I already rebased it and am currently testing the new branch (tor-browser-builder-3 in my public repo) and am writing patches for tor-browser-bundle to work with it (there is currently only one patch needed, for LXC mode). Should be ready by the end of next week.
The first difference is due to a build id mismatch: libxul built in KVM has 1c29877ea8d3137543e3104f4664abbd5eee827d and libxul built in LXC has c3d3091b82b6e9bc9bfa36ce38dc86352a0d3de9. This is very likely caused by the second difference.
Actually that is wrong. The second difference is a different CRC32 checksum in the .gnu_debuglink section which is caused by the same build id in the corresponding debug file. So, the questions boil then down to:
How could the different build ID get created in the first place, given that the contents of the libxul libs don't differ?
What can we do about that problem?
ad 1) I don't know, honestly. The default method to generate a build ID is SHA1 which should not emit different hashes given the same library contents.
ad 2) A workaround is disabling the build ID in the libraries. We don't need it if we use the debuglink method (as well) (See: https://sourceware.org/gdb/onlinedocs/gdb/Separate-Debug-Files.html). This will be done in a different bug, though.
I built all bundles successfully with LXC while still being able to build with KVM. Thus, the branch is ready for review. Tagging needs to be done anyway by Mike due to the signature verification...
Trac: Status: new to needs_review Keywords: MikePerry201403 deleted, MikePerry201402R added