In r68077, if I go to the activity window and option double-click an image to download it... crash(1). If I load the image directly in the browser, right-click save image as... crash(2). If I drag an image from the web page to my desktop... crash(3).

Crashes with any web page.

crash(1)

Process:         Safari [1007]
Path:            /Applications/WebKit.app/Contents/MacOS/WebKit
Identifier:      org.webkit.nightly.WebKit
Version:         r68077 (68077)
Code Type:       PPC (Native)
Parent Process:  launchd [91]

Date/Time:       2010-09-23 20:23:05.571 -0400
OS Version:      Mac OS X 10.5.8 (9L30)
Report Version:  6
Anonymous UUID:  F41C1802-6457-4B49-A738-107FEBA3B7F7

Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000000
Crashed Thread:  0

Thread 0 Crashed:
0   com.apple.CoreFoundation      	0x906acb7c CFStringCreateCopy + 68
1   com.apple.WebKit              	0x009c3e88 -[NSFileManager(WebNSFileManagerExtras) _webkit_setMetadataURL:referrer:atPath:] + 168
2   com.apple.Safari              	0x00107494 0x1000 + 1074324
3   com.apple.Safari              	0x0010720c 0x1000 + 1073676
4   com.apple.Safari              	0x00106ec8 0x1000 + 1072840
5   com.apple.Foundation          	0x91b3ef98 _NSURLDownloadDecideDestinationWithSuggestedObjectName + 128
6   com.apple.CFNetwork           	0x93707e18 URLDownload::downloadOpenTarget() + 204
7   com.apple.CFNetwork           	0x9370815c URLDownload::downloadWriteData(__CFData const*, __CFData const*) + 48
8   com.apple.CFNetwork           	0x93708f5c URLDownload::downloadProcessData(__CFData const*) + 408
9   com.apple.CFNetwork           	0x93709014 URLDownload::didReceiveData(__CFData const*, long) + 48
10  com.apple.CFNetwork           	0x93740b48 URLConnectionClient::_clientDidReceiveData(__CFData const*, URLConnectionClient::ClientConnectionEventQueue*) + 256
11  com.apple.CFNetwork           	0x93741b0c URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 432
12  com.apple.CFNetwork           	0x93740500 URLConnectionClient::processEvents() + 132
13  com.apple.CFNetwork           	0x936ea020 MultiplexerSource::perform() + 168
14  com.apple.CoreFoundation      	0x906930d0 CFRunLoopRunSpecific + 1104
15  com.apple.HIToolbox           	0x9325bb14 RunCurrentEventLoopInMode + 264
16  com.apple.HIToolbox           	0x9325b938 ReceiveNextEventCommon + 412
17  com.apple.HIToolbox           	0x9325b778 BlockUntilNextEventMatchingListInMode + 84
18  com.apple.AppKit              	0x9721e244 _DPSNextEvent + 596
19  com.apple.AppKit              	0x9721dbfc -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 112
20  com.apple.Safari              	0x00019044 0x1000 + 98372
21  com.apple.AppKit              	0x9721789c -[NSApplication run] + 744
22  com.apple.AppKit              	0x971e8298 NSApplicationMain + 440
23  com.apple.Safari              	0x0000b648 0x1000 + 42568


crash(2)

Process:         Safari [1046]
Path:            /Volumes/WebKit/WebKit.app/Contents/MacOS/WebKit
Identifier:      org.webkit.nightly.WebKit
Version:         r68077 (68077)
Code Type:       PPC (Native)
Parent Process:  launchd [91]

Date/Time:       2010-09-23 20:26:54.123 -0400
OS Version:      Mac OS X 10.5.8 (9L30)
Report Version:  6
Anonymous UUID:  F41C1802-6457-4B49-A738-107FEBA3B7F7

Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000000
Crashed Thread:  0

Thread 0 Crashed:
0   com.apple.CoreFoundation      	0x906acb7c CFStringCreateCopy + 68
1   com.apple.WebKit              	0x009c3e88 -[NSFileManager(WebNSFileManagerExtras) _webkit_setMetadataURL:referrer:atPath:] + 168
2   com.apple.Safari              	0x0013e274 0x1000 + 1299060
3   com.apple.AppKit              	0x974de610 -[NSDocument _saveToURL:ofType:forSaveOperation:delegate:didSaveSelector:contextInfo:] + 120
4   com.apple.AppKit              	0x974de580 -[NSDocument saveToURL:ofType:forSaveOperation:delegate:didSaveSelector:contextInfo:] + 624
5   com.apple.AppKit              	0x974de2b8 -[NSDocument _savePanelWasPresented:withResult:inContext:] + 328
6   com.apple.AppKit              	0x974de04c -[NSSavePanel(NSSavePanelRuntime) _didEndSheet:returnCode:contextInfo:] + 332
7   com.apple.AppKit              	0x976e2d30 -[NSSavePanel(NSSavePanelRuntime) overwriteAlertDidEnd:returnCode:contextInfo:] + 168
8   com.apple.AppKit              	0x9744f600 -[NSAlert didEndAlert:returnCode:contextInfo:] + 104
9   com.apple.AppKit              	0x9744f504 -[NSAlert buttonPressed:] + 244
10  com.apple.AppKit              	0x972da354 -[NSApplication sendAction:to:from:] + 104
11  com.apple.Safari              	0x0004d800 0x1000 + 313344
12  com.apple.AppKit              	0x972da288 -[NSControl sendAction:to:] + 92
13  com.apple.AppKit              	0x972d97a0 -[NSCell trackMouse:inRect:ofView:untilMouseUp:] + 1584
14  com.apple.AppKit              	0x972d90d8 -[NSButtonCell trackMouse:inRect:ofView:untilMouseUp:] + 516
15  com.apple.AppKit              	0x972d8a14 -[NSControl mouseDown:] + 804
16  com.apple.AppKit              	0x972d72d8 -[NSWindow sendEvent:] + 4512
17  com.apple.AppKit              	0x972aa67c -[NSApplication sendEvent:] + 3256
18  com.apple.Safari              	0x0003b144 0x1000 + 237892
19  com.apple.AppKit              	0x972178d4 -[NSApplication run] + 800
20  com.apple.AppKit              	0x971e8298 NSApplicationMain + 440
21  com.apple.Safari              	0x0000b648 0x1000 + 42568
22  ???                           	0x00000ffc 0 + 4092


crash(3)

Process:         Safari [1141]
Path:            /Applications/WebKit.app/Contents/MacOS/WebKit
Identifier:      org.webkit.nightly.WebKit
Version:         r68204 (68204)
Code Type:       PPC (Native)
Parent Process:  launchd [91]

Date/Time:       2010-09-23 20:34:05.488 -0400
OS Version:      Mac OS X 10.5.8 (9L30)
Report Version:  6
Anonymous UUID:  F41C1802-6457-4B49-A738-107FEBA3B7F7

Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000000
Crashed Thread:  0

Thread 0 Crashed:
0   com.apple.CoreFoundation      	0x906acb7c CFStringCreateCopy + 68
1   com.apple.WebKit              	0x009c4cf8 -[NSFileManager(WebNSFileManagerExtras) _webkit_setMetadataURL:referrer:atPath:] + 168
2   com.apple.WebKit              	0x009a7500 -[WebHTMLView namesOfPromisedFilesDroppedAtDestination:] + 752
3   com.apple.AppKit              	0x977d0470 -[NSFilePromiseDragSource getFilenamesAndDropLocation] + 296
4   com.apple.AppKit              	0x977d0518 -[NSFilePromiseDragSource pasteboard:provideDataForType:itemIdentifier:] + 76
5   com.apple.AppKit              	0x975183d8 __NSPasteboardProvideData + 152
6   com.apple.CoreFoundation      	0x9068227c __CFPasteboardClientCallBack + 608
7   com.apple.CoreFoundation      	0x90673258 __CFMessagePortPerform + 324
8   com.apple.CoreFoundation      	0x90693630 CFRunLoopRunSpecific + 2480
9   com.apple.CoreFoundation      	0x906736b4 CFMessagePortSendRequest + 804
10  com.apple.HIServices          	0x90c5b740 SendDragIPCMessage + 256
11  com.apple.HIServices          	0x90c5c6bc SendDropMessage + 76
12  com.apple.HIServices          	0x90c598f0 DragInApplication + 500
13  com.apple.HIServices          	0x90c586f4 CoreDragStartDragging + 844
14  com.apple.AppKit              	0x974a92f4 -[NSCoreDragManager _dragUntilMouseUp:accepted:] + 528
15  com.apple.AppKit              	0x974a8554 -[NSCoreDragManager dragImage:fromWindow:at:offset:event:pasteboard:source:slideBack:] + 1172
16  com.apple.AppKit              	0x974a80a8 -[NSWindow(NSDrag) dragImage:at:offset:event:pasteboard:source:slideBack:] + 132
17  com.apple.WebKit              	0x0099cd30 -[WebHTMLView dragImage:at:offset:event:pasteboard:source:slideBack:] + 144
18  com.apple.WebKit              	0x00973c5c WebDragClient::startDrag(WTF::RetainPtr<NSImage>, WebCore::IntPoint const&, WebCore::IntPoint const&, WebCore::Clipboard*, WebCore::Frame*, bool) + 972
19  com.apple.WebCore             	0x0175b538 WebCore::DragController::doSystemDrag(WTF::RetainPtr<NSImage>, WebCore::IntPoint const&, WebCore::IntPoint const&, WebCore::Clipboard*, WebCore::Frame*, bool) + 376
20  com.apple.WebCore             	0x0175b954 WebCore::DragController::doImageDrag(WebCore::Element*, WebCore::IntPoint const&, WebCore::IntRect const&, WebCore::Clipboard*, WebCore::Frame*, WebCore::IntPoint&) + 884
21  com.apple.WebCore             	0x0175d0dc WebCore::DragController::startDrag(WebCore::Frame*, WebCore::Clipboard*, WebCore::DragOperation, WebCore::PlatformMouseEvent const&, WebCore::IntPoint const&, bool) + 1484
22  com.apple.WebCore             	0x0178f974 WebCore::EventHandler::handleDrag(WebCore::MouseEventWithHitTestResults const&) + 1588
23  com.apple.WebCore             	0x017923e8 WebCore::EventHandler::handleMouseDraggedEvent(WebCore::MouseEventWithHitTestResults const&) + 24
24  com.apple.WebCore             	0x01792b60 WebCore::EventHandler::handleMouseMoveEvent(WebCore::PlatformMouseEvent const&, WebCore::HitTestResult*) + 1520
25  com.apple.WebCore             	0x0179907c WebCore::EventHandler::mouseDragged(NSEvent*) + 348
26  com.apple.WebKit              	0x009a510c -[WebHTMLView mouseDragged:] + 188
27  com.apple.AppKit              	0x972d7e3c -[NSWindow sendEvent:] + 7428
28  com.apple.Safari              	0x0004504c 0x1000 + 278604
29  com.apple.Safari              	0x00044fd8 0x1000 + 278488
30  com.apple.AppKit              	0x972aa67c -[NSApplication sendEvent:] + 3256
31  com.apple.Safari              	0x0003b144 0x1000 + 237892
32  com.apple.AppKit              	0x972178d4 -[NSApplication run] + 800
33  com.apple.AppKit              	0x971e8298 NSApplicationMain + 440
34  com.apple.Safari              	0x0000b648 0x1000 + 42568