Disallow sequences with lengths exceeding max allocation supported.

third_party/WebKit/Source/wtf/Vector.h

Index: third_party/WebKit/Source/wtf/Vector.h
diff --git a/third_party/WebKit/Source/wtf/Vector.h b/third_party/WebKit/Source/wtf/Vector.h
index 6f522d50d3ba05571e9229dab26d82cd16f93128..9b068f1cf5d160133f12d2b49a7fb99805bd211a 100644
--- a/third_party/WebKit/Source/wtf/Vector.h
+++ b/third_party/WebKit/Source/wtf/Vector.h
@@ -335,6 +335,8 @@ class VectorBufferBase {
  public:
   void allocateBuffer(size_t newCapacity) {
     DCHECK(newCapacity);
+    DCHECK_LE(newCapacity,
+              Allocator::template maxElementCountInBackingStore<T>());
     size_t sizeToAllocate = allocationSize(newCapacity);
     if (hasInlineCapacity)
       m_buffer =
@@ -997,6 +999,12 @@ class Vector
 
   void reverse();
 
+  // Maximum element count supported; allocating a vector
+  // buffer with a larger count will fail.
+  static size_t maxCapacity() {
+    return Allocator::template maxElementCountInBackingStore<T>();
+  }
+
   template <typename VisitorDispatcher>
   void trace(VisitorDispatcher);