JSON.stringify should throw TypeError("cyclic object value") when a circular reference is found.

[n14little]

Describe the bug
JSON.stringify should throw a TypeError when it encounters a circular reference. Currently, the stack overflows.

To Reproduce

let a = [];
a[0] = a;
JSON.stringify(a);

Expected behavior
A TypeError should be thrown. See NOTE 1 in the spec

Build environment (please complete the following information):

• OS: Ubuntu Linux
• Version: 20.04
• Target triple: x86_64-unknown-linux-gnu
• Rustc version: rustc 1.43.1 (8d69840ab 2020-05-04)

Additional context
You can find more information on MDN.

[Razican]

To solve this, we need to modify the JSON.stringify() function, implemented here.

Here, before adding a new property to the object to return, we need to check if the object to return already has the same value as a parent. For cases where we have a replacer, this is done directly in that function. If we don't, then we need to go to the to_json() function in Value.

Here, we would need to check before inserting a new field to the JSON object that the same object is not already a parent of the current object.

To do that, we should use Gc::ptr_eq() with all parent values, so we need to store them just in case. If we find that they are the same, then we just throw a type error.

[vgel]

I can work on this.

[RageKnify]

Not the same bug, but related, a.toString() also results in a stack overflow. I'm trying to understand what the spec says about a.toString() in this situation, but both Firefox and Chrome return an empty string, "".