Bug 315034

We occasionally see a CheckedPtr crash in CollectionIndexCache while running moveBefore tests: e.g. Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 JavaScriptCore 0x12f796350 WTFCrash + 0 1 WebCore 0x30033d61c WTF::CanMakeCheckedPtrBase<WTF::SingleThreadIntegralWrapper<unsigned int>, unsigned int, bool, (WTF::CheckedPtrDeleteCheckException)0>::crashDueToCheckedPtrToDeadObject() + 16 2 WebCore 0x30033d5f8 WTF::CanMakeCheckedPtrBase<WTF::SingleThreadIntegralWrapper<unsigned int>, unsigned int, bool, (WTF::CheckedPtrDeleteCheckException)0>::decrementCheckedPtrCount() const + 44 3 WebCore 0x3005cfaec WTF::CheckedPtr<WebCore::Element, WTF::RawPtrTraits<WebCore::Element>>::derefIfNotNull() + 56 4 WebCore 0x3005cfaa4 WTF::CheckedPtr<WebCore::Element, WTF::RawPtrTraits<WebCore::Element>>::~CheckedPtr() + 32 5 WebCore 0x3005cf7e4 WTF::CheckedPtr<WebCore::Element, WTF::RawPtrTraits<WebCore::Element>>::~CheckedPtr() + 32 6 WebCore 0x300ef0b20 WebCore::ElementIterator<WebCore::Element>::~ElementIterator() + 48 7 WebCore 0x301d0978c WebCore::ElementChildIterator<WebCore::Element>::~ElementChildIterator() + 32 8 WebCore 0x301c3f42c WebCore::ElementChildIterator<WebCore::Element>::~ElementChildIterator() + 32 9 WebCore 0x3076985e8 WebCore::CollectionIndexCache<WebCore::GenericCachedHTMLCollection<(WebCore::CollectionType)11>, WebCore::ElementChildIterator<WebCore::Element>>::~CollectionIndexCache() + 44 10 WebCore 0x3076985ac WebCore::CollectionIndexCache<WebCore::GenericCachedHTMLCollection<(WebCore::CollectionType)11>, WebCore::ElementChildIterator<WebCore::Element>>::~CollectionIndexCache() + 32 11 WebCore 0x307687010 WebCore::CachedHTMLCollection<WebCore::GenericCachedHTMLCollection<(WebCore::CollectionType)11>>::~CachedHTMLCollection() + 116 12 WebCore 0x307686f8c WebCore::GenericCachedHTMLCollection<(WebCore::CollectionType)11>::~GenericCachedHTMLCollection() + 32 13 WebCore 0x307687048 WebCore::GenericCachedHTMLCollection<(WebCore::CollectionType)11>::~GenericCachedHTMLCollection() + 32 14 WebCore 0x307687078 WebCore::GenericCachedHTMLCollection<(WebCore::CollectionType)11>::~GenericCachedHTMLCollection() + 32 15 WebCore 0x301081de8 WTF::RefCounted<JSC::EmbedderArrayLike>::deref() const + 100 16 WebCore 0x301081d48 WTF::DefaultRefDerefTraits<WebCore::HTMLCollection>::derefIfNotNull(WebCore::HTMLCollection*) + 44 17 WebCore 0x301081cd8 WTF::Ref<WebCore::HTMLCollection, WTF::RawPtrTraits<WebCore::HTMLCollection>, WTF::DefaultRefDerefTraits<WebCore::HTMLCollection>>::~Ref() + 64 18 WebCore 0x301008cd0 WTF::Ref<WebCore::HTMLCollection, WTF::RawPtrTraits<WebCore::HTMLCollection>, WTF::DefaultRefDerefTraits<WebCore::HTMLCollection>>::~Ref() + 32 19 WebCore 0x302697988 WebCore::JSDOMWrapper<WebCore::HTMLCollection, WTF::RawPtrTraits<WebCore::HTMLCollection>>::~JSDOMWrapper() + 36 20 WebCore 0x302697954 WebCore::JSHTMLCollection::~JSHTMLCollection() + 32 21 WebCore 0x3025ec904 WebCore::JSHTMLCollection::~JSHTMLCollection() + 32 22 WebCore 0x3001008d4 WebCore::JSHTMLCollection::destroy(JSC::JSCell*) + 36 <rdar://177337493><