Check for usize overflow of new capacity

src/impl_owned_array.rs

@@ -173,6 +173,8 @@ impl<A> Array<A, Ix2> {
     /// This is useful when pushing or appending repeatedly to an array to avoid multiple
     /// allocations.
     ///
+    /// ***Panics*** if the new capacity would exceed `usize::MAX`.
+    ///
     /// ***Errors*** with a shape error if the resultant capacity is larger than the addressable
     /// bounds; that is, the product of non-zero axis lengths once `axis` has been extended by
     /// `additional` exceeds `isize::MAX`.
@@ -195,6 +197,8 @@ impl<A> Array<A, Ix2> {
     /// This is useful when pushing or appending repeatedly to an array to avoid multiple
     /// allocations.
     ///
+    /// ***Panics*** if the new capacity would exceed `usize::MAX`.
+    ///
     /// ***Errors*** with a shape error if the resultant capacity is larger than the addressable
     /// bounds; that is, the product of non-zero axis lengths once `axis` has been extended by
     /// `additional` exceeds `isize::MAX`.
@@ -708,7 +712,7 @@ impl<A, D> Array<A, D>
     /// This is useful when pushing or appending repeatedly to an array to avoid multiple
     /// allocations.
     ///
-    /// ***Panics*** if the axis is out of bounds.
+    /// ***Panics*** if the axis is out of bounds or if the new capacity would exceed `usize::MAX`.
     ///
     /// ***Errors*** with a shape error if the resultant capacity is larger than the addressable
     /// bounds; that is, the product of non-zero axis lengths once `axis` has been extended by
@@ -734,7 +738,9 @@ impl<A, D> Array<A, D>
         let mut res_dim = self_dim;
         res_dim[axis.index()] += additional;
         let new_len = dimension::size_of_shape_checked(&res_dim)?;
-        debug_assert_eq!(self.len() + len_to_append, new_len);
+
+        // Check whether len_to_append would cause an overflow
+        debug_assert_eq!(self.len().checked_add(len_to_append).unwrap(), new_len);
 
         unsafe {
             // grow backing storage and update head ptr