This patch addresses an issue brought up by bz@ in D18968: When TCP_REASS_LOGGING is defined (which doesn't compile right now), a NULL pointer dereference would happen, if user data was received during the TCP handshake and BB logging is used.
A KASSERT is also added to detect tcp_reass() calls with illegal parameter combinations.