[PATCH v3 0/2] rust: pin-init: fix incorrect accessor reference lifetime

[Gary Guo]

When a field has been initialized, `init!`/`pin_init!` create a reference
or pinned reference to the field so it can be accessed later during the
initialization of other fields. However, the reference it created is
incorrectly `&'static` rather than just the scope of the initializer.

This means that you can do

    init!(Foo {
        a: 1,
        _: {
            let b: &'static u32 = a;
        }
    })

which is unsound.

This series fix the issue. Details can be found in the second patch.

---
Changes in v3:
- Reworked `DropGuard` to still use pointers and related safety comments
  (Sashiko).
- Link to v2: https://patch.msgid.link/20260423-pin-init-fix-v2-0-ee3081093a0e@xxxxxxxxxxx

Changes in v2:
- Moved the field alignment check as the current dual-purpose reference taking
  for guard and for unaligned fields cause trouble when refactoring.
- Use a method instead of `DerefMut` operator as we don't need the `Deref`.
- Reworked `DropGuard` to use a reference to capture the safety invariants
  (Sashiko)
- Generally improved the safety comments.
- Link to v1: https://lore.kernel.org/rust-for-linux/20260420172302.1843752-1-gary@xxxxxxxxxx

---
Gary Guo (2):
      rust: pin-init: internal: move alignment check to `make_field_check`
      rust: pin-init: fix incorrect accessor reference lifetime

 rust/pin-init/internal/src/init.rs | 184 +++++++++++++++++--------------------
 rust/pin-init/src/__internal.rs    |  28 ++++--
 2 files changed, 103 insertions(+), 109 deletions(-)
---
base-commit: 97e797263a5e963da3d1e66e743fd518567dfe37
change-id: 20260423-pin-init-fix-cf469cd6f782

Best regards,
--  
Gary Guo <gary@xxxxxxxxxxx>