Всем привет!

После добавления FltDoCompletionProcessingWhenSafe() в PostClose, PostCleanup, PostRead, PostWrite колбэки я вижу следующий багчек:

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 86c63ad8, The address that the exception occurred at
Arg3: 88f09be4, Exception Record Address
Arg4: 88f097c0, Context Record Address

Debugging Details:
------------------

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 — <Unable to get error code text>

FAULTING_IP:
fltmgr!FltpCompleteCompletionNode+2c
86c63ad8 8b4008 mov eax,dword ptr [eax+8]

EXCEPTION_RECORD: 88f09be4 -- (.exr 0xffffffff88f09be4)
ExceptionAddress: 86c63ad8 (fltmgr!FltpCompleteCompletionNode+0x0000002c)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 00000000
Parameter[1]: 00000008
Attempt to read from address 00000008

CONTEXT: 88f097c0 -- (.cxr 0xffffffff88f097c0)
eax=00000000 ebx=855d6b00 ecx=855d6c20 edx=00000001 esi=855d6b68 edi=85259d70
eip=86c63ad8 esp=88f09cac ebp=88f09cb0 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
fltmgr!FltpCompleteCompletionNode+0x2c:
86c63ad8 8b4008 mov eax,dword ptr [eax+8] ds:0023:00000008=????????
Resetting default scope

PROCESS_NAME: System
CURRENT_IRQL: 2
ERROR_CODE: (NTSTATUS) 0xc0000005 — <Unable to get error code text>
EXCEPTION_PARAMETER1: 00000000
EXCEPTION_PARAMETER2: 00000008
READ_ADDRESS: 00000008

FOLLOWUP_IP:
fltmgr!FltpCompleteCompletionNode+2c
86c63ad8 8b4008 mov eax,dword ptr [eax+8]

BUGCHECK_STR: 0x7E

DEFAULT_BUCKET_ID: NULL_CLASS_PTR_DEREFERENCE

LAST_CONTROL_TRANSFER: from 86c6bb23 to 86c63ad8

STACK_TEXT:
88f09cb0 86c6bb23 855d6b68 855d6bc8 847d2448 fltmgr!FltpCompleteCompletionNode+0x2c
88f09ccc 86c83b18 855d6bc8 855d6bb0 841f0d48 fltmgr!FltCompletePendedPostOperation+0x91
88f09d00 828adf2b 8564a000 00000000 841f0d48 fltmgr!FltpSafeCompletionWorker+0x82
88f09d50 82a4e66d 00000000 86b07839 00000000 nt!ExpWorkerThread+0x10d
88f09d90 829000d9 828ade1e 00000000 00000000 nt!PspSystemThreadStartup+0x9e
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19

SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: fltmgr!FltpCompleteCompletionNode+2c
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: fltmgr
IMAGE_NAME: fltmgr.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bbf11
STACK_COMMAND: .cxr 0xffffffff88f097c0 ; kb
FAILURE_BUCKET_ID: 0x7E_fltmgr!FltpCompleteCompletionNode+2c
BUCKET_ID: 0x7E_fltmgr!FltpCompleteCompletionNode+2c
Followup: MachineOwner
---------

В документации пока только нашел, что нельзя вызывать FltDoCompletionProcessingWhenSafe, если установлен FLTFL_POST_OPERATION_DRAINING. Но это условие я проверяю. Натолкните плиз как поправить, где почитать чего.

Заранее благодарен!