Interpreting a UMDH Log
User-Mode Dump Heap (UMDH) log files display the list of heap allocations in the process and the stacks where the allocations were made.
This example shows how to generate a log for a process that has ID 1204. The log is written to the file log1.txt.
umdh -p:1204 -f:log1.txt
The log file is not readable because the symbols are not resolved. UMDH resolves symbols when you analyze the log. This example shows how to analyze log1.txt and store the result in result.txt.
umdh -v log1.txt > result.txt
Symbol Files for Analyzing a Log File
Suppose you have two computers: a logging computer where you create a UMDH log and an analysis computer where you analyze the UMDH log. The symbol path on your analysis computer must point to the symbols for the version of Windows that was loaded on the logging computer at the time the log was made. Do not point the symbol path on the analysis computer to a symbol server. If you do, UMDH will retrieve symbols for the version of Windows that is running on the analysis computer, and UMDH will not display meaningful results.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for