[pa7ch]

Data races can lead to logic bugs that are potentially security sensitive, but memory safety generally refers to getting rid of all control flow hijacking security vulnerabilities which, in many large C/C++ projects, seem to be never-ending. Avoiding data races is more in the category of preventing bugs/crashes while memory safety is about avoiding an entire class of security vulnerabilities.

[morelisp]

If I can use a data race to corrupt a jump target, I've done most of the work I need to for any classic memory-safety security vuln.

Go makes this much harder to do than C/C++, especially as it relates to e.g. mishandling user input, but not impossible, even without CGo or unsafe.

[pa7ch]

I've never seen a single control flow hijack PoC from go data races even in a code golf scenario. I've always wondered if this is possible but I don't think it is. Care to share an example?