After some debugging, we found out that __Pyx_PyType_Ready can garble arbitrary memory.
Indeed, it has the following lines:

#if PY_VERSION_HEX >= 0x03050000
    t->tp_flags |= Py_TPFLAGS_HEAPTYPE;
#endif
    r = PyType_Ready(t);
#if PY_VERSION_HEX >= 0x03050000
    t->tp_flags &= ~Py_TPFLAGS_HEAPTYPE;
#endif

The problem is if PyType_Ready indirectly triggers the garbage collector. The static type t will be incorrectly considered as a heap type, and therefore as a GC-enabled object. When traversing this object, the GC will lookup the GC header by subtracting 16 bytes from t's beginning, which may point to any other C static variable. Then it will temporarily "decref" the GC header, modifying other data.
(in our case, that other data is a Cython function's ml_flags, rendering it unusable, but that might be something else, depending what your Cython module contains)