A known fact of life is that any software program may always have bugs. Even newly deployed software programs may experience failures related to the program and the input data it is processing. Hence, certain type of inputs can influence the outcome of any software program and may even cause it to crash. This problem exists even if the program has undergone rigorous testing. Failure of the program may be particularly problematic for mission critical software, such as spacecraft navigation program or programs monitoring processes in a nuclear reactor. Furthermore, input dependent failure may dramatically impact programs that require high availability, such as web servers and intranet servers (e.g., banking database).
Comprehensive testing can't possibly cover all scenarios that may emerge during the practical use of the program. Therefore, testing alone cannot ensure that the software will not fail when executed with certain input.
In addition a programmer may assume certain input structures. The assumptions may be valid at the time the program was developed or deployed. However, over the years the assumptions may not longer be valid and as a result the program may fail. As an example, consider a server for executing EXE files. The server may have been developed when 32-bit EXE files were used exclusively. However, over the years, 64-bit machines have been developed and accordingly there are 64-bit EXE files that may be provided to the server as input. The assumption, therefore, is no longer correct and the server may potentially fail due to the unexpected input