Fix segfault when using Generator.map with PonyCheck shrinking

[SeanTAllen]

When a lambda is nested inside an object literal inside a generic method, collect_type_params copies type parameters twice, producing an ast_data chain of length > 1. reify_typeparamref followed this chain only one level, so the doubly-copied type params never matched. This caused the lambda's apply method to not be marked as reachable during codegen, leaving a hole in the vtable and segfaulting at runtime.

The fix follows the ast_data chain to the root (the self-referential node set during the scope pass) for both sides of the comparison, handling any depth of nesting.

The same single-level pattern in reify_reference is fixed defensively — investigation showed that code path is not currently reachable in the nested lambda scenario, but the pattern is structurally vulnerable.

Closes #4838
Closes #5005

[SeanTAllen]

Hit this in ponylang/corral while writing property-based tests for a DEFLATE BitReader. The test used Generators.map2 to build a 4-byte Array[U8] val and segfaulted on execution (not during shrinking — the property itself never failed, it crashed before completing the first run).

Original property test that segfaults on ponyc 0.62.0:

use "pony_check"
use "pony_test"

class _PropertyBitReaderSplit is Property1[Array[U8] val]
  fun name(): String => "inflate/property/bit-reader-split"

  fun gen(): Generator[Array[U8] val] =>
    Generators.map2[U8, U8, Array[U8] val](
      Generators.u8(),
      Generators.u8(),
      {(a, b) => recover val
        let arr = Array[U8](4)
        arr.push(a)
        arr.push(b)
        arr.push(a xor b)
        arr.push(a + b)
        arr
      end })

  fun property(sample: Array[U8] val, h: PropertyHelper) =>
    if sample.size() < 4 then return end
    // ... reads bits from sample, no assertions that would fail ...

Worked around by converting to a manual UnitTest with hardcoded byte arrays. Will convert back to a property test once this fix lands.