@kunix: region number, please? I scanned up to 80. I'm a bit lazy to go to 255... I'm interested in dumps, but not that much...
@turboccc
Yes, I claim. There are a few small regions that contain OEM settings. This is true at least for nuvi 13xx/14xx, 37xx, 2xxx. They are too small to hold NVM settings.
Also I don't think NVM is in the flash at all, because in this case the writing speed would be slow and the flash would die too soon. I don't believe Garmin made such a bad decision. I think there is some kind of energy-independent memory inside ARM processor that contains NVM.
@lolypop000
What encoding did you use for OEM.xml? Make sure you save it with one-byte characters. I can't think up another reason why your perfect XML fails.
@kunix: region number, please? I scanned up to 80. I'm a bit lazy to go to 255... I'm interested in dumps, but not that much...
0x8B, 0x8C, 0x8D, 0x8E, 0x8F
All of them are being written just after XML is parsed on 37xx.
This number is also for 13xx?
I'm not sure, probably not. Because on 13xx/14xx OEM.xml is copied into flash. That's how I've got it, I've dumped it from some branded 16xx.
Every time the unit starts, OEM.xml is parsed either from flash region or from file and the results are stored somewhere, I don't know where.
IMHO it works like this:
You share the info, many people try and discover next valuable information. In short time you receive results.
You hide information for yourself then you have to do it alone. You are easyly outdone by Garmin and when you reach to any conclusion, your results are outdated and nobody cares, because Garmin releases new firmwares, nuvi models etc.
Thanks. Yes, I can see that my regions 139 & 140 (decimal) were modified. The other 2 (141 & 142) are still at FF for now. Remember that I have a 3750.
Here's my region 139:
Offset 0 1 2 3 4 5 6 7 8 9 A B C D E F
00000000 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ...............
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00000020 00 00 30 00 31 00 00 00 00 00 00 00 00 00 00 00 ..0.1...........
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Here' my region 140:
Offset 0 1 2 3 4 5 6 7 8 9 A B C D E F
00000000 20 00 00 00 00 00 00 00 00 01 01 01 01 01 01 01 ...............
00000010 01 01 01 01 01 01 01 01 01 01 00 00 01 01 01 00 ................
00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
You can see the bunch of 01 enabling some of the features.
If someone has a 3790, I would like to see the sames bytes, please! I would guess that without using the .xml statements you would have non-zero data in those 2 regions.
My regions look the same, but I dumped them after trying 34xx firmware. I returned back to 37xx and then cleared region 140 without any visible change in nuvi. My guess is that region 140 could be responsible for 34xx features.
This is summary of my experience with 37xx regions (maybe some are changed by 34xx firmware).
These regions are readable with length greater than 0:
rreg 05: 512kB some code
rreg 14: 20MB firmware
rreg 15: 2MB empty
rreg 16: 3MB logo
rreg 34: 128kB - region with ID
rreg 41: 6MB - nonvolatile memory, some kind of header (FAT?) on the beginning, than dats xored by C5 3A
rreg 43: 128kB data/code with string CHSETTINGS
rreg 45: 128kB empty
rreg 48: nuvi internal disk image, not sure what if greater than 4GB
rreg 86: 1.5MB empty
rreg 127: 64M resources
rreg 132: 4kB config? with string METADATASIG
rreg 139: 20kB config? string "01"
rreg 140: 20kB config? data 0 and 1
rreg 141: 20kB empty
rreg 142: 32kB empty
rreg 143: 36kB empty
I have made several failed attempts to flash SG-MY 3.00 firmware to my nuvi 3760 EU/US. This is what I have tried:
- clear region 41 and flash SG-MY
- flash SG-MY and then clear 41
- clear region 140 and then flash SG-MY
- clear data area 0x10 - 0x1F in region 34 and then flash SG-MY
- write region 34 and 41 with dumps form nuvi 3750 and then flash SG-MY
I think I can clear more regions and try again. Would be helpful to know how regions look in asian devices or in 3750 which can be converted.
Last edited by Kanopus; 21st November 2011 at 01:47 PM.
Bookmarks