That's exactly what this uses. It just hides it inside a syntax that is more similar to what Go uses.

Ah, apologies, the link wasn't loading at the moment and I assumed it was something else.

Regarding its use in the wild, I've encountered it exactly once, in the lastpass-cli (available on github). I personally wouldn't consider using it for one of my projects because it's too nonstandard, however I suppose that for a security-sensitive application it might reduce the likelihood of messing error handling and leaking things all over the place. That being said using non-standard features might also make it more likely for a contributor to misunderstand what the code does precisely and introduce a problem.

LXC uses it as well, and they have additional macros to "move" pointers and file descriptors to make sure you don't double-free or similar things.