Esterel is a synchronous design language for the specification of reactive systems. Thanks to its compact formal semantics, code generation for Esterel is essentially provably correct. In practice, due to the many intricacies of an optimizing compiler, an actual proof would be in order. To begin with, we need a precise description of an efficient translation scheme, into some lowerlevel formalism. We tackle this issue on a specific part of the compilation process: the translation of loop

more »

... cts. First, because of instantaneous loops, programs may generate runtime errors, which cannot be tolerated for embedded systems, and have to be predicted and prevented at compile time. Second, because of schizophrenia, loops must be partly unfolded, making C code generation as well as logic synthesis non-linear in general. Clever expansion strategies are required to minimize the unfolding. We first characterize these two difficulties w.r.t. the formal semantics of Esterel. We then derive very efficient, correct-by-construction algorithms to verify and transform loops at compile time, using static analysis and program rewriting techniques. With this aim in view, we extend the language with a new gotopause construct, which we use to encode loops. It behaves as a non-instantaneous jump instruction compatible with concurrency.