diff --git a/README.adoc b/README.adoc
index a7aceff..a734cb8 100644
--- a/README.adoc
+++ b/README.adoc
@@ -4607,7 +4607,7 @@ Make it harder to get hacked and easier to notice that you were, at the cost of
 Detects buffer overflows for us:
 
 ....
-./build -C 'CONFIG_FORTIFY_SOURCE=y' -L fortify
+./build -C 'CONFIG_FORTIFY_SOURCE=y' -L fortify -k
 ./run -F 'insmod /strlen_overflow.ko' -L fortify
 ....
 
@@ -4623,7 +4623,11 @@ followed by a trace.
 
 You may not get this error because this depends on `strlen` overflowing at least until the next page: if a random `\0` appears soon enough, it won't blow up as desired.
 
-I did observe this at link:http://github.com/cirosantilli/linux-kernel-module-cheat/commit/1b451a70d46a5c4619992ad4dd2e4b8f5a84c252[1b451a70d46a5c4619992ad4dd2e4b8f5a84c252] but not at link:http://github.com/cirosantilli/linux-kernel-module-cheat/commit/9b4c1984fc2cb04de0b4d62749cc1f8eabf26c6f[9b4c1984fc2cb04de0b4d62749cc1f8eabf26c6f] TODO: find a more reproducible failure.
+TODO not always reproducible. Find a more reproducible failure. I could not observe it on:
+
+....
+insmod /memcpy_overflow.ko
+....
 
 Source: link:kernel_module/strlen_overflow.c[]
 
diff --git a/kernel_module/memcpy_overflow.c b/kernel_module/memcpy_overflow.c
new file mode 100644
index 0000000..03384a8
--- /dev/null
+++ b/kernel_module/memcpy_overflow.c
@@ -0,0 +1,21 @@
+/* https://github.com/cirosantilli/linux-kernel-module-cheat#config_fortify_source */
+
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/string.h>
+#include <linux/slab.h>
+
+static int myinit(void)
+{
+	void *dst, *src;
+    dst = kmalloc(0x10, GFP_KERNEL);
+    src = kmalloc(0x1000000, GFP_KERNEL);
+	memcpy(dst, src, 0x1000000);
+	return 0;
+}
+
+static void myexit(void) {}
+
+module_init(myinit)
+module_exit(myexit)
+MODULE_LICENSE("GPL");