PPC isel instruction

[mwales]

Version and Platform (required):

• Binary Ninja Version: 4.1.5902 personal and 4.1.5747 enterprise
• OS: Ubuntu
• OS Version: 22.04
• CPU Architecture: amd64

Bug Description: pseudo C didn't make any sense for function. Disassembly view shows:

isel r3,r9, r3, ERR_FLAG_NAME

Steps To Reproduce: Make an empty binary:

9421fff07c0802a63860000a388000019001001438a1000838000000900100084bfffeed800100083d20beef3c60face2f800000800100147c691f9e382100107c0803a64e800020

Disassemble as BE ppc32

Mine looks like:

00000000  9421fff0   stwu    r1, -16(r1) {var_10} {arg_0}
00000004  7c0802a6   mflr    r0
00000008  3860000a   li      r3, 0xa
0000000c  38800001   li      r4, 0x1
00000010  90010014   stw     r0, 20(r1) {arg_4}
00000014  38a10008   addi    r5, r1, 0x8 {var_8}
00000018  38000000   li      r0, 0x0
0000001c  90010008   stw     r0, 8(r1) {var_8}  {sub_0}
00000020  4bfffeed   bl      0xffffffffffffff0c
00000024  80010008   lwz     r0, 8(r1) {var_8}
00000028  3d20beef   lis     r9, 0xbeef
0000002c  3c60face   lis     r3, 0xface
00000030  2f800000   cmpwi   cr7, r0, 0x0
00000034  80010014   lwz     r0, 20(r1) {arg_4}
00000038  7c691f9e   isel    r3, r9, r3, ERR_FLAG_NAME  {0xbeef0000}  {0xface0000}
0000003c  38210010   addi    r1, r1, 0x10
00000040  7c0803a6   mtlr    r0
00000044  4e800020   blr     

The instruction at offset 0x20 i think is signature int32_t do_thing(int32_t, int32_t, uint32_t* retval);

IDA Pro HexRays produced:

int32_t retval;
do_thing(0xa, 1, &retval)
if (retval)
   return 0xbeef0000;
return 0xface0000;

versus pseudo-c

00000000  {
0000001c      int32_t var_8 = 0;
⚠️00000020      0xffffff0c(0xa, 1, &var_8);
00000038      bool ERR_FLAG_NAME;
00000038      
00000038      if (ERR_FLAG_NAME)
00000038          return 0xbeef0000;
00000038      
00000038      return 0xface0000;
00000000  }

Expected Behavior: Branch should depend on value of var_8