A novel approach to program verification combining constraint programming methods with theorem proving is proposed. Starting from an initial symbolic state and precondition, a program is symbolically executed along all feasible paths and then a post-condition is proved or refuted on the final states. Symbolic execution is by mecha-nised reduction of a formal semantics applied to the program. The constraint solver incrementally prunes execution paths by testing if conditions are feasible in the current state. At the end of each path, deductive theorem proving and constraint solving are tried in sequence. If the theorem prover fails, the constraint solver provides a decision procedure for a finite subset of integers. It can also efficiently compute counterexamples. There is a flexible trade-off between speed and assurance. Oracles may be employed as solvers to boost efficiency, but slower formal tools (au-tomatic or interactive) can be used when higher assurance is needed, or the proof requires manual guidance. Theorems proved with oracles are tagged, so the weakest link in a verification is apparent. The approach has been successfully applied to textbook algorithms and first results show that it is quite efficient. On simple examples most of the proofs are done by the theorem prover, the constraint solver is mainly used to compute counterexamples and check non-linear expressions.