...however I can't very well prove it, because I can't seem to make escape have an exception and return null. What kind of characters or character sequences can cause the escape function to throw an exception?
Shouldn't your serverside validation catch that before it goes into the database?
Also you probably would be better off using encodeURIComponent and not escape.
Only way that code will throw an error from my knowledge is if you do not have any elements with the name that is provided.
If you still think it is escape. Build yourself a loop that goes through every single character known to man and see what happens.
If it is some public script, it could easily be a bot filling out your forms with JS disabled.