I already had downloaded the offline file to turn off easy anti-cheat make sure cheat engine can run normally. then I try to attach the debugger on it but the game gets freeze and crash after 10 - 30 seconds every time even I have been closed the cheat engine before its happened. Also, I have use
x64dbg to find out more information about it and here is what I got:
Cheat engine:
X64dbg: [Link]
I have not ever met this delay-crash debugger issue in other games, most of them only crash before save load or fast traveling so I have no idea how to prevent it, please someone can help me get out with it.
This is fairly necro, but I came across this post after initially encountering the issue and thought I should come back to it after checking it out.
Essentially, it seems that ER implemented anti-debug protection. There's one function that is called ubiquitously and seems to do some sort of debug check in the form of a repne loop that causes stack corruption when a debugger is present and, therefore, results in a return to an invalid address, causing the exception. On the current patch, it seems the main culprit for the actual exception is the call at "eldenring.exe+D6DBD9", but you could also patch the repne function itself to just immediately return.
Forget what I said above, I looked further into it and realized the main issue is an entire anti-debug routine completely seperate from this. Essentially, it checks if a debugger is present and intentionally calls a series of sub-functions that repeatedly completely corrupt the stack (on purpose) until it crashes. The function also is responsible for updating a byte which, if not set, will cause the game to not render/run.
To fix it, here's a copy and pasteable CE script:
"
[ENABLE]
aobscanmodule(CrashRoutineCall,eldenring.exe,83 F8 FF 73 04 FF C0 89 02 4C 63 43 48 4D 03 C0 48 8B 43 10 48 8B D6 48 8B CB 42 FF 14 C0 48 63 43 4C 89 43 48 4C 39 73 60 74 2F 44 38 73 69 74 29 83 F8 14)
registersymbol(CrashRoutineCall)
CrashRoutineCall+1A:
db 90 90 90 90
Serious necro this time but I realized I'm a moron and didn't end up fixing the actual issue but just hindered it...
Again, the real problem is a bunch of internal timers that periodically run a super delicate operation that catch debuggers and end up producing the crashes. However, with the previous approach, not all of these timers are prevented, and since they've been implemented annoyingly, there isn't an easy solution to stop all of them without also stopping rendering or input or sound etc. So, here's a very ghetto approach that forces all of the timers to essentially infinity, meaning they can't tick down to zero nor run any of the anti-debug routines.
Thus, all you need to do then is run this once before you attach the debugger, and you're good to go. Final working CE script:
"
[ENABLE]
// Sets new timer value to basically +inf when it updates
alloc(newmem,100,"eldenring.exe"+E11756)
label(code)
newmem:
dd (float)3E38
code:
movss xmm0,[newmem]
add rsp,48
ret
"eldenring.exe"+E11756:
jmp code
// Stops delta time from being updated
"eldenring.exe"+2655322:
nop 8
// Sets delta time very high to tick down timers all the way
eldenring.exe+3C62508:
dd (float)100000
// Disables script after a short wait
{$lua}
local timer = createTimer()
timer.Interval = 50 -- ms
timer.OnTimer = function(_)
memrec.Active = false
timer.destroy()
end
{$asm}
