Tools to generate and check consistency of model classes for Java PathFinder

Java PathFinder (JPF) is a model checker for Java applications. Like any other model checker, JPF has to combat the notorious state space explosion problem. Since JPF is a JVM, it can only model check Java bytecode and needs to handle native calls differently. JPF tackles the state space explosion problem and handles native calls by means of so-called model classes and native peers. In this paper we focus on model classes. For a class that either causes a state space explosion or that contains native calls, one can introduce a model class that either abstracts away particular details or implements the native call in Java. Rather than model checking the original class, JPF model checks the model class instead. Writing such model classes is time consuming and error prone. In this paper we propose two tools to assist with the development of model classes. The one tool generates a skeleton of a model class. The other tool checks whether a model class is consistent with the original class.