Re: [go-nuts] How likely is a data race to allow arbitrary code execution?

2016-07-16 Thread Ian Lance Taylor
On Jul 16, 2016 12:35 PM, "Demi Obenour" wrote: > > On Sat, 2016-07-16 at 12:06 -0700, Ian Lance Taylor wrote: > > On Sat, Jul 16, 2016 at 11:36 AM, Demi Obenour > > wrote: > > > > > > > > > One more question: is racing on a map likely to crash due

Re: [go-nuts] How likely is a data race to allow arbitrary code execution?

2016-07-16 Thread Demi Obenour
On Sat, 2016-07-16 at 12:06 -0700, Ian Lance Taylor wrote: > On Sat, Jul 16, 2016 at 11:36 AM, Demi Obenour > wrote: > > > > > > One more question: is racing on a map likely to crash due to out- > > of- > > bounds reads, as opposed to out-of-bounds writes? > > Either is

Re: [go-nuts] How likely is a data race to allow arbitrary code execution?

2016-07-16 Thread Demi Obenour
On Fri, 2016-07-15 at 22:19 -0700, Ian Lance Taylor wrote: > On Fri, Jul 15, 2016 at 9:21 PM,   wrote: > > > > I know that in Go a data race is undefined behavior. > > > > How likely is the undefined behavior likely to result in an > > exploitable > > security bug, where

[go-nuts] How likely is a data race to allow arbitrary code execution?

2016-07-15 Thread demiobenour
I know that in Go a data race is undefined behavior. How likely is the undefined behavior likely to result in an exploitable security bug, where "exploitable" means more than just denial-of-service? I am looking for qualitative estimates here. Is it the kind of bug that would be almost