Predator and CL could not provide any possible suspects.
Using Code Search for the file, "ShapeResult.cpp" assigning to the concern owner.

Suspecting Commit#
https://chromium.googlesource.com/chromium/src/+/58b4aa6edd31e6553e7d5588bc528fda1558e071

@kojii -- Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.

drott@, this looks like about PrimaryFont() being nullptr.

Is it our usual to return if |!PrimaryFont()|? Adding such a check is doable for me, but wanted to check to see if you have any insights.

I cannot reproduce this issue locally:

$ [...]/clusterfuzz-tools/releases/clusterfuzz reproduce 5457193293053952  

Original crash type: Null-dereference
Original crash state:
  __tsan::CallUserSignalHandler
  rtl_sigaction
  blink::SimpleFontData::IsTextOrientationFallbackOf

The stacktrace doesn't match the original stacktrace.
Try again (3 times). Press Ctrl+C to stop trying to reproduce.

UnreproducibleError: The crash cannot be reproduced after trying 3 times.
Here are things you can try:
- Run outside XVFB (e.g. you will be able to see the launched program on screen.) with `--disable-xvfb`, which is especially useful for Chrome.
- Run with the downloaded build by adding `--build download`.
- Run `build/install-build-deps.sh` to ensure all dependencies are installed.
- Run with more number of trials by adding `-i 10`, which is especially good for gesture-related testcases.
- Use gdb to debug by adding `--enable-debug`.

ClusterFuzz testcase 5457193293053952 is still reproducing on tip-of-tree build (trunk).

If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase.

Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace.

Removing the 'Reproducible' tag, compare #3.