
-int ff_slice_thread_init_progress(AVCodecContext *avctx);
-void ff_thread_report_progress2(AVCodecContext *avctx, int field, int thread, int n);
-void ff_thread_await_progress2(AVCodecContext *avctx,  int field, int thread, int shift);

 enum ThreadingStatus {
    FF_THREAD_IS_COPY,
--- a/libavcodec/utils.c
+++ b/libavcodec/utils.c
@ -723,7 +723,7 @@ static int get_audio_frame_duration(enum AVCodecID id, int sr, int ch, int ba,
                case AV_CODEC_ID_ADPCM_IMA_WAV:
                    if (bps < 2 || bps > 5)
                        return 0;
-                    tmp = blocks * (1LL + (ba - 4 * ch) / (bps * ch) * 8);
+                    tmp = blocks * (1LL + (ba - 4 * ch) / (bps * ch) * 8LL);
                    break;
                case AV_CODEC_ID_ADPCM_IMA_DK3:
                    tmp = blocks * (((ba - 16LL) * 2 / 3 * 4) / ch);
@ -913,25 +913,6 @@ int ff_thread_can_start_frame(AVCodecContext *avctx)
 {
    return 1;
 }
-
-int ff_slice_thread_init_progress(AVCodecContext *avctx)
-{
-    return 0;
-}
-
-int ff_slice_thread_allocz_entries(AVCodecContext *avctx, int count)
-{
-    return 0;
-}
-
-void ff_thread_await_progress2(AVCodecContext *avctx, int field, int thread, int shift)
-{
-}
-
-void ff_thread_report_progress2(AVCodecContext *avctx, int field, int thread, int n)
-{
-}
-
 #endif

 const uint8_t *avpriv_find_start_code(const uint8_t *restrict p,
--- a/libavcodec/vaapi_encode_h264.c
+++ b/libavcodec/vaapi_encode_h264.c
@ -406,6 +406,9 @@ static int vaapi_encode_h264_init_picture_params(AVCodecContext *avctx,
                                                 FFHWBaseEncodePicture *pic)
 {
    FFHWBaseEncodeContext       *base_ctx = avctx->priv_data;
+#if !CONFIG_VAAPI_1
+    VAAPIEncodeContext               *ctx = avctx->priv_data;
+#endif
    VAAPIEncodeH264Context          *priv = avctx->priv_data;
    VAAPIEncodePicture         *vaapi_pic = pic->priv;
    VAAPIEncodeH264Picture          *hpic = pic->codec_priv;
--- a/libavcodec/vc1dec.c
+++ b/libavcodec/vc1dec.c
@ -788,6 +788,7 @@ static av_cold void vc1_decode_reset(AVCodecContext *avctx)
    for (i = 0; i < 4; i++)
        av_freep(&v->sr_rows[i >> 1][i & 1]);
    ff_mpv_common_end(&v->s);
+    memset(v->s.block_index, 0, sizeof(v->s.block_index));
    av_freep(&v->mv_type_mb_plane);
    av_freep(&v->direct_mb_plane);
    av_freep(&v->forward_mb_plane);
--- a/libavcodec/version.h
+++ b/libavcodec/version.h
@ -30,7 +30,7 @@
 #include "version_major.h"

 #define LIBAVCODEC_VERSION_MINOR  19
-#define LIBAVCODEC_VERSION_MICRO 100
+#define LIBAVCODEC_VERSION_MICRO 101

 #define LIBAVCODEC_VERSION_INT  AV_VERSION_INT(LIBAVCODEC_VERSION_MAJOR, \
                                               LIBAVCODEC_VERSION_MINOR, \
--- a/libavcodec/vorbisdec.c
+++ b/libavcodec/vorbisdec.c
@ -1469,8 +1469,10 @@ static av_always_inline int vorbis_residue_decode_internal(vorbis_context *vc,
                            unsigned step = FASTDIV(vr->partition_size << 1, dim << 1);
                            vorbis_codebook codebook = vc->codebooks[vqbook];

-                            if (get_bits_left(gb) <= 0)
-                                return AVERROR_INVALIDDATA;
+                            if (get_bits_left(gb) < 0) {
+                                av_log(vc->avctx, AV_LOG_ERROR, "Overread %d bits\n", -get_bits_left(gb));
+                                return 0;
+                            }

                            if (vr_type == 0) {

--- a/libavcodec/vp9recon.c
+++ b/libavcodec/vp9recon.c
@ -319,7 +319,11 @@ static av_always_inline void mc_luma_unscaled(VP9TileData *td, const vp9_mc_func
    // The arm/aarch64 _hv filters read one more row than what actually is
    // needed, so switch to emulated edge one pixel sooner vertically
    // (!!my * 5) than horizontally (!!mx * 4).
+    // The arm/aarch64 _h filters read one more pixel than what actually is
+    // needed, so switch to emulated edge if that would read beyond the bottom
+    // right block.
    if (x < !!mx * 3 || y < !!my * 3 ||
+        ((ARCH_AARCH64 || ARCH_ARM) && (x + !!mx * 5 > w - bw) && (y + !!my * 5 + 1 > h - bh)) ||
        x + !!mx * 4 > w - bw || y + !!my * 5 > h - bh) {
        s->vdsp.emulated_edge_mc(td->edge_emu_buffer,
                                 ref - !!my * 3 * ref_stride - !!mx * 3 * bytesperpixel,
@ -358,7 +362,11 @@ static av_always_inline void mc_chroma_unscaled(VP9TileData *td, const vp9_mc_fu
    // The arm/aarch64 _hv filters read one more row than what actually is
    // needed, so switch to emulated edge one pixel sooner vertically
    // (!!my * 5) than horizontally (!!mx * 4).
+    // The arm/aarch64 _h filters read one more pixel than what actually is
+    // needed, so switch to emulated edge if that would read beyond the bottom
+    // right block.
    if (x < !!mx * 3 || y < !!my * 3 ||
+        ((ARCH_AARCH64 || ARCH_ARM) && (x + !!mx * 5 > w - bw) && (y + !!my * 5 + 1 > h - bh)) ||
        x + !!mx * 4 > w - bw || y + !!my * 5 > h - bh) {
        s->vdsp.emulated_edge_mc(td->edge_emu_buffer,
                                 ref_u - !!my * 3 * src_stride_u - !!mx * 3 * bytesperpixel,
--- a/libavcodec/vulkan_encode_h264.c
+++ b/libavcodec/vulkan_encode_h264.c
@ -130,12 +130,12 @@ static int init_pic_rc(AVCodecContext *avctx, FFHWBaseEncodePicture *pic,
        .consecutiveBFrameCount = FFMAX(ctx->base.b_per_p - 1, 0),
        .temporalLayerCount = 0,
    };
-
    rc_info->pNext = &hp->vkrc_info;
-    rc_info->virtualBufferSizeInMs = enc->unit_opts.hrd_buffer_size;
-    rc_info->initialVirtualBufferSizeInMs = enc->unit_opts.initial_buffer_fullness;

    if (rc_info->rateControlMode > VK_VIDEO_ENCODE_RATE_CONTROL_MODE_DISABLED_BIT_KHR) {
+        rc_info->virtualBufferSizeInMs = (enc->unit_opts.hrd_buffer_size * 1000LL) / avctx->bit_rate;
+        rc_info->initialVirtualBufferSizeInMs = (enc->unit_opts.initial_buffer_fullness * 1000LL) / avctx->bit_rate;
+
        hp->vkrc_layer_info = (VkVideoEncodeH264RateControlLayerInfoKHR) {
            .sType = VK_STRUCTURE_TYPE_VIDEO_ENCODE_H264_RATE_CONTROL_LAYER_INFO_KHR,

--- a/libavcodec/vulkan_encode_h265.c
+++ b/libavcodec/vulkan_encode_h265.c
@ -124,12 +124,12 @@ static int init_pic_rc(AVCodecContext *avctx, FFHWBaseEncodePicture *pic,
        .consecutiveBFrameCount = FFMAX(ctx->base.b_per_p - 1, 0),
        .subLayerCount = 0,
    };
-
    rc_info->pNext = &hp->vkrc_info;
-    rc_info->virtualBufferSizeInMs = 1000;
-    rc_info->initialVirtualBufferSizeInMs = 500;

    if (rc_info->rateControlMode > VK_VIDEO_ENCODE_RATE_CONTROL_MODE_DISABLED_BIT_KHR) {
+        rc_info->virtualBufferSizeInMs = (enc->hrd_buffer_size * 1000LL) / avctx->bit_rate;
+        rc_info->initialVirtualBufferSizeInMs = (enc->initial_buffer_fullness * 1000LL) / avctx->bit_rate;
+
        hp->vkrc_layer_info = (VkVideoEncodeH265RateControlLayerInfoKHR) {
            .sType = VK_STRUCTURE_TYPE_VIDEO_ENCODE_H265_RATE_CONTROL_LAYER_INFO_KHR,

--- a/libavcodec/vvc/refs.c
+++ b/libavcodec/vvc/refs.c
@ -146,10 +146,10 @@ static VVCFrame *alloc_frame(VVCContext *s, VVCFrameContext *fc)
        for (int j = 0; j < frame->ctb_count; j++)
            frame->rpl_tab[j] = frame->rpl;

-        win->left_offset   = pps->r->pps_scaling_win_left_offset   << sps->hshift[CHROMA];
-        win->right_offset  = pps->r->pps_scaling_win_right_offset  << sps->hshift[CHROMA];
-        win->top_offset    = pps->r->pps_scaling_win_top_offset    << sps->vshift[CHROMA];
-        win->bottom_offset = pps->r->pps_scaling_win_bottom_offset << sps->vshift[CHROMA];
+        win->left_offset   = pps->r->pps_scaling_win_left_offset   * (1 << sps->hshift[CHROMA]);
+        win->right_offset  = pps->r->pps_scaling_win_right_offset  * (1 << sps->hshift[CHROMA]);
+        win->top_offset    = pps->r->pps_scaling_win_top_offset    * (1 << sps->vshift[CHROMA]);
+        win->bottom_offset = pps->r->pps_scaling_win_bottom_offset * (1 << sps->vshift[CHROMA]);
        frame->ref_width   = pps->r->pps_pic_width_in_luma_samples  - win->left_offset   - win->right_offset;
        frame->ref_height  = pps->r->pps_pic_height_in_luma_samples - win->bottom_offset - win->top_offset;

--- a/libavcodec/webp.c
+++ b/libavcodec/webp.c
@ -704,6 +704,9 @@ static int decode_entropy_coded_image(WebPContext *s, enum ImageRole role,
            ref_x = FFMAX(0, ref_x);
            ref_y = FFMAX(0, ref_y);

+            if (ref_y == y && ref_x >= x)
+                return AVERROR_INVALIDDATA;
+
            /* copy pixels
             * source and dest regions can overlap and wrap lines, so just
             * copy per-pixel */
--- a/libavcodec/x86/aacencdsp.asm
+++ b/libavcodec/x86/aacencdsp.asm
@ -96,7 +96,7 @@ cglobal aac_quantize_bands, 5, 5, 6, out, in, scaled, size, is_signed, maxval, Q
    addps     m2, m1
    minps     m2, m3
    andps     m5, m4, [inq+sizeq]
-    orps      m2, m5
+    xorps     m2, m5
    cvttps2dq m2, m2
    mova      [outq+sizeq], m2
    add       sizeq, mmsize
--- a/libavcodec/x86/celt_pvq_search.asm
+++ b/libavcodec/x86/celt_pvq_search.asm
@ -20,7 +20,6 @@
 ;* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 ;******************************************************************************

-%include "config.asm"
 %include "libavutil/x86/x86util.asm"

 %ifdef __NASM_VER__
--- a/Show more
+++ b/Show more
 @ -1 +1 @@
 .0.git
 .1.1