Analyze UMDH Logs

Use the following commands to analyze User-Mode Dump Heap (UMDH) logs that were created by running UMDH with the syntax described in Analyze a Running Process. This analysis focuses on allocations, instead of stack traces.

You can analyze a single log file or compare logs from different runs to detect the changes in the program or driver's memory dump allocations over time.

umdh [-d] [-v] [-l] File1 [File2] [-h | ?]


Displays numeric data in decimal numbers. The default is hexadecimal.

Verbose mode. Includes the traces, as well as summary information. The traces are most helpful when analyzing a single log file.

Includes file names and line numbers in the log. (Please note that the parameter is the lowercased letter "L," not the number one.)

File1 [File2]
Specifies the UMDH log files to analyze.

UMDH creates log files when you run it in the analyze a running process mode and save the log content in a text file (-f).

When you specify one log file, UMDH analyzes the file and displays the function calls in each trace in descending order of bytes allocated.

When you specify two log files, UMDH compares the files and displays in descending order the function calls whose allocations have grown the most between the two trials.

-h | ?
Displays help.

Sample Usage

umdh dump.txt
umdh -d -v dump.txt
umdh dump1.txt dump2.txt


Suppose you have two computers: a logging computer where you create a UMDH log and an analysis computer where you analyze the UMDH log. The symbol path on your analysis computer must point to the symbols for the version of Windows that was loaded on the logging computer at the time the log was made. Do not point the symbol path on the analysis computer to a symbol server. If you do, UMDH will retrieve symbols for the version of Windows that is running on the analysis computer, and UMDH will not display meaningful results.