Add divecorrector filter (an extended version of the channelmixer)

Update for 7.0.2
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-03 19:41:52 -05:00 · 2024-08-02 22:17:43 +02:00 · 2024-08-02 22:14:46 +02:00 · 2024-08-02 22:14:46 +02:00 · 2024-08-02 22:14:45 +02:00 · 2024-08-02 22:14:45 +02:00
283 changed files with 3216 additions and 1197 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,4 @@
+bin
 *.a
 *.o
 *.o.*
--- a/337
+++ b/337
@ -1,6 +1,332 @@
 Entries are sorted chronologically from oldest to youngest within each release,
 releases are sorted from youngest to oldest.

+version 7.0.2:
+ avcodec/snow: Fix off by 1 error in run_buffer
+ avcodec/utils: apply the same alignment to YUV410 as we do to YUV420 for snow
+ avformat/iamf_parse: Check for 0 samples
+ swscale: [loongarch] Fix checkasm-sw_yuv2rgb failure.
+ avcodec/aacps_tablegen_template: don't redefine CONFIG_HARDCODED_TABLES
+ avutil/hwcontext_vaapi: use the correct type for VASurfaceAttribExternalBuffers.buffers
+ avcodec/pcm-bluray/dvd: Use correct pointer types on BE
+ avcodec/pngenc: fix sBIT writing for indexed-color PNGs
+ avcodec/pngdec: use 8-bit sBIT cap for indexed PNGs per spec
+ avformat/mov: check that child boxes of trak are only present inside it
+ avformat/mov: check that sample and chunk count is 1 for HEIF
+ avcodec/videotoolboxenc: Fix bitrate doesn't work as expected
+ avdevice/dshow: Don't skip audio devices if no video device is present
+ avcodec/hdrenc: Allocate more space
+ avcodec/cfhdenc: Height of 16 is not supported
+ avcodec/cfhdenc: Allocate more space
+ avcodec/osq: fix integer overflow when applying factor
+ avcodec/osq: avoid using too large numbers for shifts and integers in update_residue_parameter()
+ avcodec/vaapi_encode: Check hwctx
+ avcodec/proresdec: Consider negative bits left
+ avcodec/alsdec: Clear shift_value
+ avcodec/hevc/hevcdec: Do not allow slices to depend on failed slices
+ avformat/mov: add an EOF check in IPRP
+ avfilter/vf_xfade: Check ff_inlink_consume_frame() for failure
+ avutil/slicethread: Check pthread_*_init() for failure
+ avutil/frame: Check log2_crop_align
+ avutil/buffer: Check ff_mutex_init() for failure
+ avformat/xmv: Check this_packet_size
+ avformat/webpenc: Check filesize in trailer
+ avformat/ty: rec_size seems to only need 32bit
+ avformat/tty: Check avio_size()
+ avformat/siff: Basic pkt_size check
+ avformat/sauce: Check avio_size() for failure
+ avformat/sapdec: Check ffurl_get_file_handle() for error
+ avformat/nsvdec: Check asize for PCM
+ avformat/mp3dec: Check header_filesize
+ avformat/mp3dec; Check for avio_size() failure
+ avformat/mov: Use 64bit for str_size
+ avformat/mm: Check length
+ avformat/hnm: Check *chunk_size
+ avformat/hlsenc: Check ret
+ avformat/bintext: Check avio_size() return
+ avformat/asfdec_o: Check size of index object
+ avfilter/vf_scale: Check ff_scale_adjust_dimensions() for failure
+ avfilter/scale_eval: Use 64bit, check values in ff_scale_adjust_dimensions()
+ avfilter/vf_lut3d: Check av_scanf()
+ avfilter/vf_elbg: Use unsigned for shifting into the top bit
+ avfilter/vf_premultiply: Use AV_PIX_MAX_PLANES
+ avfilter/vf_deshake_opencl: Ensure that the first iteration initializes the best variables
+ avformat/iamf_parse: Check for negative sample sizes
+ swscale/output: Fix integer overflows in yuv2rgba64_X_c_template
+ avformat/mxfdec: Reorder elements of expression in bisect loop
+ avutil/timecode: Use a 64bit framenum internally
+ avcodec/pnmdec: Use 64bit for input size check
+ avformat/mov: Check extradata in mov_read_iacb()
+ avcodec/mpeg12enc: Use av_rescale() in vbv_buffer_size computation
+ avcodec/utvideoenc: Use unsigned shift to build flags
+ avcodec/j2kenc: Merge dwt_norm into lambda
+ avcodec/vc2enc: Fix overflows with storing large values
+ avcodec/mpegvideo_enc: Do not duplicate pictures on shifting
+ avdevice/dshow_capture: Fix error handling in ff_dshow_##prefix##_Create()
+ avcodec/tiff: Check value on positive signed targets
+ avfilter/vf_convolution_opencl: Assert that the filter name is one of the filters
+ avfilter/vf_bm3d: Dont round MSE2SSE to an integer
+ avdevice/dshow: Remove NULL check on pin
+ avdevice/dshow: check ff_dshow_pin_ConnectionMediaType() for failure
+ avdevice/dshow: Check device_filter_unique_name before use
+ avdevice/dshow: Cleanup also on av_log case
+ avdevice/dshow_filter: Use wcscpy_s()
+ avcodec/flac_parser: Assert that we do not overrun the link_penalty array
+ avcodec/osq: avoid signed overflow in downsample path
+ avcodec/pixlet: Simplify pfx computation
+ avcodec/motion_est: Fix score squaring overflow
+ avcodec/mlpenc: Use 64 for ml, mr
+ avcodec/loco: Check loco_get_rice() for failure
+ avcodec/loco: check get_ur_golomb_jpegls() for failure
+ avcodec/leaddec: Check init_get_bits8() for failure
+ avcodec/imm4: check cbphi for error
+ avcodec/iff: Use signed count
+ avcodec/golomb: Assert that k is in the supported range for get_ur/sr_golomb()
+ avcodec/golomb: Document return for get_ur_golomb_jpegls() and get_sr_golomb_flac()
+ avcodec/dxv: Fix type in get_opcodes()
+ avcodec/cri: Check length
+ avcodec/xsubdec: Check parse_timecode()
+ avutil/imgutils: av_image_check_size2() ensure width and height fit in 32bit
+ avfilter/vf_tiltandshift: Free dst on error
+ doc/examples/mux: remove nop
+ avcodec/proresenc_kostya: use unsigned alpha for rotation
+ avformat/rtpenc_rfc4175: Use 64bit in computation if copy_offset
+ avformat/rtmpproto: Use AV_DICT_MATCH_CASE instead of litteral number
+ avformat/rtmppkt: Simplify and deobfuscate amf_tag_skip() slightly
+ avformat/rmdec: use 64bit for audio_framesize checks
+ avutil/wchar_filename: Correct sizeof
+ avutil/hwcontext_d3d11va: correct sizeof IDirect3DSurface9
+ avutil/hwcontext_d3d11va: Free AVD3D11FrameDescriptor on error
+ avutil/hwcontext_d3d11va: correct sizeof AVD3D11FrameDescriptor
+ avcodec/vvc/refs: Use unsigned mask
+ doc/examples/vaapi_encode: Try to check fwrite() for failure
+ avformat/usmdec: Initialize value
+ avformat/tls_schannel: Initialize ret
+ avformat/subfile: Assert that whence is a known case
+ avformat/subfile: Merge if into switch()
+ avformat/rtsp: Check that lower transport is handled in one of the if()
+ avformat/rtsp: initialize reply1
+ avformat/rtsp: use < 0 for error check
+ avformat/rtpenc_vc2hq: Check sizes
+ avfilter/af_aderivative: Free out on error
+ swscale/swscale: Use ptrdiff_t for linesize computations
+ avfilter/af_amerge: Cleanup on av_channel_layout_copy() failure
+ avfilter/af_afir: Assert format
+ avfilter/af_afftdn: Assert format
+ avfilter/af_pan: check nb_output_channels before use
+ cbs_av1: Reject thirty-two zero bits in uvlc code
+ avfilter/af_mcompand: compute half frequency in double
+ avfilter/af_channelsplit: Assert that av_channel_layout_channel_from_index() succeeds
+ avfilter/af_aresample: Cleanup on av_channel_layout_copy() failure
+ tools/coverity: Phase 1 study of anti-halicogenic for coverity av_rescale()
+ avfilter/vf_avgblur: Check plane instead of AVFrame
+ avfilter/drawutils: Fix depthb computation
+ avfilter/avf_showcwt: Check av_parse_video_rate() for failure
+ avformat/rdt: Check pkt_len
+ avformat/mpeg: Check len in mpegps_probe()
+ avformat/mxfenc: resurrects the error print
+ avdevice/dshow: Check ICaptureGraphBuilder2_SetFiltergraph() for failure
+ avcodec/mfenc: check IMFSample_ConvertToContiguousBuffer() for failure
+ avcodec/vc1_loopfilter: Factor duplicate code in vc1_b_h_intfi_loop_filter()
+ avcodec/vvc/ctu: Remove dead ret check
+ avcodec/vvc/dec: Remove constant eos_at_start
+ avformat/img2dec: assert no pipe on ts_from_file
+ avcodec/cbs_jpeg: Try to move the read entity to one side in a test
+ fftools/ffplay: Check vulkan_params
+ fftools/ffmpeg_enc: Initialize Decoder
+ fftools/ffmpeg_enc: Initialize fd
+ fftools/ffmpeg_enc: simplify opaque_ref check
+ avformat/mov: Check edit list for overflow
+ fftools/ffmpeg: Check read() for failure
+ avcodec/vvc/dec: Check ff_init_cabac_decoder() for failure
+ MAINTAINERS: Add Timo Rothenpieler to server admins
+ swscale/output: Avoid undefined overflow in yuv2rgb_write_full()
+ swscale/output: alpha can become negative after scaling, use multiply
+ avcodec/targaenc: Allocate space for the palette
+ avcodec/r210enc: Use av_rescale for bitrate
+ avcodec/jfdctint_template: Fewer integer anomalies
+ avcodec/snowenc: MV limits due to mv_penalty table size
+ tools/target_dec_fuzzer: Adjust threshold for MV30
+ tools/target_dec_fuzzer: Adjust threshold for jpeg2000
+ avformat/mxfdec: Check container_ul->desc before use
+ avcodec/libvpxenc: Cleanup on error
+ MAINTAINERS: Update the entries for the release maintainer for FFmpeg
+ doc/developer: Provide information about git send-email and gmail
+ avfilter/vf_rotate: Check ff_draw_init2() return value
+ avformat/mov: Use int64_t in intermediate for corrected_dts
+ avformat/mov: Use 64bit in intermediate for current_dts
+ avformat/matroskadec: Assert that num_levels is non negative
+ avformat/libzmq: Check av_strstart()
+ avformat/img2dec: Little JFIF / Exif cleanup
+ avformat/img2dec: Move DQT after unrelated if()
+ avformat/imfdec: Simplify get_next_track_with_minimum_timestamp()
+ avdevice/xcbgrab: Check sscanf() return
+ fftools/cmdutils: Add protective () to FLAGS
+ avformat/sdp: Check before appending ","
+ avcodec/libx264: Check init_get_bits8() return code
+ avcodec/ilbcdec: Remove dead code
+ avcodec/vp8: Check cond init
+ avcodec/vp8: Check mutex init
+ avcodec/proresenc_anatoliy: Assert that AV_PROFILE_UNKNOWN is replaced
+ avcodec/pcm-dvdenc: 64bit pkt-size
+ avcodec/notchlc: Check init_get_bits8() for failure
+ avcodec/tests/dct: Use 64bit in intermediate for error computation
+ avcodec/scpr3: Check add_dec() for failure
+ avcodec/rv34: assert that size is not 0 in rv34_gen_vlc_ext()
+ avcodec/wavpackenc: Use unsigned for potential 31bit shift
+ avcodec/vvc/mvs: Initialize mvf
+ avcodec/tests/jpeg2000dwt: Use 64bit in comparission
+ avcodec/tests/jpeg2000dwt: Use 64bit in err2 computation
+ avformat/fwse: Remove always false expression
+ avcodec/sga: Make it clear that the return is intentionally not checked
+ avformat/asfdec_f: Use 64bit for preroll computation
+ avformat/argo_asf: Use 64bit in offset intermediate
+ avformat/ape: Use 64bit for final frame size
+ avformat/ac4dec: Check remaining space in ac4_probe()
+ avdevice/pulse_audio_enc: Use av_rescale() to avoid integer overflow
+ avcodec/vlc: Cleanup on multi table alloc failure in ff_vlc_init_multi_from_lengths()
+ avcodec/tiff: Assert init_get_bits8() success in unpack_gray()
+ avcodec/tiff: Assert init_get_bits8() success in horizontal_fill()
+ tools/decode_simple: Check avcodec_send_packet() for errors on flushing
+ swscale/yuv2rgb: Use 64bit for brightness computation
+ swscale/x86/swscale: use a clearer name for INPUT_PLANER_RGB_A_FUNC_CASE
+ avutil/tests/opt: Check av_set_options_string() for failure
+ avutil/tests/dict: Check av_dict_set() before get for failure
+ avdevice/dshow: fix badly indented line
+ avformat/demux: resurrect dead stores
+ avcodec/tests/bitstream_template: Assert bits_init8() return
+ tools/enc_recon_frame_test: Assert that av_image_get_linesize() succeeds
+ avformat/iamf_writer: disallow Opus extradata with mapping family other than 0
+ avformat/iamf_parse: sanitize audio_roll_distance values
+ avformat/iamf: byteswap values in OpusHeader
+ avformat/iamf: rename Codec Config seek_preroll to audio_roll_distance
+ avformat/iamf_writer: fix coded audio_roll_distance values
+ avformat/iamf_writer: fix PCM endian-ness flag
+ avformat/movenc: fix channel count and samplerate fields for IAMF tracks
+ avformat/iamf_parse: keep substream count consistent
+ avformat/iamf_parse: add missing padding to AAC extradata
+ avformat/iamf_parse: 0 layers are not allowed
+ avformat/iamf_parse: consider nb_substreams when accessing substreams array
+ avformat/iamf_parse: Remove dead case
+ avcodec/png: more informative error message for invalid sBIT size
+ avcodec/pngdec: avoid erroring with sBIT on indexed-color images
+ avfilter/vf_tiltandshift: fix buffer offset for yuv422p input
+ avutil/timestamp: avoid possible FPE when 0 is passed to av_ts_make_time_string2()
+ avformat/mov: add more checks for infe atom size
+ avformat/mov: check for EOF inside the infe list parsing loop
+ avformat/mov: check extent_offset calculation for overflow
+ avformat/mov: check that iloc offset values fit on an int64_t
+ avcodec/pngenc: fix mDCv typo
+ avcodec/pngdec: fix mDCv typo
+ avcodec/nvenc: fix segfault in intra-only mode
+ avdevice/avfoundation: add external video devices
+ aarch64: Add OpenBSD runtime detection of dotprod and i8mm using sysctl
+ fftools/ffplay_renderer: use correct NULL value for Vulkan type
+ qsv: Initialize impl_value
+ avutil/hwcontext_qsv: fix GCC 14.1 warnings
+ avcodec/mediacodecenc: workaround the alignment requirement for H.265
+ avcodec/mediacodecenc: workaround the alignment requirement only for H.264
+ lavc/lpc: fix off-by-one in R-V V compute_autocorr
+ lavc/vp9: reset segmentation fields when segmentation isn't enabled
+ configure: enable ffnvcodec, nvenc, nvdec for FreeBSD
+ lavc/sbrdsp: fix potential overflow in noise table
+
+version 7.0.1:
+ lavc/flacdsp: do not assume maximum R-V VL
+ avformat/flacdec: Reorder allocations to avoid leak on error
+ avcodec/adts_parser: Don't presume buffer to be padded
+ avformat/movenc: Check av_malloc()
+ avcodec/vp8: Return error on error
+ avformat/mov: store sample_sizes as unsigned ints
+ avformat/vvc: fix parsing sps_subpic_id
+ avformat/vvc: initialize some ptl flags
+ avcodec/mscc & mwsc: Check loop counts before use
+ avcodec/mpegvideo_enc: Fix potential overflow in RD
+ avcodec/mpeg4videodec: assert impossible wrap points
+ avcodec/mpeg12dec: Use 64bit in bit computation
+ avcodec/vqcdec: Check init_get_bits8() for failure
+ avcodec/vvc/dec: Check init_get_bits8() for failure
+ avcodec/vble: Check av_image_get_buffer_size() for failure
+ avcodec/vp3: Replace check by assert
+ avcodec/vp8: Forward return of ff_vpx_init_range_decoder()
+ avcodec/jpeg2000dec: remove ST=3 case
+ avcodec/qsvdec: Check av_image_get_buffer_size() for failure
+ avcodec/exr: Fix preview overflow
+ avcodec/decode: decode_simple_internal() only implements audio and video
+ avcodec/fmvc: remove dead assignment
+ avcodec/h2645_sei: Remove dead checks
+ avcodec/h264_slice: Remove dead sps check
+ avcodec/lpc: copy levenson coeffs only when they have been computed
+ avutil/tests/base64: Check with too short output array
+ libavutil/base64: Try not to write over the array end
+ avcodec/cbs_av1: Avoid shift overflow
+ fftools/ffplay: Check return of swr_alloc_set_opts2()
+ tools/opt_common: Check for malloc failure
+ doc/examples/demux_decode: Simplify loop
+ avformat/concatdec: Check file
+ avcodec/mpegvideo_enc: Fix 1 line and one column images
+ avcodec/amrwbdec: assert mode to be valid in decode_fixed_vector()
+ avcodec/wavarc: fix integer overflow in decode_5elp() block type 2
+ swscale/output: Fix integer overflow in yuv2rgba64_full_1_c_template()
+ swscale/output: Fix integer overflow in yuv2rgba64_1_c_template
+ avcodec/av1dec: Change bit_depth to int
+ avcodec/av1dec: bit_depth cannot be another values than 8,10,12
+ avcodec/avs3_parser: assert the return value of init_get_bits()
+ avcodec/avs2_parser: Assert init_get_bits8() success with const size 15
+ avfilter/avfiltergraph: return value of ff_request_frame() is unused
+ avformat/mxfdec: Check body_offset
+ avformat/kvag: Check sample_rate
+ avcodec/atrac9dec: Check init_get_bits8() for failure
+ avcodec/ac3_parser: Check init_get_bits8() for failure
+ avcodec/pngdec: Check last AVFrame before deref
+ avcodec/hevcdec: Check ref frame
+ doc/examples/qsv_transcode: Initialize pointer before free
+ doc/examples/qsv_transcode: Simplify str_to_dict() loop
+ doc/examples/vaapi_transcode: Simplify loop
+ doc/examples/qsv_transcode: Simplify loop
+ avcodec/cbs_h2645: Check NAL space
+ avfilter/vf_thumbnail_cuda: Set ret before checking it
+ avfilter/signature_lookup: Dont copy uninitialized stuff around
+ avfilter/signature_lookup: Fix 2 differences to the refernce SW
+ avcodec/x86/vp3dsp_init: Set correct function pointer, fix crash
+ avformat/mp3dec: change bogus error message if read_header encounters EOF
+ avformat/mp3dec: simplify inner frame size check in mp3_read_header
+ avformat/mp3dec: only call ffio_ensure_seekback once
+ avcodec/cbs_h266: read vps_ptl_max_tid before using it
+ avcodec/cbs_h266: fix sh_collocated_from_l0_flag and sh_collocated_ref_idx infer
+ avformat/vvc: fix parsing some early VPS bitstream values
+ avformat/vvc: fix writing general_constraint_info bytes
+ avutil/ppc/cpu: Also use the machdep.altivec sysctl on NetBSD
+ lavd/v4l2: Use proper field type for second parameter of ioctl() with BSD's
+ vulkan_av1: Fix force_integer_mv value
+ vaapi_av1: Fix force_integer_mv value
+ av1dec: Add force_integer_mv derived field for decoder use
+ avutil/iamf: fix offsets for mix_gain options
+ avformat/iamfdec: check nb_streams in header read
+ avformat/mov: free the infe allocated item data on failure
+ avformat/iamf_writer: reject duplicated stream ids in a stream group
+ avformat/mov: don't read key_size bytes twice in the keys atom
+ avformat/mov: take into account the first eight bytes in the keys atom
+ avformat/mov: fix the check for the heif item parsing loop
+ avutil/iamf: fix mix_gain_class name
+ av1dec: Fix RefFrameSignBias calculation
+ avcodec/codec_par: always clear extradata_size in avcodec_parameters_to_context()
+ avcodec/mediacodecenc: Fix return empty packet when bsf is used
+ avcodec/hevcdec: Fix precedence, bogus film grain warning
+ avcodec/hevcdec: fix segfault on invalid film grain metadata
+ lavc/vvc: Skip enhancement layer NAL units
+ avformat/mov: ignore old infe box versions
+ vulkan_av1: add workaround for NVIDIA drivers tested on broken CTS
+ lavc/vulkan_av1: Use av1dec reference order hint information
+ lavc/av1: Record reference ordering information for each frame
+ doc/encoders: add missing libxvid option
+ doc/encoders: remove non-existent flag
+ fate/ffmpeg: Avoid dependency on samples
+ avcodec/wavpack: Remove always-false check
+ avcodec/wavpack: Fix leak and segfault on reallocation error
+ avcodec/lossless_videoencdsp: Don't presume alignment in diff_bytes
+ avcodec/ppc/h264dsp: Fix left shifts of negative numbers
+
 version 7.0:
 - DXV DXT1 encoder
 - LEAD MCMP decoder
@ -17,7 +343,7 @@ version 7.0:
 - qrencode filter and qrencodesrc source
 - quirc filter
 - lavu/eval: introduce randomi() function in expressions
- VVC decoder
+- VVC decoder (experimental)
 - fsync filter
 - Raw Captions with Time (RCWT) closed caption muxer
 - ffmpeg CLI -bsf option may now be used for input as well as output
@ -38,6 +364,15 @@ version 7.0:
 - ffplay with hwaccel decoding support (depends on vulkan renderer via libplacebo)
 - dnn filter libtorch backend
 - Android content URIs protocol
+- AOMedia Film Grain Synthesis 1 (AFGS1)
+- RISC-V optimizations for AAC, FLAC, JPEG-2000, LPC, RV4.0, SVQ, VC1, VP8, and more
+- Loongarch optimizations for HEVC decoding
+- Important AArch64 optimizations for HEVC
+- IAMF support inside MP4/ISOBMFF
+- Support for HEIF/AVIF still images and tiled still images
+- Dolby Vision profile 10 support in AV1
+- Support for Ambient Viewing Environment metadata in MP4/ISOBMFF
+- HDR10 metadata passthrough when encoding with libx264, libx265, and libsvtav1


 version 6.1:
--- a/12
+++ b/12
@ -34,8 +34,8 @@ Miscellaneous Areas
 ===================

 documentation                           Stefano Sabatini, Mike Melanson, Timothy Gu, Gyan Doshi
-project server day to day operations    Árpád Gereöffy, Michael Niedermayer, Reimar Doeffinger, Alexander Strasser, Nikolay Aleksandrov
-project server emergencies              Árpád Gereöffy, Reimar Doeffinger, Alexander Strasser, Nikolay Aleksandrov
+project server day to day operations    Árpád Gereöffy, Michael Niedermayer, Reimar Doeffinger, Alexander Strasser, Nikolay Aleksandrov, Timo Rothenpieler
+project server emergencies              Árpád Gereöffy, Reimar Doeffinger, Alexander Strasser, Nikolay Aleksandrov, Timo Rothenpieler
 presets                                 Robert Swain
 metadata subsystem                      Aurelien Jacobs
 release management                      Michael Niedermayer
@ -535,10 +535,12 @@ wm4
 Releases
 ========

+7.0                                     Michael Niedermayer
+6.1                                     Michael Niedermayer
+5.1                                     Michael Niedermayer
+4.4                                     Michael Niedermayer
+3.4                                     Michael Niedermayer
 2.8                                     Michael Niedermayer
-2.7                                     Michael Niedermayer
-2.6                                     Michael Niedermayer
-2.5                                     Michael Niedermayer

 If you want to maintain an older release, please contact us

--- a/2
+++ b/2
@ -1 +1 @@
-5.1.git
+7.0.2
--- a/15
+++ b/15
@ -0,0 +1,15 @@
+
+            ┌─────────────────────────────────────────┐
+            │ RELEASE NOTES for FFmpeg 7.0 "Dijkstra" │
+            └─────────────────────────────────────────┘
+
+   The FFmpeg Project proudly presents FFmpeg 7.0 "Dijkstra", about 6
+   months after the release of FFmpeg 6.1.
+
+   A complete Changelog is available at the root of the project, and the
+   complete Git history on https://git.ffmpeg.org/gitweb/ffmpeg.git
+
+   We hope you will like this release as much as we enjoyed working on it, and
+   as usual, if you have any questions about it, or any FFmpeg related topic,
+   feel free to join us on the #ffmpeg IRC channel (on irc.libera.chat) or ask
+   on the mailing-lists.
--- a/compile.sh
+++ b/compile.sh
@ -0,0 +1,76 @@
+
+prefix="$(realpath "$(dirname "$0")")"/bin
+
+echo "$prefix"
+
+./configure \
+    --prefix=/usr \
+    --disable-debug \
+    --disable-static \
+    --disable-stripping \
+    --enable-amf \
+    --enable-lto \
+    --enable-fontconfig \
+    --enable-frei0r \
+    --enable-gmp \
+    --enable-gpl \
+    --enable-ladspa \
+    --enable-libaom \
+    --enable-libass \
+    --enable-libbluray \
+    --enable-libbs2b \
+    --enable-libdav1d \
+    --enable-libdrm \
+    --enable-libdvdnav \
+    --enable-libdvdread \
+    --enable-libfreetype \
+    --enable-libfribidi \
+    --enable-libgsm \
+    --enable-libharfbuzz \
+    --enable-libiec61883 \
+    --enable-libjack \
+    --enable-libjxl \
+    --enable-libmodplug \
+    --enable-libmp3lame \
+    --enable-libopencore_amrnb \
+    --enable-libopencore_amrwb \
+    --enable-libopenjpeg \
+    --enable-libopenmpt \
+    --enable-libopus \
+    --enable-libplacebo \
+    --enable-libpulse \
+    --enable-librav1e \
+    --enable-librsvg \
+    --enable-librubberband \
+    --enable-libsnappy \
+    --enable-libsoxr \
+    --enable-libspeex \
+    --enable-libsrt \
+    --enable-libssh \
+    --enable-libsvtav1 \
+    --enable-libtheora \
+    --enable-libv4l2 \
+    --enable-libvidstab \
+    --enable-libvmaf \
+    --enable-libvorbis \
+    --enable-libvpl \
+    --enable-libvpx \
+    --enable-libwebp \
+    --enable-libx264 \
+    --enable-libx265 \
+    --enable-libxcb \
+    --enable-libxml2 \
+    --enable-libxvid \
+    --enable-libzimg \
+    --enable-nvdec \
+    --enable-nvenc \
+    --enable-opencl \
+    --enable-opengl \
+    --enable-shared \
+    --enable-vapoursynth \
+    --enable-version3 \
+    --enable-vulkan \
+    --prefix="$prefix"
+
+make -j10
+
--- a/7
+++ b/7
@ -2851,6 +2851,7 @@ h264_sei_select="atsc_a53 golomb"
 hevcparse_select="golomb"
 hevc_sei_select="atsc_a53 golomb"
 frame_thread_encoder_deps="encoders threads"
+iamfdec_select="iso_media mpeg4audio"
 inflate_wrapper_deps="zlib"
 intrax8_select="blockdsp wmv2dsp"
 iso_media_select="mpeg4audio"
@ -2894,7 +2895,7 @@ asv1_encoder_select="aandcttables bswapdsp fdctdsp pixblockdsp"
 asv2_decoder_select="blockdsp bswapdsp idctdsp"
 asv2_encoder_select="aandcttables bswapdsp fdctdsp pixblockdsp"
 atrac1_decoder_select="sinewin"
-av1_decoder_select="cbs_av1 atsc_a53"
+av1_decoder_select="atsc_a53 cbs_av1 dovi_rpu"
 bink_decoder_select="blockdsp hpeldsp"
 binkaudio_dct_decoder_select="wma_freqs"
 binkaudio_rdft_decoder_select="wma_freqs"
@ -3483,7 +3484,7 @@ libcelt_decoder_deps="libcelt"
 libcodec2_decoder_deps="libcodec2"
 libcodec2_encoder_deps="libcodec2"
 libdav1d_decoder_deps="libdav1d"
-libdav1d_decoder_select="atsc_a53"
+libdav1d_decoder_select="atsc_a53 dovi_rpu"
 libdavs2_decoder_deps="libdavs2"
 libdavs2_decoder_select="avs2_parser"
 libfdk_aac_decoder_deps="libfdk_aac"
@ -7310,7 +7311,7 @@ fi

 if enabled x86; then
    case $target_os in
-        mingw32*|mingw64*|win32|win64|linux|cygwin*)
+        freebsd|mingw32*|mingw64*|win32|win64|linux|cygwin*)
            ;;
        *)
            disable ffnvcodec cuvid nvdec nvenc
--- a/doc/Doxyfile
+++ b/doc/Doxyfile
@ -38,7 +38,7 @@ PROJECT_NAME           = FFmpeg
 # could be handy for archiving the generated documentation or if some version
 # control system is used.

-PROJECT_NUMBER         =
+PROJECT_NUMBER         = 7.0.2

 # Using the PROJECT_BRIEF tag one can provide an optional one line description
 # for a project that appears at the top of each page and should give viewer a
--- a/doc/developer.texi
+++ b/doc/developer.texi
@ -390,6 +390,10 @@ If you apply a patch, send an
 answer to ffmpeg-devel (or wherever you got the patch from) saying that
 you applied the patch.

+@subheading Credit any researchers
+If a commit/patch fixes an issues found by some researcher, always credit the
+researcher in the commit message for finding/reporting the issue.
+
@subheading Always wait long enough before pushing changes
 Do NOT commit to code actively maintained by others without permission.
 Send a patch to ffmpeg-devel. If no one answers within a reasonable
@ -634,6 +638,11 @@ patch is inline or attached per mail.
 You can check @url{https://patchwork.ffmpeg.org}, if your patch does not show up, its mime type
 likely was wrong.

+@subheading How to setup git send-email?
+
+Please see @url{https://git-send-email.io/}.
+For gmail additionally see @url{https://shallowsky.com/blog/tech/email/gmail-app-passwds.html}.
+
@subheading Sending patches from email clients
 Using @code{git send-email} might not be desirable for everyone. The
 following trick allows to send patches via email clients in a safe
--- a/doc/encoders.texi
+++ b/doc/encoders.texi
@ -3045,9 +3045,6 @@ Enable high quality AC prediction.
@item gray
 Only encode grayscale.

-@item gmc
-Enable the use of global motion compensation (GMC).
-
@item qpel
 Enable quarter-pixel motion compensation.

@ -3059,7 +3056,9 @@ Place global headers in extradata instead of every keyframe.

@end table

-@item trellis
+@item gmc
+Enable the use of global motion compensation (GMC).  Default is 0
+(disabled).

@item me_quality
 Set motion estimation quality level. Possible values in decreasing order of
@ -3114,6 +3113,9 @@ be better than any of the two specified individually. In other
 words, the resulting quality will be the worse one of the two
 effects.

+@item trellis
+Set rate-distortion optimal quantization.
+
@item ssim
 Set structural similarity (SSIM) displaying method. Possible values:

--- a/doc/examples/demux_decode.c
+++ b/doc/examples/demux_decode.c
@ -138,11 +138,9 @@ static int decode_packet(AVCodecContext *dec, const AVPacket *pkt)
            ret = output_audio_frame(frame);

        av_frame_unref(frame);
-        if (ret < 0)
-            return ret;
    }

-    return 0;
+    return ret;
 }

 static int open_codec_context(int *stream_idx,
--- a/doc/examples/mux.c
+++ b/doc/examples/mux.c
@ -347,8 +347,7 @@ static int write_audio_frame(AVFormatContext *oc, OutputStream *ost)
    if (frame) {
        /* convert samples from native format to destination codec format, using the resampler */
        /* compute destination number of samples */
-        dst_nb_samples = av_rescale_rnd(swr_get_delay(ost->swr_ctx, c->sample_rate) + frame->nb_samples,
-                                        c->sample_rate, c->sample_rate, AV_ROUND_UP);
+        dst_nb_samples = swr_get_delay(ost->swr_ctx, c->sample_rate) + frame->nb_samples;
        av_assert0(dst_nb_samples == frame->nb_samples);

        /* when we pass a frame to the encoder, it may keep a reference to it
--- a/doc/examples/qsv_transcode.c
+++ b/doc/examples/qsv_transcode.c
@ -75,8 +75,7 @@ static int str_to_dict(char* optstr, AVDictionary **opt)
        if (value == NULL)
            return AVERROR(EINVAL);
        av_dict_set(opt, key, value, 0);
-    } while(key != NULL);
-    return 0;
+    } while(1);
 }

 static int dynamic_set_parameter(AVCodecContext *avctx)
@ -334,17 +333,15 @@ static int dec_enc(AVPacket *pkt, const AVCodec *enc_codec, char *optstr)

 fail:
        av_frame_free(&frame);
-        if (ret < 0)
-            return ret;
    }
-    return 0;
+    return ret;
 }

 int main(int argc, char **argv)
 {
    const AVCodec *enc_codec;
    int ret = 0;
-    AVPacket *dec_pkt;
+    AVPacket *dec_pkt = NULL;

    if (argc < 5 || (argc - 5) % 2) {
        av_log(NULL, AV_LOG_ERROR, "Usage: %s <input file> <encoder> <output file>"
--- a/doc/examples/vaapi_encode.c
+++ b/doc/examples/vaapi_encode.c
@ -88,6 +88,10 @@ static int encode_write(AVCodecContext *avctx, AVFrame *frame, FILE *fout)
        enc_pkt->stream_index = 0;
        ret = fwrite(enc_pkt->data, enc_pkt->size, 1, fout);
        av_packet_unref(enc_pkt);
+        if (ret != enc_pkt->size) {
+            ret = AVERROR(errno);
+            break;
+        }
    }

 end:
--- a/doc/examples/vaapi_transcode.c
+++ b/doc/examples/vaapi_transcode.c
@ -215,10 +215,8 @@ static int dec_enc(AVPacket *pkt, const AVCodec *enc_codec)

 fail:
        av_frame_free(&frame);
-        if (ret < 0)
-            return ret;
    }
-    return 0;
+    return ret;
 }

 int main(int argc, char **argv)
--- a/fftools/cmdutils.c
+++ b/fftools/cmdutils.c
@ -581,7 +581,7 @@ static const AVOption *opt_find(void *obj, const char *name, const char *unit,
    return o;
 }

-#define FLAGS (o->type == AV_OPT_TYPE_FLAGS && (arg[0]=='-' || arg[0]=='+')) ? AV_DICT_APPEND : 0
+#define FLAGS ((o->type == AV_OPT_TYPE_FLAGS && (arg[0]=='-' || arg[0]=='+')) ? AV_DICT_APPEND : 0)
 int opt_default(void *optctx, const char *opt, const char *arg)
 {
    const AVOption *o;
--- a/fftools/ffmpeg.c
+++ b/fftools/ffmpeg.c
@ -306,8 +306,9 @@ static int read_key(void)
        }
        //Read it
        if(nchars != 0) {
-            read(0, &ch, 1);
-            return ch;
+            if (read(0, &ch, 1) == 1)
+                return ch;
+            return 0;
        }else{
            return -1;
        }
--- a/fftools/ffmpeg_enc.c
+++ b/fftools/ffmpeg_enc.c
@ -171,7 +171,7 @@ int enc_open(void *opaque, const AVFrame *frame)
    InputStream *ist = ost->ist;
    Encoder              *e = ost->enc;
    AVCodecContext *enc_ctx = ost->enc_ctx;
-    Decoder            *dec;
+    Decoder            *dec = NULL;
    const AVCodec      *enc = enc_ctx->codec;
    OutputFile          *of = ost->file;
    FrameData *fd;
@ -504,9 +504,9 @@ void enc_stats_write(OutputStream *ost, EncStats *es,
    AVRational  tbi = (AVRational){ 0, 1};
    int64_t    ptsi = INT64_MAX;

-    const FrameData *fd;
+    const FrameData *fd = NULL;

-    if ((frame && frame->opaque_ref) || (pkt && pkt->opaque_ref)) {
+    if (frame ? frame->opaque_ref : pkt->opaque_ref) {
        fd   = (const FrameData*)(frame ? frame->opaque_ref->data : pkt->opaque_ref->data);
        tbi  = fd->dec.tb;
        ptsi = fd->dec.pts;
--- a/fftools/ffmpeg_sched.c
+++ b/fftools/ffmpeg_sched.c
@ -260,6 +260,12 @@ typedef struct SchFilterGraph {
    int                 task_exited;
 } SchFilterGraph;

+enum SchedulerState {
+    SCH_STATE_UNINIT,
+    SCH_STATE_STARTED,
+    SCH_STATE_STOPPED,
+};
+
 struct Scheduler {
    const AVClass      *class;

@ -292,7 +298,7 @@ struct Scheduler {
    char               *sdp_filename;
    int                 sdp_auto;

-    int                 transcode_started;
+    enum SchedulerState state;
    atomic_int          terminate;
    atomic_int          task_failed;

@ -399,22 +405,6 @@ static int queue_alloc(ThreadQueue **ptq, unsigned nb_streams, unsigned queue_si

 static void *task_wrapper(void *arg);

-static int task_stop(SchTask *task)
-{
-    int ret;
-    void *thread_ret;
-
-    if (!task->thread_running)
-        return 0;
-
-    ret = pthread_join(task->thread, &thread_ret);
-    av_assert0(ret == 0);
-
-    task->thread_running = 0;
-
-    return (intptr_t)thread_ret;
-}
-
 static int task_start(SchTask *task)
 {
    int ret;
@ -468,59 +458,6 @@ static int64_t trailing_dts(const Scheduler *sch, int count_finished)
    return min_dts == INT64_MAX ? AV_NOPTS_VALUE : min_dts;
 }

-int sch_stop(Scheduler *sch, int64_t *finish_ts)
-{
-    int ret = 0, err;
-
-    atomic_store(&sch->terminate, 1);
-
-    for (unsigned type = 0; type < 2; type++)
-        for (unsigned i = 0; i < (type ? sch->nb_demux : sch->nb_filters); i++) {
-            SchWaiter *w = type ? &sch->demux[i].waiter : &sch->filters[i].waiter;
-            waiter_set(w, 1);
-        }
-
-    for (unsigned i = 0; i < sch->nb_demux; i++) {
-        SchDemux *d = &sch->demux[i];
-
-        err = task_stop(&d->task);
-        ret = err_merge(ret, err);
-    }
-
-    for (unsigned i = 0; i < sch->nb_dec; i++) {
-        SchDec *dec = &sch->dec[i];
-
-        err = task_stop(&dec->task);
-        ret = err_merge(ret, err);
-    }
-
-    for (unsigned i = 0; i < sch->nb_filters; i++) {
-        SchFilterGraph *fg = &sch->filters[i];
-
-        err = task_stop(&fg->task);
-        ret = err_merge(ret, err);
-    }
-
-    for (unsigned i = 0; i < sch->nb_enc; i++) {
-        SchEnc *enc = &sch->enc[i];
-
-        err = task_stop(&enc->task);
-        ret = err_merge(ret, err);
-    }
-
-    for (unsigned i = 0; i < sch->nb_mux; i++) {
-        SchMux *mux = &sch->mux[i];
-
-        err = task_stop(&mux->task);
-        ret = err_merge(ret, err);
-    }
-
-    if (finish_ts)
-        *finish_ts = trailing_dts(sch, 1);
-
-    return ret;
-}
-
 void sch_free(Scheduler **psch)
 {
    Scheduler *sch = *psch;
@ -1213,7 +1150,8 @@ int sch_mux_stream_ready(Scheduler *sch, unsigned mux_idx, unsigned stream_idx)

    // this may be called during initialization - do not start
    // threads before sch_start() is called
-    if (++mux->nb_streams_ready == mux->nb_streams && sch->transcode_started)
+    if (++mux->nb_streams_ready == mux->nb_streams &&
+        sch->state >= SCH_STATE_STARTED)
        ret = mux_init(sch, mux);

    pthread_mutex_unlock(&sch->mux_ready_lock);
@ -1583,7 +1521,8 @@ int sch_start(Scheduler *sch)
    if (ret < 0)
        return ret;

-    sch->transcode_started = 1;
+    av_assert0(sch->state == SCH_STATE_UNINIT);
+    sch->state = SCH_STATE_STARTED;

    for (unsigned i = 0; i < sch->nb_mux; i++) {
        SchMux *mux = &sch->mux[i];
@ -1591,7 +1530,7 @@ int sch_start(Scheduler *sch)
        if (mux->nb_streams_ready == mux->nb_streams) {
            ret = mux_init(sch, mux);
            if (ret < 0)
-                return ret;
+                goto fail;
        }
    }

@ -1600,7 +1539,7 @@ int sch_start(Scheduler *sch)

        ret = task_start(&enc->task);
        if (ret < 0)
-            return ret;
+            goto fail;
    }

    for (unsigned i = 0; i < sch->nb_filters; i++) {
@ -1608,7 +1547,7 @@ int sch_start(Scheduler *sch)

        ret = task_start(&fg->task);
        if (ret < 0)
-            return ret;
+            goto fail;
    }

    for (unsigned i = 0; i < sch->nb_dec; i++) {
@ -1616,7 +1555,7 @@ int sch_start(Scheduler *sch)

        ret = task_start(&dec->task);
        if (ret < 0)
-            return ret;
+            goto fail;
    }

    for (unsigned i = 0; i < sch->nb_demux; i++) {
@ -1627,7 +1566,7 @@ int sch_start(Scheduler *sch)

        ret = task_start(&d->task);
        if (ret < 0)
-            return ret;
+            goto fail;
    }

    pthread_mutex_lock(&sch->schedule_lock);
@ -1635,6 +1574,9 @@ int sch_start(Scheduler *sch)
    pthread_mutex_unlock(&sch->schedule_lock);

    return 0;
+fail:
+    sch_stop(sch, NULL);
+    return ret;
 }

 int sch_wait(Scheduler *sch, uint64_t timeout_us, int64_t *transcode_ts)
@ -2483,6 +2425,18 @@ int sch_filter_command(Scheduler *sch, unsigned fg_idx, AVFrame *frame)
    return send_to_filter(sch, fg, fg->nb_inputs, frame);
 }

+static int task_cleanup(Scheduler *sch, SchedulerNode node)
+{
+    switch (node.type) {
+    case SCH_NODE_TYPE_DEMUX:       return demux_done (sch, node.idx);
+    case SCH_NODE_TYPE_MUX:         return mux_done   (sch, node.idx);
+    case SCH_NODE_TYPE_DEC:         return dec_done   (sch, node.idx);
+    case SCH_NODE_TYPE_ENC:         return enc_done   (sch, node.idx);
+    case SCH_NODE_TYPE_FILTER_IN:   return filter_done(sch, node.idx);
+    default: av_assert0(0);
+    }
+}
+
 static void *task_wrapper(void *arg)
 {
    SchTask  *task = arg;
@ -2495,15 +2449,7 @@ static void *task_wrapper(void *arg)
        av_log(task->func_arg, AV_LOG_ERROR,
               "Task finished with error code: %d (%s)\n", ret, av_err2str(ret));

-    switch (task->node.type) {
-    case SCH_NODE_TYPE_DEMUX:       err = demux_done (sch, task->node.idx); break;
-    case SCH_NODE_TYPE_MUX:         err = mux_done   (sch, task->node.idx); break;
-    case SCH_NODE_TYPE_DEC:         err = dec_done   (sch, task->node.idx); break;
-    case SCH_NODE_TYPE_ENC:         err = enc_done   (sch, task->node.idx); break;
-    case SCH_NODE_TYPE_FILTER_IN:   err = filter_done(sch, task->node.idx); break;
-    default: av_assert0(0);
-    }
-
+    err = task_cleanup(sch, task->node);
    ret = err_merge(ret, err);

    // EOF is considered normal termination
@ -2518,3 +2464,77 @@ static void *task_wrapper(void *arg)

    return (void*)(intptr_t)ret;
 }
+
+static int task_stop(Scheduler *sch, SchTask *task)
+{
+    int ret;
+    void *thread_ret;
+
+    if (!task->thread_running)
+        return task_cleanup(sch, task->node);
+
+    ret = pthread_join(task->thread, &thread_ret);
+    av_assert0(ret == 0);
+
+    task->thread_running = 0;
+
+    return (intptr_t)thread_ret;
+}
+
+int sch_stop(Scheduler *sch, int64_t *finish_ts)
+{
+    int ret = 0, err;
+
+    if (sch->state != SCH_STATE_STARTED)
+        return 0;
+
+    atomic_store(&sch->terminate, 1);
+
+    for (unsigned type = 0; type < 2; type++)
+        for (unsigned i = 0; i < (type ? sch->nb_demux : sch->nb_filters); i++) {
+            SchWaiter *w = type ? &sch->demux[i].waiter : &sch->filters[i].waiter;
+            waiter_set(w, 1);
+        }
+
+    for (unsigned i = 0; i < sch->nb_demux; i++) {
+        SchDemux *d = &sch->demux[i];
+
+        err = task_stop(sch, &d->task);
+        ret = err_merge(ret, err);
+    }
+
+    for (unsigned i = 0; i < sch->nb_dec; i++) {
+        SchDec *dec = &sch->dec[i];
+
+        err = task_stop(sch, &dec->task);
+        ret = err_merge(ret, err);
+    }
+
+    for (unsigned i = 0; i < sch->nb_filters; i++) {
+        SchFilterGraph *fg = &sch->filters[i];
+
+        err = task_stop(sch, &fg->task);
+        ret = err_merge(ret, err);
+    }
+
+    for (unsigned i = 0; i < sch->nb_enc; i++) {
+        SchEnc *enc = &sch->enc[i];
+
+        err = task_stop(sch, &enc->task);
+        ret = err_merge(ret, err);
+    }
+
+    for (unsigned i = 0; i < sch->nb_mux; i++) {
+        SchMux *mux = &sch->mux[i];
+
+        err = task_stop(sch, &mux->task);
+        ret = err_merge(ret, err);
+    }
+
+    if (finish_ts)
+        *finish_ts = trailing_dts(sch, 1);
+
+    sch->state = SCH_STATE_STOPPED;
+
+    return ret;
+}
--- a/fftools/ffplay.c
+++ b/fftools/ffplay.c
@ -2394,12 +2394,13 @@ static int audio_decode_frame(VideoState *is)
        av_channel_layout_compare(&af->frame->ch_layout, &is->audio_src.ch_layout) ||
        af->frame->sample_rate   != is->audio_src.freq           ||
        (wanted_nb_samples       != af->frame->nb_samples && !is->swr_ctx)) {
+        int ret;
        swr_free(&is->swr_ctx);
-        swr_alloc_set_opts2(&is->swr_ctx,
+        ret = swr_alloc_set_opts2(&is->swr_ctx,
                            &is->audio_tgt.ch_layout, is->audio_tgt.fmt, is->audio_tgt.freq,
                            &af->frame->ch_layout, af->frame->format, af->frame->sample_rate,
                            0, NULL);
-        if (!is->swr_ctx || swr_init(is->swr_ctx) < 0) {
+        if (ret < 0 || swr_init(is->swr_ctx) < 0) {
            av_log(NULL, AV_LOG_ERROR,
                   "Cannot create sample rate converter for conversion of %d Hz %s %d channels to %d Hz %s %d channels!\n",
                    af->frame->sample_rate, av_get_sample_fmt_name(af->frame->format), af->frame->ch_layout.nb_channels,
@ -3842,8 +3843,13 @@ int main(int argc, char **argv)
        if (vk_renderer) {
            AVDictionary *dict = NULL;

-            if (vulkan_params)
-                av_dict_parse_string(&dict, vulkan_params, "=", ":", 0);
+            if (vulkan_params) {
+                int ret = av_dict_parse_string(&dict, vulkan_params, "=", ":", 0);
+                if (ret < 0) {
+                    av_log(NULL, AV_LOG_FATAL, "Failed to parse, %s\n", vulkan_params);
+                    do_exit(NULL);
+                }
+            }
            ret = vk_renderer_create(vk_renderer, window, dict);
            av_dict_free(&dict);
            if (ret < 0) {
--- a/fftools/ffplay_renderer.c
+++ b/fftools/ffplay_renderer.c
@ -765,7 +765,7 @@ static void destroy(VkRenderer *renderer)
        vkDestroySurfaceKHR = (PFN_vkDestroySurfaceKHR)
                ctx->get_proc_addr(ctx->inst, "vkDestroySurfaceKHR");
        vkDestroySurfaceKHR(ctx->inst, ctx->vk_surface, NULL);
-        ctx->vk_surface = NULL;
+        ctx->vk_surface = VK_NULL_HANDLE;
    }

    av_buffer_unref(&ctx->hw_device_ref);
--- a/fftools/opt_common.c
+++ b/fftools/opt_common.c
@ -724,10 +724,13 @@ int show_codecs(void *optctx, const char *opt, const char *arg)
    return 0;
 }

-static void print_codecs(int encoder)
+static int print_codecs(int encoder)
 {
    const AVCodecDescriptor **codecs;
-    unsigned i, nb_codecs = get_codecs_sorted(&codecs);
+    int i, nb_codecs = get_codecs_sorted(&codecs);
+
+    if (nb_codecs < 0)
+        return nb_codecs;

    printf("%s:\n"
           " V..... = Video\n"
@ -762,18 +765,17 @@ static void print_codecs(int encoder)
        }
    }
    av_free(codecs);
+    return 0;
 }

 int show_decoders(void *optctx, const char *opt, const char *arg)
 {
-    print_codecs(0);
-    return 0;
+    return print_codecs(0);
 }

 int show_encoders(void *optctx, const char *opt, const char *arg)
 {
-    print_codecs(1);
-    return 0;
+    return print_codecs(1);
 }

 int show_bsfs(void *optctx, const char *opt, const char *arg)
--- a/libavcodec/Makefile
+++ b/libavcodec/Makefile
@ -1068,6 +1068,7 @@ STLIBOBJS-$(CONFIG_ISO_MEDIA)          += mpegaudiotabs.o
 STLIBOBJS-$(CONFIG_FLV_MUXER)          += mpeg4audio_sample_rates.o
 STLIBOBJS-$(CONFIG_HLS_DEMUXER)        += ac3_channel_layout_tab.o
 STLIBOBJS-$(CONFIG_IMAGE_JPEGXL_PIPE_DEMUXER) += jpegxl_parse.o
+STLIBOBJS-$(CONFIG_JNI)                += ffjni.o
 STLIBOBJS-$(CONFIG_JPEGXL_ANIM_DEMUXER)       += jpegxl_parse.o
 STLIBOBJS-$(CONFIG_MATROSKA_DEMUXER)   += mpeg4audio_sample_rates.o
 STLIBOBJS-$(CONFIG_MOV_DEMUXER)        += ac3_channel_layout_tab.o
--- a/libavcodec/aacps_tablegen_template.c
+++ b/libavcodec/aacps_tablegen_template.c
@ -22,6 +22,8 @@

 #include <stdlib.h>
 #define BUILD_TABLES
+#include "config.h"
+#undef CONFIG_HARDCODED_TABLES
 #define CONFIG_HARDCODED_TABLES 0
 #include "aac_defines.h"

--- a/libavcodec/ac3_parser.c
+++ b/libavcodec/ac3_parser.c
@ -204,7 +204,9 @@ int av_ac3_parse_header(const uint8_t *buf, size_t size,
    AC3HeaderInfo hdr;
    int err;

-    init_get_bits8(&gb, buf, size);
+    err = init_get_bits8(&gb, buf, size);
+    if (err < 0)
+        return AVERROR_INVALIDDATA;
    err = ff_ac3_parse_header(&gb, &hdr);
    if (err < 0)
        return AVERROR_INVALIDDATA;
--- a/libavcodec/adts_parser.c
+++ b/libavcodec/adts_parser.c
@ -27,9 +27,14 @@
 int av_adts_header_parse(const uint8_t *buf, uint32_t *samples, uint8_t *frames)
 {
 #if CONFIG_ADTS_HEADER
+    uint8_t tmpbuf[AV_AAC_ADTS_HEADER_SIZE + AV_INPUT_BUFFER_PADDING_SIZE];
    GetBitContext gb;
    AACADTSHeaderInfo hdr;
-    int err = init_get_bits8(&gb, buf, AV_AAC_ADTS_HEADER_SIZE);
+    int err;
+    if (!buf)
+        return AVERROR(EINVAL);
+    memcpy(tmpbuf, buf, AV_AAC_ADTS_HEADER_SIZE);
+    err = init_get_bits8(&gb, tmpbuf, AV_AAC_ADTS_HEADER_SIZE);
    if (err < 0)
        return err;
    err = ff_adts_header_parse(&gb, &hdr);
--- a/libavcodec/alsdec.c
+++ b/libavcodec/alsdec.c
@ -2110,8 +2110,8 @@ static av_cold int decode_init(AVCodecContext *avctx)

    if (sconf->floating) {
        ctx->acf               = av_malloc_array(channels, sizeof(*ctx->acf));
-        ctx->shift_value       = av_malloc_array(channels, sizeof(*ctx->shift_value));
-        ctx->last_shift_value  = av_malloc_array(channels, sizeof(*ctx->last_shift_value));
+        ctx->shift_value       = av_calloc(channels, sizeof(*ctx->shift_value));
+        ctx->last_shift_value  = av_calloc(channels, sizeof(*ctx->last_shift_value));
        ctx->last_acf_mantissa = av_malloc_array(channels, sizeof(*ctx->last_acf_mantissa));
        ctx->raw_mantissa      = av_calloc(channels, sizeof(*ctx->raw_mantissa));

--- a/libavcodec/amrwbdec.c
+++ b/libavcodec/amrwbdec.c
@ -26,6 +26,7 @@

 #include "config.h"

+#include "libavutil/avassert.h"
 #include "libavutil/channel_layout.h"
 #include "libavutil/common.h"
 #include "libavutil/lfg.h"
@ -554,6 +555,8 @@ static void decode_fixed_vector(float *fixed_vector, const uint16_t *pulse_hi,
            decode_6p_track(sig_pos[i], (int) pulse_lo[i] +
                           ((int) pulse_hi[i] << 11), 4, 1);
        break;
+    default:
+        av_assert2(0);
    }

    memset(fixed_vector, 0, sizeof(float) * AMRWB_SFR_SIZE);
--- a/libavcodec/apedec.c
+++ b/libavcodec/apedec.c
@ -1286,7 +1286,7 @@ static void predictor_decode_stereo_3950(APEContext *ctx, int count)
                int32_t left  = a1 - (unsigned)(a0 / 2);
                int32_t right = left + (unsigned)a0;

-                if (FFMAX(FFABS(left), FFABS(right)) > (1<<23)) {
+                if (FFMIN(FFNABS(left), FFNABS(right)) < -(1<<23)) {
                    ctx->interim_mode = !interim_mode;
                    av_log(ctx->avctx, AV_LOG_VERBOSE, "Interim mode: %d\n", ctx->interim_mode);
                    break;
--- a/libavcodec/atrac9dec.c
+++ b/libavcodec/atrac9dec.c
@ -801,7 +801,9 @@ static int atrac9_decode_frame(AVCodecContext *avctx, AVFrame *frame,
    if (ret < 0)
        return ret;

-    init_get_bits8(&gb, avpkt->data, avpkt->size);
+    ret = init_get_bits8(&gb, avpkt->data, avpkt->size);
+    if (ret < 0)
+        return ret;

    for (int i = 0; i < frames; i++) {
        for (int j = 0; j < s->block_config->count; j++) {
@ -921,7 +923,9 @@ static av_cold int atrac9_decode_init(AVCodecContext *avctx)
        return AVERROR_INVALIDDATA;
    }

-    init_get_bits8(&gb, avctx->extradata + 4, avctx->extradata_size);
+    err = init_get_bits8(&gb, avctx->extradata + 4, avctx->extradata_size);
+    if (err < 0)
+        return err;

    if (get_bits(&gb, 8) != 0xFE) {
        av_log(avctx, AV_LOG_ERROR, "Incorrect magic byte!\n");
--- a/libavcodec/av1dec.c
+++ b/libavcodec/av1dec.c
@ -358,6 +358,30 @@ static void coded_lossless_param(AV1DecContext *s)
    }
 }

+static void order_hint_info(AV1DecContext *s)
+{
+    const AV1RawFrameHeader *header = s->raw_frame_header;
+    const AV1RawSequenceHeader *seq = s->raw_seq;
+    AV1Frame *frame = &s->cur_frame;
+
+    frame->order_hint = header->order_hint;
+
+    for (int i = 0; i < AV1_REFS_PER_FRAME; i++) {
+        int ref_name = i + AV1_REF_FRAME_LAST;
+        int ref_slot = header->ref_frame_idx[i];
+        int ref_order_hint = s->ref[ref_slot].order_hint;
+
+        frame->order_hints[ref_name] = ref_order_hint;
+        if (!seq->enable_order_hint) {
+            frame->ref_frame_sign_bias[ref_name] = 0;
+        } else {
+            frame->ref_frame_sign_bias[ref_name] =
+                get_relative_dist(seq, ref_order_hint,
+                                  frame->order_hint) > 0;
+        }
+    }
+}
+
 static void load_grain_params(AV1DecContext *s)
 {
    const AV1RawFrameHeader *header = s->raw_frame_header;
@ -444,7 +468,7 @@ static int get_tiles_info(AVCodecContext *avctx, const AV1RawTileGroup *tile_gro
 static enum AVPixelFormat get_sw_pixel_format(void *logctx,
                                              const AV1RawSequenceHeader *seq)
 {
-    uint8_t bit_depth;
+    int bit_depth;
    enum AVPixelFormat pix_fmt = AV_PIX_FMT_NONE;

    if (seq->seq_profile == 2 && seq->color_config.high_bitdepth)
@ -468,7 +492,7 @@ static enum AVPixelFormat get_sw_pixel_format(void *logctx,
            else if (bit_depth == 12)
                pix_fmt = AV_PIX_FMT_YUV444P12;
            else
-                av_log(logctx, AV_LOG_WARNING, "Unknown AV1 pixel format.\n");
+                av_assert0(0);
        } else if (seq->color_config.subsampling_x == 1 &&
                   seq->color_config.subsampling_y == 0) {
            if (bit_depth == 8)
@ -478,7 +502,7 @@ static enum AVPixelFormat get_sw_pixel_format(void *logctx,
            else if (bit_depth == 12)
                pix_fmt = AV_PIX_FMT_YUV422P12;
            else
-                av_log(logctx, AV_LOG_WARNING, "Unknown AV1 pixel format.\n");
+                av_assert0(0);
        } else if (seq->color_config.subsampling_x == 1 &&
                   seq->color_config.subsampling_y == 1) {
            if (bit_depth == 8)
@ -488,7 +512,7 @@ static enum AVPixelFormat get_sw_pixel_format(void *logctx,
            else if (bit_depth == 12)
                pix_fmt = AV_PIX_FMT_YUV420P12;
            else
-                av_log(logctx, AV_LOG_WARNING, "Unknown AV1 pixel format.\n");
+                av_assert0(0);
        }
    } else {
        if (bit_depth == 8)
@ -498,7 +522,7 @@ static enum AVPixelFormat get_sw_pixel_format(void *logctx,
        else if (bit_depth == 12)
            pix_fmt = AV_PIX_FMT_GRAY12;
        else
-            av_log(logctx, AV_LOG_WARNING, "Unknown AV1 pixel format.\n");
+            av_assert0(0);
    }

    return pix_fmt;
@ -700,6 +724,14 @@ static int av1_frame_ref(AVCodecContext *avctx, AV1Frame *dst, const AV1Frame *s
           sizeof(dst->film_grain));
    dst->coded_lossless = src->coded_lossless;

+    dst->order_hint = src->order_hint;
+    memcpy(dst->ref_frame_sign_bias, src->ref_frame_sign_bias,
+           sizeof(dst->ref_frame_sign_bias));
+    memcpy(dst->order_hints, src->order_hints,
+           sizeof(dst->order_hints));
+
+    dst->force_integer_mv = src->force_integer_mv;
+
    return 0;

 fail:
@ -1255,8 +1287,14 @@ static int get_current_frame(AVCodecContext *avctx)
    global_motion_params(s);
    skip_mode_params(s);
    coded_lossless_param(s);
+    order_hint_info(s);
    load_grain_params(s);

+    s->cur_frame.force_integer_mv =
+        s->raw_frame_header->force_integer_mv ||
+        s->raw_frame_header->frame_type == AV1_FRAME_KEY ||
+        s->raw_frame_header->frame_type == AV1_FRAME_INTRA_ONLY;
+
    return ret;
 }

--- a/libavcodec/av1dec.h
+++ b/libavcodec/av1dec.h
@ -53,6 +53,20 @@ typedef struct AV1Frame {
    AV1RawFilmGrainParams film_grain;

    uint8_t coded_lossless;
+
+    // OrderHint for this frame.
+    uint8_t order_hint;
+    // RefFrameSignBias[] used when decoding this frame.
+    uint8_t ref_frame_sign_bias[AV1_TOTAL_REFS_PER_FRAME];
+    // OrderHints[] when this is the current frame, otherwise
+    // SavedOrderHints[s][] when is the reference frame in slot s.
+    uint8_t order_hints[AV1_TOTAL_REFS_PER_FRAME];
+
+    // force_integer_mv value at the end of the frame header parsing.
+    // This is not the same as the syntax element value in
+    // raw_frame_header because the specification parsing tables
+    // override the value on intra frames.
+    uint8_t force_integer_mv;
 } AV1Frame;

 typedef struct TileGroupInfo {
--- a/libavcodec/avs2_parser.c
+++ b/libavcodec/avs2_parser.c
@ -72,13 +72,15 @@ static void parse_avs2_seq_header(AVCodecParserContext *s, const uint8_t *buf,
    unsigned aspect_ratio;
    unsigned frame_rate_code;
    int low_delay;
+    av_unused int ret;
    // update buf_size_min if parse more deeper
    const int buf_size_min = 15;

    if (buf_size < buf_size_min)
        return;

-    init_get_bits8(&gb, buf, buf_size_min);
+    ret = init_get_bits8(&gb, buf, buf_size_min);
+    av_assert1(ret >= 0);

    s->key_frame = 1;
    s->pict_type = AV_PICTURE_TYPE_I;
--- a/libavcodec/avs3_parser.c
+++ b/libavcodec/avs3_parser.c
@ -73,7 +73,8 @@ static void parse_avs3_nal_units(AVCodecParserContext *s, const uint8_t *buf,
            GetBitContext gb;
            int profile, ratecode, low_delay;

-            init_get_bits8(&gb, buf + 4, buf_size - 4);
+            av_unused int ret = init_get_bits(&gb, buf + 4, 100);
+            av_assert1(ret >= 0);

            s->key_frame = 1;
            s->pict_type = AV_PICTURE_TYPE_I;
--- a/libavcodec/bitstream_template.h
+++ b/libavcodec/bitstream_template.h
@ -536,7 +536,8 @@ static inline int BS_FUNC(read_vlc)(BSCTX *bc, const VLCElem *table,
 static inline int BS_FUNC(read_vlc_multi)(BSCTX *bc, uint8_t dst[8],
                                          const VLC_MULTI_ELEM *const Jtable,
                                          const VLCElem *const table,
-                                          const int bits, const int max_depth)
+                                          const int bits, const int max_depth,
+                                          const int symbols_size)
 {
    unsigned idx = BS_FUNC(peek)(bc, bits);
    int ret, nb_bits, code, n = Jtable[idx].len;
@ -554,7 +555,10 @@ static inline int BS_FUNC(read_vlc_multi)(BSCTX *bc, uint8_t dst[8],
                code = BS_FUNC(priv_set_idx)(bc, code, &n, &nb_bits, table);
            }
        }
-        AV_WN16(dst, code);
+        if (symbols_size == 1)
+            *dst = code;
+        else
+            AV_WN16(dst, code);
        ret = n > 0;
    }
    BS_FUNC(priv_skip_remaining)(bc, n);
--- a/libavcodec/bsf/h264_mp4toannexb.c
+++ b/libavcodec/bsf/h264_mp4toannexb.c
@ -208,6 +208,49 @@ static int h264_mp4toannexb_save_ps(uint8_t **dst, int *dst_size,
    return 0;
 }

+static int h264_mp4toannexb_filter_ps(H264BSFContext *s,
+                                      const uint8_t *buf,
+                                      const uint8_t *buf_end)
+{
+    int sps_count = 0;
+    int pps_count = 0;
+    uint8_t unit_type;
+
+    do {
+        uint32_t nal_size = 0;
+
+        /* possible overread ok due to padding */
+        for (int i = 0; i < s->length_size; i++)
+            nal_size = (nal_size << 8) | buf[i];
+
+        buf += s->length_size;
+
+        /* This check requires the cast as the right side might
+         * otherwise be promoted to an unsigned value. */
+        if ((int64_t)nal_size > buf_end - buf)
+            return AVERROR_INVALIDDATA;
+
+        if (!nal_size)
+            continue;
+
+        unit_type = *buf & 0x1f;
+
+        if (unit_type == H264_NAL_SPS) {
+            h264_mp4toannexb_save_ps(&s->sps, &s->sps_size, &s->sps_buf_size, buf,
+                                   nal_size, !sps_count);
+            sps_count++;
+        } else if (unit_type == H264_NAL_PPS) {
+            h264_mp4toannexb_save_ps(&s->pps, &s->pps_size, &s->pps_buf_size, buf,
+                                   nal_size, !pps_count);
+            pps_count++;
+        }
+
+        buf += nal_size;
+    } while (buf < buf_end);
+
+    return 0;
+}
+
 static int h264_mp4toannexb_init(AVBSFContext *ctx)
 {
    int extra_size = ctx->par_in->extradata_size;
@ -263,14 +306,14 @@ static int h264_mp4toannexb_filter(AVBSFContext *ctx, AVPacket *opkt)
    }

    buf_end  = in->data + in->size;
+    ret = h264_mp4toannexb_filter_ps(s, in->data, buf_end);
+    if (ret < 0)
+        goto fail;

 #define LOG_ONCE(...) \
    if (j) \
        av_log(__VA_ARGS__)
    for (int j = 0; j < 2; j++) {
-        int sps_count = 0;
-        int pps_count = 0;
-
        buf      = in->data;
        new_idr  = s->new_idr;
        sps_seen = s->idr_sps_seen;
@ -301,18 +344,8 @@ static int h264_mp4toannexb_filter(AVBSFContext *ctx, AVPacket *opkt)

            if (unit_type == H264_NAL_SPS) {
                sps_seen = new_idr = 1;
-                if (!j) {
-                    h264_mp4toannexb_save_ps(&s->sps, &s->sps_size, &s->sps_buf_size,
-                                             buf, nal_size, !sps_count);
-                    sps_count++;
-                }
            } else if (unit_type == H264_NAL_PPS) {
                pps_seen = new_idr = 1;
-                if (!j) {
-                    h264_mp4toannexb_save_ps(&s->pps, &s->pps_size, &s->pps_buf_size,
-                                             buf, nal_size, !pps_count);
-                    pps_count++;
-                }
                /* if SPS has not been seen yet, prepend the AVCC one to PPS */
                if (!sps_seen) {
                    if (!s->sps_size) {
--- a/libavcodec/cbs_av1.c
+++ b/libavcodec/cbs_av1.c
@ -36,7 +36,7 @@ static int cbs_av1_read_uvlc(CodedBitstreamContext *ctx, GetBitContext *gbc,
    CBS_TRACE_READ_START();

    zeroes = 0;
-    while (1) {
+    while (zeroes < 32) {
        if (get_bits_left(gbc) < 1) {
            av_log(ctx->log_ctx, AV_LOG_ERROR, "Invalid uvlc code at "
                   "%s: bitstream ended.\n", name);
@ -49,10 +49,18 @@ static int cbs_av1_read_uvlc(CodedBitstreamContext *ctx, GetBitContext *gbc,
    }

    if (zeroes >= 32) {
-        // Note that the spec allows an arbitrarily large number of
-        // zero bits followed by a one bit in this case, but the
-        // libaom implementation does not support it.
-        value = MAX_UINT_BITS(32);
+        // The spec allows at least thirty-two zero bits followed by a
+        // one to mean 2^32-1, with no constraint on the number of
+        // zeroes.  The libaom reference decoder does not match this,
+        // instead reading thirty-two zeroes but not the following one
+        // to mean 2^32-1.  These two interpretations are incompatible
+        // and other implementations may follow one or the other.
+        // Therefore we reject thirty-two zeroes because the intended
+        // behaviour is not clear.
+        av_log(ctx->log_ctx, AV_LOG_ERROR, "Thirty-two zero bits in "
+               "%s uvlc code: considered invalid due to conflicting "
+               "standard and reference decoder behaviour.\n", name);
+        return AVERROR_INVALIDDATA;
    } else {
        if (get_bits_left(gbc) < zeroes) {
            av_log(ctx->log_ctx, AV_LOG_ERROR, "Invalid uvlc code at "
@ -301,7 +309,7 @@ static int cbs_av1_write_increment(CodedBitstreamContext *ctx, PutBitContext *pb
        return AVERROR(ENOSPC);

    if (len > 0)
-        put_bits(pbc, len, (1 << len) - 1 - (value != range_max));
+        put_bits(pbc, len, (1U << len) - 1 - (value != range_max));

    CBS_TRACE_WRITE_END_NO_SUBSCRIPTS();

--- a/libavcodec/cbs_h2645.c
+++ b/libavcodec/cbs_h2645.c
@ -708,7 +708,11 @@ static int cbs_h2645_split_fragment(CodedBitstreamContext *ctx,

            start = bytestream2_tell(&gbc);
            for(i = 0; i < num_nalus; i++) {
+                if (bytestream2_get_bytes_left(&gbc) < 2)
+                    return AVERROR_INVALIDDATA;
                size = bytestream2_get_be16(&gbc);
+                if (bytestream2_get_bytes_left(&gbc) < size)
+                    return AVERROR_INVALIDDATA;
                bytestream2_skip(&gbc, size);
            }
            end = bytestream2_tell(&gbc);
--- a/libavcodec/cbs_h266_syntax_template.c
+++ b/libavcodec/cbs_h266_syntax_template.c
@ -790,6 +790,21 @@ static int FUNC(vps) (CodedBitstreamContext *ctx, RWContext *rw,
        infer(vps_each_layer_is_an_ols_flag, 1);
        infer(vps_num_ptls_minus1, 0);
    }
+
+    for (i = 0; i <= current->vps_num_ptls_minus1; i++) {
+        if (i > 0)
+            flags(vps_pt_present_flag[i], 1, i);
+        else
+            infer(vps_pt_present_flag[i], 1);
+
+        if (!current->vps_default_ptl_dpb_hrd_max_tid_flag)
+            us(3, vps_ptl_max_tid[i], 0, current->vps_max_sublayers_minus1, 1, i);
+        else
+            infer(vps_ptl_max_tid[i], current->vps_max_sublayers_minus1);
+    }
+    while (byte_alignment(rw) != 0)
+        fixed(1, vps_ptl_alignment_zero_bit, 0);
+
    {
        //calc NumMultiLayerOlss
        int m;
@ -915,19 +930,6 @@ static int FUNC(vps) (CodedBitstreamContext *ctx, RWContext *rw,
            return AVERROR_INVALIDDATA;
    }

-    for (i = 0; i <= current->vps_num_ptls_minus1; i++) {
-        if (i > 0)
-            flags(vps_pt_present_flag[i], 1, i);
-        else
-            infer(vps_pt_present_flag[i], 1);
-
-        if (!current->vps_default_ptl_dpb_hrd_max_tid_flag)
-            us(3, vps_ptl_max_tid[i], 0, current->vps_max_sublayers_minus1, 1, i);
-        else
-            infer(vps_ptl_max_tid[i], current->vps_max_sublayers_minus1);
-    }
-    while (byte_alignment(rw) != 0)
-        fixed(1, vps_ptl_alignment_zero_bit, 0);
    for (i = 0; i <= current->vps_num_ptls_minus1; i++) {
        CHECK(FUNC(profile_tier_level) (ctx, rw,
                                        current->vps_profile_tier_level + i,
@ -3221,19 +3223,27 @@ static int FUNC(slice_header) (CodedBitstreamContext *ctx, RWContext *rw,
            flag(sh_cabac_init_flag);
        else
            infer(sh_cabac_init_flag, 0);
-        if (ph->ph_temporal_mvp_enabled_flag && !pps->pps_rpl_info_in_ph_flag) {
-            if (current->sh_slice_type == VVC_SLICE_TYPE_B)
-                flag(sh_collocated_from_l0_flag);
-            else
-                infer(sh_collocated_from_l0_flag, 1);
-            if ((current->sh_collocated_from_l0_flag &&
-                 current->num_ref_idx_active[0] > 1) ||
-                (!current->sh_collocated_from_l0_flag &&
-                 current->num_ref_idx_active[1] > 1)) {
-                unsigned int idx = current->sh_collocated_from_l0_flag ? 0 : 1;
-                ue(sh_collocated_ref_idx, 0, current->num_ref_idx_active[idx] - 1);
+        if (ph->ph_temporal_mvp_enabled_flag) {
+            if (!pps->pps_rpl_info_in_ph_flag) {
+                if (current->sh_slice_type == VVC_SLICE_TYPE_B)
+                    flag(sh_collocated_from_l0_flag);
+                else
+                    infer(sh_collocated_from_l0_flag, 1);
+                if ((current->sh_collocated_from_l0_flag &&
+                    current->num_ref_idx_active[0] > 1) ||
+                    (!current->sh_collocated_from_l0_flag &&
+                    current->num_ref_idx_active[1] > 1)) {
+                    unsigned int idx = current->sh_collocated_from_l0_flag ? 0 : 1;
+                    ue(sh_collocated_ref_idx, 0, current->num_ref_idx_active[idx] - 1);
+                } else {
+                    infer(sh_collocated_ref_idx, 0);
+                }
            } else {
-                infer(sh_collocated_ref_idx, 0);
+                if (current->sh_slice_type == VVC_SLICE_TYPE_B)
+                    infer(sh_collocated_from_l0_flag, ph->ph_collocated_from_l0_flag);
+                else
+                    infer(sh_collocated_from_l0_flag, 1);
+                infer(sh_collocated_ref_idx, ph->ph_collocated_ref_idx);
            }
        }
        if (!pps->pps_wp_info_in_ph_flag &&
--- a/libavcodec/cbs_jpeg.c
+++ b/libavcodec/cbs_jpeg.c
@ -145,13 +145,13 @@ static int cbs_jpeg_split_fragment(CodedBitstreamContext *ctx,
            }
        } else {
            i = start;
-            if (i + 2 > frag->data_size) {
+            if (i > frag->data_size - 2) {
                av_log(ctx->log_ctx, AV_LOG_ERROR, "Invalid JPEG image: "
                       "truncated at %02x marker.\n", marker);
                return AVERROR_INVALIDDATA;
            }
            length = AV_RB16(frag->data + i);
-            if (i + length > frag->data_size) {
+            if (length > frag->data_size - i) {
                av_log(ctx->log_ctx, AV_LOG_ERROR, "Invalid JPEG image: "
                       "truncated at %02x marker segment.\n", marker);
                return AVERROR_INVALIDDATA;
--- a/libavcodec/cfhdenc.c
+++ b/libavcodec/cfhdenc.c
@ -258,8 +258,8 @@ static av_cold int cfhd_encode_init(AVCodecContext *avctx)
    if (ret < 0)
        return ret;

-    if (avctx->height < 4) {
-        av_log(avctx, AV_LOG_ERROR, "Height must be >= 4.\n");
+    if (avctx->height < 32) {
+        av_log(avctx, AV_LOG_ERROR, "Height must be >= 32.\n");
        return AVERROR_INVALIDDATA;
    }

@ -553,7 +553,7 @@ static int cfhd_encode_frame(AVCodecContext *avctx, AVPacket *pkt,
                         width, height * 2);
    }

-    ret = ff_alloc_packet(avctx, pkt, 256LL + s->planes * (2LL * avctx->width * (avctx->height + 15) + 2048LL));
+    ret = ff_alloc_packet(avctx, pkt, 256LL + s->planes * (4LL * avctx->width * (avctx->height + 15) + 2048LL));
    if (ret < 0)
        return ret;

@ -761,7 +761,6 @@ static int cfhd_encode_frame(AVCodecContext *avctx, AVPacket *pkt,
                        } else if (count > 0) {
                            count = put_runcode(pb, count, rb);
                        }
-
                        put_bits(pb, cb[index].size, cb[index].bits);
                    }

--- a/libavcodec/codec_par.c
+++ b/libavcodec/codec_par.c
@ -250,6 +250,7 @@ int avcodec_parameters_to_context(AVCodecContext *codec,
    }

    av_freep(&codec->extradata);
+    codec->extradata_size = 0;
    if (par->extradata) {
        codec->extradata = av_mallocz(par->extradata_size + AV_INPUT_BUFFER_PADDING_SIZE);
        if (!codec->extradata)
--- a/libavcodec/cri.c
+++ b/libavcodec/cri.c
@ -234,10 +234,14 @@ static int cri_decode_frame(AVCodecContext *avctx, AVFrame *p,
            s->data_size = length;
            goto skip;
        case 105:
+            if (length <= 0)
+                return AVERROR_INVALIDDATA;
            hflip = bytestream2_get_byte(gb) != 0;
            length--;
            goto skip;
        case 106:
+            if (length <= 0)
+                return AVERROR_INVALIDDATA;
            vflip = bytestream2_get_byte(gb) != 0;
            length--;
            goto skip;
--- a/libavcodec/decode.c
+++ b/libavcodec/decode.c
@ -428,7 +428,8 @@ FF_ENABLE_DEPRECATION_WARNINGS
    } else if (avctx->codec->type == AVMEDIA_TYPE_AUDIO) {
        ret =  !got_frame ? AVERROR(EAGAIN)
                          : discard_samples(avctx, frame, discarded_samples);
-    }
+    } else
+        av_assert0(0);

    if (ret == AVERROR(EAGAIN))
        av_frame_unref(frame);
--- a/libavcodec/dxv.c
+++ b/libavcodec/dxv.c
@ -240,7 +240,7 @@ static int get_opcodes(GetByteContext *gb, uint32_t *table, uint8_t *dst, int op

    size_in_bits = bytestream2_get_le32(gb);
    endoffset = ((size_in_bits + 7) >> 3) - 4;
-    if (endoffset <= 0 || bytestream2_get_bytes_left(gb) < endoffset)
+    if ((int)endoffset <= 0 || bytestream2_get_bytes_left(gb) < endoffset)
        return AVERROR_INVALIDDATA;

    offset = endoffset;
--- a/libavcodec/exr.c
+++ b/libavcodec/exr.c
@ -334,7 +334,10 @@ static int huf_unpack_enc_table(GetByteContext *gb,
        return ret;

    for (; im <= iM; im++) {
-        uint64_t l = freq[im] = get_bits(&gbit, 6);
+        int l;
+        if (get_bits_left(&gbit) < 6)
+            return AVERROR_INVALIDDATA;
+        l = freq[im] = get_bits(&gbit, 6);

        if (l == LONG_ZEROCODE_RUN) {
            int zerun = get_bits(&gbit, 8) + SHORTEST_LONG_RUN;
@ -1939,7 +1942,7 @@ static int decode_header(EXRContext *s, AVFrame *frame)
                                                     "preview", 16)) >= 0) {
            uint32_t pw = bytestream2_get_le32(gb);
            uint32_t ph = bytestream2_get_le32(gb);
-            uint64_t psize = pw * ph;
+            uint64_t psize = pw * (uint64_t)ph;
            if (psize > INT64_MAX / 4) {
                ret = AVERROR_INVALIDDATA;
                goto fail;
--- a/libavcodec/flac_parser.c
+++ b/libavcodec/flac_parser.c
@ -519,6 +519,8 @@ static int check_header_mismatch(FLACParseContext  *fpc,
        for (i = 0; i < FLAC_MAX_SEQUENTIAL_HEADERS && curr != child; i++)
            curr = curr->next;

+        av_assert0(i < FLAC_MAX_SEQUENTIAL_HEADERS);
+
        if (header->link_penalty[i] < FLAC_HEADER_CRC_FAIL_PENALTY ||
            header->link_penalty[i] == FLAC_HEADER_NOT_PENALIZED_YET) {
            FLACHeaderMarker *start, *end;
--- a/libavcodec/fmvc.c
+++ b/libavcodec/fmvc.c
@ -100,7 +100,6 @@ static int decode_type2(GetByteContext *gb, PutByteContext *pb)
                            continue;
                        }
                    }
-                    repeat = 0;
                }
                repeat = 1;
            }
--- a/libavcodec/get_bits.h
+++ b/libavcodec/get_bits.h
@ -667,7 +667,8 @@ static av_always_inline int get_vlc2(GetBitContext *s, const VLCElem *table,
 static inline int get_vlc_multi(GetBitContext *s, uint8_t *dst,
                                const VLC_MULTI_ELEM *const Jtable,
                                const VLCElem *const table,
-                                const int bits, const int max_depth)
+                                const int bits, const int max_depth,
+                                const int symbols_size)
 {
    dst[0] = get_vlc2(s, table, bits, max_depth);
    return 1;
--- a/libavcodec/golomb.h
+++ b/libavcodec/golomb.h
@ -402,6 +402,7 @@ static inline int get_ur_golomb(GetBitContext *gb, int k, int limit,
    log = av_log2(buf);

    if (log > 31 - limit) {
+        av_assert2(log >= k);
        buf >>= log - k;
        buf  += (30U - log) << k;
        LAST_SKIP_BITS(re, gb, 32 + k - log);
@ -424,6 +425,8 @@ static inline int get_ur_golomb(GetBitContext *gb, int k, int limit,

 /**
 * read unsigned golomb rice code (jpegls).
+ *
+ * @returns -1 on error
 */
 static inline int get_ur_golomb_jpegls(GetBitContext *gb, int k, int limit,
                                       int esc_len)
@ -535,6 +538,8 @@ static inline int get_sr_golomb(GetBitContext *gb, int k, int limit,

 /**
 * read signed golomb rice code (flac).
+ *
+ * @returns INT_MIN on error
 */
 static inline int get_sr_golomb_flac(GetBitContext *gb, int k, int limit,
                                     int esc_len)
--- a/libavcodec/h2645_sei.c
+++ b/libavcodec/h2645_sei.c
@ -621,8 +621,7 @@ int ff_h2645_sei_to_frame(AVFrame *frame, H2645SEI *sei,
        if (!sd)
            av_buffer_unref(&a53->buf_ref);
        a53->buf_ref = NULL;
-        if (avctx)
-            avctx->properties |= FF_CODEC_PROPERTY_CLOSED_CAPTIONS;
+        avctx->properties |= FF_CODEC_PROPERTY_CLOSED_CAPTIONS;
    }

    for (unsigned i = 0; i < sei->unregistered.nb_buf_ref; i++) {
@ -718,8 +717,7 @@ FF_ENABLE_DEPRECATION_WARNINGS
        else
            fgc->present = fgc->persistence_flag;

-        if (avctx)
-            avctx->properties |= FF_CODEC_PROPERTY_FILM_GRAIN;
+        avctx->properties |= FF_CODEC_PROPERTY_FILM_GRAIN;
    }

 #if CONFIG_HEVC_SEI
--- a/libavcodec/h264_slice.c
+++ b/libavcodec/h264_slice.c
@ -1396,7 +1396,7 @@ static int h264_field_start(H264Context *h, const H264SliceContext *sl,

    sps = h->ps.sps;

-    if (sps && sps->bitstream_restriction_flag &&
+    if (sps->bitstream_restriction_flag &&
        h->avctx->has_b_frames < sps->num_reorder_frames) {
        h->avctx->has_b_frames = sps->num_reorder_frames;
    }
--- a/libavcodec/hdrenc.c
+++ b/libavcodec/hdrenc.c
@ -124,7 +124,7 @@ static int hdr_encode_frame(AVCodecContext *avctx, AVPacket *pkt,
    uint8_t *buf;
    int ret;

-    packet_size = avctx->width * avctx->height * 4LL + 1024LL;
+    packet_size = avctx->height * 4LL + avctx->width * avctx->height * 8LL + 1024LL;
    if ((ret = ff_get_encode_buffer(avctx, pkt, packet_size, 0)) < 0)
        return ret;

--- a/libavcodec/hevc_ps.c
+++ b/libavcodec/hevc_ps.c
@ -449,6 +449,15 @@ static void uninit_vps(FFRefStructOpaque opaque, void *obj)
    av_freep(&vps->hdr);
 }

+static int compare_vps(const HEVCVPS *vps1, const HEVCVPS *vps2)
+{
+    if (!memcmp(vps1, vps2, offsetof(HEVCVPS, hdr)))
+        return !vps1->vps_num_hrd_parameters ||
+               !memcmp(vps1->hdr, vps2->hdr, vps1->vps_num_hrd_parameters * sizeof(*vps1->hdr));
+
+    return 0;
+}
+
 int ff_hevc_decode_nal_vps(GetBitContext *gb, AVCodecContext *avctx,
                           HEVCParamSets *ps)
 {
@ -545,9 +554,11 @@ int ff_hevc_decode_nal_vps(GetBitContext *gb, AVCodecContext *avctx,
            goto err;
        }

-        vps->hdr = av_calloc(vps->vps_num_hrd_parameters, sizeof(*vps->hdr));
-        if (!vps->hdr)
-            goto err;
+        if (vps->vps_num_hrd_parameters) {
+            vps->hdr = av_calloc(vps->vps_num_hrd_parameters, sizeof(*vps->hdr));
+            if (!vps->hdr)
+                goto err;
+        }

        for (i = 0; i < vps->vps_num_hrd_parameters; i++) {
            int common_inf_present = 1;
@ -569,7 +580,7 @@ int ff_hevc_decode_nal_vps(GetBitContext *gb, AVCodecContext *avctx,
    }

    if (ps->vps_list[vps_id] &&
-        !memcmp(ps->vps_list[vps_id], vps, sizeof(*vps))) {
+        compare_vps(ps->vps_list[vps_id], vps)) {
        ff_refstruct_unref(&vps);
    } else {
        remove_vps(ps, vps_id);
--- a/libavcodec/hevc_ps.h
+++ b/libavcodec/hevc_ps.h
@ -153,7 +153,6 @@ typedef struct PTL {

 typedef struct HEVCVPS {
    unsigned int vps_id;
-    HEVCHdrParams *hdr;

    uint8_t vps_temporal_id_nesting_flag;
    int vps_max_layers;
@ -175,6 +174,9 @@ typedef struct HEVCVPS {

    uint8_t data[4096];
    int data_size;
+    /* Put this at the end of the structure to make it easier to calculate the
+     * size before this pointer, which is used for memcmp */
+    HEVCHdrParams *hdr;
 } HEVCVPS;

 typedef struct ScalingList {
--- a/libavcodec/hevcdec.c
+++ b/libavcodec/hevcdec.c
@ -658,6 +658,10 @@ static int hls_slice_header(HEVCContext *s)

        if (s->ps.pps->dependent_slice_segments_enabled_flag)
            sh->dependent_slice_segment_flag = get_bits1(gb);
+        if (sh->dependent_slice_segment_flag && !s->slice_initialized) {
+            av_log(s->avctx, AV_LOG_ERROR, "Independent slice segment missing.\n");
+            return AVERROR_INVALIDDATA;
+        }

        slice_address_length = av_ceil_log2(s->ps.sps->ctb_width *
                                            s->ps.sps->ctb_height);
@ -946,9 +950,6 @@ static int hls_slice_header(HEVCContext *s)
        } else {
            sh->slice_loop_filter_across_slices_enabled_flag = s->ps.pps->seq_loop_filter_across_slices_enabled_flag;
        }
-    } else if (!s->slice_initialized) {
-        av_log(s->avctx, AV_LOG_ERROR, "Independent slice segment missing.\n");
-        return AVERROR_INVALIDDATA;
    }

    sh->num_entry_point_offsets = 0;
@ -1968,13 +1969,13 @@ static void hls_prediction_unit(HEVCLocalContext *lc, int x0, int y0,

    if (current_mv.pred_flag & PF_L0) {
        ref0 = refPicList[0].ref[current_mv.ref_idx[0]];
-        if (!ref0 || !ref0->frame->data[0])
+        if (!ref0 || !ref0->frame)
            return;
        hevc_await_progress(s, ref0, &current_mv.mv[0], y0, nPbH);
    }
    if (current_mv.pred_flag & PF_L1) {
        ref1 = refPicList[1].ref[current_mv.ref_idx[1]];
-        if (!ref1 || !ref1->frame->data[0])
+        if (!ref1 || !ref1->frame)
            return;
        hevc_await_progress(s, ref1, &current_mv.mv[1], y0, nPbH);
    }
@ -2892,10 +2893,15 @@ static int hevc_frame_start(HEVCContext *s)
        !(s->avctx->export_side_data & AV_CODEC_EXPORT_DATA_FILM_GRAIN) &&
        !s->avctx->hwaccel;

+    ret = set_side_data(s);
+    if (ret < 0)
+        goto fail;
+
    if (s->ref->needs_fg &&
-        s->sei.common.film_grain_characteristics.present &&
-        !ff_h274_film_grain_params_supported(s->sei.common.film_grain_characteristics.model_id,
-                                             s->ref->frame->format)) {
+        (s->sei.common.film_grain_characteristics.present &&
+         !ff_h274_film_grain_params_supported(s->sei.common.film_grain_characteristics.model_id,
+                                              s->ref->frame->format)
+         || !av_film_grain_params_select(s->ref->frame))) {
        av_log_once(s->avctx, AV_LOG_WARNING, AV_LOG_DEBUG, &s->film_grain_warning_shown,
                    "Unsupported film grain parameters. Ignoring film grain.\n");
        s->ref->needs_fg = 0;
@ -2909,10 +2915,6 @@ static int hevc_frame_start(HEVCContext *s)
            goto fail;
    }

-    ret = set_side_data(s);
-    if (ret < 0)
-        goto fail;
-
    s->frame->pict_type = 3 - s->sh.slice_type;

    if (!IS_IRAP(s))
@ -3036,8 +3038,11 @@ static int decode_nal_unit(HEVCContext *s, const H2645NAL *nal)
    case HEVC_NAL_RASL_N:
    case HEVC_NAL_RASL_R:
        ret = hls_slice_header(s);
-        if (ret < 0)
+        if (ret < 0) {
+            // hls_slice_header() does not cleanup on failure thus the state now is inconsistant so we cannot use it on depandant slices
+            s->slice_initialized = 0;
            return ret;
+        }
        if (ret == 1) {
            ret = AVERROR_INVALIDDATA;
            goto fail;
--- a/libavcodec/iff.c
+++ b/libavcodec/iff.c
@ -522,7 +522,7 @@ static int decode_byterun2(uint8_t *dst, int height, int line_size,
                           GetByteContext *gb)
 {
    GetByteContext cmds;
-    unsigned count;
+    int count;
    int i, y_pos = 0, x_pos = 0;

    if (bytestream2_get_be32(gb) != MKBETAG('V', 'D', 'A', 'T'))
@ -530,7 +530,7 @@ static int decode_byterun2(uint8_t *dst, int height, int line_size,

    bytestream2_skip(gb, 4);
    count = bytestream2_get_be16(gb) - 2;
-    if (bytestream2_get_bytes_left(gb) < count)
+    if (count < 0 || bytestream2_get_bytes_left(gb) < count)
        return 0;

    bytestream2_init(&cmds, gb->buffer, count);
--- a/libavcodec/ilbcdec.c
+++ b/libavcodec/ilbcdec.c
@ -1095,12 +1095,6 @@ static void do_plc(int16_t *plc_residual,      /* (o) concealed residual */

        if (s->consPLICount * s->block_samples > 320) {
            use_gain = 29491;   /* 0.9 in Q15 */
-        } else if (s->consPLICount * s->block_samples > 640) {
-            use_gain = 22938;   /* 0.7 in Q15 */
-        } else if (s->consPLICount * s->block_samples > 960) {
-            use_gain = 16384;   /* 0.5 in Q15 */
-        } else if (s->consPLICount * s->block_samples > 1280) {
-            use_gain = 0;       /* 0.0 in Q15 */
        }

        /* Compute mixing factor of picth repeatition and noise:
--- a/libavcodec/imm4.c
+++ b/libavcodec/imm4.c
@ -219,12 +219,15 @@ static int decode_intra(AVCodecContext *avctx, GetBitContext *gb, AVFrame *frame

    for (y = 0; y < avctx->height; y += 16) {
        for (x = 0; x < avctx->width; x += 16) {
-            unsigned flag, cbphi, cbplo;
+            unsigned flag, cbplo;
+            int cbphi;

            cbplo = get_vlc2(gb, cbplo_tab, CBPLO_VLC_BITS, 1);
            flag = get_bits1(gb);

            cbphi = get_cbphi(gb, 1);
+            if (cbphi < 0)
+                return cbphi;

            ret = decode_blocks(avctx, gb, cbplo | (cbphi << 2), 0, offset, flag);
            if (ret < 0)
@ -272,7 +275,8 @@ static int decode_inter(AVCodecContext *avctx, GetBitContext *gb,
    for (y = 0; y < avctx->height; y += 16) {
        for (x = 0; x < avctx->width; x += 16) {
            int reverse, intra_block, value;
-            unsigned cbphi, cbplo, flag2 = 0;
+            unsigned cbplo, flag2 = 0;
+            int cbphi;

            if (get_bits1(gb)) {
                copy_block16(frame->data[0] + y * frame->linesize[0] + x,
@ -298,6 +302,9 @@ static int decode_inter(AVCodecContext *avctx, GetBitContext *gb,

            cbplo = value >> 4;
            cbphi = get_cbphi(gb, reverse);
+            if (cbphi < 0)
+                return cbphi;
+
            if (intra_block) {
                ret = decode_blocks(avctx, gb, cbplo | (cbphi << 2), 0, offset, flag2);
                if (ret < 0)
--- a/libavcodec/j2kenc.c
+++ b/libavcodec/j2kenc.c
@ -1348,7 +1348,7 @@ static void makelayers(Jpeg2000EncoderContext *s, Jpeg2000Tile *tile)
    }
 }

-static int getcut(Jpeg2000Cblk *cblk, uint64_t lambda, int dwt_norm)
+static int getcut(Jpeg2000Cblk *cblk, uint64_t lambda)
 {
    int passno, res = 0;
    for (passno = 0; passno < cblk->npasses; passno++){
@ -1360,7 +1360,7 @@ static int getcut(Jpeg2000Cblk *cblk, uint64_t lambda, int dwt_norm)
        dd = cblk->passes[passno].disto
           - (res ? cblk->passes[res-1].disto : 0);

-        if (((dd * dwt_norm) >> WMSEDEC_SHIFT) * dwt_norm >= dr * lambda)
+        if (dd  >= dr * lambda)
            res = passno+1;
    }
    return res;
@ -1383,11 +1383,12 @@ static void truncpasses(Jpeg2000EncoderContext *s, Jpeg2000Tile *tile)
                    Jpeg2000Band *band = reslevel->band + bandno;
                    Jpeg2000Prec *prec = band->prec + precno;

+                    int64_t dwt_norm = dwt_norms[codsty->transform == FF_DWT53][bandpos][lev] * (int64_t)band->i_stepsize >> 15;
+                    int64_t lambda_prime = av_rescale(s->lambda, 1 << WMSEDEC_SHIFT, dwt_norm * dwt_norm);
                    for (cblkno = 0; cblkno < prec->nb_codeblocks_height * prec->nb_codeblocks_width; cblkno++){
                        Jpeg2000Cblk *cblk = prec->cblk + cblkno;

-                        cblk->ninclpasses = getcut(cblk, s->lambda,
-                                (int64_t)dwt_norms[codsty->transform == FF_DWT53][bandpos][lev] * (int64_t)band->i_stepsize >> 15);
+                        cblk->ninclpasses = getcut(cblk, lambda_prime);
                        cblk->layers[0].data_start = cblk->data;
                        cblk->layers[0].cum_passes = cblk->ninclpasses;
                        cblk->layers[0].npasses = cblk->ninclpasses;
--- a/libavcodec/jfdctint_template.c
+++ b/libavcodec/jfdctint_template.c
@ -69,7 +69,7 @@
 #define GLOBAL(x) x
 #define RIGHT_SHIFT(x, n) ((x) >> (n))
 #define MULTIPLY16C16(var,const) ((var)*(const))
-#define DESCALE(x,n)  RIGHT_SHIFT((x) + (1 << ((n) - 1)), n)
+#define DESCALE(x,n)  RIGHT_SHIFT((int)(x) + (1 << ((n) - 1)), n)


 /*
@ -175,7 +175,7 @@
 #if BITS_IN_JSAMPLE == 8 && CONST_BITS<=13 && PASS1_BITS<=2
 #define MULTIPLY(var,const)  MULTIPLY16C16(var,const)
 #else
-#define MULTIPLY(var,const)  ((var) * (const))
+#define MULTIPLY(var,const)  (int)((var) * (unsigned)(const))
 #endif


@ -261,7 +261,7 @@ FUNC(ff_jpeg_fdct_islow)(int16_t *data)
 {
  int tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7;
  int tmp10, tmp11, tmp12, tmp13;
-  int z1, z2, z3, z4, z5;
+  unsigned z1, z2, z3, z4, z5;
  int16_t *dataptr;
  int ctr;

--- a/libavcodec/jpeg2000dec.c
+++ b/libavcodec/jpeg2000dec.c
@ -834,9 +834,6 @@ static int get_tlm(Jpeg2000DecoderContext *s, int n)
        case 2:
            bytestream2_get_be16(&s->g);
            break;
-        case 3:
-            bytestream2_get_be32(&s->g);
-            break;
        }
        if (SP == 0) {
            bytestream2_get_be16(&s->g);
@ -1885,7 +1882,7 @@ static inline void roi_scale_cblk(Jpeg2000Cblk *cblk,
    }
 }

-static inline void tile_codeblocks(const Jpeg2000DecoderContext *s, Jpeg2000Tile *tile)
+static inline int tile_codeblocks(const Jpeg2000DecoderContext *s, Jpeg2000Tile *tile)
 {
    Jpeg2000T1Context t1;

@ -1910,6 +1907,8 @@ static inline void tile_codeblocks(const Jpeg2000DecoderContext *s, Jpeg2000Tile
                int nb_precincts, precno;
                Jpeg2000Band *band = rlevel->band + bandno;
                int cblkno = 0, bandpos;
+                /* See Rec. ITU-T T.800, Equation E-2 */
+                int magp = quantsty->expn[subbandno] + quantsty->nguardbits - 1;

                bandpos = bandno + (reslevelno > 0);

@ -1917,6 +1916,11 @@ static inline void tile_codeblocks(const Jpeg2000DecoderContext *s, Jpeg2000Tile
                    band->coord[1][0] == band->coord[1][1])
                    continue;

+                if ((codsty->cblk_style & JPEG2000_CTSY_HTJ2K_F) && magp >= 31) {
+                    avpriv_request_sample(s->avctx, "JPEG2000_CTSY_HTJ2K_F and magp >= 31");
+                    return AVERROR_PATCHWELCOME;
+                }
+
                nb_precincts = rlevel->num_precincts_x * rlevel->num_precincts_y;
                /* Loop on precincts */
                for (precno = 0; precno < nb_precincts; precno++) {
@ -1927,8 +1931,6 @@ static inline void tile_codeblocks(const Jpeg2000DecoderContext *s, Jpeg2000Tile
                         cblkno < prec->nb_codeblocks_width * prec->nb_codeblocks_height;
                         cblkno++) {
                        int x, y, ret;
-                        /* See Rec. ITU-T T.800, Equation E-2 */
-                        int magp = quantsty->expn[subbandno] + quantsty->nguardbits - 1;

                        Jpeg2000Cblk *cblk = prec->cblk + cblkno;

@ -1968,6 +1970,7 @@ static inline void tile_codeblocks(const Jpeg2000DecoderContext *s, Jpeg2000Tile
            ff_dwt_decode(&comp->dwt, codsty->transform == FF_DWT97 ? (void*)comp->f_data : (void*)comp->i_data);

    } /*end comp */
+    return 0;
 }

 #define WRITE_FRAME(D, PIXEL)                                                                     \
@ -2044,7 +2047,9 @@ static int jpeg2000_decode_tile(AVCodecContext *avctx, void *td,
    AVFrame *picture = td;
    Jpeg2000Tile *tile = s->tile + jobnr;

-    tile_codeblocks(s, tile);
+    int ret = tile_codeblocks(s, tile);
+    if (ret < 0)
+        return ret;

    /* inverse MCT transformation */
    if (tile->codsty[0].mct)
--- a/libavcodec/jpeg2000htdec.c
+++ b/libavcodec/jpeg2000htdec.c
@ -1198,6 +1198,9 @@ ff_jpeg2000_decode_htj2k(const Jpeg2000DecoderContext *s, Jpeg2000CodingStyle *c
    av_assert0(width * height <= 4096);
    av_assert0(width * height > 0);

+    if (roi_shift)
+        avpriv_report_missing_feature(s->avctx, "ROI shift");
+
    memset(t1->data, 0, t1->stride * height * sizeof(*t1->data));
    memset(t1->flags, 0, t1->stride * (height + 2) * sizeof(*t1->flags));

--- a/libavcodec/leaddec.c
+++ b/libavcodec/leaddec.c
@ -196,7 +196,9 @@ static int lead_decode_frame(AVCodecContext *avctx, AVFrame * frame,
            i++;
    }

-    init_get_bits8(&gb, s->bitstream_buf, size);
+    ret = init_get_bits8(&gb, s->bitstream_buf, size);
+    if (ret < 0)
+        return ret;

    if (avctx->pix_fmt == AV_PIX_FMT_YUV420P && zero) {
        for (int mb_y = 0; mb_y < avctx->height / 8; mb_y++)
--- a/libavcodec/libvpxenc.c
+++ b/libavcodec/libvpxenc.c
@ -2040,6 +2040,7 @@ const FFCodec ff_libvpx_vp8_encoder = {
    FF_CODEC_ENCODE_CB(vpx_encode),
    .close          = vpx_free,
    .caps_internal  = FF_CODEC_CAP_NOT_INIT_THREADSAFE |
+                      FF_CODEC_CAP_INIT_CLEANUP |
                      FF_CODEC_CAP_AUTO_THREADS,
    .p.pix_fmts     = (const enum AVPixelFormat[]){ AV_PIX_FMT_YUV420P, AV_PIX_FMT_YUVA420P, AV_PIX_FMT_NONE },
    .p.priv_class   = &class_vp8,
@ -2116,6 +2117,7 @@ FFCodec ff_libvpx_vp9_encoder = {
    FF_CODEC_ENCODE_CB(vpx_encode),
    .close          = vpx_free,
    .caps_internal  = FF_CODEC_CAP_NOT_INIT_THREADSAFE |
+                      FF_CODEC_CAP_INIT_CLEANUP |
                      FF_CODEC_CAP_AUTO_THREADS,
    .defaults       = defaults,
    .init_static_data = vp9_init_static,
--- a/libavcodec/libx264.c
+++ b/libavcodec/libx264.c
@ -929,7 +929,9 @@ static int set_avcc_extradata(AVCodecContext *avctx, x264_nal_t *nal, int nnal)
         *
         * +4 to skip until sps id.
         */
-        init_get_bits8(&gbc, sps + 4, sps_nal->i_payload - 4 - 4);
+        ret = init_get_bits8(&gbc, sps + 4, sps_nal->i_payload - 4 - 4);
+        if (ret < 0)
+            return ret;
        // Skip sps id
        get_ue_golomb_31(&gbc);
        chroma_format_idc = get_ue_golomb_31(&gbc);
--- a/libavcodec/loco.c
+++ b/libavcodec/loco.c
@ -92,10 +92,15 @@ static inline int loco_get_rice(RICEContext *r)
    if (get_bits_left(&r->gb) < 1)
        return INT_MIN;
    v = get_ur_golomb_jpegls(&r->gb, loco_get_rice_param(r), INT_MAX, 0);
+    if (v == -1)
+        return INT_MIN;
    loco_update_rice_param(r, (v + 1) >> 1);
    if (!v) {
        if (r->save >= 0) {
-            r->run = get_ur_golomb_jpegls(&r->gb, 2, INT_MAX, 0);
+            int run = get_ur_golomb_jpegls(&r->gb, 2, INT_MAX, 0);
+            if (run == -1)
+                return INT_MIN;
+            r->run = run;
            if (r->run > 1)
                r->save += r->run + 1;
            else
@ -152,6 +157,8 @@ static int loco_decode_plane(LOCOContext *l, uint8_t *data, int width, int heigh

    /* restore top left pixel */
    val     = loco_get_rice(&rc);
+    if (val == INT_MIN)
+        return AVERROR_INVALIDDATA;
    data[0] = 128 + val;
    /* restore top line */
    for (i = 1; i < width; i++) {
--- a/libavcodec/lossless_videoencdsp.c
+++ b/libavcodec/lossless_videoencdsp.c
@ -25,13 +25,11 @@
 #if HAVE_FAST_64BIT
 typedef uint64_t uint_native;
 #define READ   AV_RN64
-#define READA  AV_RN64A
-#define WRITEA AV_WN64A
+#define WRITE  AV_WN64
 #else
 typedef uint32_t uint_native;
 #define READ   AV_RN32
-#define READA  AV_RN32A
-#define WRITEA AV_WN32A
+#define WRITE  AV_WN32
 #endif
 // 0x7f7f7f7f or 0x7f7f7f7f7f7f7f7f or whatever, depending on the cpu's native arithmetic size
 #define pb_7f (~(uint_native)0 / 255 * 0x7f)
@ -56,9 +54,9 @@ static void diff_bytes_c(uint8_t *dst, const uint8_t *src1, const uint8_t *src2,
    } else
 #endif
    for (i = 0; i <= w - (int) sizeof(uint_native); i += sizeof(uint_native)) {
-        uint_native a = READA(src1 + i);
+        uint_native a = READ(src1 + i);
        uint_native b = READ(src2 + i);
-        WRITEA(dst + i, ((a | pb_80) - (b & pb_7f)) ^ ((a ^ b ^ pb_80) & pb_80));
+        WRITE(dst + i, ((a | pb_80) - (b & pb_7f)) ^ ((a ^ b ^ pb_80) & pb_80));
    }
    for (; i < w; i++)
        dst[i + 0] = src1[i + 0] - src2[i + 0];
--- a/libavcodec/lossless_videoencdsp.h
+++ b/libavcodec/lossless_videoencdsp.h
@ -23,8 +23,8 @@
 #include <stdint.h>

 typedef struct LLVidEncDSPContext {
-    void (*diff_bytes)(uint8_t *dst /* align 16 */,
-                       const uint8_t *src1 /* align 16 */,
+    void (*diff_bytes)(uint8_t *dst /* align 1 */,
+                       const uint8_t *src1 /* align 1 */,
                       const uint8_t *src2 /* align 1 */,
                       intptr_t w);
    /**
--- a/libavcodec/lpc.c
+++ b/libavcodec/lpc.c
@ -281,8 +281,10 @@ int ff_lpc_calc_coefs(LPCContext *s,
        double av_uninit(weight);
        memset(var, 0, FFALIGN(MAX_LPC_ORDER+1,4)*sizeof(*var));

-        for(j=0; j<max_order; j++)
-            m[0].coeff[max_order-1][j] = -lpc[max_order-1][j];
+        /* Avoids initializing with an unused value when lpc_passes == 1 */
+        if (lpc_passes > 1)
+            for(j=0; j<max_order; j++)
+                m[0].coeff[max_order-1][j] = -lpc[max_order-1][j];

        for(; pass<lpc_passes; pass++){
            avpriv_init_lls(&m[pass&1], max_order);
--- a/libavcodec/magicyuv.c
+++ b/libavcodec/magicyuv.c
@ -124,7 +124,7 @@ static void magicyuv_median_pred16(uint16_t *dst, const uint16_t *src1,
    x = 0; \
    for (; CACHED_BITSTREAM_READER && x < width-c && get_bits_left(&gb) > 0;) {\
        ret = get_vlc_multi(&gb, (uint8_t *)dst + x * b, multi, \
-                            vlc, vlc_bits, 3); \
+                            vlc, vlc_bits, 3, b); \
        if (ret <= 0) \
            return AVERROR_INVALIDDATA; \
        x += ret; \
--- a/libavcodec/mediacodecenc.c
+++ b/libavcodec/mediacodecenc.c
@ -200,9 +200,19 @@ static av_cold int mediacodec_init(AVCodecContext *avctx)
    ff_AMediaFormat_setString(format, "mime", codec_mime);
    // Workaround the alignment requirement of mediacodec. We can't do it
    // silently for AV_PIX_FMT_MEDIACODEC.
-    if (avctx->pix_fmt != AV_PIX_FMT_MEDIACODEC) {
+    if (avctx->pix_fmt != AV_PIX_FMT_MEDIACODEC &&
+        (avctx->codec_id == AV_CODEC_ID_H264 ||
+         avctx->codec_id == AV_CODEC_ID_HEVC)) {
        s->width = FFALIGN(avctx->width, 16);
        s->height = FFALIGN(avctx->height, 16);
+        // If avctx video size is aligned to 16 already, we don't need to do
+        // anything. If align is needed for HEVC, we should use the maximum CTU
+        // size.
+        if (avctx->codec_id == AV_CODEC_ID_HEVC &&
+            (s->width != avctx->width || s->height != avctx->height)) {
+            s->width = FFALIGN(avctx->width, 64);
+            s->height = FFALIGN(avctx->height, 64);
+        }
    } else {
        s->width = avctx->width;
        s->height = avctx->height;
@ -533,7 +543,7 @@ static int mediacodec_encode(AVCodecContext *avctx, AVPacket *pkt)
                return 0;
        }

-        if (ret != AVERROR(EAGAIN))
+        if (ret < 0 && ret != AVERROR(EAGAIN))
            return ret;

        if (!s->frame->buf[0]) {
--- a/libavcodec/mfenc.c
+++ b/libavcodec/mfenc.c
@ -248,7 +248,7 @@ static int mf_sample_to_avpacket(AVCodecContext *avctx, IMFSample *sample, AVPac
    if ((ret = ff_get_encode_buffer(avctx, avpkt, len, 0)) < 0)
        return ret;

-    IMFSample_ConvertToContiguousBuffer(sample, &buffer);
+    hr = IMFSample_ConvertToContiguousBuffer(sample, &buffer);
    if (FAILED(hr))
        return AVERROR_EXTERNAL;

--- a/libavcodec/mlpenc.c
+++ b/libavcodec/mlpenc.c
@ -1414,7 +1414,8 @@ static int estimate_coeff(MLPEncodeContext *ctx, MLPSubstream *s,
    int32_t maxl = INT32_MIN, maxr = INT32_MIN, minl = INT32_MAX, minr = INT32_MAX;
    int64_t summ = 0, sums = 0, suml = 0, sumr = 0, enl = 0, enr = 0;
    const int shift = 14 - ctx->rematrix_precision;
-    int32_t cf0, cf1, e[4], d[4], ml, mr;
+    int32_t cf0, cf1, e[4], d[4];
+    int64_t ml, mr;
    int i, count = 0;

    for (int j = 0; j <= ctx->cur_restart_interval; j++) {
@ -1447,8 +1448,8 @@ static int estimate_coeff(MLPEncodeContext *ctx, MLPSubstream *s,
    summ -= FFABS(suml + sumr);
    sums -= FFABS(suml - sumr);

-    ml = maxl - minl;
-    mr = maxr - minr;
+    ml = maxl - (int64_t)minl;
+    mr = maxr - (int64_t)minr;

    if (!summ && !sums)
        return 0;
--- a/libavcodec/motion_est.c
+++ b/libavcodec/motion_est.c
@ -1446,7 +1446,7 @@ static inline int direct_search(MpegEncContext * s, int mb_x, int mb_y)
        s->b_direct_mv_table[mot_xy][0]= 0;
        s->b_direct_mv_table[mot_xy][1]= 0;

-        return 256*256*256*64;
+        return 256*256*256*64-1;
    }

    c->xmin= xmin;
--- a/libavcodec/mpeg12dec.c
+++ b/libavcodec/mpeg12dec.c
@ -2733,7 +2733,7 @@ static int ipu_decode_frame(AVCodecContext *avctx, AVFrame *frame,
    int ret;

    // Check for minimal intra MB size (considering mb header, luma & chroma dc VLC, ac EOB VLC)
-    if (avpkt->size*8LL < (avctx->width+15)/16 * ((avctx->height+15)/16) * (2 + 3*4 + 2*2 + 2*6))
+    if (avpkt->size*8LL < (avctx->width+15)/16 * ((avctx->height+15)/16) * (2LL + 3*4 + 2*2 + 2*6))
        return AVERROR_INVALIDDATA;

    ret = ff_get_buffer(avctx, frame, 0);
--- a/libavcodec/mpeg12enc.c
+++ b/libavcodec/mpeg12enc.c
@ -333,7 +333,7 @@ static void mpeg1_encode_sequence_header(MpegEncContext *s)
    else
        /* VBV calculation: Scaled so that a VCD has the proper
         * VBV size of 40 kilobytes */
-        vbv_buffer_size = ((20 * s->bit_rate) / (1151929 / 2)) * 8 * 1024;
+        vbv_buffer_size = av_rescale_rnd(s->bit_rate, 20, 1151929 / 2, AV_ROUND_ZERO) * 8 * 1024;
    vbv_buffer_size = (vbv_buffer_size + 16383) / 16384;

    put_sbits(&s->pb, 18, v);
--- a/libavcodec/mpeg4videodec.c
+++ b/libavcodec/mpeg4videodec.c
@ -597,6 +597,8 @@ static int mpeg4_decode_sprite_trajectory(Mpeg4DecContext *ctx, GetBitContext *g
        ctx->sprite_shift[0]  = alpha + beta + rho - min_ab;
        ctx->sprite_shift[1]  = alpha + beta + rho - min_ab + 2;
        break;
+    default:
+        av_assert0(0);
    }
    /* try to simplify the situation */
    if (sprite_delta[0][0] == a << ctx->sprite_shift[0] &&
--- a/libavcodec/mpegvideo_enc.c
+++ b/libavcodec/mpegvideo_enc.c
@ -1198,8 +1198,8 @@ static int load_input_picture(MpegEncContext *s, const AVFrame *pic_arg)
                ptrdiff_t dst_stride = i ? s->uvlinesize : s->linesize;
                int h_shift = i ? s->chroma_x_shift : 0;
                int v_shift = i ? s->chroma_y_shift : 0;
-                int w = s->width  >> h_shift;
-                int h = s->height >> v_shift;
+                int w = AV_CEIL_RSHIFT(s->width , h_shift);
+                int h = AV_CEIL_RSHIFT(s->height, v_shift);
                const uint8_t *src = pic_arg->data[i];
                uint8_t *dst = pic->f->data[i];
                int vpad = 16;
@ -1252,6 +1252,8 @@ static int load_input_picture(MpegEncContext *s, const AVFrame *pic_arg)
    /* shift buffer entries */
    for (int i = flush_offset; i <= MAX_B_FRAMES; i++)
        s->input_picture[i - flush_offset] = s->input_picture[i];
+    for (int i = MAX_B_FRAMES + 1 - flush_offset; i <= MAX_B_FRAMES; i++)
+        s->input_picture[i] = NULL;

    s->input_picture[encoding_delay] = pic;

@ -1433,7 +1435,7 @@ static int estimate_best_b_count(MpegEncContext *s)
                goto fail;
            }

-            rd += (out_size * lambda2) >> (FF_LAMBDA_SHIFT - 3);
+            rd += (out_size * (uint64_t)lambda2) >> (FF_LAMBDA_SHIFT - 3);
        }

        /* get the delayed frames */
@ -1442,7 +1444,7 @@ static int estimate_best_b_count(MpegEncContext *s)
            ret = out_size;
            goto fail;
        }
-        rd += (out_size * lambda2) >> (FF_LAMBDA_SHIFT - 3);
+        rd += (out_size * (uint64_t)lambda2) >> (FF_LAMBDA_SHIFT - 3);

        rd += c->error[0] + c->error[1] + c->error[2];

--- a/libavcodec/mscc.c
+++ b/libavcodec/mscc.c
@ -53,6 +53,9 @@ static int rle_uncompress(AVCodecContext *avctx, GetByteContext *gb, PutByteCont
        unsigned run = bytestream2_get_byte(gb);

        if (run) {
+            if (bytestream2_get_bytes_left_p(pb) < run * s->bpp)
+                return AVERROR_INVALIDDATA;
+
            switch (avctx->bits_per_coded_sample) {
            case 8:
                fill = bytestream2_get_byte(gb);
@ -101,6 +104,9 @@ static int rle_uncompress(AVCodecContext *avctx, GetByteContext *gb, PutByteCont

                bytestream2_seek_p(pb, y * avctx->width * s->bpp + x * s->bpp, SEEK_SET);
            } else {
+                if (bytestream2_get_bytes_left_p(pb) < copy * s->bpp)
+                    return AVERROR_INVALIDDATA;
+
                for (j = 0; j < copy; j++) {
                    switch (avctx->bits_per_coded_sample) {
                    case 8:
--- a/libavcodec/mwsc.c
+++ b/libavcodec/mwsc.c
@ -50,6 +50,10 @@ static int rle_uncompress(GetByteContext *gb, PutByteContext *pb, GetByteContext

        if (run == 0) {
            run = bytestream2_get_le32(gb);
+
+            if (bytestream2_tell_p(pb) + width - w < run)
+                return AVERROR_INVALIDDATA;
+
            for (int j = 0; j < run; j++, w++) {
                if (w == width) {
                    w = 0;
@ -61,6 +65,10 @@ static int rle_uncompress(GetByteContext *gb, PutByteContext *pb, GetByteContext
            int pos = bytestream2_tell_p(pb);

            bytestream2_seek(gbp, pos, SEEK_SET);
+
+            if (pos + width - w < fill)
+                return AVERROR_INVALIDDATA;
+
            for (int j = 0; j < fill; j++, w++) {
                if (w == width) {
                    w = 0;
@ -72,6 +80,9 @@ static int rle_uncompress(GetByteContext *gb, PutByteContext *pb, GetByteContext

            intra = 0;
        } else {
+            if (bytestream2_tell_p(pb) + width - w < run)
+                return AVERROR_INVALIDDATA;
+
            for (int j = 0; j < run; j++, w++) {
                if (w == width) {
                    w = 0;
--- a/libavcodec/notchlc.c
+++ b/libavcodec/notchlc.c
@ -242,7 +242,9 @@ static int decode_blocks(AVCodecContext *avctx, AVFrame *p,

        bytestream2_seek(&dgb, s->y_data_offset + row_offset, SEEK_SET);

-        init_get_bits8(&bit, dgb.buffer, bytestream2_get_bytes_left(&dgb));
+        ret = init_get_bits8(&bit, dgb.buffer, bytestream2_get_bytes_left(&dgb));
+        if (ret < 0)
+            return ret;
        for (int x = 0; x < avctx->width; x += 4) {
            unsigned item = bytestream2_get_le32(gb);
            unsigned y_min = item & 4095;
--- a/libavcodec/nvdec.c
+++ b/libavcodec/nvdec.c
@ -664,6 +664,8 @@ int ff_nvdec_simple_end_frame(AVCodecContext *avctx)
    NVDECContext *ctx = avctx->internal->hwaccel_priv_data;
    int ret = ff_nvdec_end_frame(avctx);
    ctx->bitstream = NULL;
+    ctx->bitstream_len = 0;
+    ctx->nb_slices = 0;
    return ret;
 }

--- a/libavcodec/nvenc.c
+++ b/libavcodec/nvenc.c
@ -982,7 +982,7 @@ static av_cold int nvenc_recalc_surfaces(AVCodecContext *avctx)

    // Output in the worst case will only start when the surface buffer is completely full.
    // Hence we need to keep at least the max amount of surfaces plus the max reorder delay around.
-    ctx->frame_data_array_nb = ctx->nb_surfaces + ctx->encode_config.frameIntervalP - 1;
+    ctx->frame_data_array_nb = FFMAX(ctx->nb_surfaces, ctx->nb_surfaces + ctx->encode_config.frameIntervalP - 1);

    return 0;
 }
@ -1255,6 +1255,11 @@ static av_cold int nvenc_setup_h264_config(AVCodecContext *avctx)

    h264->level = ctx->level;

+#ifdef NVENC_HAVE_NEW_BIT_DEPTH_API
+    h264->inputBitDepth = h264->outputBitDepth =
+        IS_10BIT(ctx->data_pix_fmt) ? NV_ENC_BIT_DEPTH_10 : NV_ENC_BIT_DEPTH_8;
+#endif
+
    if (ctx->coder >= 0)
        h264->entropyCodingMode = ctx->coder;

@ -1370,7 +1375,12 @@ static av_cold int nvenc_setup_hevc_config(AVCodecContext *avctx)

    hevc->chromaFormatIDC = IS_YUV444(ctx->data_pix_fmt) ? 3 : 1;

+#ifdef NVENC_HAVE_NEW_BIT_DEPTH_API
+    hevc->inputBitDepth = hevc->outputBitDepth =
+        IS_10BIT(ctx->data_pix_fmt) ? NV_ENC_BIT_DEPTH_10 : NV_ENC_BIT_DEPTH_8;
+#else
    hevc->pixelBitDepthMinus8 = IS_10BIT(ctx->data_pix_fmt) ? 2 : 0;
+#endif

    hevc->level = ctx->level;

@ -1455,8 +1465,13 @@ static av_cold int nvenc_setup_av1_config(AVCodecContext *avctx)

    av1->chromaFormatIDC = IS_YUV444(ctx->data_pix_fmt) ? 3 : 1;

+#ifdef NVENC_HAVE_NEW_BIT_DEPTH_API
+    av1->inputBitDepth = IS_10BIT(ctx->data_pix_fmt) ? NV_ENC_BIT_DEPTH_10 : NV_ENC_BIT_DEPTH_8;
+    av1->outputBitDepth = (IS_10BIT(ctx->data_pix_fmt) || ctx->highbitdepth) ? NV_ENC_BIT_DEPTH_10 : NV_ENC_BIT_DEPTH_8;
+#else
    av1->inputPixelBitDepthMinus8 = IS_10BIT(ctx->data_pix_fmt) ? 2 : 0;
    av1->pixelBitDepthMinus8 = (IS_10BIT(ctx->data_pix_fmt) || ctx->highbitdepth) ? 2 : 0;
+#endif

    if (ctx->b_ref_mode >= 0)
        av1->useBFramesAsRef = ctx->b_ref_mode;
@ -1689,15 +1704,15 @@ static NV_ENC_BUFFER_FORMAT nvenc_map_buffer_format(enum AVPixelFormat pix_fmt)
 {
    switch (pix_fmt) {
    case AV_PIX_FMT_YUV420P:
-        return NV_ENC_BUFFER_FORMAT_YV12_PL;
+        return NV_ENC_BUFFER_FORMAT_YV12;
    case AV_PIX_FMT_NV12:
-        return NV_ENC_BUFFER_FORMAT_NV12_PL;
+        return NV_ENC_BUFFER_FORMAT_NV12;
    case AV_PIX_FMT_P010:
    case AV_PIX_FMT_P016:
        return NV_ENC_BUFFER_FORMAT_YUV420_10BIT;
    case AV_PIX_FMT_GBRP:
    case AV_PIX_FMT_YUV444P:
-        return NV_ENC_BUFFER_FORMAT_YUV444_PL;
+        return NV_ENC_BUFFER_FORMAT_YUV444;
    case AV_PIX_FMT_GBRP16:
    case AV_PIX_FMT_YUV444P16:
        return NV_ENC_BUFFER_FORMAT_YUV444_10BIT;
@ -1876,7 +1891,7 @@ av_cold int ff_nvenc_encode_close(AVCodecContext *avctx)
    av_fifo_freep2(&ctx->unused_surface_queue);

    if (ctx->frame_data_array) {
-        for (i = 0; i < ctx->nb_surfaces; i++)
+        for (i = 0; i < ctx->frame_data_array_nb; i++)
            av_buffer_unref(&ctx->frame_data_array[i].frame_opaque_ref);
        av_freep(&ctx->frame_data_array);
    }
--- a/libavcodec/nvenc.h
+++ b/libavcodec/nvenc.h
@ -83,6 +83,11 @@ typedef void ID3D11Device;
 #define NVENC_NO_DEPRECATED_RC
 #endif

+// SDK 12.2 compile time feature checks
+#if NVENCAPI_CHECK_VERSION(12, 2)
+#define NVENC_HAVE_NEW_BIT_DEPTH_API
+#endif
+
 typedef struct NvencSurface
 {
    NV_ENC_INPUT_PTR input_surface;
--- a/libavcodec/osq.c
+++ b/libavcodec/osq.c
@ -160,11 +160,15 @@ static int update_residue_parameter(OSQChannel *cb)

    sum = cb->sum;
    x = sum / cb->count;
-    rice_k = av_ceil_log2(x);
+    rice_k = ceil(log2(x));
    if (rice_k >= 30) {
-        rice_k = floor(sum / 1.4426952 + 0.5);
-        if (rice_k < 1)
+        double f = floor(sum / 1.4426952 + 0.5);
+        if (f <= 1) {
            rice_k = 1;
+        } else if (f >= 31) {
+            rice_k = 31;
+        } else
+            rice_k = f;
    }

    return rice_k;
@ -320,7 +324,7 @@ static int do_decode(AVCodecContext *avctx, AVFrame *frame, int decorrelate, int
            cb->prev = prev;

            if (downsample)
-                dst[n] *= 256;
+                dst[n] *= 256U;

            dst[E] = dst[D];
            dst[D] = dst[C];
@ -351,7 +355,7 @@ static int osq_decode_block(AVCodecContext *avctx, AVFrame *frame)
    const int nb_channels = avctx->ch_layout.nb_channels;
    const int nb_samples = frame->nb_samples;
    OSQContext *s = avctx->priv_data;
-    const int factor = s->factor;
+    const unsigned factor = s->factor;
    int ret, decorrelate, downsample;
    GetBitContext *gb = &s->gb;

--- a/libavcodec/pcm-bluray.c
+++ b/libavcodec/pcm-bluray.c
@ -167,7 +167,7 @@ static int pcm_bluray_decode_frame(AVCodecContext *avctx, AVFrame *frame,
            samples *= num_source_channels;
            if (AV_SAMPLE_FMT_S16 == avctx->sample_fmt) {
 #if HAVE_BIGENDIAN
-                bytestream2_get_buffer(&gb, dst16, buf_size);
+                bytestream2_get_buffer(&gb, (uint8_t*)dst16, buf_size);
 #else
                do {
                    *dst16++ = bytestream2_get_be16u(&gb);
@ -187,7 +187,8 @@ static int pcm_bluray_decode_frame(AVCodecContext *avctx, AVFrame *frame,
            if (AV_SAMPLE_FMT_S16 == avctx->sample_fmt) {
                do {
 #if HAVE_BIGENDIAN
-                    bytestream2_get_buffer(&gb, dst16, avctx->ch_layout.nb_channels * 2);
+                    bytestream2_get_buffer(&gb, (uint8_t*)dst16,
+                                           avctx->ch_layout.nb_channels * 2);
                    dst16 += avctx->ch_layout.nb_channels;
 #else
                    channel = avctx->ch_layout.nb_channels;
--- a/libavcodec/pcm-dvd.c
+++ b/libavcodec/pcm-dvd.c
@ -157,7 +157,7 @@ static void *pcm_dvd_decode_samples(AVCodecContext *avctx, const uint8_t *src,
    switch (avctx->bits_per_coded_sample) {
    case 16: {
 #if HAVE_BIGENDIAN
-        bytestream2_get_buffer(&gb, dst16, blocks * s->block_size);
+        bytestream2_get_buffer(&gb, (uint8_t*)dst16, blocks * s->block_size);
        dst16 += blocks * s->block_size / 2;
 #else
        int samples = blocks * avctx->ch_layout.nb_channels;
--- a/libavcodec/pcm-dvdenc.c
+++ b/libavcodec/pcm-dvdenc.c
@ -116,7 +116,7 @@ static int pcm_dvd_encode_frame(AVCodecContext *avctx, AVPacket *avpkt,
 {
    PCMDVDContext *s = avctx->priv_data;
    int samples = frame->nb_samples * avctx->ch_layout.nb_channels;
-    int64_t pkt_size = (frame->nb_samples / s->samples_per_block) * s->block_size + 3;
+    int64_t pkt_size = (int64_t)(frame->nb_samples / s->samples_per_block) * s->block_size + 3;
    int blocks = (pkt_size - 3) / s->block_size;
    const int16_t *src16;
    const int32_t *src32;
--- a/libavcodec/pixlet.c
+++ b/libavcodec/pixlet.c
@ -230,8 +230,8 @@ static int read_high_coeffs(AVCodecContext *avctx, const uint8_t *src, int16_t *
        if (cnt1 >= length) {
            cnt1 = get_bits(bc, nbits);
        } else {
-            pfx = 14 + ((((uint64_t)(value - 14)) >> 32) & (value - 14));
-            if (pfx < 1 || pfx > 25)
+            pfx = FFMIN(value, 14);
+            if (pfx < 1)
                return AVERROR_INVALIDDATA;
            cnt1 *= (1 << pfx) - 1;
            shbits = show_bits(bc, pfx);
--- a/libavcodec/pngdec.c
+++ b/libavcodec/pngdec.c
@ -85,11 +85,12 @@ typedef struct PNGDecContext {
    int have_clli;
    uint32_t clli_max;
    uint32_t clli_avg;
-    int have_mdvc;
-    uint16_t mdvc_primaries[3][2];
-    uint16_t mdvc_white_point[2];
-    uint32_t mdvc_max_lum;
-    uint32_t mdvc_min_lum;
+    /* Mastering Display Color Volume */
+    int have_mdcv;
+    uint16_t mdcv_primaries[3][2];
+    uint16_t mdcv_white_point[2];
+    uint32_t mdcv_max_lum;
+    uint32_t mdcv_min_lum;

    enum PNGHeaderState hdr_state;
    enum PNGImageState pic_state;
@ -762,24 +763,24 @@ static int populate_avctx_color_fields(AVCodecContext *avctx, AVFrame *frame)
        }
    }

-    if (s->have_mdvc) {
-        AVMasteringDisplayMetadata *mdvc;
+    if (s->have_mdcv) {
+        AVMasteringDisplayMetadata *mdcv;

-        ret = ff_decode_mastering_display_new(avctx, frame, &mdvc);
+        ret = ff_decode_mastering_display_new(avctx, frame, &mdcv);
        if (ret < 0)
            return ret;

-        if (mdvc) {
-            mdvc->has_primaries = 1;
+        if (mdcv) {
+            mdcv->has_primaries = 1;
            for (int i = 0; i < 3; i++) {
-                mdvc->display_primaries[i][0] = av_make_q(s->mdvc_primaries[i][0], 50000);
-                mdvc->display_primaries[i][1] = av_make_q(s->mdvc_primaries[i][1], 50000);
+                mdcv->display_primaries[i][0] = av_make_q(s->mdcv_primaries[i][0], 50000);
+                mdcv->display_primaries[i][1] = av_make_q(s->mdcv_primaries[i][1], 50000);
            }
-            mdvc->white_point[0] = av_make_q(s->mdvc_white_point[0], 50000);
-            mdvc->white_point[1] = av_make_q(s->mdvc_white_point[1], 50000);
-            mdvc->has_luminance = 1;
-            mdvc->max_luminance = av_make_q(s->mdvc_max_lum, 10000);
-            mdvc->min_luminance = av_make_q(s->mdvc_min_lum, 10000);
+            mdcv->white_point[0] = av_make_q(s->mdcv_white_point[0], 50000);
+            mdcv->white_point[1] = av_make_q(s->mdcv_white_point[1], 50000);
+            mdcv->has_luminance = 1;
+            mdcv->max_luminance = av_make_q(s->mdcv_max_lum, 10000);
+            mdcv->min_luminance = av_make_q(s->mdcv_min_lum, 10000);
        }
    }

@ -1081,17 +1082,20 @@ static int decode_sbit_chunk(AVCodecContext *avctx, PNGDecContext *s,
        return AVERROR_INVALIDDATA;
    }

-    channels = ff_png_get_nb_channels(s->color_type);
+    channels = s->color_type & PNG_COLOR_MASK_PALETTE ? 3 : ff_png_get_nb_channels(s->color_type);

-    if (bytestream2_get_bytes_left(gb) != channels)
+    if (bytestream2_get_bytes_left(gb) != channels) {
+        av_log(avctx, AV_LOG_ERROR, "Invalid sBIT size: %d, expected: %d\n",
+            bytestream2_get_bytes_left(gb), channels);
        return AVERROR_INVALIDDATA;
+    }

    for (int i = 0; i < channels; i++) {
        int b = bytestream2_get_byteu(gb);
        bits = FFMAX(b, bits);
    }

-    if (bits < 0 || bits > s->bit_depth) {
+    if (bits <= 0 || bits > (s->color_type & PNG_COLOR_MASK_PALETTE ? 8 : s->bit_depth)) {
        av_log(avctx, AV_LOG_ERROR, "Invalid significant bits: %d\n", bits);
        return AVERROR_INVALIDDATA;
    }
@ -1216,7 +1220,7 @@ static int decode_fctl_chunk(AVCodecContext *avctx, PNGDecContext *s,
        return AVERROR_INVALIDDATA;
    }

-    if ((sequence_number == 0 || !s->last_picture.f->data[0]) &&
+    if ((sequence_number == 0 || !s->last_picture.f) &&
        dispose_op == APNG_DISPOSE_OP_PREVIOUS) {
        // No previous frame to revert to for the first frame
        // Spec says to just treat it as a APNG_DISPOSE_OP_BACKGROUND
@ -1569,20 +1573,20 @@ static int decode_frame_common(AVCodecContext *avctx, PNGDecContext *s,
            s->clli_max = bytestream2_get_be32u(&gb_chunk);
            s->clli_avg = bytestream2_get_be32u(&gb_chunk);
            break;
-        case MKTAG('m', 'D', 'V', 'c'):
+        case MKTAG('m', 'D', 'C', 'v'):
            if (bytestream2_get_bytes_left(&gb_chunk) != 24) {
-                av_log(avctx, AV_LOG_WARNING, "Invalid mDVc chunk size: %d\n", bytestream2_get_bytes_left(&gb_chunk));
+                av_log(avctx, AV_LOG_WARNING, "Invalid mDCv chunk size: %d\n", bytestream2_get_bytes_left(&gb_chunk));
                break;
            }
-            s->have_mdvc = 1;
+            s->have_mdcv = 1;
            for (int i = 0; i < 3; i++) {
-                s->mdvc_primaries[i][0] = bytestream2_get_be16u(&gb_chunk);
-                s->mdvc_primaries[i][1] = bytestream2_get_be16u(&gb_chunk);
+                s->mdcv_primaries[i][0] = bytestream2_get_be16u(&gb_chunk);
+                s->mdcv_primaries[i][1] = bytestream2_get_be16u(&gb_chunk);
            }
-            s->mdvc_white_point[0] = bytestream2_get_be16u(&gb_chunk);
-            s->mdvc_white_point[1] = bytestream2_get_be16u(&gb_chunk);
-            s->mdvc_max_lum = bytestream2_get_be32u(&gb_chunk);
-            s->mdvc_min_lum = bytestream2_get_be32u(&gb_chunk);
+            s->mdcv_white_point[0] = bytestream2_get_be16u(&gb_chunk);
+            s->mdcv_white_point[1] = bytestream2_get_be16u(&gb_chunk);
+            s->mdcv_max_lum = bytestream2_get_be32u(&gb_chunk);
+            s->mdcv_min_lum = bytestream2_get_be32u(&gb_chunk);
            break;
        case MKTAG('I', 'E', 'N', 'D'):
            if (!(s->pic_state & PNG_ALLIMAGE))
--- a/libavcodec/pngenc.c
+++ b/libavcodec/pngenc.c
@ -449,17 +449,17 @@ static int encode_headers(AVCodecContext *avctx, const AVFrame *pict)

    side_data = av_frame_get_side_data(pict, AV_FRAME_DATA_MASTERING_DISPLAY_METADATA);
    if (side_data) {
-        AVMasteringDisplayMetadata *mdvc = (AVMasteringDisplayMetadata *) side_data->data;
-        if (mdvc->has_luminance && mdvc->has_primaries) {
+        AVMasteringDisplayMetadata *mdcv = (AVMasteringDisplayMetadata *) side_data->data;
+        if (mdcv->has_luminance && mdcv->has_primaries) {
            for (int i = 0; i < 3; i++) {
-                AV_WB16(s->buf + 2*i, PNG_Q2D(mdvc->display_primaries[i][0], 50000));
-                AV_WB16(s->buf + 2*i + 2, PNG_Q2D(mdvc->display_primaries[i][1], 50000));
+                AV_WB16(s->buf + 2*i, PNG_Q2D(mdcv->display_primaries[i][0], 50000));
+                AV_WB16(s->buf + 2*i + 2, PNG_Q2D(mdcv->display_primaries[i][1], 50000));
            }
-            AV_WB16(s->buf + 12, PNG_Q2D(mdvc->white_point[0], 50000));
-            AV_WB16(s->buf + 14, PNG_Q2D(mdvc->white_point[1], 50000));
-            AV_WB32(s->buf + 16, PNG_Q2D(mdvc->max_luminance, 10000));
-            AV_WB32(s->buf + 20, PNG_Q2D(mdvc->min_luminance, 10000));
-            png_write_chunk(&s->bytestream, MKTAG('m', 'D', 'V', 'c'), s->buf, 24);
+            AV_WB16(s->buf + 12, PNG_Q2D(mdcv->white_point[0], 50000));
+            AV_WB16(s->buf + 14, PNG_Q2D(mdcv->white_point[1], 50000));
+            AV_WB32(s->buf + 16, PNG_Q2D(mdcv->max_luminance, 10000));
+            AV_WB32(s->buf + 20, PNG_Q2D(mdcv->min_luminance, 10000));
+            png_write_chunk(&s->bytestream, MKTAG('m', 'D', 'C', 'v'), s->buf, 24);
        }
    }

@ -468,8 +468,9 @@ static int encode_headers(AVCodecContext *avctx, const AVFrame *pict)
    if (png_get_gama(pict->color_trc, s->buf))
        png_write_chunk(&s->bytestream, MKTAG('g', 'A', 'M', 'A'), s->buf, 4);

-    if (avctx->bits_per_raw_sample > 0 && avctx->bits_per_raw_sample < s->bit_depth) {
-        int len = ff_png_get_nb_channels(s->color_type);
+    if (avctx->bits_per_raw_sample > 0 &&
+            avctx->bits_per_raw_sample < (s->color_type & PNG_COLOR_MASK_PALETTE ? 8 : s->bit_depth)) {
+        int len = s->color_type & PNG_COLOR_MASK_PALETTE ? 3 : ff_png_get_nb_channels(s->color_type);
        memset(s->buf, avctx->bits_per_raw_sample, len);
        png_write_chunk(&s->bytestream, MKTAG('s', 'B', 'I', 'T'), s->buf, len);
    }
--- a/libavcodec/pnmdec.c
+++ b/libavcodec/pnmdec.c
@ -264,7 +264,7 @@ static int pnm_decode_frame(AVCodecContext *avctx, AVFrame *p,
        break;
    case AV_PIX_FMT_GBRPF32:
        if (!s->half) {
-            if (avctx->width * avctx->height * 12 > s->bytestream_end - s->bytestream)
+            if (avctx->width * avctx->height * 12LL > s->bytestream_end - s->bytestream)
                return AVERROR_INVALIDDATA;
            scale = 1.f / s->scale;
            if (s->endian) {
--- a/libavcodec/ppc/h264dsp.c
+++ b/libavcodec/ppc/h264dsp.c
@ -663,7 +663,7 @@ void weight_h264_W_altivec(uint8_t *block, int stride, int height,
    DECLARE_ALIGNED(16, int32_t, temp)[4];
    LOAD_ZERO;

-    offset <<= log2_denom;
+    offset *= 1 << log2_denom;
    if(log2_denom) offset += 1<<(log2_denom-1);
    temp[0] = log2_denom;
    temp[1] = weight;
@ -712,7 +712,7 @@ void biweight_h264_W_altivec(uint8_t *dst, uint8_t *src, int stride, int height,
    DECLARE_ALIGNED(16, int32_t, temp)[4];
    LOAD_ZERO;

-    offset = ((offset + 1) | 1) << log2_denom;
+    offset = ((offset + 1) | 1) * (1 << log2_denom);
    temp[0] = log2_denom+1;
    temp[1] = weights;
    temp[2] = weightd;
--- a/libavcodec/proresdec2.c
+++ b/libavcodec/proresdec2.c
@ -510,7 +510,7 @@ static av_always_inline int decode_ac_coeffs(AVCodecContext *avctx, GetBitContex

    for (pos = block_mask;;) {
        bits_left = gb->size_in_bits - re_index;
-        if (!bits_left || (bits_left < 32 && !SHOW_UBITS(re, gb, bits_left)))
+        if (bits_left <= 0 || (bits_left < 32 && !SHOW_UBITS(re, gb, bits_left)))
            break;

        DECODE_CODEWORD(run, run_to_cb[FFMIN(run,  15)], LAST_SKIP_BITS);
--- a/libavcodec/proresenc_anatoliy.c
+++ b/libavcodec/proresenc_anatoliy.c
@ -856,7 +856,8 @@ static av_cold int prores_encode_init(AVCodecContext *avctx)
            avctx->profile = AV_PROFILE_PRORES_4444;
            av_log(avctx, AV_LOG_INFO,
                   "encoding with ProRes 4444+ (ap4h) profile\n");
-        }
+        } else
+            av_assert0(0);
    } else if (avctx->profile < AV_PROFILE_PRORES_PROXY
            || avctx->profile > AV_PROFILE_PRORES_XQ) {
        av_log(
--- a/libavcodec/proresenc_kostya.c
+++ b/libavcodec/proresenc_kostya.c
@ -342,7 +342,7 @@ static void get_slice_data(ProresContext *ctx, const uint16_t *src,

 static void get_alpha_data(ProresContext *ctx, const uint16_t *src,
                           ptrdiff_t linesize, int x, int y, int w, int h,
-                           int16_t *blocks, int mbs_per_slice, int abits)
+                           uint16_t *blocks, int mbs_per_slice, int abits)
 {
    const int slice_width = 16 * mbs_per_slice;
    int i, j, copy_w, copy_h;
--- a/libavcodec/qsv.c
+++ b/libavcodec/qsv.c
@ -496,7 +496,7 @@ static int qsv_new_mfx_loader(AVCodecContext *avctx,
    mfxStatus sts;
    mfxLoader loader = NULL;
    mfxConfig cfg;
-    mfxVariant impl_value;
+    mfxVariant impl_value = {0};

    loader = MFXLoad();
    if (!loader) {
--- a/libavcodec/qsvdec.c
+++ b/libavcodec/qsvdec.c
@ -378,9 +378,12 @@ static int qsv_decode_init_context(AVCodecContext *avctx, QSVContext *q, mfxVide

    q->frame_info = param->mfx.FrameInfo;

-    if (!avctx->hw_frames_ctx)
-        q->pool = av_buffer_pool_init(av_image_get_buffer_size(avctx->pix_fmt,
-                    FFALIGN(avctx->width, 128), FFALIGN(avctx->height, 64), 1), av_buffer_allocz);
+    if (!avctx->hw_frames_ctx) {
+        ret = av_image_get_buffer_size(avctx->pix_fmt, FFALIGN(avctx->width, 128), FFALIGN(avctx->height, 64), 1);
+        if (ret < 0)
+            return ret;
+        q->pool = av_buffer_pool_init(ret, av_buffer_allocz);
+    }
    return 0;
 }

--- a/libavcodec/r210enc.c
+++ b/libavcodec/r210enc.c
@ -35,7 +35,7 @@ static av_cold int encode_init(AVCodecContext *avctx)

    avctx->bits_per_coded_sample = 32;
    if (avctx->width > 0)
-        avctx->bit_rate = ff_guess_coded_bitrate(avctx) * aligned_width / avctx->width;
+        avctx->bit_rate = av_rescale(ff_guess_coded_bitrate(avctx), aligned_width, avctx->width);

    return 0;
 }
--- a/Show More
+++ b/Show More
 @ -1 +1 @@
 .1.git
 .0.2