Bug Check 0xF7: DRIVER_OVERRAN_STACK_BUFFER
The DRIVER_OVERRAN_STACK_BUFFER bug check has a value of 0x000000F7. This indicates that a driver has overrun a stack-based buffer.
Important
This article is for programmers. If you're a customer who has received a blue screen error code while using your computer, see Troubleshoot blue screen errors.
DRIVER_OVERRAN_STACK_BUFFER Parameters
| Parameter | Description |
|---|---|
1 |
The actual security check cookie from the stack |
2 |
The expected security check cookie |
3 |
The bit-complement of the expected security check cookie |
4 |
0 |
Cause
A driver overran a stack-based buffer (or local variable) in a way that would have overwritten the function's return address and jumped back to an arbitrary address when the function returned.
This is the classic "buffer overrun" hacking attack. The system has been brought down to prevent a malicious user from gaining complete control of it.
Resolution
Use the kb (Display Stack Backtrace) command to get a stack trace.
The last routine on the stack before the buffer overrun handlers and bug check call is the one that overran its local variable.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for