I think this patch will break recovery. The first 8 bytes of the byte arrays in the xid are a long counter, the rest is the tmid. Recovery needs to be able to determine if an xid coming back from an XAResource came from this tm. It does this by matching the bytes after 8 in the global xid with the baseid in the XidFactory. If the base id is different every time you start the tm, there's no way to determine if a branch that has been prepared on an XAResource but not recorded in the tm log came from this tm.
I think the problem here is that our documentation is not sufficiently insistent that you NEED to configure multiple geronimo servers using the same RM with DIFFERENT tmids.
As long as the above is followed, we could randomize the most significant 2 bytes of the long counter. However I think it would be better to track the counter persistently such as by reserving blocks of say 1024 ids and recording this persistently either in a log record or in a separate file.