While debugging a memory dump Windbg apparently reads somewhere the checksum, because it complains if you there is no provided (not linked with the /RELEASE flag). BUT it doesnt seem to actually compare them. I tried it with removing a function and rebuilding, but there is no error being shown. Is there some API function in Windbg/ to get the stored checksum or to actually compare them?
PDB files contain
PE files (DLL, EXE) contain
Source files contain
So WinDbg can figure out whether the DLL and PDB match together. It cannot figure out whether the source file you have is actually the one that was used to build the EXE, DLL or PDB.
BTW: this is also the reason why you can't simply rebuild the PDB for a DLL you have created in the past.
How do I compare the checksum of a memdump to the source file
Well, you don't because you can't.
Is there some API function in Windbg/ to get the stored checksum or to actually compare them?
You can get the checksum from a PDB but you cannot compare it to your source. You can only compare it to the DLL or EXE.
You can also turn off the check in WinDbg with .symopt+ 0x40 (MSDN) which is SYMOPT_LOAD_ANYTHING. However, you might get wrong function names, wrong variable names, wrong line numbers etc.
There are tools that make the DLL and PDB match. But, don't do that! You will forget about it and you'll never be notified about the mismatch again. You will get wrong results and you will be very confused or even draw the wrong conclusions. This results in a massive waste of time. It happened to me.