DefaultSchemaTreeInference does not trust its callers and SchemaInferenceStack re-validates SchemaTreeInference arguments. This is nice from defensiveness perspective, but both of these classes are providing guarantees of well-formedness.

We can save significant amounts of work if these classes co-operate is some sort of fashion. This probably entails an DefaultSchemaTreeInference.unsafeOf(), with explicit warnings et al. If we go that route, also add a runtime knob (based on a system property) to cause unsafeOf() to treat the input as unsafe and validate it.