TDI hook 创建IRP导致 NO_MORE_IRP_STACK_LOCATIONS问题

使用TDI hook
参考tdifw代码：

。。。
query_irp = TdiBuildInternalDeviceControlIrp(TDI_QUERY_INFORMATION,
                devobj, irps->FileObject, NULL, NULL);
            if (query_irp == NULL) {
                KdPrint(("[tdi_fw] tdi_create: TdiBuildInternalDeviceControlIrp\n"));
                return FILTER_DENY;
            }

。。。
TdiBuildQueryInformation(query_irp, devobj, irps->FileObject,
        tdi_create_addrobj_complete2, ctx,
        TDI_QUERY_ADDRESS_INFO, mdl);

    status = IoCallDriver(devobj, query_irp);

结果在 IoCallDriver(devobj, query_irp);时蓝屏，windbg查看

NO_MORE_IRP_STACK_LOCATIONS (35)
A higher level driver has attempted to call a lower level driver through
the IoCallDriver() interface, but there are no more stack locations in the
packet, hence, the lower level driver would not be able to access its
parameters, as there are no parameters for it.  This is a disasterous
situation, since the higher level driver "thinks" it has filled in the
parameters for the lower level driver (something it MUST do before it calls
it), but since there is no stack location for the latter driver, the former
has written off of the end of the packet.  This means that some other memory
has probably been trashed at this point.
Arguments:
Arg1: 81b45e70, Address of the IRP
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000
kd> !irp 81b45e70
Irp is active with 0 stacks 0 is current (= 0x821f5c38)
 Mdl=82062008: No System Buffer: Thread 00000003:  Irp stack trace.  
     cmd  flg cl Device   File     Completion-Context

是不是TdiBuildQueryInformation构建irp时出错了，但这个函数是void返回值？
求大牛解惑

解决了，前后devobj不一致导致，