windbg 訊息如何解釋?

因為會不定時藍屏
我用windbg 取得以下的訊息
但是要怎麼看?方向在哪?
哪位前輩幫幫忙指引一下吧

DRIVER_OVERRAN_STACK_BUFFER (f7)
A driver has overrun a stack-based buffer.  This overrun could potentially
allow a malicious user to gain control of this machine.
DESCRIPTION
A driver overran a stack-based buffer (or local variable) in a way that would
have overwritten the function's return address and jumped back to an arbitrary
address when the function returned.  This is the classic "buffer overrun"
hacking attack and the system has been brought down to prevent a malicious user
from gaining complete control of it.
Do a kb to get a stack backtrace -- the last routine on the stack before the
buffer overrun handlers and bugcheck call is the one that overran its local
variable(s).
Arguments:
Arg1: 00000000, Actual security check cookie from the stack
Arg2: 00000000, Expected security check cookie
Arg3: 00000000, Complement of the expected security check cookie
Arg4: 00000000, zero

Debugging Details:
------------------


DEFAULT_BUCKET_ID:  GS_FALSE_POSITIVE_MISSING_GSFRAME

BUGCHECK_STR:  0xF7

PROCESS_NAME:  IEXPLORE.EXE

LAST_CONTROL_TRANSFER:  from f7d52138 to 804f8aef

STACK_TEXT:  
f76c278c f7d52138 000000f7 00000000 00000000 nt!KeBugCheckEx+0x1b
WARNING: Stack unwind information not available. Following frames may be wrong.
f76c29c4 f7d532ea 814dba78 813844a8 8145b7d0 mysys+0x1138
f76c2a4c 804edfe3 814ab7c0 814dba78 814dba78 mysys+0x22ea
f76c2a5c 80577672 8199b9b8 814ee56c f76c2c04 nt!IopfCallDriver+0x31
f76c2b3c 805b390a 8199b9d0 00000000 814ee4c8 nt!IopParseDevice+0xa12
f76c2bc4 805afdeb 00000000 f76c2c04 00000040 nt!ObpLookupObjectName+0x56a
f76c2c18 8056a3b1 00000000 00000000 00000001 nt!ObOpenObjectByName+0xeb
f76c2c94 8056ad28 0402f1f8 40100080 0402f198 nt!IopCreateFile+0x407
f76c2cf0 8056d3fa 0402f1f8 40100080 0402f198 nt!IoCreateFile+0x8e
f76c2d30 8053ca28 0402f1f8 40100080 0402f198 nt!NtCreateFile+0x30
f76c2d30 7c90eb94 0402f1f8 40100080 0402f198 nt!KiFastCallEntry+0xf8
0402f1f0 7c801a4f 00000000 40000000 00000007 ntdll!KiFastSystemCallRet
0402f214 771c9107 0402f4d0 40000000 00000007 kernel32!CreateFileA+0x2b
0402f7f0 771c8cc6 036a0c10 0402f838 0402fa0c WININET!InternetReadFile+0xff3
0402f940 771c9a78 036a0c10 0402fa0c 0402fd65 WININET!InternetReadFile+0xbb2
0402f98c 771c9a15 036a0c10 00000000 0402fd65 WININET!InternetReadFile+0x1964
0402f9c0 771c99ae 036a0c10 00000000 0402fd65 WININET!InternetReadFile+0x1901
0402f9e0 771c9938 036a0c10 0402fd65 0402fa0c WININET!InternetReadFile+0x189a
0402fb14 771c92d4 00000000 0402fd65 00000000 WININET!InternetReadFile+0x1824
0402fe70 771bf8da 036c94f0 036c9e30 000003e5 WININET!InternetReadFile+0x11c0
0402fe84 771bf87d 036c9e30 0021cd78 036c9e30 WININET!Ordinal101+0x2f38
0402fe98 771bf781 036c9e30 0021cd78 036c9e30 WININET!Ordinal101+0x2edb
0402feb0 771d7373 00000000 0402fee8 0402fedc WININET!Ordinal101+0x2ddf
0402fee0 77f69498 00000000 0364c2c8 77f6947b WININET!InternetGetConnectedStateExA+0x128
0402fef8 7c927545 0364c2c8 7c97c3a0 036e4a00 SHLWAPI!Ordinal120+0xbf
0402ff40 7c927583 77f6947b 0364c2c8 00000000 ntdll!RtlUpcaseUnicodeString+0x159
0402ff60 7c927645 00000000 0364c2c8 036e4a00 ntdll!RtlUpcaseUnicodeString+0x197
0402ff74 7c92761c 7c927569 00000000 0364c2c8 ntdll!RtlUpcaseUnicodeString+0x259
0402ffb4 7c80b683 00000000 00000000 0022c610 ntdll!RtlUpcaseUnicodeString+0x230
0402ffec 00000000 7c910760 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4


STACK_COMMAND:  kb

FOLLOWUP_IP: 
mysys+1138
f7d52138 cc              int     3

SYMBOL_STACK_INDEX:  1

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: mysys

IMAGE_NAME:  mysys.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4733ea89

SYMBOL_NAME:  mysys+1138

FAILURE_BUCKET_ID:  0xF7_MISSING_GSFRAME_mysys+1138

BUCKET_ID:  0xF7_MISSING_GSFRAME_mysys+1138

Followup: MachineOwner

一番辛苦後 ,取得更進一步的訊息如上
還是看不懂.........

安装正确的symbol， !analyze -v 一下
The DRIVER_OVERRAN_STACK_BUFFER bug check has a value of 0x000000F7. This indicates that a driver has overrun a stack-based buffer.

晕哦，你在函数里做什么了啊，会出这个BugCheckID...

也沒什麼,就一堆
KeAcquireSpinLock
KeReleaseSpinLock
反反覆覆在讀資料,新增,刪除
會 overrun a stack-based buffer.是什麼情形下會發生
還有安裝正確的symbol ..??不懂....
我去查查看這要怎麼做..

你自己driver的symbol是不对的，或者没有设置symbol Path。这样能看见是挂在你Driver的那个位置，还有更多别的信息。 itff  是你Driver的名字吧~
spinlock要注意别死锁。

我几乎没有遇到过这种BSOD。