7 files changed, 66 insertions, 28 deletions

diff --git a/kernel/environ.ml b/kernel/environ.ml
index 69edb1498c..a5f81d1e59 100644
--- a/kernel/environ.ml
+++ b/kernel/environ.ml
@@ -479,6 +479,9 @@ let set_typing_flags c env =
     let env = set_type_in_type (not c.check_universes) env in
     env
 
+let update_typing_flags ?typing_flags env =
+  Option.cata (fun flags -> set_typing_flags flags env) env typing_flags
+
 let set_cumulative_sprop b env =
   set_typing_flags {env.env_typing_flags with cumulative_sprop=b} env
 
diff --git a/kernel/environ.mli b/kernel/environ.mli
index 6a8ddce835..900e2128ea 100644
--- a/kernel/environ.mli
+++ b/kernel/environ.mli
@@ -351,6 +351,9 @@ val set_type_in_type : bool -> env -> env
 val set_allow_sprop : bool -> env -> env
 val sprop_allowed : env -> bool
 
+(** [update_typing_flags ?typing_flags] may update env with optional typing flags *)
+val update_typing_flags : ?typing_flags:typing_flags -> env -> env
+
 val universes_of_global : env -> GlobRef.t -> AUContext.t
 
 (** {6 Sets of referred section variables }
diff --git a/kernel/inductive.ml b/kernel/inductive.ml
index e34b3c0b47..ce12d65614 100644
--- a/kernel/inductive.ml
+++ b/kernel/inductive.ml
@@ -330,33 +330,45 @@ let check_allowed_sort ksort specif =
     let s = inductive_sort_family (snd specif) in
     raise (LocalArity (Some(elim_sort specif, ksort,s,error_elim_explain ksort s)))
 
-let is_correct_arity env c pj ind specif params =
+let check_correct_arity env c pj ind specif params =
+  (* We use l2r:true for compat with old versions which used CONV
+     instead of CUMUL called with arguments flipped. It is relevant
+     for performance eg in bedrock / Kami. *)
   let arsign,_ = get_instantiated_arity ind specif params in
-  let rec srec env pt ar =
+  let rec srec env ar pt =
     let pt' = whd_all env pt in
-    match kind pt', ar with
-      | Prod (na1,a1,t), (LocalAssum (_,a1'))::ar' ->
-          let () =
-            try conv env a1 a1'
-            with NotConvertible -> raise (LocalArity None) in
-          srec (push_rel (LocalAssum (na1,a1)) env) t ar'
-      (* The last Prod domain is the type of the scrutinee *)
-      | Prod (na1,a1,a2), [] -> (* whnf of t was not needed here! *)
-         let env' = push_rel (LocalAssum (na1,a1)) env in
-         let ksort = match kind (whd_all env' a2) with
-         | Sort s -> Sorts.family s
-         | _ -> raise (LocalArity None) in
-         let dep_ind = build_dependent_inductive ind specif params in
-         let _ =
-           try conv env a1 dep_ind
-           with NotConvertible -> raise (LocalArity None) in
-           check_allowed_sort ksort specif
-      | _, (LocalDef _ as d)::ar' ->
-          srec (push_rel d env) (lift 1 pt') ar'
-      | _ ->
-          raise (LocalArity None)
+    match ar, kind pt' with
+    | (LocalAssum (_,a1))::ar', Prod (na1,a1',t) ->
+      let () =
+        try conv_leq ~l2r:true env a1 a1'
+        with NotConvertible -> raise (LocalArity None) in
+      srec (push_rel (LocalAssum (na1,a1)) env) ar' t
+    (* The last Prod domain is the type of the scrutinee *)
+    | [], Prod (na1,a1',a2) ->
+      let env' = push_rel (LocalAssum (na1,a1')) env in
+      let ksort = match kind (whd_all env' a2) with
+      | Sort s -> Sorts.family s
+      | _ -> raise (LocalArity None)
+      in
+      let dep_ind = build_dependent_inductive ind specif params in
+      let () =
+        (* This ensures that the type of the scrutinee is <= the
+           inductive type declared in the predicate. *)
+        try conv_leq ~l2r:true env dep_ind a1'
+        with NotConvertible -> raise (LocalArity None)
+      in
+      let () = check_allowed_sort ksort specif in
+      (* We return the "higher" inductive universe instance from the predicate,
+         the branches must be typeable using these universes.
+         The find_rectype call cannot fail due to the cumulativity check above. *)
+      let (pind, _args) = find_rectype env a1' in
+      pind
+    | (LocalDef _ as d)::ar', _ ->
+      srec (push_rel d env) ar' (lift 1 pt')
+    | _ ->
+      raise (LocalArity None)
   in
-  try srec env pj.uj_type (List.rev arsign)
+  try srec env (List.rev arsign) pj.uj_type
   with LocalArity kinds ->
     error_elim_arity env ind c pj kinds
 
@@ -387,17 +399,16 @@ let build_branches_type (ind,u) (_,mip as specif) params p =
 let build_case_type env n p c realargs =
   whd_betaiota env (Term.lambda_appvect_assum (n+1) p (Array.of_list (realargs@[c])))
 
-let type_case_branches env (pind,largs) pj c =
-  let specif = lookup_mind_specif env (fst pind) in
+let type_case_branches env ((ind, _ as pind),largs) pj c =
+  let specif = lookup_mind_specif env ind in
   let nparams = inductive_params specif in
   let (params,realargs) = List.chop nparams largs in
   let p = pj.uj_val in
-  let () = is_correct_arity env c pj pind specif params in
+  let pind = check_correct_arity env c pj pind specif params in
   let lc = build_branches_type pind specif params p in
   let ty = build_case_type env (snd specif).mind_nrealdecls p c realargs in
   (lc, ty)
 
-
 (************************************************************************)
 (* Checking the case annotation is relevant *)
 
diff --git a/kernel/names.ml b/kernel/names.ml
index 13761ca245..be65faf234 100644
--- a/kernel/names.ml
+++ b/kernel/names.ml
@@ -1115,3 +1115,5 @@ let eq_egr e1 e2 = match e1, e2 with
 type lident = Id.t CAst.t
 type lname = Name.t CAst.t
 type lstring = string CAst.t
+
+let lident_eq = CAst.eq Id.equal
diff --git a/kernel/names.mli b/kernel/names.mli
index 74a4e6f7d0..747299bb12 100644
--- a/kernel/names.mli
+++ b/kernel/names.mli
@@ -727,3 +727,5 @@ val eq_egr : evaluable_global_reference ->  evaluable_global_reference -> bool
 type lident = Id.t CAst.t
 type lname = Name.t CAst.t
 type lstring = string CAst.t
+
+val lident_eq : lident -> lident -> bool
diff --git a/kernel/safe_typing.ml b/kernel/safe_typing.ml
index 6abd283f6c..a35f94e3ce 100644
--- a/kernel/safe_typing.ml
+++ b/kernel/safe_typing.ml
@@ -247,6 +247,15 @@ let set_native_compiler b senv =
 
 let set_allow_sprop b senv = { senv with env = Environ.set_allow_sprop b senv.env }
 
+(* Temporary sets custom typing flags *)
+let with_typing_flags ?typing_flags senv ~f =
+  match typing_flags with
+  | None -> f senv
+  | Some typing_flags ->
+    let orig_typing_flags = Environ.typing_flags senv.env in
+    let res, senv = f (set_typing_flags typing_flags senv) in
+    res, set_typing_flags orig_typing_flags senv
+
 (** Check that the engagement [c] expected by a library matches
     the current (initial) one *)
 let check_engagement env expected_impredicative_set =
@@ -928,6 +937,9 @@ let add_constant l decl senv =
   in
   kn, senv
 
+let add_constant ?typing_flags l decl senv =
+  with_typing_flags ?typing_flags senv ~f:(add_constant l decl)
+
 let add_private_constant l decl senv : (Constant.t * private_constants) * safe_environment =
   let kn = Constant.make2 senv.modpath l in
     let cb =
@@ -983,6 +995,9 @@ let add_mind l mie senv =
   let mib = Indtypes.check_inductive senv.env ~sec_univs kn mie in
   kn, add_checked_mind kn mib senv
 
+let add_mind ?typing_flags l mie senv =
+  with_typing_flags ?typing_flags senv ~f:(add_mind l mie)
+
 (** Insertion of module types *)
 
 let add_modtype l params_mte inl senv =
diff --git a/kernel/safe_typing.mli b/kernel/safe_typing.mli
index 6fa9022906..287274e39a 100644
--- a/kernel/safe_typing.mli
+++ b/kernel/safe_typing.mli
@@ -93,6 +93,7 @@ val export_private_constants :
 
 (** returns the main constant *)
 val add_constant :
+  ?typing_flags:Declarations.typing_flags ->
   Label.t -> global_declaration -> Constant.t safe_transformer
 
 (** Similar to add_constant but also returns a certificate *)
@@ -102,6 +103,7 @@ val add_private_constant :
 (** Adding an inductive type *)
 
 val add_mind :
+  ?typing_flags:Declarations.typing_flags ->
   Label.t -> Entries.mutual_inductive_entry ->
     MutInd.t safe_transformer