UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063

Steps to reproduce the problem:
1. I have built an executable using ORTCLib (http://ortclib.org/) that listens for an incoming data channel. First have to run this.

2. Navigate Chromium to a web page I wrote that creates an RTCPeerConnection and sets the local and remote description to open a data channel.

What is the expected behavior?
Chromium should finish the peer connection and allow me to send and receive messages on the data channel.

What went wrong?
Chromium crashes with an "Aw Snap!" page 100% of the time.

dump: https://1drv.ms/u/s!AvoQBZZ9sOA0rZl7XMzfKJziRn3e-A

Callstack:
00 chrome_child!base::debug::SetDumpWithoutCrashingFunction
01 chrome_child!raise
02 chrome_child!abort
03 chrome_child!rtc::FatalMessage::~FatalMessage
04 chrome_child!cricket::StreamInterfaceChannel::OnPacketReceived
05 chrome_child!cricket::DtlsTransport::OnReadPacket
06 chrome_child!sigslot::signal_with_thread_policy<sigslot::single_threaded,rtc::PacketTransportInternal * __ptr64,char const * __ptr64,unsigned __int64,rtc::PacketTime const & __ptr64,int>::emit
07 chrome_child!cricket::P2PTransportChannel::OnReadPacket
08 chrome_child!cricket::Connection::OnReadPacket
09 chrome_child!cricket::UDPPort::OnReadPacket
0a chrome_child!cricket::UDPPort::HandleIncomingPacket
0b chrome_child!cricket::AllocationSequence::OnReadPacket
0c chrome_child!sigslot::signal_with_thread_policy<sigslot::single_threaded,rtc::AsyncPacketSocket * __ptr64,char const * __ptr64,unsigned __int64,rtc::SocketAddress const & __ptr64,rtc::PacketTime const & __ptr64>::emit
0d chrome_child!content::IpcPacketSocketFactory::CreateUdpSocket
0e chrome_child!content::P2PSocketClientImpl::DeliverOnDataReceived
0f chrome_child!base::debug::TaskAnnotator::RunTask
10 chrome_child!base::MessageLoop::RunTask
11 chrome_child!base::MessageLoop::DoWork
12 chrome_child!base::MessagePumpDefault::Run
13 chrome_child!base::RunLoop::Run
14 chrome_child!base::Thread::ThreadMain
15 chrome_child!base::PlatformThread::Sleep
16 kernel32!BaseThreadInitThunk
17 ntdll!RtlUserThreadStart

looks like packets_.WriteBack failed for some reason. I don't have Chromium built, so I don't have private symbols.

Did this work before? N/A 

Does this work in other browsers? N/A

Chrome version: 60.0.3094.0  Channel: stable
OS Version: 10.0
Flash Version: 

The ortclib-based executable I wrote is working to the point where the SCTP association is created and the incoming data channel is opened from the browser, but as soon as it's opened, the browser crashes.

Here is the local and remote SDP from the browser's point of view from the run where I got the crash dump.

Local SDP (browser):
v=0
o=- 3671775069722531547 2 IN IP4 127.0.0.1
s=-
t=0 0
a=group:BUNDLE data
a=msid-semantic: WMS
m=application 51007 DTLS/SCTP 5000
c=IN IP4 10.124.222.163
a=candidate:3900449056 1 udp 2122262783 2001:4898:d8:100e:dda7:3938:3be9:d58d 51005 typ host generation 0 network-id 3
a=candidate:1138941600 1 udp 2122197247 2001:4898:d8:100e:6cc5:c38:7235:530 51006 typ host generation 0 network-id 2
a=candidate:1808270367 1 udp 2122129151 10.124.222.163 51007 typ host generation 0 network-id 1
a=candidate:2801786320 1 tcp 1518283007 2001:4898:d8:100e:dda7:3938:3be9:d58d 9 typ host tcptype active generation 0 network-id 3
a=candidate:224469584 1 tcp 1518217471 2001:4898:d8:100e:6cc5:c38:7235:530 9 typ host tcptype active generation 0 network-id 2
a=candidate:625735919 1 tcp 1518149375 10.124.222.163 9 typ host tcptype active generation 0 network-id 1
a=ice-ufrag:q5TD
a=ice-pwd:5geMo33RlnIbkJxfri9uTHdQ
a=ice-options:trickle
a=fingerprint:sha-256 24:19:C7:60:5B:19:E1:E7:98:C8:1A:15:06:65:23:5C:4E:F0:8E:8C:95:B1:BC:E1:DB:A3:E4:0B:DF:53:1D:E2
a=setup:actpass
a=mid:data
a=sctpmap:5000 webrtc-datachannel 1024

Remote SDP (from my EXE):
v=0
o=- 1616430012261898126 2 IN IP4 127.0.0.1
s=-
t=0 0
a=group:BUNDLE data
a=msid-semantic: WMS
m=application 62990 DTLS/SCTP 5000
c=IN IP4 10.124.222.28
a=candidate:7eb5bc2efb9223a252d728f41be61159e6430e7f 1 udp 1516568831 10.124.222.28 62990 typ host generation 0 network-id 1
a=ice-ufrag:06XF0Eu96iKwGXdh
a=ice-pwd:751ww0OI4bVoRFFuIcQUgQIA9
a=ice-options:trickle
a=fingerprint:sha-256 A2:36:AE:02:78:CD:D9:E7:42:9A:47:AB:87:39:98:ED:62:2A:C4:36:87:C3:6F:83:42:47:86:6C:2C:F6:C2:32
a=setup:passive
a=mid:data
a=sctpmap:5000 webrtc-datachannel 1024

This reproes in a few recent versions of Chromium and also Chrome 58.0.3029.96. Edge doesn't support data channels, and Firefox is giving me some other problems trying to get even this far.

I've tried a bunch of different things to avoid this crash. Nothing has made a difference:
- set my server to use and not use ICE Lite
- set the server to ICE Controlling and ICE Controlled
- set the server to be the DTLS Server and Client role
- use negotiated=true data channel and negotiated=false

I can get data channels (both with and without negotiation) working between two instances of this version of Chromium, so I know it can work. There's some interoperability problem here. At best, this should fail with an error callback or something; it certainly shouldn't crash.