This is a well known problem in the field of decompilers and disassemblers. It figures that the pseudo-code it outputs for generic compilers is pretty good, but when encountered with a man-made assembly or byte-code, they go places.
I wonder if I get it right, in order to exploit the vulnerability, an unprivileged user must be able to create network namespaces, so he will be able to create raw sockets?