+DEVELOPMENT ----------------------------------------------------------
+
+Splint
+
+ Build rsync with SPLINT to try to find security holes. Add
+ annotations as necessary. Keep track of the number of warnings
+ found initially, and see how many of them are real bugs, or real
+ security bugs. Knowing the percentage of likely hits would be
+ really interesting for other projects.
+
+Torture test
+
+ Something that just keeps running rsync continuously over a data set
+ likely to generate problems.
+
+Cross-testing
+
+ Run current rsync versions against significant past releases.
+
+Memory debugger
+
+ jra recommends Valgrind:
+
+ http://devel-home.kde.org/~sewardj/
+
+TESTING --------------------------------------------------------------
+
+Cross-test versions
+
+ Part of the regression suite should be making sure that we don't
+ break backwards compatibility: old clients vs new servers and so
+ on. Ideally we would test the cross product of versions.
+
+ It might be sufficient to test downloads from well-known public
+ rsync servers running different versions of rsync. This will give
+ some testing and also be the most common case for having different
+ versions and not being able to upgrade.
+
+Test large files
+
+ Sparse and non-sparse
+
+Mutator program
+
+ Insert bytes, delete bytes, swap blocks, ...
+
+configure option to enable dangerous tests
+
+If tests are skipped, say why.
+
+Test daemon feature to disallow particular options.
+
+