ZwRegistryCreate rule (wdm)
The ZwRegistryCreate rule specifies that after calling ZwCreateKey, the driver can call the following registry functions only while holding an open handle to the registry key (that is, before any calls to ZwClose or ZwDeleteKey to close or delete the handle to the registry key):
Finally, this rule specifies that the driver must not return from the dispatch routine or cancel routine while holding an open handle to a registry key.
How to test
|At compile time|
Run Static Driver Verifier and specify the ZwRegistryCreate rule.Use the following steps to run an analysis of your code:
For more information, see Using Static Driver Verifier to Find Defects in Drivers.