Comment 8 for bug 1094499

This isn't the same as bug 934471, although the stacktraces are deceptively similar. However, it seems to be crashing on a different line, and for a different reason.

#0 0x00007fb974591b16 in dvdnav_describe_title_chapters (this=0x7fb944001360, title=title@entry=1, times=times@entry=0x7fb9704e2fd8, duration=duration@entry=0x7fb9704e2fd0) at searching.c:653
        retval = 0
        parts = 29
        pgc = 0x25
        tmp = 0x7fb9440554a0

The code is:

    pgc = ifo->vts_pgcit->pgci_srp[ptt[i].pgcn-1].pgc; // = 0x25
    if (pgc == NULL) {
      printerr("PGC missing.");
      continue;
    }
    if(ptt[i].pgn > pgc->nr_of_programs) { // 653: Crash!

So, it looks to me like this is an invalid pointer situation. Question is how did it get set to 0x25 (37) in the first place?