syscall: 0.584
instruction: 0.269
runtime: 0.148



qemu8-i386 gets wrong arguments for 32-bit old mmap syscall (_NR_mmap = 90)
Description of problem:
qemu8-i386 does not decode syscall arguments correctly for system call _NR_mmap = 90 on i386.
```
$ strace ./oldmmap
execve("./oldmmap", ["./oldmmap"], 0x7fff46ba6d40 /* 61 vars */) = 0
[ Process PID=405233 runs in 32 bit mode. ]
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xf7fa7000
exit(5)                                 = ?
+++ exited with 5 +++

$ build/qemu-i386 -strace ./oldmmap
405254 mmap(0x40800058,0,PROT_NONE,0,0,0) = 0x3fffb000
405254 exit(5)
```
Steps to reproduce:
1. gcc -m32 -o oldmmap -nostartfiles -nostdlib oldmmap.S  # build 32-bit executable
2. strace ./oldmmap  # run under strace
3. build/qemu-i386 -strace ./oldmmap  # run under "qemu-i386 -strace"
4. Notice that qemu-i386 did not report the same arguments to the _NR_map syscall as /usr/bin/strace did.
Additional information:
```
$ cat oldmmap.S
MAP_FIXED=     0x10
MAP_PRIVATE=   0x02
MAP_ANONYMOUS= 0x20

PROT_READ=      1
PROT_WRITE=     2
PROT_EXEC=      4

_NR_exit = 1
_NR_mmap = 90  // oldmmap: %ebx -> array of 6 arguments

    .globl _start
_start:
    push $0  // offset
    push $-1  // fd
    push $MAP_PRIVATE|MAP_ANONYMOUS  // flags
    push $PROT_READ|PROT_WRITE  // protection
    push $2<<12  // length
    push $0  // addr (kernel chooses)
    mov %esp,%ebx
    mov $_NR_mmap,%eax
    int $0x80
    nop

    mov $5,%ebx
    mov $_NR_exit,%eax
    int $0x80
    hlt
$ 
```