Crash on getting process name for file read access in miniflter

The system crashed with ERROR CODE as PAGE_FAULT_IN_NONPAGED AREA when trying to get the process name for any file read access. The code works great for some time. It's approx 30 mins. When spyShelter runs then the crash happens.

I am not able to figure it out. Please have a look and looking forward to hearing soon from you all the experts.

Code:

NTSTATUS GetProcessImageName(    PEPROCESS eProcess,    PUNICODE_STRING* ProcessImageName){    NTSTATUS status = STATUS_UNSUCCESSFUL;    ULONG returnedLength;    HANDLE hProcess = NULL;    PAGED_CODE(); // this eliminates the possibility of the IDLE Thread/Process    if (eProcess == NULL)    {        return STATUS_INVALID_PARAMETER_1;    }    status = ObOpenObjectByPointer(eProcess,        0, NULL, 0, 0, KernelMode, &hProcess);    if (!NT_SUCCESS(status))    {        DbgPrint("ObOpenObjectByPointer Failed: %08x\n", status);        return status;    }    if (ZwQueryInformationProcess == NULL)    {        UNICODE_STRING routineName = RTL_CONSTANT_STRING(L"ZwQueryInformationProcess");        ZwQueryInformationProcess = (QUERY_INFO_PROCESS)MmGetSystemRoutineAddress(&routineName);        if (ZwQueryInformationProcess == NULL)        {            DbgPrint("Cannot resolve ZwQueryInformationProcess");            status = STATUS_UNSUCCESSFUL;            goto cleanUp;        }    }    /* Query the actual size of the process path */    status = ZwQueryInformationProcess(hProcess,        ProcessImageFileName,        NULL, // buffer        0,    // buffer size&returnedLength);    DbgPrint("\n\nMiniPreRead: kernelToUserMode: ProcessNameLength: %u\n", returnedLength);    if (returnedLength >= 260) {        DbgPrint("ZwQueryInformationProcess status = %x\n", status);        status = STATUS_UNSUCCESSFUL;        goto cleanUp;    }    if (STATUS_INFO_LENGTH_MISMATCH != status) {        DbgPrint("ZwQueryInformationProcess status = %x\n", status);        status = STATUS_UNSUCCESSFUL;        goto cleanUp;    }     *ProcessImageName = ExAllocatePoolWithTag(PagedPool, returnedLength, SPY_TAG);    if (NULL == ProcessImageName) {        status =  STATUS_INSUFFICIENT_RESOURCES;        goto cleanUp;    }    status = ZwQueryInformationProcess(hProcess,        ProcessImageFileName,        *ProcessImageName,        returnedLength,&returnedLength);    if (!NT_SUCCESS(status)) {        ExFreePool(*ProcessImageName);        *ProcessImageName = NULL;    }cleanUp:    if (hProcess) {        ZwClose(hProcess);    }    return status;}

Thank you so much.

Link: Crash Analysis of .dmp fileCheck file here