I think the func code L178-L239 has logical problems, look at the Basic 3-Way Handshake for Connection Synchronization:

TCP B can split <CTL=SYN,ACK> into <CTL=ACK> and <CTL=SYN>, then send them successively, so L194 will block the TCP B's <CTL=ACK>.

If you want TCP A only accept <CTL=SYN,ACK> from TCP B, L224-L236 is unnecessary.

I think you are right. We are probably not handling a simulataneous open case correctly. I thought we had a test for this but maybe not.

Care to send a patch w/ test for simultaneous open(
http://www.tcpipguide.com/free/t_TCPConnectionEstablishmentProcessTheThreeWayHandsh-4.htm)

@hbhasker should this be migrated to the gvisor repo?