11 files changed, 534 insertions, 103 deletions

diff --git a/doc/sphinx/addendum/extended-pattern-matching.rst b/doc/sphinx/addendum/extended-pattern-matching.rst
index 64d4eddf04..1d3b661732 100644
--- a/doc/sphinx/addendum/extended-pattern-matching.rst
+++ b/doc/sphinx/addendum/extended-pattern-matching.rst
@@ -305,6 +305,8 @@ explicitations (as for terms 2.7.11).
         end).
 
 
+.. _matching-dependent:
+
 Matching objects of dependent types
 -----------------------------------
 
@@ -414,6 +416,7 @@ length, by writing
 
 I have a copy of :g:`b` in type :g:`listn 0` resp :g:`listn (S n')`.
 
+.. _match-in-patterns:
 
 Patterns in ``in``
 ~~~~~~~~~~~~~~~~~~
diff --git a/doc/sphinx/addendum/extraction.rst b/doc/sphinx/addendum/extraction.rst
index d7f97edab1..38365e4035 100644
--- a/doc/sphinx/addendum/extraction.rst
+++ b/doc/sphinx/addendum/extraction.rst
@@ -1,16 +1,16 @@
-.. _extraction:
-
 .. include:: ../replaces.rst
 
-Extraction of programs in OCaml and Haskell
-============================================
+.. _extraction:
+
+Extraction of programs in |OCaml| and Haskell
+=============================================
 
 :Authors: Jean-Christophe Filliâtre and Pierre Letouzey
 
 We present here the |Coq| extraction commands, used to build certified
 and relatively efficient functional programs, extracting them from
 either |Coq| functions or |Coq| proofs of specifications. The
-functional languages available as output are currently OCaml, Haskell
+functional languages available as output are currently |OCaml|, Haskell
 and Scheme. In the following, "ML" will be used (abusively) to refer
 to any of the three.
 
@@ -89,11 +89,11 @@ in the |Coq| sources.
 .. cmd:: Extraction TestCompile @qualid ... @qualid.
 
    All the mentioned objects and all their dependencies are extracted
-   to a temporary OCaml file, just as in ``Extraction "file"``. Then
+   to a temporary |OCaml| file, just as in ``Extraction "file"``. Then
    this temporary file and its signature are compiled with the same
-   OCaml compiler used to built |Coq|. This command succeeds only
-   if the extraction and the OCaml compilation succeed. It fails
-   if the current target language of the extraction is not OCaml.
+   |OCaml| compiler used to built |Coq|. This command succeeds only
+   if the extraction and the |OCaml| compilation succeed. It fails
+   if the current target language of the extraction is not |OCaml|.
 
 Extraction Options
 -------------------
@@ -102,26 +102,26 @@ Setting the target language
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 The ability to fix target language is the first and more important
-of the extraction options. Default is ``Ocaml``.
+of the extraction options. Default is ``OCaml``.
 
-.. cmd:: Extraction Language Ocaml.
+.. cmd:: Extraction Language OCaml.
 .. cmd:: Extraction Language Haskell.
 .. cmd:: Extraction Language Scheme.
 
 Inlining and optimizations
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Since OCaml is a strict language, the extracted code has to
+Since |OCaml| is a strict language, the extracted code has to
 be optimized in order to be efficient (for instance, when using
 induction principles we do not want to compute all the recursive calls
 but only the needed ones). So the extraction mechanism provides an
 automatic optimization routine that will be called each time the user
-want to generate OCaml programs. The optimizations can be split in two
+want to generate |OCaml| programs. The optimizations can be split in two
 groups: the type-preserving ones (essentially constant inlining and
 reductions) and the non type-preserving ones (some function
 abstractions of dummy types are removed when it is deemed safe in order
 to have more elegant types). Therefore some constants may not appear in the
-resulting monolithic OCaml program. In the case of modular extraction,
+resulting monolithic |OCaml| program. In the case of modular extraction,
 even if some inlining is done, the inlined constant are nevertheless
 printed, to ensure session-independent programs.
 
@@ -264,10 +264,9 @@ what ML term corresponds to a given axiom.
    be inlined everywhere instead of being declared via a ``let``.
 
    .. note::
-
-   This command is sugar for an ``Extract Constant`` followed
-   by a ``Extraction Inline``. Hence a ``Reset Extraction Inline``
-   will have an effect on the realized and inlined axiom.
+      This command is sugar for an ``Extract Constant`` followed
+      by a ``Extraction Inline``. Hence a ``Reset Extraction Inline``
+      will have an effect on the realized and inlined axiom.
 
 .. caution:: It is the responsibility of the user to ensure that the ML
    terms given to realize the axioms do have the expected types. In
@@ -336,7 +335,7 @@ native boolean type instead of |Coq| one. The syntax is the following:
    argument is considered to have one unit argument, in order to block
    early evaluation of the branch: ``| O => bar`` leads to the functional
    form ``(fun () -> bar)``. For instance, when extracting ``nat``
-   into OCaml ``int``, the code to provide has type:
+   into |OCaml| ``int``, the code to provide has type:
    ``(unit->'a)->(int->'a)->int->'a``.
 
 .. caution:: As for ``Extract Constant``, this command should be used with care:
@@ -347,15 +346,15 @@ native boolean type instead of |Coq| one. The syntax is the following:
   * Extracting an inductive type to a pre-existing ML inductive type
     is quite sound. But extracting to a general type (by providing an
     ad-hoc pattern-matching) will often **not** be fully rigorously
-    correct. For instance, when extracting ``nat`` to OCaml ``int``,
+    correct. For instance, when extracting ``nat`` to |OCaml| ``int``,
     it is theoretically possible to build ``nat`` values that are
-    larger than OCaml ``max_int``. It is the user's responsibility to
+    larger than |OCaml| ``max_int``. It is the user's responsibility to
     be sure that no overflow or other bad events occur in practice.
 
   * Translating an inductive type to an arbitrary ML type does **not**
     magically improve the asymptotic complexity of functions, even if the
     ML type is an efficient representation. For instance, when extracting
-    ``nat`` to OCaml ``int``, the function ``Nat.mul`` stays quadratic.
+    ``nat`` to |OCaml| ``int``, the function ``Nat.mul`` stays quadratic.
     It might be interesting to associate this translation with
     some specific ``Extract Constant`` when primitive counterparts exist.
 
@@ -369,9 +368,9 @@ Typical examples are the following:
 
 .. note::
 
-   When extracting to Ocaml, if an inductive constructor or type has arity 2 and
+   When extracting to |OCaml|, if an inductive constructor or type has arity 2 and
    the corresponding string is enclosed by parentheses, and the string meets
-   Ocaml's lexical criteria for an infix symbol, then the rest of the string is
+   |OCaml|'s lexical criteria for an infix symbol, then the rest of the string is
    used as infix constructor or type.
 
 .. coqtop:: in
@@ -380,7 +379,7 @@ Typical examples are the following:
    Extract Inductive prod => "(*)"  [ "(,)" ].
 
 As an example of translation to a non-inductive datatype, let's turn
-``nat`` into OCaml ``int`` (see caveat above):
+``nat`` into |OCaml| ``int`` (see caveat above):
 
 .. coqtop:: in
 
@@ -394,7 +393,7 @@ directly depends from the names of the |Coq| files. It may happen that
 these filenames are in conflict with already existing files, 
 either in the standard library of the target language or in other
 code that is meant to be linked with the extracted code. 
-For instance the module ``List`` exists both in |Coq| and in OCaml.
+For instance the module ``List`` exists both in |Coq| and in |OCaml|.
 It is possible to instruct the extraction not to use particular filenames.
 
 .. cmd:: Extraction Blacklist @ident ... @ident.
@@ -410,7 +409,7 @@ It is possible to instruct the extraction not to use particular filenames.
 
    Allow the extraction to use any filename.
 
-For OCaml, a typical use of these commands is
+For |OCaml|, a typical use of these commands is
 ``Extraction Blacklist String List``.
 
 Differences between |Coq| and ML type systems
@@ -418,7 +417,7 @@ Differences between |Coq| and ML type systems
 
 Due to differences between |Coq| and ML type systems, 
 some extracted programs are not directly typable in ML. 
-We now solve this problem (at least in OCaml) by adding 
+We now solve this problem (at least in |OCaml|) by adding
 when needed some unsafe casting ``Obj.magic``, which give
 a generic type ``'a`` to any term.
 
@@ -432,7 +431,7 @@ function:
 
    Definition dp {A B:Type}(x:A)(y:B)(f:forall C:Type, C->C) := (f A x, f B y).
 
-In Ocaml, for instance, the direct extracted term would be::
+In |OCaml|, for instance, the direct extracted term would be::
 
    let dp x y f = Pair((f () x),(f () y))
 
@@ -455,12 +454,12 @@ of a constructor; for example:
    Inductive anything : Type := dummy : forall A:Set, A -> anything.
 
 which corresponds to the definition of an ML dynamic type.
-In OCaml, we must cast any argument of the constructor dummy
+In |OCaml|, we must cast any argument of the constructor dummy
 (no GADT are produced yet by the extraction).
 
 Even with those unsafe castings, you should never get error like
 ``segmentation fault``. In fact even if your program may seem
-ill-typed to the Ocaml type-checker, it can't go wrong : it comes 
+ill-typed to the |OCaml| type-checker, it can't go wrong : it comes
 from a Coq well-typed terms, so for example inductive types will always 
 have the correct number of arguments, etc. Of course, when launching
 manually some extracted function, you should apply it to arguments
@@ -470,14 +469,14 @@ More details about the correctness of the extracted programs can be
 found in :cite:`Let02`.
 
 We have to say, though, that in most "realistic" programs, these problems do not
-occur. For example all the programs of Coq library are accepted by the OCaml
+occur. For example all the programs of Coq library are accepted by the |OCaml|
 type-checker without any ``Obj.magic`` (see examples below).
 
 Some examples
 -------------
 
 We present here two examples of extractions, taken from the 
-|Coq| Standard Library. We choose OCaml as target language, 
+|Coq| Standard Library. We choose |OCaml| as target language,
 but all can be done in the other dialects with slight modifications.
 We then indicate where to find other examples and tests of extraction.
 
@@ -493,7 +492,7 @@ This module contains a theorem ``eucl_dev``, whose type is::
 
 where ``diveucl`` is a type for the pair of the quotient and the
 modulo, plus some logical assertions that disappear during extraction.
-We can now extract this program to OCaml:
+We can now extract this program to |OCaml|:
 
 .. coqtop:: none
 
@@ -513,7 +512,7 @@ You can then copy-paste the output to a file ``euclid.ml`` or let
 
    Extraction "euclid" eucl_dev.
 
-Let us play the resulting program (in an OCaml toplevel)::
+Let us play the resulting program (in an |OCaml| toplevel)::
 
    #use "euclid.ml";;
    type nat = O | S of nat
@@ -527,7 +526,7 @@ Let us play the resulting program (in an OCaml toplevel)::
    # eucl_dev (S (S O)) (S (S (S (S (S O)))));;
    - : diveucl = Divex (S (S O), S O)
 
-It is easier to test on OCaml integers::
+It is easier to test on |OCaml| integers::
 
    # let rec nat_of_int = function 0 -> O | n -> S (nat_of_int (n-1));;
    val nat_of_int : int -> nat = <fun>
diff --git a/doc/sphinx/addendum/generalized-rewriting.rst b/doc/sphinx/addendum/generalized-rewriting.rst
index da9e97e6fa..d60387f4f6 100644
--- a/doc/sphinx/addendum/generalized-rewriting.rst
+++ b/doc/sphinx/addendum/generalized-rewriting.rst
@@ -1,14 +1,12 @@
-.. _generalizedrewriting:
-
------------------------
- Generalized rewriting
------------------------
+.. include:: ../preamble.rst
+.. include:: ../replaces.rst
 
-:Author: Matthieu Sozeau
+.. _generalizedrewriting:
 
 Generalized rewriting
 =====================
 
+:Author: Matthieu Sozeau
 
 This chapter presents the extension of several equality related
 tactics to work over user-defined structures (called setoids) that are
@@ -479,7 +477,7 @@ The declaration itself amounts to the definition of an object of the
 record type ``Coq.Classes.RelationClasses.Equivalence`` and a hint added
 to the ``typeclass_instances`` hint database. Morphism declarations are
 also instances of a type class defined in ``Classes.Morphisms``. See the
-documentation on type classes :ref:`TODO-chapter-20-type-classes`
+documentation on type classes :ref:`typeclasses`
 and the theories files in Classes for further explanations.
 
 One can inform the rewrite tactic about morphisms and relations just
@@ -707,22 +705,20 @@ defined constants as transparent by default. This may slow down the
 resolution due to a lot of unifications (all the declared ``Proper``
 instances are tried at each node of the search tree). To speed it up,
 declare your constant as rigid for proof search using the command
-``Typeclasses Opaque`` (see :ref:`TODO-20.6.7-typeclasses-transparency`).
-
+``Typeclasses Opaque`` (see :ref:`TypeclassesTransparent`).
 
 Strategies for rewriting
 ------------------------
 
-
 Definitions
 ~~~~~~~~~~~
 
-The generalized rewriting tactic is based on a set of strategies that
-can be combined to obtain custom rewriting procedures. Its set of
-strategies is based on Elan’s rewriting strategies :ref:`TODO-102-biblio`. Rewriting
+The generalized rewriting tactic is based on a set of strategies that can be
+combined to obtain custom rewriting procedures. Its set of strategies is based
+on Elan’s rewriting strategies :cite:`Luttik97specificationof`. Rewriting
 strategies are applied using the tactic ``rewrite_strat s`` where ``s`` is a
-strategy expression. Strategies are defined inductively as described
-by the following grammar:
+strategy expression. Strategies are defined inductively as described by the
+following grammar:
 
 .. productionlist:: rewriting
    s, t, u : `strategy`
@@ -812,7 +808,7 @@ Hint databases created for ``autorewrite`` can also be used
 by ``rewrite_strat`` using the ``hints`` strategy that applies any of the
 lemmas at the current subterm. The ``terms`` strategy takes the lemma
 names directly as arguments. The ``eval`` strategy expects a reduction
-expression (see :ref:`TODO-8.7-performing-computations`) and succeeds
+expression (see :ref:`performingcomputations`) and succeeds
 if it reduces the subterm under consideration. The ``fold`` strategy takes
 a term ``c`` and tries to *unify* it to the current subterm, converting it to ``c``
 on success, it is stronger than the tactic ``fold``.
diff --git a/doc/sphinx/addendum/implicit-coercions.rst b/doc/sphinx/addendum/implicit-coercions.rst
index f5ca5be44a..ec1b942e02 100644
--- a/doc/sphinx/addendum/implicit-coercions.rst
+++ b/doc/sphinx/addendum/implicit-coercions.rst
@@ -1,7 +1,7 @@
-.. _implicitcoercions:
-
 .. include:: ../replaces.rst
 
+.. _implicitcoercions:
+
 Implicit Coercions
 ====================
 
@@ -166,7 +166,7 @@ Declaration of Coercions
 
 Assumptions can be declared as coercions at declaration time.
 This extends the grammar of assumptions from
-Figure :ref:`TODO-1.3-sentences-syntax` as follows:
+Figure :ref:`vernacular` as follows:
 
 ..
   FIXME:
@@ -186,7 +186,7 @@ assumptions are declared as coercions.
 
 Similarly, constructors of inductive types can be declared as coercions at
 definition time of the inductive type. This extends and modifies the
-grammar of inductive types from Figure :ref:`TODO-1.3-sentences-syntax` as follows:
+grammar of inductive types from Figure :ref:`vernacular` as follows:
 
 ..
   FIXME:
@@ -267,29 +267,29 @@ Activating the Printing of Coercions
   To skip the printing of coercion `qualid`, use
   ``Remove Printing Coercion`` `qualid`. By default, a coercion is never printed.
 
+.. _coercions-classes-as-records:
 
 Classes as Records
 ------------------
 
-We allow the definition of *Structures with Inheritance* (or
-classes as records) by extending the existing ``Record`` macro
-(see Section :ref:`TODO-2.1-Record`). Its new syntax is:
-
-.. cmd:: Record {? >} @ident {? @binders} : @sort := {? @ident} { {+; @ident :{? >} @term } }.
-
-  The first identifier `ident` is the name of the defined record and
-  `sort` is its type. The optional identifier after ``:=`` is the name
-  of the constuctor (it will be ``Build_``\ `ident` if not given).
-  The other identifiers are the names of the fields, and the `term`
-  are their respective types. If ``:>`` is used instead of ``:`` in
-  the declaration of a field, then the name of this field is automatically
-  declared as a coercion from the record name to the class of this
-  field type. Remark that the fields always verify the uniform
-  inheritance condition. If the optional ``>`` is given before the
-  record name, then the constructor name is automatically declared as
-  a coercion from the class of the last field type to the record name
-  (this may fail if the uniform inheritance condition is not
-  satisfied).
+We allow the definition of *Structures with Inheritance* (or classes as records)
+by extending the existing :cmd:`Record` macro. Its new syntax is:
+
+.. cmdv:: Record {? >} @ident {? @binders} : @sort := {? @ident} { {+; @ident :{? >} @term } }.
+
+   The first identifier `ident` is the name of the defined record and
+   `sort` is its type. The optional identifier after ``:=`` is the name
+   of the constuctor (it will be ``Build_``\ `ident` if not given).
+   The other identifiers are the names of the fields, and the `term`
+   are their respective types. If ``:>`` is used instead of ``:`` in
+   the declaration of a field, then the name of this field is automatically
+   declared as a coercion from the record name to the class of this
+   field type. Remark that the fields always verify the uniform
+   inheritance condition. If the optional ``>`` is given before the
+   record name, then the constructor name is automatically declared as
+   a coercion from the class of the last field type to the record name
+   (this may fail if the uniform inheritance condition is not
+   satisfied).
 
 .. note::
 
diff --git a/doc/sphinx/addendum/miscellaneous-extensions.rst b/doc/sphinx/addendum/miscellaneous-extensions.rst
index b0343a8f01..80ea8a1166 100644
--- a/doc/sphinx/addendum/miscellaneous-extensions.rst
+++ b/doc/sphinx/addendum/miscellaneous-extensions.rst
@@ -3,18 +3,10 @@
 .. _miscellaneousextensions:
 
 Miscellaneous extensions
-=======================
-
-:Source: https://coq.inria.fr/distrib/current/refman/miscellaneous.html
-:Converted by: Paul Steckler
-
-.. contents::
-   :local:
-   :depth: 1
-----
+========================
 
 Program derivation
------------------
+------------------
 
 |Coq| comes with an extension called ``Derive``, which supports program
 derivation. Typically in the style of Bird and Meertens or derivations
@@ -28,7 +20,7 @@ The first `ident` can appear in `term`. This command opens a new proof
 presenting the user with a goal for term in which the name `ident` is
 bound to an existential variable `?x` (formally, there are other goals
 standing for the existential variables but they are shelved, as
-described in Section :ref:`TODO-8.17.4`).
+described in :tacn:`shelve`).
 
 When the proof ends two constants are defined:
 
diff --git a/doc/sphinx/addendum/nsatz.rst b/doc/sphinx/addendum/nsatz.rst
index ef9b3505d4..387d614956 100644
--- a/doc/sphinx/addendum/nsatz.rst
+++ b/doc/sphinx/addendum/nsatz.rst
@@ -19,7 +19,7 @@ where :math:`P, Q, P₁,Q₁,\ldots,Pₛ, Qₛ` are polynomials and :math:`A` is
 domain, i.e. a commutative ring with no zero divisor. For example, :math:`A`
 can be :math:`\mathbb{R}`, :math:`\mathbb{Z}`, or :math:`\mathbb{Q}`.
 Note that the equality :math:`=` used in these goals can be
-any setoid equality (see :ref:`TODO-27.2.2`) , not only Leibnitz equality.
+any setoid equality (see :ref:`tactics-enabled-on-user-provided-relations`) , not only Leibnitz equality.
 
 It also proves formulas
 
diff --git a/doc/sphinx/addendum/parallel-proof-processing.rst b/doc/sphinx/addendum/parallel-proof-processing.rst
index 8c1b9d152b..edb8676a5b 100644
--- a/doc/sphinx/addendum/parallel-proof-processing.rst
+++ b/doc/sphinx/addendum/parallel-proof-processing.rst
@@ -39,14 +39,14 @@ Proof annotations
 To process a proof asynchronously |Coq| needs to know the precise
 statement of the theorem without looking at the proof. This requires
 some annotations if the theorem is proved inside a Section (see
-Section :ref:`TODO-2.4`).
+Section :ref:`section-mechanism`).
 
 When a section ends, |Coq| looks at the proof object to decide which
 section variables are actually used and hence have to be quantified in
 the statement of the theorem. To avoid making the construction of
 proofs mandatory when ending a section, one can start each proof with
-the ``Proof using`` command (Section :ref:`TODO-7.1.5`) that declares which section
-variables the theorem uses.
+the ``Proof using`` command (Section :ref:`proof-editing-mode`) that
+declares which section variables the theorem uses.
 
 The presence of ``Proof`` using is needed to process proofs asynchronously
 in interactive mode.
diff --git a/doc/sphinx/addendum/program.rst b/doc/sphinx/addendum/program.rst
index eb50e52dc7..1c3fdeb430 100644
--- a/doc/sphinx/addendum/program.rst
+++ b/doc/sphinx/addendum/program.rst
@@ -135,7 +135,7 @@ support types, avoiding uses of proof-irrelevance that would come up
 when reasoning with equality on the subset types themselves.
 
 The next two commands are similar to their standard counterparts
-Definition (see Section `TODO-1.3.2-Definition`_) and Fixpoint (see Section `TODO-1.3.4-Fixpoint`_)
+:cmd:`Definition` and :cmd:`Fixpoint`
 in that they define constants. However, they may require the user to
 prove some goals to construct the final definitions.
 
@@ -174,7 +174,7 @@ Program Definition
 
       .. TODO refer to production in alias
 
-See also: Sections `TODO-6.10.1-Opaque`_, `TODO-6.10.2-Transparent`_, `TODO-8.7.5-unfold`_
+See also: Sections :ref:`vernac-controlling-the-reduction-strategies`, :tacn:`unfold`
 
 .. _program_fixpoint:
 
@@ -196,7 +196,7 @@ The optional order annotation follows the grammar:
 + :g:`wf R x` which is equivalent to :g:`measure x (R)`.
 
 The structural fixpoint operator behaves just like the one of |Coq| (see
-Section `TODO-1.3.4-Fixpoint`_), except it may also generate obligations. It works
+:cmd:`Fixpoint`), except it may also generate obligations. It works
 with mutually recursive definitions too.
 
 .. coqtop:: reset none
diff --git a/doc/sphinx/addendum/ring.rst b/doc/sphinx/addendum/ring.rst
index b861892cbb..ae666a0d45 100644
--- a/doc/sphinx/addendum/ring.rst
+++ b/doc/sphinx/addendum/ring.rst
@@ -701,7 +701,7 @@ for |Coq|’s type-checker. Let us see why:
 At each step of rewriting, the whole context is duplicated in the
 proof term. Then, a tactic that does hundreds of rewriting generates
 huge proof terms. Since ``ACDSimpl`` was too slow, Samuel Boutin rewrote
-it using reflection (see his article in TACS’97 [Bou97]_). Later, it
+it using reflection (see :cite:`Bou97`). Later, it
 was rewritten by Patrick Loiseleur: the new tactic does not any
 more require ``ACDSimpl`` to compile and it makes use of |bdi|-reduction not
 only to replace the rewriting steps, but also to achieve the
diff --git a/doc/sphinx/addendum/type-classes.rst b/doc/sphinx/addendum/type-classes.rst
index becebb421b..8861cac8af 100644
--- a/doc/sphinx/addendum/type-classes.rst
+++ b/doc/sphinx/addendum/type-classes.rst
@@ -5,9 +5,6 @@
 Type Classes
 ============
 
-:Source: https://coq.inria.fr/distrib/current/refman/type-classes.html
-:Author: Matthieu Sozeau
-
 This chapter presents a quick reference of the commands related to type
 classes. For an actual introduction to type classes, there is a
 description of the system :cite:`sozeau08` and the literature on type
@@ -151,11 +148,10 @@ database.
 Sections and contexts
 ---------------------
 
-To ease the parametrization of developments by type classes, we
-provide a new way to introduce variables into section contexts,
-compatible with the implicit argument mechanism. The new command works
-similarly to the ``Variables`` vernacular (:ref:`TODO-1.3.2-Definitions`), except it
-accepts any binding context as argument. For example:
+To ease the parametrization of developments by type classes, we provide a new
+way to introduce variables into section contexts, compatible with the implicit
+argument mechanism. The new command works similarly to the :cmd:`Variables`
+vernacular, except it accepts any binding context as argument. For example:
 
 .. coqtop:: all
 
@@ -336,7 +332,7 @@ Variants:
 
 .. cmd:: Program Instance
 
-   Switches the type-checking to Program (chapter :ref:`program`) and
+   Switches the type-checking to Program (chapter :ref:`programs`) and
    uses the obligation mechanism to manage missing fields.
 
 .. cmd:: Declare Instance
diff --git a/doc/sphinx/addendum/universe-polymorphism.rst b/doc/sphinx/addendum/universe-polymorphism.rst
new file mode 100644
index 0000000000..c791fc906b
--- /dev/null
+++ b/doc/sphinx/addendum/universe-polymorphism.rst
@@ -0,0 +1,445 @@
+.. include:: ../replaces.rst
+
+.. _polymorphicuniverses:
+
+Polymorphic Universes
+======================
+
+:Author: Matthieu Sozeau
+
+General Presentation
+---------------------
+
+.. warning::
+
+   The status of Universe Polymorphism is experimental.
+
+This section describes the universe polymorphic extension of |Coq|.
+Universe polymorphism makes it possible to write generic definitions
+making use of universes and reuse them at different and sometimes
+incompatible universe levels.
+
+A standard example of the difference between universe *polymorphic*
+and *monomorphic* definitions is given by the identity function:
+
+.. coqtop:: in
+
+   Definition identity {A : Type} (a : A) := a.
+
+By default, constant declarations are monomorphic, hence the identity
+function declares a global universe (say ``Top.1``) for its domain.
+Subsequently, if we try to self-apply the identity, we will get an
+error:
+
+.. coqtop:: all
+
+   Fail Definition selfid := identity (@identity).
+
+Indeed, the global level ``Top.1`` would have to be strictly smaller than
+itself for this self-application to typecheck, as the type of
+:g:`(@identity)` is :g:`forall (A : Type@{Top.1}), A -> A` whose type is itself
+:g:`Type@{Top.1+1}`.
+
+A universe polymorphic identity function binds its domain universe
+level at the definition level instead of making it global.
+
+.. coqtop:: in
+
+   Polymorphic Definition pidentity {A : Type} (a : A) := a.
+
+.. coqtop:: all
+
+   About pidentity.
+
+It is then possible to reuse the constant at different levels, like
+so:
+
+.. coqtop:: in
+
+   Definition selfpid := pidentity (@pidentity).
+
+Of course, the two instances of :g:`pidentity` in this definition are
+different. This can be seen when the :opt:`Printing Universes` option is on:
+
+.. coqtop:: none
+
+   Set Printing Universes.
+
+.. coqtop:: all
+
+   Print selfpid.
+
+Now :g:`pidentity` is used at two different levels: at the head of the
+application it is instantiated at ``Top.3`` while in the argument position
+it is instantiated at ``Top.4``. This definition is only valid as long as
+``Top.4`` is strictly smaller than ``Top.3``, as show by the constraints. Note
+that this definition is monomorphic (not universe polymorphic), so the
+two universes (in this case ``Top.3`` and ``Top.4``) are actually global
+levels.
+
+When printing :g:`pidentity`, we can see the universes it binds in
+the annotation :g:`@{Top.2}`. Additionally, when
+:g:`Set Printing Universes` is on we print the "universe context" of
+:g:`pidentity` consisting of the bound universes and the
+constraints they must verify (for :g:`pidentity` there are no constraints).
+
+Inductive types can also be declared universes polymorphic on
+universes appearing in their parameters or fields. A typical example
+is given by monoids:
+
+.. coqtop:: in
+
+   Polymorphic Record Monoid := { mon_car :> Type; mon_unit : mon_car;
+     mon_op : mon_car -> mon_car -> mon_car }.
+
+.. coqtop:: in
+
+   Print Monoid.
+
+The Monoid's carrier universe is polymorphic, hence it is possible to
+instantiate it for example with :g:`Monoid` itself. First we build the
+trivial unit monoid in :g:`Set`:
+
+.. coqtop:: in
+
+   Definition unit_monoid : Monoid :=
+     {| mon_car := unit; mon_unit := tt; mon_op x y := tt |}.
+
+From this we can build a definition for the monoid of :g:`Set`\-monoids
+(where multiplication would be given by the product of monoids).
+
+.. coqtop:: in
+
+   Polymorphic Definition monoid_monoid : Monoid.
+     refine (@Build_Monoid Monoid unit_monoid (fun x y => x)).
+   Defined.
+
+.. coqtop:: all
+
+   Print monoid_monoid.
+
+As one can see from the constraints, this monoid is “large”, it lives
+in a universe strictly higher than :g:`Set`.
+
+Polymorphic, Monomorphic
+-------------------------
+
+.. cmd:: Polymorphic @definition
+
+   As shown in the examples, polymorphic definitions and inductives can be
+   declared using the ``Polymorphic`` prefix.
+
+.. opt:: Universe Polymorphism
+
+   Once enabled, this option will implicitly prepend ``Polymorphic`` to any
+   definition of the user.
+
+.. cmd:: Monomorphic @definition
+
+   When the :opt:`Universe Polymorphism` option is set, to make a definition
+   producing global universe constraints, one can use the ``Monomorphic`` prefix.
+
+Many other commands support the ``Polymorphic`` flag, including:
+
+.. TODO add links on each of these?
+
+- ``Lemma``, ``Axiom``, and all the other “definition” keywords support
+  polymorphism.
+
+- ``Variables``, ``Context``, ``Universe`` and ``Constraint`` in a section support
+  polymorphism. This means that the universe variables (and associated
+  constraints) are discharged polymorphically over definitions that use
+  them. In other words, two definitions in the section sharing a common
+  variable will both get parameterized by the universes produced by the
+  variable declaration. This is in contrast to a “mononorphic” variable
+  which introduces global universes and constraints, making the two
+  definitions depend on the *same* global universes associated to the
+  variable.
+
+- :cmd:`Hint Resolve` and :cmd:`Hint Rewrite` will use the auto/rewrite hint
+  polymorphically, not at a single instance.
+
+Cumulative, NonCumulative
+-------------------------
+
+Polymorphic inductive types, coinductive types, variants and records can be
+declared cumulative using the :g:`Cumulative` prefix.
+
+.. cmd:: Cumulative @inductive
+
+   Declares the inductive as cumulative
+
+Alternatively, there is an option :g:`Set Polymorphic Inductive
+Cumulativity` which when set, makes all subsequent *polymorphic*
+inductive definitions cumulative.  When set, inductive types and the
+like can be enforced to be non-cumulative using the :g:`NonCumulative`
+prefix.
+
+.. cmd:: NonCumulative @inductive
+
+   Declares the inductive as non-cumulative
+
+.. opt:: Polymorphic Inductive Cumulativity
+
+   When this option is on, it sets all following polymorphic inductive
+   types as cumulative (it is off by default).
+
+Consider the examples below.
+
+.. coqtop:: in
+
+   Polymorphic Cumulative Inductive list {A : Type} :=
+   | nil : list
+   | cons : A -> list -> list.
+
+.. coqtop:: all
+
+   Print list.
+
+When printing :g:`list`, the universe context indicates the subtyping
+constraints by prefixing the level names with symbols.
+
+Because inductive subtypings are only produced by comparing inductives
+to themselves with universes changed, they amount to variance
+information: each universe is either invariant, covariant or
+irrelevant (there are no contravariant subtypings in Coq),
+respectively represented by the symbols `=`, `+` and `*`.
+
+Here we see that :g:`list` binds an irrelevant universe, so any two
+instances of :g:`list` are convertible: :math:`E[Γ] ⊢ \mathsf{list}@\{i\}~A
+=_{βδιζη} \mathsf{list}@\{j\}~B` whenever :math:`E[Γ] ⊢ A =_{βδιζη} B` and
+this applies also to their corresponding constructors, when
+they are comparable at the same type.
+
+See :ref:`Conversion-rules` for more details on convertibility and subtyping.
+The following is an example of a record with non-trivial subtyping relation:
+
+.. coqtop:: all
+
+   Polymorphic Cumulative Record packType := {pk : Type}.
+
+:g:`packType` binds a covariant universe, i.e.
+
+.. math::
+
+   E[Γ] ⊢ \mathsf{packType}@\{i\} =_{βδιζη}
+   \mathsf{packType}@\{j\}~\mbox{ whenever }~i ≤ j
+
+Cumulative inductive types, coninductive types, variants and records
+only make sense when they are universe polymorphic. Therefore, an
+error is issued whenever the user uses the :g:`Cumulative` or
+:g:`NonCumulative` prefix in a monomorphic context.
+Notice that this is not the case for the option :g:`Set Polymorphic Inductive Cumulativity`.
+That is, this option, when set, makes all subsequent *polymorphic*
+inductive declarations cumulative (unless, of course the :g:`NonCumulative` prefix is used)
+but has no effect on *monomorphic* inductive declarations.
+
+Consider the following examples.
+
+.. coqtop:: all reset
+
+   Monomorphic Cumulative Inductive Unit := unit.
+
+.. coqtop:: all reset
+
+   Monomorphic NonCumulative Inductive Unit := unit.
+
+.. coqtop:: all reset
+
+   Set Polymorphic Inductive Cumulativity.
+   Inductive Unit := unit.
+
+An example of a proof using cumulativity
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. coqtop:: in
+
+   Set Universe Polymorphism.
+   Set Polymorphic Inductive Cumulativity.
+
+   Inductive eq@{i} {A : Type@{i}} (x : A) : A -> Type@{i} := eq_refl : eq x x.
+
+   Definition funext_type@{a b e} (A : Type@{a}) (B : A -> Type@{b})
+   := forall f g : (forall a, B a),
+                   (forall x, eq@{e} (f x) (g x))
+                   -> eq@{e} f g.
+
+   Section down.
+      Universes a b e e'.
+      Constraint e' < e.
+      Lemma funext_down {A B}
+        (H : @funext_type@{a b e} A B) : @funext_type@{a b e'} A B.
+      Proof.
+        exact H.
+      Defined.
+   End down.
+
+Cumulativity Weak Constraints
+-----------------------------
+
+.. opt:: Cumulativity Weak Constraints
+
+This option, on by default, causes "weak" constraints to be produced
+when comparing universes in an irrelevant position. Processing weak
+constraints is delayed until minimization time. A weak constraint
+between `u` and `v` when neither is smaller than the other and
+one is flexible causes them to be unified. Otherwise the constraint is
+silently discarded.
+
+This heuristic is experimental and may change in future versions.
+Disabling weak constraints is more predictable but may produce
+arbitrary numbers of universes.
+
+
+Global and local universes
+---------------------------
+
+Each universe is declared in a global or local environment before it
+can be used. To ensure compatibility, every *global* universe is set
+to be strictly greater than :g:`Set` when it is introduced, while every
+*local* (i.e. polymorphically quantified) universe is introduced as
+greater or equal to :g:`Set`.
+
+
+Conversion and unification
+---------------------------
+
+The semantics of conversion and unification have to be modified a
+little to account for the new universe instance arguments to
+polymorphic references. The semantics respect the fact that
+definitions are transparent, so indistinguishable from their bodies
+during conversion.
+
+This is accomplished by changing one rule of unification, the first-
+order approximation rule, which applies when two applicative terms
+with the same head are compared. It tries to short-cut unfolding by
+comparing the arguments directly. In case the constant is universe
+polymorphic, we allow this rule to fire only when unifying the
+universes results in instantiating a so-called flexible universe
+variables (not given by the user). Similarly for conversion, if such
+an equation of applicative terms fail due to a universe comparison not
+being satisfied, the terms are unfolded. This change implies that
+conversion and unification can have different unfolding behaviors on
+the same development with universe polymorphism switched on or off.
+
+
+Minimization
+-------------
+
+Universe polymorphism with cumulativity tends to generate many useless
+inclusion constraints in general. Typically at each application of a
+polymorphic constant :g:`f`, if an argument has expected type :g:`Type@{i}`
+and is given a term of type :g:`Type@{j}`, a :math:`j ≤ i` constraint will be
+generated. It is however often the case that an equation :math:`j = i` would
+be more appropriate, when :g:`f`\'s universes are fresh for example.
+Consider the following example:
+
+.. coqtop:: none
+
+   Polymorphic Definition pidentity {A : Type} (a : A) := a.
+   Set Printing Universes.
+
+.. coqtop:: in
+
+   Definition id0 := @pidentity nat 0.
+
+.. coqtop:: all
+
+   Print id0.
+
+This definition is elaborated by minimizing the universe of :g:`id0` to
+level :g:`Set` while the more general definition would keep the fresh level
+:g:`i` generated at the application of :g:`id` and a constraint that :g:`Set` :math:`≤ i`.
+This minimization process is applied only to fresh universe variables.
+It simply adds an equation between the variable and its lower bound if
+it is an atomic universe (i.e. not an algebraic max() universe).
+
+.. opt:: Universe Minimization ToSet
+
+   Turning this option off (it is on by default) disallows minimization
+   to the sort :g:`Set` and only collapses floating universes between
+   themselves.
+
+
+Explicit Universes
+-------------------
+
+The syntax has been extended to allow users to explicitly bind names
+to universes and explicitly instantiate polymorphic definitions.
+
+.. cmd:: Universe @ident.
+
+   In the monorphic case, this command declares a new global universe
+   named :g:`ident`, which can be referred to using its qualified name
+   as well. Global universe names live in a separate namespace. The
+   command supports the polymorphic flag only in sections, meaning the
+   universe quantification will be discharged on each section definition
+   independently. One cannot mix polymorphic and monomorphic
+   declarations in the same section.
+
+
+.. cmd:: Constraint @ident @ord @ident.
+
+   This command declares a new constraint between named universes. The
+   order relation :n:`@ord` can be one of :math:`<`, :math:`≤` or :math:`=`. If consistent, the constraint
+   is then enforced in the global environment. Like ``Universe``, it can be
+   used with the ``Polymorphic`` prefix in sections only to declare
+   constraints discharged at section closing time. One cannot declare a
+   global constraint on polymorphic universes.
+
+   .. exn:: Undeclared universe @ident.
+
+   .. exn:: Universe inconsistency.
+
+
+Polymorphic definitions
+~~~~~~~~~~~~~~~~~~~~~~~
+
+For polymorphic definitions, the declaration of (all) universe levels
+introduced by a definition uses the following syntax:
+
+.. coqtop:: in
+
+   Polymorphic Definition le@{i j} (A : Type@{i}) : Type@{j} := A.
+
+.. coqtop:: all
+
+   Print le.
+
+During refinement we find that :g:`j` must be larger or equal than :g:`i`, as we
+are using :g:`A : Type@{i} <= Type@{j}`, hence the generated constraint. At the
+end of a definition or proof, we check that the only remaining
+universes are the ones declared. In the term and in general in proof
+mode, introduced universe names can be referred to in terms. Note that
+local universe names shadow global universe names. During a proof, one
+can use :ref:`Show Universes <ShowUniverses>` to display the current context of universes.
+
+Definitions can also be instantiated explicitly, giving their full
+instance:
+
+.. coqtop:: all
+
+   Check (pidentity@{Set}).
+   Monomorphic Universes k l.
+   Check (le@{k l}).
+
+User-named universes and the anonymous universe implicitly attached to
+an explicit :g:`Type` are considered rigid for unification and are never
+minimized. Flexible anonymous universes can be produced with an
+underscore or by omitting the annotation to a polymorphic definition.
+
+.. coqtop:: all
+
+   Check (fun x => x) : Type -> Type.
+   Check (fun x => x) : Type -> Type@{_}.
+
+   Check le@{k _}.
+   Check le.
+
+.. opt:: Strict Universe Declaration.
+
+   The command ``Unset Strict Universe Declaration`` allows one to freely use
+   identifiers for universes without declaring them first, with the
+   semantics that the first use declares it. In this mode, the universe
+   names are not associated with the definition or proof once it has been
+   defined. This is meant mainly for debugging purposes.