Grabbed the latest version of IDA yesterday and it does have support for analyzing Windows crash dumps (and an awesome new UI). The idea of crash dump support is pretty exciting, combining all the power of WinDBG with the power of IDA.
I didn’t have too much time to play with it yesterday, but the first hurdle appears to be the amount of time it takes to load a crash dump into an IDA database. A 117MB crash dump file took about 3 hours on a fast system, so clearly not going to be your “go to” app when given a crash dump. To be fair, there are also some options available that are meant to cut down the loading time and I didn’t have much chance to try those.
I’d really like to incorporate IDA more into my crash and hang analysis, so I’ll continue to play with the new feature and post any results.
