fix(adb): immune to adb-version conflicts + live-bound port detection

CHANGELOG.md

@@ -5,6 +5,40 @@ Player — from one file, fully automatically. Releases are grouped by the BlueS
 
 ---
 
+## v11 — adb robustness: immune to adb-version conflicts + live-bound port detection · 2026-06-02
+
+Fixes a report where a **fully-booted** instance (Home visible, Magisk installed) still failed with
+`instance '<name>' did not boot / become adb-reachable within 300 s`. Root cause was **not** the instance:
+a **system `adb` of a different version** on the host (Android SDK platform-tools **v1.0.41**) and
+BlueStacks' bundled **HD-Adb v1.0.36** were killing each other's adb **server** on the shared default port
+5037 (*"adb server version doesn't match this client; killing…"*), so the tool's `getprop sys.boot_completed`
+calls failed forever and `Boot-And-Wait` timed out.
+
+- 🛡️ **Version-conflict immunity.** The tool now pins BlueStacks' HD-Adb onto its **own private adb server
+  port** and only ever uses `HD-Adb.exe` (never a system `adb.exe`). A foreign-version adb on 5037 can no
+  longer touch our server. *Proven on this machine:* with a v41 server deliberately running on 5037, HD-Adb
+  `getprop` on the private port succeeded **30/30**; on the shared 5037 port it failed **0/12** with the
+  exact reporter error; the full `Boot-And-Wait` then booted the instance end-to-end despite the v41
+  competitor.
+- 🔌 **Free-port selection (no new collisions).** The private port is **chosen free** from `15037–15057`:
+  if something already holds `15037` before the run — a non-adb app *or* a foreign-version adb — the tool
+  steps to the next free port instead of colliding with it (and reuses its own HD-Adb server if one is
+  already up). An explicit `ANDROID_ADB_SERVER_PORT` always wins. *Verified live:* a non-adb listener on
+  15037 → tool picks 15038; its own server on 15037 → reused. The private server is **released when the
+  tool exits** (`kill-server` in a `finally`), so nothing of ours lingers on the port.
+- 🎯 **Port detection hardened.** `Get-AdbPortCandidates` now also consults the **actually-bound listening
+  port** (`Get-NetTCPConnection`, band 5550-5900), merged *after* the `bluestacks.conf`
+  `status.adb_port`/`adb_port` values (which stay authoritative). This rescues the boot wait when the conf
+  is stale — verified live: conf said `status.adb_port=5646` while the instance was really on **5645**, and
+  the live scan found 5645 on **20/20** runs.
+- 🧪 **Tests.** `tests/Run-Resolve-Tests.ps1` gains a deterministic seam + 3 new cases for the conf+live
+  merge/dedup order (25 checks); `Run-Tests.ps1` (28) and `Check-Embedded-Sync.ps1` still pass. Re-embedded
+  into `blueStackRoot.cmd` (engine + orchestrator back in sync).
+- 📄 **No** change to the rooting pipeline, the embedded Magisk APK, or any on-disk format — purely
+  host-side adb plumbing in `tools/bsr_magisk.ps1` (+ a one-line mirror in `tools/bsr_engine.ps1`).
+
+---
+
 ## v10 — Custom Kitsune build: the in-app DenyList now works with ReZygisk · 2026-06-02
 
 Swaps the bundled Magisk for a **custom build of Kitsune Mask v31** (still `31.0-kitsune`, versionCode

README.md

@@ -3,23 +3,23 @@
 <p align="center">
   <a href="https://github.com/Jordan231111/BluestacksRoot/stargazers"><img alt="Stars" src="https://img.shields.io/github/stars/Jordan231111/BluestacksRoot?style=flat&logo=github"></a>
   <a href="https://github.com/Jordan231111/BluestacksRoot/network/members"><img alt="Forks" src="https://img.shields.io/github/forks/Jordan231111/BluestacksRoot?style=flat&logo=github"></a>
-  <img alt="BlueStacks" src="https://img.shields.io/badge/BlueStacks%205-5.22.169%20%E2%9C%93-blue">
+  <img alt="BlueStacks" src="https://img.shields.io/badge/BlueStacks%205-5.22.210%20%E2%9C%93-blue">
   <img alt="Magisk" src="https://img.shields.io/badge/Magisk-Kitsune%20Mask%20v31-brightgreen">
   <a href="./LICENSE"><img alt="License" src="https://img.shields.io/badge/license-CC%20BY--NC--ND%204.0-lightgrey"></a>
 </p>
 
 **Root BlueStacks 5 / MSI App Player with real Magisk — from one file, with no traces left behind.**
 **Run `blueStackRoot.cmd` as administrator, pick your Android version, and you're rooted.**
 **A Magisk Delta (Kitsune v31) build is now bundled inside the `.cmd` itself** — no separate Magisk
-download, no other files, nothing to install. Works on the latest BlueStacks (5.22.169).
+download, no other files, nothing to install. Works on the latest BlueStacks (5.22.210).
 
 ---
 
 ## ⚡ Quick Start
 
 Works on the 64-bit BlueStacks instances — **Android 9, 11, and 13**.
 
-**⬇️ [Download `blueStackRoot.cmd`](https://github.com/Jordan231111/BluestacksRoot/releases/download/v9/blueStackRoot.cmd)** — one file (~20 MB) with the **real Magisk APK embedded inside** — nothing else to download. *(All versions: [Releases page](https://github.com/Jordan231111/BluestacksRoot/releases).)*
+**⬇️ [Download `blueStackRoot.cmd`](https://github.com/Jordan231111/BluestacksRoot/releases/download/v11/blueStackRoot.cmd)** — one file (~20 MB) with the **real Magisk APK embedded inside** — nothing else to download. *(All versions: [Releases page](https://github.com/Jordan231111/BluestacksRoot/releases).)*
 
 1. **First, open the exact instance you want to root** — launch it from the Multi-Instance Manager and let
    it boot once. The tool roots the instance of your chosen Android version that you **opened most
@@ -123,7 +123,7 @@ keeps closing** the moment you enable root, that's the **disk-integrity / anti-t
 have to.**
 
 `blueStackRoot` applies a **one-byte HD-Player anti-tamper patch** that bypasses the disk-integrity check,
-so you can **root the *latest* BlueStacks (5.22.169) without downgrading** — and it installs **real Magisk**
+so you can **root the *latest* BlueStacks (5.22.210) without downgrading** — and it installs **real Magisk**
 with **no traces**, not a detectable classic `su`. If `bst.feature.rooting` keeps **reverting to `0`** on
 launch, that's the same anti-tamper system, and this tool handles it for you. Full technical breakdown:
 [`docs/BLUESTACKS_ROOTING_DEEP_DIVE.md`](docs/BLUESTACKS_ROOTING_DEEP_DIVE.md) §2 (the single-byte patch).
@@ -140,7 +140,7 @@ System* button also leaves `/data/adb/magisk` **empty**, so the daemon aborts wi
 incomplete". This tool solves all of that:
 
 1. **One-byte patch** on `HD-Player.exe` (NOP the disk-integrity `JZ`, `74 5B → 90 90`) so a modified
-   `Root.vhd` is accepted and a tampered `/system` boots. It's a version-proof byte-scan; verified on 5.22.169.
+   `Root.vhd` is accepted and a tampered `/system` boots. It's a **version-proof byte-scan**, so it tracks new BlueStacks builds — run on 5.22.169 and the current **5.22.210**.
 2. **Offline write:** using the embedded `debugfs`, it writes Magisk's `/system` payload + a **gated**
    `bootanim.rc` directly into `Root.vhd` — no Windows ext4 driver needed.
 3. **The breakthrough:** it boots once with a tiny **bootstrap su** to populate **`/data/adb/magisk`** (the
@@ -246,4 +246,4 @@ BlueStacks illegally tampered, Android system doesn't meet security requirements
 detected, BlueStacks instance keeps closing after root, BlueStacks disk integrity check bypass, root latest
 BlueStacks without downgrading, fix illegally tampered BlueStacks, bst.feature.rooting reverts to 0,
 "disk file have been illegally tampered with", Verified the disk integrity, BlueStacks disk integrity check,
-root BlueStacks 5.22.169, root BlueStacks latest version 2026.</sub>
+root BlueStacks 5.22.169, root BlueStacks 5.22.210, root BlueStacks latest version 2026.</sub>