I think I have this resolved. I can run a warning/error free boot with working VLANs from trunk (no patch as in prior posts) with the following setup:
/etc/config/network
config device
option type 'bridge'
option name 'switch0'
config bridge-vlan
option device 'switch0'
option vlan '1'
option ports 'lan1 lan2 lan3'
config bridge-vlan
option device 'switch0'
option vlan '2'
option ports 'lan4'
config bridge-vlan
option device 'switch0'
option vlan '3'
option ports 'wan'
config interface 'lan'
option ifname 'switch0.1'
option type 'bridge'
option proto 'static'
option ipaddr '10.10.1.1'
option netmask '255.255.255.0'
config interface 'guest'
option ifname 'switch0.2'
option type 'bridge'
option proto 'dhcp'
config interface 'iot'
option ifname 'switch0.3'
option type 'bridge'
option proto 'static'
option ipaddr '10.10.3.1'
option netmask '255.255.255.0'
No changes to wireless config, which attach to all 3 networks. I have a few other configurations where wan is bridged with a lan port, I have yet to test that. Also, per the PR anomeome linked for now we still need "bridge" specified in the interface config although it appears at some point this will be going away.
This syntax is slightly different than that shown in the PR -- I couldn't get the PR syntax to work (using list for lan1, lan2, etc).