[ObjC] User cannot override call type of objc_msgSend calls

[bdash]

Version and Platform (required):

• Binary Ninja Version: 5.2.8161-dev Ultimate, 98bf34dd
• OS: macos
• OS Version: 26.0
• CPU Architecture: arm64

Bug Description:
When the Objective-C workflow runs, it applies call type adjustments to calls to objc_msgSend based on the selector. However, the selector does not have type information and does not represent variadic functions. It is useful in these cases for the user to be able to override the call type of a specific message send to refine the type that the Objective-C workflow applied.

Steps To Reproduce:

1. Open /usr/libexec/syspolicyd on recent macOS.

2. Go to -[SPSamplingTasking description]

3. Right click on the call to objc_msgSend and try to override the call type from the type inferred by the Objective-C workflow:

   struct objc_object* _objc_msgSend(struct objc_object* self, struct objc_selector* sel, int64_t stringWithFormat)
   

   to account for the extra arguments that the format string indicates are present:

   struct objc_object* _objc_msgSend(struct objc_object* self, struct objc_selector* sel, id, id, id)
   

Expected Behavior:
The extra arguments appear in the call.

Actual Behavior:
Nothing changes. Going back to the override call type dialog shows the original type that was applied by the Objective-C workflow.

[bdash]

There are two sides to this:

1. Calling SetAutoCallTypeAdjustment during a workflow activity overrides any call type override set by the user, even if the new confidence is lower than the confidence on the user's adjustment (full confidence for an adjustment entered via the UI).
2. The Objective-C workflow sets its auto call type override with full confidence. It has incomplete information (no types and the number of arguments is a minimum) and so should have a lower confidence.