Fix prototype chain traversing (#4458)

After the introduction of the Proxy builtin object there was
a possibility to traverse the prototype chain with an invalid object.
The prototype was freed before it's data/properties were queried resulting
in accessing invalid information.

By forcing the allocator to always do a gc (`--mem-stres-test=on` build option)
it was possible to trigger the issue without complicated tests.

New internal method:
* `ecma_op_object_get_prototype_of` which always returns the prototype
  of an object and the return value must be freed (if it is valid).

Updated prototype chain traversing in:
* `jerry_object_get_property_names`
* `ecma_builtin_object_prototype_lookup_getter_setter`
* `ecma_op_function_has_instance`
* `ecma_op_function_get_super_constructor`
* `ecma_op_object_is_prototype_of`
* `ecma_op_object_enumerate`

Removed method `ecma_proxy_object_prototype_to_cp`

JerryScript-DCO-1.0-Signed-off-by: Peter Gal pgal.usz@partner.samsung.com

tests/jerry/es.next/regression-test-issue-4445.js

@@ -0,0 +1,60 @@
+// Copyright JS Foundation and other contributors, http://js.foundation
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Keeping test as it is due to the fact this was triggered via a gc related issue
+
+var a= ["", "\0", "\t", "\n", "\v", "\f", "\r", " ", "\u00a0", "\u2028", "\u2029", "\ufeff"]
+Array.prototype[4] = 10;
+
+function Test()
+{
+  a.sort(function() {
+    var A = function() { };
+    A.prototype.x = 42;
+    var o = new Proxy({
+        "3": {
+          writable:false,
+          value:20
+        }
+      }, /*handler*/ {
+        getPrototypeOf: function (val, size, ch) {
+          var result = new String(val);
+          if (ch == null) {
+            ch = " ";
+          }
+          while (result.length < size) {
+            result = ch + result;
+          }
+          return result;
+        }
+      }
+    );
+
+    o.x = 43;
+    var result = "";
+    for (var p in o) {
+        result += o[p];
+    }
+    return a | 0;
+  });
+
+  throw new EvalError("error");
+}
+
+try {
+  Test();
+  assert(false);
+} catch (ex) {
+  assert (ex instanceof EvalError);
+}