第一部分：

0: kd> kc
?#
00 Ntfs!FindFirstIndexEntry
01 Ntfs!NtfsRestartIndexEnumeration
02 Ntfs!NtfsQueryDirectory
03 Ntfs!NtfsCommonDirectoryControl
04 Ntfs!NtfsFsdDirectoryControl
05 nt!IofCallDriver
06 nt!IopSynchronousServiceTail
07 nt!NtQueryDirectoryFile
08 nt!_KiSystemService
09 nt!ZwQueryDirectoryFile
0a nt!CcPfPrefetchDirectoryContents
0b nt!CcPfPrefetchMetadata
0c nt!CcPfBootWorker
0d nt!PspSystemThreadStartup
0e nt!KiThreadStartup

第二部分：

??????? //
??????? //? Otherwise, read the index buffer pointed to by the current
??????? //? Index Entry.
??????? //

??????? ReadIndexBuffer( IrpContext,
???????????????????????? Scb,
???????????????????????? NtfsIndexEntryBlock((Sp-1)->IndexEntry),
???????????????????????? FALSE,
???????????????????????? Sp );

0: kd> dv
???? IrpContext = 0xf793291c
??????????? Scb = 0xe13523a8
????????? Value = 0xe13559b0
?? IndexContext = 0xe1352348

0: kd> dx -r1 ((Ntfs!_INDEX_LOOKUP_STACK *)0xe1352388)
((Ntfs!_INDEX_LOOKUP_STACK *)0xe1352388)???????????????? : 0xe1352388 [Type: _INDEX_LOOKUP_STACK *]
??? [+0x000] Bcb????????????? : 0x0 [Type: void *]
??? [+0x004] StartOfBuffer??? : 0xc1241400 [Type: void *]
??? [+0x008] IndexHeader????? : 0xc1241580 [Type: _INDEX_HEADER *]
??? [+0x00c] IndexEntry?????? : 0xc1241590 [Type: _INDEX_ENTRY *]
??? [+0x010] IndexBlock?????? : 0 [Type: __int64]
??? [+0x018] CapturedLsn????? : {135165098} [Type: _LARGE_INTEGER]
0: kd> dt Ntfs!_INDEX_LOOKUP_STACK? 0xe1352388+20
?? +0x000 Bcb????????????? : 0x899880d9 Void
?? +0x004 StartOfBuffer??? : 0xc14c0000 Void
?? +0x008 IndexHeader????? : 0xc14c0018 _INDEX_HEADER
?? +0x00c IndexEntry?????? : 0xc14c0058 _INDEX_ENTRY
?? +0x010 IndexBlock?????? : 0n0
?? +0x018 CapturedLsn????? : _LARGE_INTEGER 0x766987d
0: kd> dt Ntfs!_INDEX_LOOKUP_STACK? 0xe1352388+20*2
?? +0x000 Bcb????????????? : (null)
?? +0x004 StartOfBuffer??? : (null)
?? +0x008 IndexHeader????? : (null)
?? +0x00c IndexEntry?????? : (null)
?? +0x010 IndexBlock?????? : 0n0
?? +0x018 CapturedLsn????? : _LARGE_INTEGER 0x0