common: fix UB in some bit shifts

[tlyu]

Fix a few instances of undefined behavior (that I'm not yet aware of any concrete consequences of) in left shift expressions. Roughly, it's undefined behavior to shift a 1 into the sign bit of a signed type.

Operands in bit shift expressions undergo integer promotions, but not the usual arithmetic conversions. Notably, the second operand can't promote the first operand to unsigned. Shifting 1 rather than 1U can lead to shifting a 1 into the sign bit, causing undefined behavior.

Relatedly, the integer promotions on a 32-bit platform will usually promote uint16_t to a signed int, leading to undefined behavior in left shift expressions.

Detailed description

• No new feature
• No known existing misbehavior or incorrect code generation, though it's theoretically possible
• This fix increases standard conformance in bit shift expressions by using unsigned integer constants and explicitly casting unsigned narrow integers to wider unsigned integers.

Your checklist for this pull request

• I've read the Code of Conduct
• I've read the guidelines for contributing to this repository
• It builds for hardware native (see Building the firmware)
• It builds as BMDA (see Building the BMDA)
• I've tested it to the best of my ability
• My commit messages provide a useful short description of what the commits do

Closing issues

N/A

[tlyu]

The binary did get about 8 bytes larger. I tried to diff the disassembly of the object files that got larger, and saw no changes to instructions, but only changes in the locations of some constant (debug?) strings.

[dragonmux]

This does need the commit message fixing to include the proper prefix (either split it in two, or us prefix common:).

Otherwise, this looks good and we can trivially see it's correct so will merge when that's addressed.

[tlyu]

Thanks! Updated. Also updated the PR title.

[dragonmux]

LGTM, good catches! Merging - thank you for the contribution.