I've seen this crash many times, trying to access https://slowroads.io:

13.129 RequestServer(50:50): ASSERTION FAILED: i < m_size
././AK/Vector.h:148
13.137 [#0 RequestServer(50:50)]: Terminating RequestServer(50) due to signal 6
...
15.031 CrashReporter(53:57): Generating backtrace took 1584 ms
15.031 CrashReporter(53:57): --- Backtrace for thread #0 (TID 50) ---
15.031 CrashReporter(53:57): 0x0000001d691c102b: [/usr/lib/libsystem.so] syscall2 +0xb (syscall.cpp:25 => syscall.cpp:24)
15.031 CrashReporter(53:57): 0x00000019621e74cd: [/usr/lib/libc.so] abort +0x26 (stdlib.cpp:386)
15.031 CrashReporter(53:57): 0x00000019621ed8d5: [/usr/lib/libc.so] __assertion_failed +0x85 (assert.cpp:34)
15.031 CrashReporter(53:57): 0x00000015f655ff13: [/usr/lib/libhttp.so.serenity] HTTP::Job::on_socket_connected()::{lambda()#2}::operator()() const +0xa13 (Vector.h:148 => Vector.h:156 => Job.cpp:258)
15.031 CrashReporter(53:57): 0x00000015f655d393: [/usr/lib/libhttp.so.serenity] AK::Function<void ()>::CallableWrapper<HTTP::Job::register_on_ready_to_read(AK::Function<void ()>)::{lambda()#1}>::call() +0x63 (Function.h:111)
15.036 CrashReporter(53:57): 0x00000003b0e336d3: [/bin/RequestServer] AK::Function<void ()>::CallableWrapper<Core::BufferedSocket<TLS::TLSv12>::setup_notifier()::{lambda()#1}>::call() +0x43 (Function.h:111)
15.036 CrashReporter(53:57): 0x00000019dfb96f40: [/usr/lib/libtls.so.serenity] TLS::TLSv12::notify_client_for_app_data() +0x80 (Function.h:111)
15.036 CrashReporter(53:57): 0x00000019dfb977b6: [/usr/lib/libtls.so.serenity] TLS::TLSv12::read_from_socket() +0xc6 (Socket.cpp:181 => ScopeGuard.h:23 => Socket.cpp:207)
15.036 CrashReporter(53:57): 0x00000019dfb978da: [/usr/lib/libtls.so.serenity] AK::Function<void ()>::CallableWrapper<TLS::TLSv12::setup_connection()::{lambda()#1}::operator()() const::{lambda()#1}>::call() +0x2a (Socket.cpp:123 => Function.h:173)
15.036 CrashReporter(53:57): 0x000000012b88abb3: [/usr/lib/libcore.so.serenity] AK::Function<void ()>::CallableWrapper<Core::TCPSocket::setup_notifier()::{lambda()#1}>::call() +0x43 (Function.h:111)
15.039 CrashReporter(53:57): 0x000000012b87d061: [/usr/lib/libcore.so.serenity] Core::Notifier::event(Core::Event&) +0x61 (Function.h:111)
15.039 CrashReporter(53:57): 0x000000012b87e76a: [/usr/lib/libcore.so.serenity] Core::Object::dispatch_event(Core::Event&, Core::Object*) +0x7a (Object.cpp:214)
15.039 CrashReporter(53:57): 0x000000012b89655d: [/usr/lib/libcore.so.serenity] Core::ThreadEventQueue::process() +0x29d (ThreadEventQueue.cpp:106)
15.039 CrashReporter(53:57): 0x000000012b8739f3: [/usr/lib/libcore.so.serenity] Core::EventLoopImplementationUnix::exec() +0x33 (EventLoopImplementationUnix.cpp:109 => EventLoopImplementationUnix.cpp:101)
15.039 CrashReporter(53:57): 0x000000012b8703cd: [/usr/lib/libcore.so.serenity] Core::EventLoop::exec() +0x6d (EventLoop.cpp:74)
15.039 CrashReporter(53:57): 0x00000003b0e598ca: [/bin/RequestServer] serenity_main(Main::Arguments) +0x21a (main.cpp:53)
15.039 CrashReporter(53:57): 0x00000003b0e29a5a: [/bin/RequestServer] main +0x14a (Main.cpp:43)
15.039 CrashReporter(53:57): 0x00000003b0e29be8: [/bin/RequestServer] _entry +0x48 (crt0.cpp:48)

It always crashes at this line, trying to call StringView::matches:

More specifically, the assertion in Vector::at always happens because index 0 is being accessed while the vector size is somehow only 0.

Adding more logging around this code in Job.cpp makes it less likely to happen. But it only ever crashes on that call to StringView::matches. However, printing out the various StringViews and Vector sizes all show consistent and expected values, so it has a bit of a memory corruption or use-after-free smell to it. I thought that there might be some issues with object lifetime in combination with deferred_invoke but making some modifications to LibTLS and LibHTTP did not affect this issue or confirm that this is the case. Not sure what's going on, but i can replicate this quite a lot.