stylnmp Posted September 6, 2007 Report Share Posted September 6, 2007 Hi, Can you please tell me how to access the service menu on my AVIC-D1? I need to calibrate my screen. Thanks! Quote Link to post Share on other sites
bushing Posted September 11, 2007 Report Share Posted September 11, 2007 Sorry, i've been busy, but I've had a number of requests for this, so here ya go -- from memory. Getting into the Service mode on AVIC-D1 (and D2?) 1. Turn car on, AVIC unit should power on. 2. Hold down OPEN button so that the panel flips down all of the way (as if you were going to replace the Map DVD 3. Using a paperclip (etc), press the Reset button on the LCD panel -- this is inside a small hole next to the directional (joystick) control. Hold down the button. 4. While holding down the reset button, press the DVD drive Eject button (the lower of the two eject buttons, it says "ROM" on it). Hold it down. 5. While holding down the Eject button, release the Reset button. 6. The screen should now say "Please press the [RESET] button." It's lying. Don't do that. You can release the eject button now. 7. Instead of pressing the reset button, enter this code using the joystick: Up, Up, Down, Down, OK (where OK means "push the joystick in") 8. You should receive a message that says "Password Accepted", and then be in the service menu. If you'd like, you can press the Open button to fold the LCD panel back in. Reflashing firmware, to change the message text, etc. This is from memory, let me know if you can't figure out what to do from here. First, prepare a CDR(W) or DVDR(W) with the updated firmware. The easiest way to do this, I found, is: 1. Insert a Map DVD into your computer. 2. Use any program to copy all of the files into a directory on your hard drive. 3. Go into that program and delete all of the large files, and probably all of the directories. In theory, you only need a few of the files -- the ones that contain the firmware -- but I never bothered to figure out which. Instead, just delete enough of the large map-date files such that the resulting files will fit onto your 650MB CDR or 4.7GB single-layer DVDR. 4. Edit the firmware files in that directory, as appropriate 5. Burn the contents of that directory to a CDR or DVDR using any program. Flashing the firmware: 1. From the main service menu, move the joystick right to get to the second page of the menu 2. Choose "6. Program Forced Write" 3. Choose "3. Application Program" 4. Insert your modified CDR or DVDR into the appropriate drive; if necessary, use the OPEN button to flip the LCD panel and/or use one of the eject buttons to eject a disk already in the drive. 5. Next to option "2. DVD/CD-ROM", it should give a version number and not "NG" (No Good). If so, select it and press OK. 6. Select the appropriate language, in my case "2. English US" with the joystick. 7. The help text at the bottom of the screen directs you to make your selection and press the "[NAVI]" button -- on our units, this is the MAP button in the upper-left corner of the display. It will then take about 90 seconds to read the firmware off the disk and flash it. When it's done, it will say "100%" for both stages, and you can hit the eject button and remove your modified disk. Then, hit the reset button and watch the unit boot with your new firmware. If you have modified any of the firmware files without recalculating the checksum as I described earlier in this thread, instead of saying "100%" it will say "NG", IIRC. If you then reset the unit, it will perform the checksum verification upon boot and then display a message saying something like "An Update Is Required, Please Insert Map Disk". If one is already in the drive, it will automatically try to reflash itself. This means that you shouldn't be able to brick the unit by just reflashing the "Application Program". Now, all that is done by the "System Program", so I'd avoid touching that, if I were you Hope this helps. -b Quote Link to post Share on other sites
tnova Posted October 14, 2007 Report Share Posted October 14, 2007 So I picked up yesterday where this thread left off. I tried NOP'ing a part of the nag_screen_1, identifying the function with the HEX editor and the disassembled code provided on the forum. I did this on the newer 4.0 release. I recomputed checksum and reflashed. Still wasn't able to bypass nag screen. I will test alittle more. Quote Link to post Share on other sites
bushing Posted October 16, 2007 Report Share Posted October 16, 2007 So I picked up yesterday where this thread left off. I tried NOP'ing a part of the nag_screen_1, identifying the function with the HEX editor and the disassembled code provided on the forum. I did this on the newer 4.0 release. I recomputed checksum and reflashed. Still wasn't able to bypass nag screen. I will test alittle more. Great! Time to pick this back up, then. I put some updated files (disassembly, etc) here: http://people.freedesktop.org/~bbyer/av ... 07.lst.bz2 I'd like to draw your attention to this table of function pointers: 08C27B40 unktable: struct_0 struct_0 struct_0 struct_0 struct_0 struct_0 struct_0 struct_0 struct_0 struct_0 struct_0 struct_0 struct_0 struct_0 struct_0 struct_0 struct_0 struct_0 There are two other similar tables (0x8c2804c, 0x8b4eda0), but I can't find references to the first two, only to the latter (TaskTable). I experimented before with patching the show_nag_1 function, as you tried -- by either nop'ing out parts of it, or modifying jump commands to skip over parts of the function. I saw three different results: * no change * Text window is not displayed, but OK button is still displayed -- pressing OK works and allows use of the unit * Text window is display, OK button is not displayed -- there is no way to continue, even if I try pressing the screen where the button used to be. I tried replacing struct_0 with struct_0 -- and sure enough, instead of the "nag" screen I got the "You have booted up with English, do you want to switch languages?" screen. Picking 'Yes' let me switch languages, but then it froze, as it did when I picked 'No'. I tried replacing that line with struct_0 in the hopes that those dummy functions (which only return 0) would make it proceed, but it also just froze when it tried to display the message. (What you'll actually see happen is it will display the map, and then a second later it will shift the view of the map over by a few pixels, and then freeze.) Someone noted earlier in this thread that you won't get the screen if you have a route already active when you start your car -- it would be nice to find where that check is made and force it to always be true. Quote Link to post Share on other sites
bushing Posted October 17, 2007 Report Share Posted October 17, 2007 I also tried replacing struct_0 with struct_0 ... and same result (freeze). Quote Link to post Share on other sites
tnova Posted October 18, 2007 Report Share Posted October 18, 2007 I tried the NOP, that didn't work. I added a few more around in the place of branches on register compares, now the labels on my Info screen don't appear, weird. I noticed also when a route is loaded it bypasses the nag screen. Hmm... Quote Link to post Share on other sites
wpageabc Posted October 18, 2007 Report Share Posted October 18, 2007 This solution is working for me. Suspend a medium milk bone from your mirror. When the puppy lunges and hits the OK button problem gone! Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.