Bug: [Modules] time stamps are wrong.

[cw2k]

Hmm these dates look somehow 'funny': Just look at the years: 2028 1978 2059. Wow. And yes I can't 100% exclude that my machine is on constant time travel - again... ...or that I coincidentally made that memory dump exactly at the same time when the ship hit worm hole... ... but yeah in first place I would look if its not maybe the code that is reasonable for that phenom. :)

[GregTheDev]

Thanks, I’ll have a look. Date/times are always great fun, especially when you add time zones and regional settings into the mix.

[mlveggo]

It seems that the timestamp in dumpfiles generated by windows 10 can not be trusted to be an actual timestamp.

https://devblogs.microsoft.com/oldnewthing/20180103-00/?p=97705

WinDbg writes this for module timestamps (if dump created in Windows 10): Timestamp: 6E3B99C1 (This is a reproducible build file hash, not a timestamp)

[cw2k]

Ah I see:

One of the changes to the Windows engineering system begun in Windows 10 is the move toward reproducible builds. This means that if you start with the exact same source code, then you should finish with the exact same binary code.

Did know that before. So then that timestamp value in the PE-header is no timestamp anymore. They turned it into a hash.