Wikipedia has a nice list of static analyzers for C source code.
Those can be used to find bugs without compiling, executing and debugging NeoMutt.

If you have any questions, please send them to the developers’ mailing list:

Tool Description
Address Sanitizer Check for memory leaks, buffer overflows, etc
Assertions Check for unexpected events
Clang-Format Source code formatter
Coccinelle Source code manipulation
Compiler Enable gcc/clang warnings
Coverage Code coverage testing
Coverity Source code analyser
CppCheck Source code analyser
Cproto Function prototype generator
Ctags Source tags generator
Debug Configure Debug Options
Egypt Source code grapher
Include-What-You-Use Header file checker
Scan-Build Source code analyser
Undefined Behaviour Sanitizer Check for undefined behaviour
Valgrind Run time memory checker
xunused Find unused functions and methods

Search by Algolia