It is my understanding the chance of complications is lower on a 64 bit system. But it is very likely, that well crafted requests can make any server application written in Go, trigger this complication, and essentially result in a DOS attack.
I think it would be mindblowingly difficult to cause this DOS. If you think it possible, you can setup a demo on appengine. You even get to upload the source code, so you have that advantage, that you wouldn't ordinarily have.
Gist of the task at hand: you'd have to arrange for data passed into your target application to point to structures in memory, causing them to be pinned. Ideally, these structures should be big, to maximize impact of the attack. Further, you'd have to ensure that the data you passed in isn't garbage collected, as this would allow the target structures to be collected.
