AuthenticatorImpl::On{Sign,Register}Response contains UNREACHED() statements for response codes specific to GetAssertion that should not occur during MakeCredential and vice versa. However, these lines are not actually guaranteed to be unreached for erratically behaving authenticators.

A fix would be to sanitize the returned response codes better in {GetAssertion,MakeCredential}RequestHandler

See discussion in https://chromium-review.googlesource.com/c/chromium/src/+/1181863/1/content/browser/webauth/authenticator_impl.cc#637.