Both the DWARF standard and the Microsoft CodeView (PDB) support embedding a cryptographic hash of each source file that contributed the associated binary.
The cryptographic hash can be used by a debugger to verify that the source file matches the executable. If the source file does not match, the debugger can provide a warning to the user.
The hash can also be used to prove that a given source file has not been modified since it was used to compile an executable. Because MD5 and SHA1 both have demonstrated vulnerabilities, using SHA256 is recommended for this application.
DWARF version 5 supports embedding an MD5 hash to validate the source file version in use.
DWARF 5 - Section 6.2.4.1 opcode DW_LNCT_MD5
LLVM IR supports MD5, SHA1, and SHA256 source file checksums in the DIFile node.
MSVC++ supports embedding MD5, SHA1, or SHA256 hashes using the /ZH
compiler option.
Clang always embeds an MD5 checksum, though this does not appear in documentation.
Tracking issue: rust-lang/rust#70401