From bdddb11b0efd438696b5fa3e75f323248c22af7d Mon Sep 17 00:00:00 2001
From: Benjamin Peterson <benjamin@python.org>
Date: Mon, 5 Sep 2016 10:39:57 -0700
Subject: [PATCH] clear out f_gen during generator finalization (closes #27812)

Patch from Armin Rigo.
---
 Misc/NEWS           | 3 +++
 Objects/genobject.c | 5 ++++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/Misc/NEWS b/Misc/NEWS
index 8558db4df37..4b1899938d1 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -10,6 +10,9 @@ Release date: TBA
 Core and Builtins
 -----------------
 
+- Issue #27812: Properly clear out a generator's frame's backreference to the
+  generator to prevent crashes in frame.clear().
+
 - Issue #27811: Fix a crash when a coroutine that has not been awaited is
   finalized with warnings-as-errors enabled.
 
diff --git a/Objects/genobject.c b/Objects/genobject.c
index a9ea5c24786..01c59c24a96 100644
--- a/Objects/genobject.c
+++ b/Objects/genobject.c
@@ -71,7 +71,10 @@ gen_dealloc(PyGenObject *gen)
         return;                     /* resurrected.  :( */
 
     _PyObject_GC_UNTRACK(self);
-    Py_CLEAR(gen->gi_frame);
+    if (gen->gi_frame != NULL) {
+        gen->gi_frame->f_gen = NULL;
+        Py_CLEAR(gen->gi_frame);
+    }
     Py_CLEAR(gen->gi_code);
     Py_CLEAR(gen->gi_name);
     Py_CLEAR(gen->gi_qualname);