The "private field matching" problem is annoying as it can break encapsulation, and I think the best way to prevent it is to prohibit matching on values with private fields. I also don't care much for projections in match - you can always write the guard version.
On the other hand, I don't think the const fn problem is really problematic - callers can observe their callee's precise behaviour, and if the call occurs at compile time, they can observe it at compile time, with it not being much worse than [u8; 1/(HASH_ONE^HASH_ZERO)].
+1 for making unreachable arm detection a lint - this is required for improving check_match backwards-compatibly.