------------[ cut here ]------------
TCP recvmsg seq # bug 2: copied 40B00BA8, seq 40B00B70, rcvnxt 40B00B71, fl 40
WARNING: CPU: 1 PID: 6605 at net/ipv4/tcp.c:2703 tcp_recvmsg_locked+0x80e/0x3660 net/ipv4/tcp.c:2701
Modules linked in:
CPU: 1 UID: 0 PID: 6605 Comm: syz-executor.5 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
RIP: 0010:tcp_recvmsg_locked+0x80e/0x3660 net/ipv4/tcp.c:2701
Code: 48 c1 e8 03 42 0f b6 04 28 84 c0 4c 8b 74 24 18 0f 85 35 01 00 00 8b 0f 48 c7 c7 e0 0f 9e 8c 44 8b 44 24 3c e8 e3 40 92 f7 90 <0f> 0b 90 90 e9 40 ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 10
RSP: 0018:ffffc9000b817240 EFLAGS: 00010246
RAX: d9683fa10376bd00 RBX: 0000000000000000 RCX: ffff88802e965a00
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
RBP: ffffc9000b817610 R08: ffffffff8fa38637 R09: 1ffffffff1f470c6
R10: dffffc0000000000 R11: fffffbfff1f470c7 R12: ffff8880737fb770
R13: dffffc0000000000 R14: ffff8880656b33e8 R15: ffff8880737fb798
FS:  00007fe28129d6c0(0000) GS:ffff888125d18000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f81d44dd3c8 CR3: 0000000072c4e000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 receive_fallback_to_copy net/ipv4/tcp.c:1945 [inline]
 tcp_zerocopy_receive+0x800/0x21d0 net/ipv4/tcp.c:2177
 do_tcp_getsockopt+0x1dd0/0x2660 net/ipv4/tcp.c:4665
 tcp_getsockopt+0x83/0x130 net/ipv4/tcp.c:4764
 do_sock_getsockopt+0x36f/0x450 net/socket.c:2405
 __sys_getsockopt net/socket.c:2434 [inline]
 __do_sys_getsockopt net/socket.c:2441 [inline]
 __se_sys_getsockopt net/socket.c:2438 [inline]
 __x64_sys_getsockopt+0x1a5/0x250 net/socket.c:2438