gh-142783: Fix possible use after free in zoneinfo module

[fatelei]

When _weak_cache is a descriptor that creates a new object each time it's accessed, get_weak_cache() incorrectly assumed it could return a borrowed reference and immediately decremented the reference count. This caused the newly created cache object to be freed too early, leading to use-after-free when the cache object was subsequently accessed.

• Issue: Use-after-free in zoneinfo.get_weak_cache via weak DECREF assumption #142783

[serhiy-storchaka]

LGTM. 👍

[miss-islington-app]

Thanks @fatelei for the PR, and @serhiy-storchaka for merging it 🌮🎉.. I'm working now to backport this PR to: 3.13.
🐍🍒⛏🤖

[miss-islington-app]

Thanks @fatelei for the PR, and @serhiy-storchaka for merging it 🌮🎉.. I'm working now to backport this PR to: 3.14.
🐍🍒⛏🤖

[bedevere-app]

GH-142861 is a backport of this pull request to the 3.13 branch.

[bedevere-app]

GH-142862 is a backport of this pull request to the 3.14 branch.

[bedevere-bot]

⚠️⚠️⚠️ Buildbot failure ⚠️⚠️⚠️

Hi! The buildbot x86 Debian Non-Debug with X 3.14 (no tier) has failed when building commit 897e2b4.

What do you need to do:

1. Don't panic.
2. Check the buildbot page in the devguide if you don't know what the buildbots are or how they work.
3. Go to the page of the buildbot that failed (https://buildbot.python.org/#/builders/1687/builds/779) and take a look at the build logs.
4. Check if the failure is related to this commit (897e2b4) or if it is a false positive.
5. If the failure is related to this commit, please, reflect that on the issue and make a new Pull Request with a fix.

You can take a look at the buildbot page here:

https://buildbot.python.org/#/builders/1687/builds/779

Summary of the results of the build (if available):

==

Click to see traceback logs

Traceback (most recent call last):
  File �[35m"/buildbot/buildarea/3.14.ware-debian-x86.nondebug/build/Lib/test/test_external_inspection.py"�[0m, line �[35m1246�[0m, in �[35mtest_only_active_thread�[0m
    �[31mself.assertEqual�[0m�[1;31m(�[0m
    �[31m~~~~~~~~~~~~~~~~�[0m�[1;31m^�[0m
        �[1;31mlen(gil_traces), 1, "Should have exactly one GIL holder"�[0m
        �[1;31m^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^�[0m
    �[1;31m)�[0m
    �[1;31m^�[0m
�[1;35mAssertionError�[0m: �[35m0 != 1 : Should have exactly one GIL holder�[0m


Traceback (most recent call last):
  File �[35m"/buildbot/buildarea/3.14.ware-debian-x86.nondebug/build/Lib/test/test_annotationlib.py"�[0m, line �[35m160�[0m, in �[35mtest_nonexistent_attribute�[0m
    �[31mself.assertEqual�[0m�[1;31m(epsilon_anno, support.EqualToForwardRef("some | {obj, module}", owner=f))�[0m
    �[31m~~~~~~~~~~~~~~~~�[0m�[1;31m^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^�[0m
�[1;35mAssertionError�[0m: �[35mForwardRef('some | {module, obj}', owner=[79 chars]f48>) != EqualToForwardRef('some | {obj, module}',[86 chars]f48>)�[0m


Traceback (most recent call last):
  File �[35m"/buildbot/buildarea/3.14.ware-debian-x86.nondebug/build/Lib/test/test_annotationlib.py"�[0m, line �[35m160�[0m, in �[35mtest_nonexistent_attribute�[0m
    �[31mself.assertEqual�[0m�[1;31m(epsilon_anno, support.EqualToForwardRef("some | {obj, module}", owner=f))�[0m
    �[31m~~~~~~~~~~~~~~~~�[0m�[1;31m^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^�[0m
�[1;35mAssertionError�[0m: �[35mForwardRef('some | {module, obj}', owner=[79 chars]e98>) != EqualToForwardRef('some | {obj, module}',[86 chars]e98>)�[0m