Created attachment 546116 [details] [diff] [review] patch, check whether mURI is null The problem arises because when a relative URI is used in a data: document, it fails to resolve (naturally), which leaves mURI null in the font-face source. Solution is to check before trying to retrieve the spec, and provide a generic placeholder if not available. (I'm not sure if there are other cases where mURI could be null, but this should protect us from them however it arises.)
There are other cases where mURI could be null. For example, "http://spaces in hostname/". Might be worth it to add a crashtest.
http://hg.mozilla.org/mozilla-central/rev/911439385a90 I'll put together crashtests based on the examples in comment #0 and comment #2.
Created attachment 546154 [details] [diff] [review] crashtests These testcases both hit the "null mURI" path in the @font-face load-failure logging code.
Comment on attachment 546154 [details] [diff] [review] crashtests r=me
Pushed crashtests: http://hg.mozilla.org/mozilla-central/rev/85b1015168a0