ZwcreateFile for NTFS in DriverNotification function not working

Hello everybody

Iam having problem in opening handle of a file in NTFS VOLUME using
zwcreatefile in DriverNotificationFunction which is called everytime
a file system is loaded . The same code is running properly for FAT32
VOLUME.

The program crashes when zwcreatefile function is called in case of NTFS VOLUME.

I am also sending the kind of error i am getting .

VOID DriverNotificationFunction (
IN struct _DEVICE_OBJECT *DeviceObject,
IN BOOLEAN FsActive
)
{

NTSTATUS Status2 ;
NTSTATUS Status ;
HANDLE FileHandle2;
OBJECT_ATTRIBUTES InitializedAttributes2;
IO_STATUS_BLOCK IoStatusBlock2;

UNICODE_STRING uStr;
UNICODE_STRING uStr2;

PDEVICE_EXTENSION deviceExtension;
PIRP pIrp=NULL;

PWCHAR ExportKeyPrefix = L"\??\ :\tempdata.txt";
ULONG ExportKeyPrefixSize = sizeof(L"\??\ :\tempdata.txt");
PWCHAR pFullPath = (PWCHAR) ExAllocatePoolWithTag(PagedPool, 4096, ‘0PWA’);

PAGED_CODE();

gpFileBuffer=ExAllocatePool(NonPagedPool,1024);

RtlCopyMemory(pFullPath,
ExportKeyPrefix,
ExportKeyPrefixSize);

RtlCopyBytes(pFullPath+4,gfDataFilePath,2);

RtlInitUnicodeString(&uStr2, pFullPath);

DbgBreakPoint();

InitializeObjectAttributes(&InitializedAttributes2,&uStr2,OBJ_CASE_INSENSITIVE
| OBJ_KERNEL_HANDLE,NULL,NULL);

Status2 = ZwCreateFile( &FileHandle2,
SYNCHRONIZE|FILE_READ_DATA,
&InitializedAttributes2,
&IoStatusBlock2,
NULL,
0,
0,
FILE_OPEN,
FILE_SYNCHRONOUS_IO_NONALERT|FILE_NON_DIRECTORY_FILE,
NULL,
0);

if (Status2!=STATUS_SUCCESS)
{
DbgPrint(“Error in opening file \n”);
return Status2;
}
else
{
DbgPrint(“file opened successfully\n”);
}

Status= ZwReadFile(
FileHandle2,
NULL,
NULL,
NULL,
&IoStatusBlock2,
gpFileBuffer,
1024,
0,
NULL
);

if(NT_SUCCESS(Status2))
{
gFileOpenFlag=1;
gFileHandle=FileHandle2;

ZwClose(FileHandle2);
}

ExFreePool (pFullPath);
}


Error I am getting

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 00000000, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000001, value 0 = read operation, 1 = write operation
Arg4: 8042d5b4, address which referenced memory

Debugging Details:

WRITE_ADDRESS: 00000000

CURRENT_IRQL: 2

FAULTING_IP:
nt!IopCreateSummaryDump+cf
8042d5b4 8939 mov [ecx],edi

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xA

LAST_CONTROL_TRANSFER: from 8042c068 to 80452e70

STACK_TEXT:
ed4335b0 8042c068 00000003 00000000 8042d5b4
nt!MmMapLockedPagesSpecifyCache+0x48
ed433938 80464b1f 00000000 00000000 00000002 nt!IopWriteDriverList+0xa6
ed433954 8188aee8 ed4339e0 bff19f82 818896c8 nt!MiFlushRelease+0x3e5
WARNING: Frame IP not in any known module. Following frames may be wrong.
bff19fff 530cec83 56085d8b 144b8b57 a7bc15ff 0x8188aee8
ec8b55c3 00000000 00000000 00000000 00000000 0x530cec83

STACK_COMMAND: .bugcheck ; kb

FOLLOWUP_IP:
nt!IopCreateSummaryDump+cf
8042d5b4 8939 mov [ecx],edi

FOLLOWUP_NAME: MachineOwner

SYMBOL_NAME: nt!IopCreateSummaryDump+cf

MODULE_NAME: nt

IMAGE_NAME: ntoskrnl.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 384d9b17

BUCKET_ID: 0xA_W_VRF_nt!IopCreateSummaryDump+cf

Followup: MachineOwner

I am really stuck at this point.
Thanking in advance

santosh k