QFreeList: fix undefined behavior

Signed integer overflow is undefined behavior ([expr]/4),
but unsigned arithmetic doesn't overflow, so isn't
([basic.fundamental]/4, footnote there).

So, use unsigned arithmetic for the loop-around serial
number generation in incrementserial(). While we're at
it, also use it for the masking operation in the same
function.

Found by UBSan.

Change-Id: I500fae9d80fd3f6e39d06e79a53d271b82ea8df8
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>

src/corelib/tools/qfreelist_p.h

@@ -171,7 +171,7 @@ class QFreeList
     // take the current serial number from \a o, increment it, and store it in \a n
     static inline int incrementserial(int o, int n)
     {
-        return (n & ConstantsType::IndexMask) | ((o + ConstantsType::SerialCounter) & ConstantsType::SerialMask);
+        return int((uint(n) & ConstantsType::IndexMask) | ((uint(o) + ConstantsType::SerialCounter) & ConstantsType::SerialMask));
     }
 
     // the blocks