https://github.com/openssl/openssl/blob/master/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc#L87-L122

The function ppc_aes_gcm_cipher_update() has a clear contract: return 1 on success, 0 on failure (see line 139: return 1). On the decrypt pre-alignment path, line 122 returns -1 instead of 0 when CRYPTO_gcm128_decrypt fails:

// Line 121-122 (decrypt — WRONG):
if (CRYPTO_gcm128_decrypt(&ctx->gcm, in, out, res))
    return -1;

// Line 97-98 (encrypt — CORRECT):
if (CRYPTO_gcm128_encrypt(&ctx->gcm, in, out, res))
    return 0;

The caller at ciphercommon_gcm.c:460 checks:

if (!hw->cipherupdate(ctx, in, len, out))
    goto err;

Since !(-1) evaluates to 0 (false in C), the goto err is not taken. The error is silently swallowed and GCM processing continues with potentially corrupt state. This is the only return -1 across all GCM cipher implementation files — all five other error returns in the same function correctly return 0.