Hi all,
I’m having a problem where I get a SYSTEM_THREAD_EXCEPTION_NOT_HANDLED bluescreen when calling FltStartFiltering() in my minifilter on a specific system with a tape drive.
I traced the problem down to FltInitInstance(), where the function attempts to clear VOLFL_SUPPORTED_FEATURES_KNOWN from Volume->FrameZeroVolume->Flags, but Volume->FrameZeroVolume is NULL at the time of the call.
Indeed, !fltkd.volumes shows that none of the \Device\Tape#s exist in frame 0:
0: kd> !fltkd.volumes
Volume List: ffffe001205a49b0 “Frame 1”
FLT_VOLUME: ffffe001205df010 “\Device\Mup”
FLT_INSTANCE: ffffe001205dbd00 “Default” “383200”
FLT_VOLUME: ffffe001205de010 “\Device\NamedPipe”
FLT_VOLUME: ffffe001205dd010 “\Device\Mailslot”
FLT_VOLUME: ffffe001205dc010 “\Device\HarddiskVolume2”
FLT_INSTANCE: ffffe001205dfd00 “Default” “383200”
FLT_VOLUME: ffffe001205db010 “\Device\HarddiskVolume1”
FLT_INSTANCE: ffffe001205da860 “Default” “383200”
FLT_VOLUME: ffffe001205da010 “\Device\Tape3”
FLT_INSTANCE: ffffe001205d8af0 “Default” “383200”
FLT_VOLUME: ffffe001205d9010 “\Device\Tape2”
FLT_VOLUME: ffffe001205d8010 “\Device\Tape1”
FLT_VOLUME: ffffe001205d7010 “\Device\Tape0”
Volume List: ffffe0011cb6d9b0 “Frame 0”
FLT_VOLUME: ffffe0011da4a010 “\Device\Mup”
FLT_VOLUME: ffffe0011da78010 “\Device\HarddiskVolume1”
FLT_INSTANCE: ffffe0011da77bb0 “mfehidk” “321300.00”
FLT_VOLUME: ffffe0011ed7c010 “\Device\HarddiskVolume2”
FLT_INSTANCE: ffffe0011ed79bb0 “mfehidk” “321300.00”
FLT_VOLUME: ffffe800f90be010 “\Device\NamedPipe”
FLT_INSTANCE: ffffe800f90bdd30 “npsvctrig” “46000”
FLT_VOLUME: ffffe800f90bf010 “\Device\Mailslot”
My questions are: under what circumstances would the FrameZeroVolume field be NULL? Is this a bug on my part, another filter’s part, or is it wrong for MS to assume that this field will always be non-NULL? Lastly, how can I fix this? 
Thanks,
- Ryan