ETW: seeing an access violation error when calling TdhGetEventInformation

I am attempting to get a working ETW consumer of events from the Microsoft-Windows-Kernel-Process provider. I am mostly following Microsoft's "Using TdhGetProperty to Consume Event Data" example, found here.

The session starts, I can see it in the output of logman query -ets. My problem is when I get to call TdhGetEventInformation for the first time.

status = TdhGetEventInformation(pEvent, 0, NULL, pInfo, &BufferSize);

My consumer has an access violation at this point. This is what I see in Windbg.

(10e4.188c): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
mintdh!TdhGetEventInformation+0x7c:
00007ff9`4262224c 6641837cc0020b  cmp     word ptr [r8+rax*8+2],0Bh ds:00000000`00000002=????

0:004> r
rax=0000000000000000 rbx=0000000000000000 rcx=0000021ee256c320
rdx=00000048c6dff3c8 rsi=0000021ee256c320 rdi=00000048c6dff420
rip=00007ff94262224c rsp=00000048c6dff200 rbp=00000048c6dff4f0
 r8=0000000000000000  r9=0000000000000000 r10=0000000000000000
r11=0000000000000000 r12=0000000000000010 r13=0000021ee2549a70
r14=0000000000000000 r15=000000000000000e
iopl=0         nv up ei pl zr na po nc
cs=0033  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010246
mintdh!TdhGetEventInformation+0x7c:
00007ff9`4262224c 6641837cc0020b  cmp     word ptr [r8+rax*8+2],0Bh ds:00000000`00000002=????

I am receiving an Event_Record at this point.

 # Child-SP          RetAddr           Call Site
00 00000048`c6dff200 00007ff9`426710f6 mintdh!TdhGetEventInformation+0x7c
01 00000048`c6dff240 00007ff7`f1c22fbc tdh!TdhfGetEventInformation+0x56
02 00000048`c6dff290 00007ff7`f1c212fd ETWConsumer!GetEventInformation(
            struct _EVENT_RECORD * ppEvent = 0x0000021e`e256c320,

I basically have a null pointer because r8 and rax are empty. I have no idea what this mintdh!TdhGetEventInformation function is expecting, or what it thinks is missing.

Has anyone had a similar problem?