How to Use WinDBG’s UMDH

In short, UMDH is a tool from WinDBG to investigate memory leaks.

To investigate whether it is useful, I’ve created a very simple program as follow:


The application is named test.exe, and according to the WinDBG’s manual, I should activates the gflags tool and setup appropriate debug symbols for my program:


Then, I performed break-point at the location just before executing memory allocation routines. After noting the PID test.exe process id, I go back to the previous command console and executes:


Switching again to the debugger and perform step over malloc function, I again perform umdh command, and the same is also applied after the free function is called. I will have the three files named test.txt, test1.txt and test2.txt.

The file test.txt will served as the base line of memory allocation check point.

To check whether there is a memory leak, compare the the first and the last one as follow:


If there are still memory allocation, then I will have memory leak in my program. You may ask what’s the result if I perform comparison between test1.txt and test2.txt to checks whether there is a decrease in memory usage, the answer is resounding no.

The result of comparing test1.txt and test2.txt still reveals increasing memory usage, which is misleading.

Hence, I believe, umdh only checks whether there’s something missing between the two files and reports increasing memory usage only.

So, is it really useful ? You decide 🙂


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: