2944: failed-jupiter-spring

[gottfriedleibniz]

2699.16 modified some update routines to include an additional "Dependency" thread check. Some additional obfuscation was added in 2944.0 and is now causing weird interactions with FiveM. Related forum thread.

Tracing its execution: 0x140455D13/2944 (updateBusySpinner) leads to: 0x140455D13 -> 0x140A9A047 -> 0x140455238 -> 0x1412F725C. A dependency worker eventually handles it: 0x1412F2CA3 -> 0x140455F88 -> ros.dll which leads to failed-jupiter-spring.

For reference 2699.16 still contains RTTI and the relevant ROS pattern is 55 48 83 EC 20 48 8D 6C 24 20.... On my local branch I've been nop'ing 0x140A9A047/2944 because that code is not relevant.

[Cral-Cactus]

I am facing with that crash out of no where since 1 month or so. It's very sad how FiveM devs can not fix this crash for more than 1 month.

[blattersturm]

An analysis I've read in this regard from @duk-37 implies that this is a case of PEB module iteration in a racey fashion. No-op'ing the routine would make sense if this is another anticheat check.

[gottfriedleibniz]

The relevant vtable in 2699.16 is named AnticheatDetectionVerifier1003. It is the only class in that collection updated in 2944. Was unsure if details needed to be obfuscated given its nature.

If worried about second-order effects from just nop'ing parts of this subsystem, it should be possible (maybe? untested) to bypass this trigger as it just seems layered on, e.g., modify the callbacks in 0x140455238/2944 (or use custom functions that mirror 2699.16).

[duk-37]

If worried about second-order effects from just nop'ing parts of this subsystem, it should be possible (maybe? untested) to bypass this trigger as it just seems layered on, e.g., modify the callbacks in 0x140455238/2944 (or use custom functions that mirror 2699.16).

the """fix""" I had in mind is a bit less invasive than this, but for reasons you mentioned I'd rather not go into specifics; there's a reason nothing other than "broken module scan" was mentioned. Is there a way I can contact you in private?

[MikkelONTOP]

Hello, a few days ago I got this crash code and I want to know what I have to do to fix this problem. I have tried everything tried and clear cache in fivem and everything you can do now to try and fix this problem. Also reinstalled fivem

Only crashes on server with game build 2944 and thought it was becoming very annoying as I have friends who can easily play on the servers without problems.

[ItsVinnyX]

Is there a working fix for this or an update being pushed to resolve this?

[JeroenKla]

We got the error again, is there a possible fix for it or?

[gottfriedleibniz]

A potential fix is currently on Latest/canary. We are looking to see whether it causes regressions elsewhere. Others on the forum have also been asked to provide feedback.