The following lines trigger a segmentation fault:

class E(BaseException):
    def __new__(cls, *args, **kwargs):
        return cls
def a(): yield
a().throw(E)

Source with a bit more explanation: https://gist.github.com/coolreader18/6dbe0be2ae2192e90e1a809f1624c694 (I'm not the author of that gist, just reporting it here).

I can reproduce the issue on master:

>>> class E(BaseException):
...     def __new__(cls, *args, **kwargs):
...         return cls
... 
>>> def a(): yield
... 
>>> a().throw(E)

Program received signal SIGSEGV, Segmentation fault.
_Py_DECREF (op=<unknown at remote 0x48>, lineno=541, filename=0x61717f "./Include/object.h") at ./Include/object.h:470
470         if (--op->ob_refcnt != 0) {
(gdb) bt
#0  _Py_DECREF (op=<unknown at remote 0x48>, lineno=541, filename=0x61717f "./Include/object.h") at ./Include/object.h:470
#1  _Py_XDECREF (op=<unknown at remote 0x48>) at ./Include/object.h:541
#2  BaseException_set_tb (self=0x837290, tb=<traceback at remote 0x7fffeaaa2c80>, _unused_ignored=_unused_ignored@entry=0x0) at Objects/exceptions.c:234
#3  0x00000000004335bd in PyException_SetTraceback (self=<optimized out>, tb=<optimized out>) at Objects/exceptions.c:319
#4  0x000000000051b6df in _PyErr_PrintEx (tstate=0x78c7c0, set_sys_last_vars=set_sys_last_vars@entry=1) at Python/pythonrun.c:680
#5  0x000000000051bc1f in PyErr_PrintEx (set_sys_last_vars=set_sys_last_vars@entry=1) at Python/pythonrun.c:763
#6  0x000000000051bc32 in PyErr_Print () at Python/pythonrun.c:769
#7  0x000000000051ca1e in PyRun_InteractiveLoopFlags (fp=fp@entry=0x7ffff7de07e0 <_IO_2_1_stdin_>, filename_str=filename_str@entry=0x617126 "<stdin>", flags=flags@entry=0x7fffffffd7f0) at Python/pythonrun.c:135
#8  0x000000000051d0d0 in PyRun_AnyFileExFlags (fp=0x7ffff7de07e0 <_IO_2_1_stdin_>, filename=filename@entry=0x617126 "<stdin>", closeit=closeit@entry=0, flags=flags@entry=0x7fffffffd7f0) at Python/pythonrun.c:80
#9  0x000000000041deda in pymain_run_stdin (config=config@entry=0x78b0e0, cf=cf@entry=0x7fffffffd7f0) at Modules/main.c:467
#10 0x000000000041ea37 in pymain_run_python (exitcode=exitcode@entry=0x7fffffffd82c) at Modules/main.c:556
#11 0x000000000041ea76 in Py_RunMain () at Modules/main.c:632
#12 0x000000000041eacb in pymain_main (args=args@entry=0x7fffffffd870) at Modules/main.c:662
#13 0x000000000041eb47 in Py_BytesMain (argc=<optimized out>, argv=<optimized out>) at Modules/main.c:686
#14 0x000000000041d6df in main (argc=<optimized out>, argv=<optimized out>) at ./Programs/python.c:16

Good catch! Since you already investigated the code, do you mind to create a PR which fixes a crash? I think that adding PyExceptionInstance_Check() in _PyErr_CreateException() could fix the issue.

I'm not sure if this will actually appear as a message (I just registered for the bug tracker and I'm not sure how it works), but I wrote the gist and I can definitely make a PR.

New changeset 83ca46b7784b7357d82ec47b33295e09ed7380cb by Noah in branch 'main':
closes bpo-39091: Fix segfault when Exception constructor returns non-exception for gen.throw. (#17658)
https://github.com/python/cpython/commit/83ca46b7784b7357d82ec47b33295e09ed7380cb

New changeset 8ce7f2f4ef04e19209f1dfd2a0cf50ddcd0e999f by Miss Islington (bot) in branch '3.10':
bpo-39091: Fix segfault when Exception constructor returns non-exception for gen.throw. (GH-17658) (GH-27572)
https://github.com/python/cpython/commit/8ce7f2f4ef04e19209f1dfd2a0cf50ddcd0e999f

New changeset 0b551db04a99a97abb1e44a071c688c3ca704b67 by Miss Islington (bot) in branch '3.9':
bpo-39091: Fix segfault when Exception constructor returns non-exception for gen.throw. (GH-17658) (GH-27573)
https://github.com/python/cpython/commit/0b551db04a99a97abb1e44a071c688c3ca704b67