Return null instead of aborting in C API by extending ffi_fn! macro

[nylanderdev]

Make C API functions that return pointers return null in case of a
panic, instead of aborting.
Add ffi_fn! macro rules that enable error values to be returned by
writing "?= " or "?: " after an ffi function's body.

Incremental to #2397

[seanmonstar]

Awesome start! I left some thoughts inline.

[nylanderdev]

How do we want to deal with functions that return ()? Right now they don't support default values (since the only valid one is ()) but that also makes them default to aborting. We could either add ?= support to them, and write ?= (), or we could use some shorthand, like just writing ? to mark those that won't abort. We could also make not aborting the default for ()-functions, and add a ! or a !! to explicitly signify an aborting function.

[seanmonstar]

Can we mark them as ?= ()? I'd rather the explicitness than accidentally forgetting whether the value should have returned an error if it panicked. I assume that those that don't return a value, in practice wouldn't ever fail or panic, but we catch anyways just in case.

[nylanderdev]

Supports ?= () now. Have not marked any more functions however since I don't know which we want to catch on. If all ()-functions should be caught then I've got a commit on standby.

[seanmonstar]

Awesome work, thanks for starting this! I think we can do follow up PRs to add this to more of the functions (and then eventually remove the ability to have forgotten).