ok will try to flash back to stock on my mr200v5 and find solution
I found the problem.
Blockquote
Copy 0x80080000 to 0x00020000, count 0x7A0000
so it copies the firmware only till 0x7a0000 and there are still datas after 0x7a0000 for v5. v4 doesnt have datas after 0x7a0000 that explains why it works for that file. Now we need to find a firmware that doesn't have datas after 0x7a0000, or modify the bootloader so it can write further ahead or we can use openwrt to write the firmware. anyways this is tp-link bug, or the file isn't meant to be used for tftp upgrade.
I found the first firmware release which is what we need and testing it now.
Found something else. Actually the real problem is spi driver not recognizing the eeprom IC. It reverted to default driver with size of 4MB so the other partitions are not recognized.
flash manufacture id: 1c, device id 70 17
Warning: un-recognized chip ID, please update SPI driver!
EN25QH32B(1c 70161c30 flash_version = 1) (4096 Kbytes)
mtd .name = raspi, .size = 0x00400000 (4M) .erasesize = 0x00010000 (64K) .numeraseregions = 0
after modifying the bootloader to erase and write up to 0x7c0000 and using my firmware dump which has newer spi driver, everything works as it should.
Bytes transferred = 8126464 (7c0000 hex)
NetBootFileXferSize= 007c0000
Erase flash !!
From 0x20000 length 0x7C0000
............................................................................................................................
Copy 0x80080000 to 0x00020000, count 0x7C0000....
............................................................................................................................
The problem now would be how to write to u-boot or mtd0 partition since it is readonly. We could either mark mtd0 as read write in openwrt or simply use external eeprom programmer to write the modified bootloader. I used a programmer just to test the bootloader. Anyway I think this is a bug on tp-link side or maybe they stopped supporting tftpd on v5.
If you do a firmware upgrade from the webpage, it will also update the bootloader so any changes on the bootloader needs to be redone, or we just need to modify the bootloader in the firmware first before doing firmware upgrade.
I think a much simpler hack would be to modify v4 bootloader. install it with tp_recovery method. after boot succesfully do firmware upgrade with v4 bootloader modified. after that you can install v5 tp_recovery from my dump.
I've got a SOIC clip, so writing the flash chip directly isn't much of an issue either. So pretty much replacing the current bootloader with the one in the v5 dump?
no. I will send the file with modified bootloader. But you must backup your firmware first if you are using soic clip. And you need to replace the bootloader in your dump with the modified bootloader
Alright, will do that
Here is the link
if you have a hex editor, just copy paste the modified bootloader into your firmware dump at 0x0