In the mongo repository with wiredtiger vendored, we run tests under UBSAN without suppressing failures from wiredtiger. The new v5 toolchain detects undefined behavior in wiredtiger/src/include/modify_inline.h and wiredtiger/src/support/modify.c related to unaligned pointer accesses.

The following command reproduces the issue from the mongo repository: bazel run --//bazel/config:mongo_toolchain_version=v5 --config=dbg_aubsan :+db_s_shard_server_test – -filter=TestUpdateNumberOfOrphans, producing an error like:

src/third_party/wiredtiger/src/include/modify_inline.h:57:18: runtime error: load of misaligned address 0x5080000b424f for type 'const size_t *' (aka 'const unsigned long *'), which requires 8 byte alignment
0x5080000b424f: note: pointer points here
 00 01 00 00 01  00 00 00 00 00 00 00 08  00 00 00 00 00 00 00 ec  00 00 00 00 00 00 00 08  00 00 00
             ^
    #0 0xffff92be76c0 in __wt_modify_reconstruct_from_upd_list /proc/self/cwd/src/third_party/wiredtiger/src/include/modify_inline.h:57:5
    #1 0xffff927a2108 in __wt_txn_read_upd_list_internal /proc/self/cwd/src/third_party/wiredtiger/src/include/txn_inline.h:1455:9
    #2 0xffff9279fa40 in __cursor_valid_insert /proc/self/cwd/src/third_party/wiredtiger/src/include/txn_inline.h:1467:13
...

UBSAN points to a memcpy here. I think the memcpy itself is fine, but the issue starts with the line before: p = (const size_t *)modify;. According to the UBSAN output, modify is not 8-byte aligned, and even casting such a pointer to (const size_t*) is UB. Here's a minimal godbolt showing something similar.