I tried to compile weston with -fsantitizer=address on. It crashes when I launched a simple hello world xlib program. I think there is a bit of heap reading problem on xwm side, I haven't gone through the code yet, later I would update on details.

Here is the crash report from santitizer.

==24542==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6080001d51fc at pc 0x7f0f61f1bab4 bp 0x7ffd9ff4d0f0 sp 0x7ffd9ff4c898
READ of size 72 at 0x6080001d51fc thread T0
    #0 0x7f0f61f1bab3 in __interceptor_memcpy /build/gcc/src/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:790
    #1 0x7f0f4903d8a9 in weston_wm_window_read_properties ../xwayland/window-manager.c:597
    #2 0x7f0f49043130 in weston_wm_handle_map_request ../xwayland/window-manager.c:1173
    #3 0x7f0f4904be90 in weston_wm_handle_event ../xwayland/window-manager.c:2286
    #4 0x7f0f61808fa9 in wl_event_loop_dispatch (/usr/lib/libwayland-server.so.0+0xafa9)
    #5 0x7f0f618074e6 in wl_display_run (/usr/lib/libwayland-server.so.0+0x94e6)
    #6 0x7f0f61e59872 in wet_main ../compositor/main.c:3388
    #7 0x55ae68abd178 in main ../compositor/executable.c:33
    #8 0x7f0f61c94022 in __libc_start_main (/usr/lib/libc.so.6+0x27022)
    #9 0x55ae68abd08d in _start (/home/developer/Projects/weston-mine/install/bin/weston+0x108d)

0x6080001d51fc is located 0 bytes to the right of 92-byte region [0x6080001d51a0,0x6080001d51fc)
allocated by thread T0 here:
    #0 0x7f0f61f8fb3a in __interceptor_malloc /build/gcc/src/gcc/libsanitizer/asan/asan_malloc_linux.cc:144
    #1 0x7f0f5e884b17  (/usr/lib/libxcb.so.1+0xeb17)