Just visit young array buffers during scavenge.

src/runtime/runtime-typedarray.cc

Index: src/runtime/runtime-typedarray.cc
diff --git a/src/runtime/runtime-typedarray.cc b/src/runtime/runtime-typedarray.cc
index 82224bc9b3e8021d6b780e7af2343f75b9bb65c0..4726aef799cb80a711c8f50039b13b097a9deee1 100644
--- a/src/runtime/runtime-typedarray.cc
+++ b/src/runtime/runtime-typedarray.cc
@@ -88,6 +88,8 @@ bool Runtime::SetupArrayBufferAllocatingData(Isolate* isolate,
 
 void Runtime::NeuterArrayBuffer(Handle<JSArrayBuffer> array_buffer) {
   Isolate* isolate = array_buffer->GetIsolate();
+  // Firstly, iterate over the views which are referenced directly by the array
+  // buffer.
   for (Handle<Object> view_obj(array_buffer->weak_first_view(), isolate);
        !view_obj->IsUndefined();) {
     Handle<JSArrayBufferView> view(JSArrayBufferView::cast(*view_obj));
@@ -100,6 +102,24 @@ void Runtime::NeuterArrayBuffer(Handle<JSArrayBuffer> array_buffer) {
     }
     view_obj = handle(view->weak_next(), isolate);
   }
+
+  // Secondly, iterate over the global list of new space views to find views
+  // that belong to the neutered array buffer.

[Hannes Payer (out of office), 2015/02/06 12:21:10]

Dmitry, when we neuter, do we still have to keep the array buffer to view
relationship? I.e., would we be allowed to remove the views from the new space
list of views?

+  Heap* heap = isolate->heap();
+  for (Handle<Object> view_obj(heap->new_array_buffers_view_list(), isolate);
+       !view_obj->IsUndefined();) {
+    Handle<JSArrayBufferView> view(JSArrayBufferView::cast(*view_obj));
+    if (view->buffer() == *array_buffer) {
+      if (view->IsJSTypedArray()) {
+        JSTypedArray::cast(*view)->Neuter();
+      } else if (view->IsJSDataView()) {
+        JSDataView::cast(*view)->Neuter();
+      } else {
+        UNREACHABLE();
+      }
+    }
+    view_obj = handle(view->weak_next(), isolate);
+  }
   array_buffer->Neuter();
 }
 
@@ -265,11 +285,18 @@ RUNTIME_FUNCTION(Runtime_TypedArrayInitialize) {
   holder->set_byte_offset(*byte_offset_object);
   holder->set_byte_length(*byte_length_object);
 
+  Heap* heap = isolate->heap();
   if (!maybe_buffer->IsNull()) {
     Handle<JSArrayBuffer> buffer = Handle<JSArrayBuffer>::cast(maybe_buffer);
     holder->set_buffer(*buffer);
-    holder->set_weak_next(buffer->weak_first_view());
-    buffer->set_weak_first_view(*holder);
+
+    if (heap->InNewSpace(*holder)) {
+      holder->set_weak_next(heap->new_array_buffers_view_list());
+      heap->set_new_array_buffers_view_list(*holder);
+    } else {
+      holder->set_weak_next(buffer->weak_first_view());
+      buffer->set_weak_first_view(*holder);
+    }
 
     Handle<ExternalArray> elements = isolate->factory()->NewExternalArray(
         static_cast<int>(length), array_type,
@@ -367,8 +394,15 @@ RUNTIME_FUNCTION(Runtime_TypedArrayInitializeFromArrayLike) {
       isolate->factory()->NewNumberFromSize(byte_length));
   holder->set_byte_length(*byte_length_obj);
   holder->set_length(*length_obj);
-  holder->set_weak_next(buffer->weak_first_view());
-  buffer->set_weak_first_view(*holder);
+
+  Heap* heap = isolate->heap();
+  if (heap->InNewSpace(*holder)) {
+    holder->set_weak_next(heap->new_array_buffers_view_list());
+    heap->set_new_array_buffers_view_list(*holder);
+  } else {
+    holder->set_weak_next(buffer->weak_first_view());
+    buffer->set_weak_first_view(*holder);
+  }
 
   Handle<ExternalArray> elements = isolate->factory()->NewExternalArray(
       static_cast<int>(length), array_type,
@@ -542,8 +576,14 @@ RUNTIME_FUNCTION(Runtime_DataViewInitialize) {
   holder->set_byte_offset(*byte_offset);
   holder->set_byte_length(*byte_length);
 
-  holder->set_weak_next(buffer->weak_first_view());
-  buffer->set_weak_first_view(*holder);
+  Heap* heap = isolate->heap();
+  if (heap->InNewSpace(*holder)) {
+    holder->set_weak_next(heap->new_array_buffers_view_list());
+    heap->set_new_array_buffers_view_list(*holder);
+  } else {
+    holder->set_weak_next(buffer->weak_first_view());
+    buffer->set_weak_first_view(*holder);
+  }
 
   return isolate->heap()->undefined_value();
 }