Hmmm. This repros back to at least Chrome 63, and Clusterfuzz notes REGRESSION REVISION RANGE of V8: 0:47824. It returns the same results in Firefox and Edge, making me wonder whether this test case is really valid.

I agree. I don't even see a failure here. The script throws a TypeError, that's all.
Assigning to Max to clarify why this was even reported by Clusterfuzz. Maybe just because of the string "Assertion failed"?

Please set back to Untriaged to get it back to the queue, or set to WontFix if this is indeed an invalid report.

Right, "Assertion failed" is the root cause why this got reported. Feel free to WontFix.

Ok, thanks. Any chance to suppress such reports in the future? Maybe only match "Assertion failed" at the beginning of a line?

I don't think that beginning of a line would work :/ Also, it doesn't seem to happen often. At least I haven't seen such cases before. If I'm wrong and that happens quite often, it would be great to see other examples and then figure out a good soluion.

ClusterFuzz testcase 5839414348742656 is still reproducing on tip-of-tree build (trunk).

If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase.

Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot