Bug 495816 - s390x: Fix disassembler segfault for C[G]RT and CL[G]RT

Bug 495816 - s390x: Fix disassembler segfault for C[G]RT and CL[G]RT

The function s390_format_RRF_U0RR() is called with one of the following
xmnm_kind parameters:

   S390_XMNM_CAB     when constructing IR for C[G]RT or CL[G]RT
   S390_XMNM_LOCFHR  for LOCFHR
   S390_XMNM_LOCGR   for LOCGR
   S390_XMNM_LOCR    for LOCR

In all cases it invokes the disassembler without providing a mnemonic:

     if (UNLIKELY(vex_traceflags & VEX_TRACE_FE))
        s390_disasm(ENC3(XMNM, GPR, GPR), xmnm_kind, m3, r1, r2);

But in the first case s390_disasm() processes these arguments as if there
was one:

     case S390_XMNM_CAB:
        mnm  = va_arg(args, HChar *);  // <--- m3
        mask = va_arg(args, UInt);     // <--- r1
        p  += vex_sprintf(p, "%s", mnemonic(cab_operand(mnm, mask)));

Thus, m3 is interpreted as a string which then causes the segfault.

Fix this by

(1) replacing all of S390_XMNM_LOC* and S390_XMNM_STOC* by S390_XMNM_CLS,
(2) passing down the mnemonic to s390_disasm, and
(3) changing function cls_operand() to be symmetric with cab_operand() by
    also taking in the base mnemonic.

Apart from s390_format_RRF_U0RR(), further "load/store on condition"
instructions are handled via s390_format_RIE_RUPIX() and
s390_format_RSY_RDRM().  Adjust these functions accordingly as well.