ntdll module not loading correctly in windbg, but why?

Question

I\'ve used windbg for user mode debugging before, but I suspect I did something to my system because I don\'t recall having a problem using for example the extension command

Answer 1

MS is getting rid of all type information in the latest Windows 7 PDBs. This breaks !heap. Here's a twitter conversation about it started by Alex Ionescu, a co-author of "Windows Internals, Sixth Edition": https://twitter.com/aionescu/status/634028737458114560

UPDATE: 10/12/2015: Possible workaround using the PDB Type Theft python script which copies type information from one PDB to another. The usage would be to copy the type information from an older PDB that has the type information that was removed in later PDBs. This link has all the details: http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/PDB-Type-Theft/ba-p/6801065#.Vhv2gPm6fmE

UPDATE: 10/22/2015: With the Microsoft patch day (2015-10-13) and KB3088195, symbols are available again. However, symbols for the broken version have not been provided, so above may still be useful.