wpapsk-opencl fails self-test at cmp_all(7) on AMD gfx90c with latest driver when using 1.9.0-jumbo-1 on Windows 10 64-bit

[khabib227]

First show "no opencl devices found" then tried this solution https://github.com/openwall/john/issues/4327, now show:

Device 1: gfx90c [AMD Radeon(TM) Graphics] Using default input encoding: UTF-8 Loaded 1 password hash (wpapsk-opencl, WPA/WPA2/PMF/PMKID PSK [PBKDF2-SHA1 OpenCL]) Cost 1 (key version [0:PMKID 1:WPA 2:WPA2 3:802.11w]) is 2 for all loaded hashes Self test failed (cmp_all(7))

I'm using the latest video driver available, is a bug?

[khabib227]

Has some solution to this?

[claudioandre-br]

Hi, thanks for reporting.

I believe you are using the latest version from this repository and not Jumbo 1.

I have to say that it smells like a bug in AMD's own driver. Anyway, it works on another version of the hardware and/or driver version.

C:\Temp\rolling>run\john --test --format=wpa*-opencl
Device 1: gfx902 [AMD Radeon(TM) Vega 8 Graphics]
Benchmarking: wpapsk-opencl, WPA/WPA2/PMF/PMKID PSK [PBKDF2-SHA1 OpenCL]... LWS=64 GWS=524288 (8192 blocks) DONE
Raw:    26952 c/s real, 11155K c/s virtual

Benchmarking: wpapsk-pmk-opencl, WPA/WPA2/PMF/PMKID master key [MD5/SHA-1/SHA-2 OpenCL]... LWS=128 GWS=4194304 (32768 blocks) DONE
Raw:    3253K c/s real, 4006K c/s virtual

2 formats benchmarked.

C:\Temp\rolling>run\john --list=build-info
Version: 1.9.0-jumbo-1+bleeding-15b3b7c 2023-04-03 12:44:54 -0300
Build: cygwin 64-bit x86_64 AVX2 AC OMP OPENCL
SIMD: AVX2, interleaving: MD4:3 MD5:3 SHA1:1 SHA256:1 SHA512:1
CPU tests: AVX2
CPU fallback binary: john-xop
OMP fallback binary: john-avx2-non-omp
$JOHN is run/
Format interface version: 14
Max. number of reported tunable costs: 4
Rec file version: REC4
Charset file version: CHR3
CHARSET_MIN: 1 (0x01)
CHARSET_MAX: 255 (0xff)
CHARSET_LENGTH: 24
SALT_HASH_SIZE: 1048576
SINGLE_IDX_MAX: 2147483648
SINGLE_BUF_MAX: 4294967295
Effective limit: Number of salts vs. SingleMaxBufferSize
Max. Markov mode level: 400
Max. Markov mode password length: 30
gcc version: 11.3.0
OpenCL headers version: 2.2
Crypto library: OpenSSL
OpenSSL library version: 01010114f
OpenSSL 1.1.1t  7 Feb 2023
GMP library version: 6.2.1
File locking: fcntl()
fseek(): fseek
ftell(): ftell
fopen(): fopen
memmem(): System's
times(2) sysconf(_SC_CLK_TCK) is 1000
Using times(2) for timers, resolution 1 ms
HR timer: QueryPerformanceCounter(), latency 100 ns
Total physical host memory: 10178 MiB
Available physical host memory: 7679 MiB
Terminal locale string: C.UTF-8
Parsed terminal locale: UTF-8

[khabib227]

I'm using john-1.9.0-jumbo-1 in the latest Win 10 64bit, and latest AMD driver, I don't know how to compile etc so I use the last stable release,

[claudioandre-br]

You don't need to compile it from source. Please:

Visit the page https://github.com/openwall/john (the main page), click the download button, download and install (uncompress) the Winx64_1_JTR.7Z file.

The direct link is https://github.com/openwall/john-packages/releases/download/jumbo-dev/winX64_1_JtR.7z

[khabib227]

Thanks, I downloaded winX64_1_JtR.7z but now nothing work here, even in CPU mode, any command work, and don't show any message, just jump one line with any answer:

Before using john-1.9.0-jumbo-1-win64, CPU mode was working,

[solardiz]

Loaded 1 password hash (wpapsk-opencl, WPA/WPA2/PMF/PMKID PSK [PBKDF2-SHA1 OpenCL]) Cost 1 (key version [0:PMKID 1:WPA 2:WPA2 3:802.11w]) is 2 for all loaded hashes Self test failed (cmp_all(7))

You have WPA2, but the failed test appears to be at index 7 (I think we do call cmp_all for 6 before, and that hasn't failed here), which in 1.9.0-jumbo-1 is PMKID. So you can reasonably bypass this issue by the --skip-self-tests command-line option. Here's how I see it's PMKID that's failing for you:

        /* WPAPSK PMKID */
        {"2582a8281bf9d4308d6f5731d0e61c61*4604ba734d4e*89acf0e761f4*ed487162465a774bfba60eb603a39f3a", "hashcat!"},

$ john-1.9.0-jumbo-1/run/john -form=wpapsk-opencl -list=format-tests | fgrep -w 7
wpapsk-opencl   7   2582a8281bf9d4308d6f5731d0e61c61*4604ba734d4e*89acf0e761f4*ed487162465a774bfba60eb603a39f3a hashcat!

I downloaded winX64_1_JtR.7z but now nothing work here, even in CPU mode

That's weird, and is something I hope @claudioandre-br will investigate. It's a separate issue, but it stops us from seeing if the original problem would possibly go away if this new build ran for you at all.

[solardiz]

@claudioandre-br You set the dupe label without indicating which other issue you think this is a dupe of. The only match I could find is #4141, which says:

fails cmp_all(7) on WPA PMF with the "AMD Radeon Pro Vega 20 Compute Engine"

I think it's useful for us to know the issue still exists with recent AMD driver, and on Windows rather than macOS. Not exactly a dupe, so not sure the label is justified.

@khabib227 Can you name the exact driver version you're using? The way AMD calls it (at download, in GUI), as well as the output of ./john --list=opencl-devices (using 1.9.0-jumbo-1 as the latest somehow doesn't start for you). Thank you!

[claudioandre-br]

Thanks, I downloaded winX64_1_JtR.7z but now nothing work here, even in CPU mode, any command work, and don't show any message, just jump one line with any answer:

I'm afraid your environment is somehow broken or your antivirus is interfering.

I checked it just now, downloaded and unzipped john using GUI tools. New folder (just to be sure). Then CMD shell.

The result is:

C:\Users\claud\jul-10\JtR\run>john --list=build-info
Version: 1.9.0-jumbo-1+bleeding-2ad75ba45f 2023-06-25 21:48:00 +0200
Build: cygwin 64-bit x86_64 AVX2 AC OMP OPENCL
SIMD: AVX2, interleaving: MD4:3 MD5:3 SHA1:1 SHA256:1 SHA512:1
CPU tests: AVX2
CPU fallback binary: john-avx-omp
OMP fallback binary: john-avx2
$JOHN is
Format interface version: 14
Max. number of reported tunable costs: 4
Rec file version: REC4
Charset file version: CHR3
CHARSET_MIN: 1 (0x01)
CHARSET_MAX: 255 (0xff)
CHARSET_LENGTH: 24
SALT_HASH_SIZE: 1048576
SINGLE_IDX_MAX: 2147483648
SINGLE_BUF_MAX: 4294967295
Effective limit: Number of salts vs. SingleMaxBufferSize
Max. Markov mode level: 400
Max. Markov mode password length: 30
gcc version: 11.4.0
OpenCL headers version: 2.2
Crypto library: OpenSSL
OpenSSL library version: 01010115f
OpenSSL 1.1.1u  30 May 2023
GMP library version: 6.2.1
File locking: fcntl()
fseek(): fseek
ftell(): ftell
fopen(): fopen
memmem(): System's
times(2) sysconf(_SC_CLK_TCK) is 1000
Using times(2) for timers, resolution 1 ms
HR timer: QueryPerformanceCounter(), latency 100 ns
Total physical host memory: 10178 MiB
Available physical host memory: 6919 MiB
Terminal locale string: C.UTF-8
Parsed terminal locale: UTF-8

Fix OpenCL:

copy c:\Windows\System32\OpenCL.dll cygOpenCL-1.dll

C:\Users\claud\jul-10\JtR\run>john --test --format=wpa*-opencl
Device 1: gfx902 [AMD Radeon(TM) Vega 8 Graphics]
Benchmarking: wpapsk-opencl, WPA/WPA2/PMF/PMKID PSK [PBKDF2-SHA1 OpenCL]... LWS=64 GWS=262144 (4096 blocks) DONE
Raw:    23753 c/s real, 8456K c/s virtual

Benchmarking: wpapsk-pmk-opencl, WPA/WPA2/PMF/PMKID master key [MD5/SHA-1/SHA-2 OpenCL]... LWS=64 GWS=4194304 (65536 blocks) DONE
Raw:    3241K c/s real, 3945K c/s virtual

2 formats benchmarked.

[claudioandre-br]

What we know:

• rollingand dev versions are not bugged themselves;
• I'm on Windows Version 10.0.19045 Compilation 19045 (22H2)

Me:

C:\Users\claud\jul-10\JtR>run\john --list=opencl-devices
Platform #0 name: AMD Accelerated Parallel Processing, version: OpenCL 2.1 AMD-APP (3075.13)
    Device #0 (1) name:     gfx902
    Board name:             AMD Radeon(TM) Vega 8 Graphics
    Device vendor:          Advanced Micro Devices, Inc.
    Device type:            GPU (LE)
    Device version:         OpenCL 2.0 AMD-APP (3075.13)
    OpenCL version support: OpenCL C 2.0
    Driver version:         3075.13 (PAL,HSAIL) - AMDGPU-Pro
    Native vector widths:   char 4, short 2, int 1, long 1
    Preferred vector width: char 4, short 2, int 1, long 1
    Global Memory:          5672 MiB
    Global Memory Cache:    16 KiB
    Local Memory:           32 KiB (Local)
    Constant Buffer size:   3081 MiB
    Max memory alloc. size: 3081 MiB
    Max clock (MHz):        1200
    Profiling timer res.:   1 ns
    Max Work Group Size:    256
    Parallel compute cores: 8
    Stream processors:      512  (8 x 64)
    Speed index:            614400
    SIMD width:             16
    Wavefront width:        64
    ADL:                    Overdrive0, device id -1
    PCI device topology:    05:00.0

[khabib227]

All right I don't know why but I restarted the PC and now JtR v20230626.1 x64 is working in CPU mode normaly, so copied the OpenCL.dll from System32 folder, renamed to cygOpenCL-1.dll put it in the JTR "run" folder, and a got a "Self test failed (cmp_all(7)" message, using --skip-self-tests seem that OpenCL work, in task manager the Compute 1 go to 99%. But JTR show "Device 1 probably invalid temp reading (-1°C)". Just to inform I can see the GPU temperature with HWinfo perfectely. I'm using AMD Graphics Drivers Adrenalin v23.4.3 Win10-11 (Driver Only), I use Win 10 x64 22H2, my Win instalation is very recent, is a new PC, I'm using Kaspersky Free as anti virus.

john --list=opencl-devices:

Platform #0 name: AMD Accelerated Parallel Processing, version: OpenCL 2.1 AMD-APP (3516.0) Device #0 (1) name: gfx90c Board name: AMD Radeon(TM) Graphics Device vendor: Advanced Micro Devices, Inc. Device type: GPU (LE) Device version: OpenCL 2.0 AMD-APP (3516.0) OpenCL version support: OpenCL C 2.0 Driver version: 3516.0 (PAL,HSAIL) - AMDGPU-Pro Native vector widths: char 4, short 2, int 1, long 1 Preferred vector width: char 4, short 2, int 1, long 1 Global Memory: 14615 MiB Global Memory Cache: 16 KiB Local Memory: 32 KiB (Local) Constant Buffer size: 8941 MiB Max memory alloc. size: 8941 MiB Max clock (MHz): 2000 Profiling timer res.: 1 ns Max Work Group Size: 256 Parallel compute cores: 8 Stream processors: 512 (8 x 64) Speed index: 1024000 SIMD width: 16 Wavefront width: 64 ADL: Overdrive0, device id -1 PCI device topology: 30:00.0

john --test --format=wpa*-opencl:

Device 1: gfx90c [AMD Radeon(TM) Graphics] Benchmarking: wpapsk-opencl, WPA/WPA2/PMF/PMKID PSK [PBKDF2-SHA1 OpenCL]... FAILED (cmp_all(7)) Benchmarking: wpapsk-pmk-opencl, WPA/WPA2/PMF/PMKID master key [MD5/SHA-1/SHA-2 OpenCL]... FAILED (cmp_all(3)) 2 out of 2 tests have FAILED

[khabib227]

Is better wait for some bugfix or better use --skip-self-tests as workaround? Use --skip-self-tests is safe? I mean, use this can cause wrong results?

[solardiz]

@khabib227 No fix is currently planned - this is most likely a driver issue, or even if it's not then we don't know what exactly it is and cannot easily reproduce it on systems/drivers we currently use, so fixing it is tricky.

Using --skip-self-tests should be safe as long as you test for proper cracking of the right kind of handshake manually. You can try cracking the samples from https://github.com/openwall/john-samples/tree/main/WPA-PSK - in particular, wpa-Induction.pcap looks relevant to what you're doing. Make sure the Cost 1 value is reported the same for your actual and for the test "hash". In your case, it was reported as 2 (in Cost 1 (key version [0:PMKID 1:WPA 2:WPA2 3:802.11w]) is 2 for all loaded hashes).

[solardiz]

@magnumripper Very similar failures (same cmp_all indices, so also PMKID) are seen in #3235, #3749, #4141, #4530, #4684 (many of these are on broken drivers producing tens of other format self-test failures). Maybe there's something to try changing in our PMKID code, if you're still able to reproduce any of these. It could be that we're triggering some LLVM issue, which is why it's shared across some (but not all) otherwise dissimilar drivers/devices. It could also be that we actually have a bug in there, but I don't see it at first glance and the code just works on so many drivers/devices (e.g., on all 6 in "super", including even the MIC, which is normally very fragile).

[claudioandre-br]

At least in POCL it's fixed now.

 $ ../run/john --test --format=wpapsk-opencl
Device 1: pthread-AMD Ryzen 5 3500U with Radeon Vega Mobile Gfx
Benchmarking: wpapsk-opencl, WPA/WPA2/PMF/PMKID PSK [PBKDF2-SHA1 OpenCL]... LWS=8 GWS=64 (8 blocks) DONE
Raw:    265 c/s real, 46.2 c/s virtual

$ ../run/john --test --format=wpapsk-opencl --force-scalar
Device 1: pthread-AMD Ryzen 5 3500U with Radeon Vega Mobile Gfx
Benchmarking: wpapsk-opencl, WPA/WPA2/PMF/PMKID PSK [PBKDF2-SHA1 OpenCL]... LWS=8 GWS=2048 (256 blocks) DONE
Raw:    428 c/s real, 58.4 c/s virtual

$ ../run/john --test --format=wpapsk-opencl --force-vector=2
Device 1: pthread-AMD Ryzen 5 3500U with Radeon Vega Mobile Gfx
Benchmarking: wpapsk-opencl, WPA/WPA2/PMF/PMKID PSK [PBKDF2-SHA1 OpenCL]... LWS=16 GWS=512 (32 blocks) DONE
Raw:    384 c/s real, 58.7 c/s virtual

[khabib227]

Thanks @solardiz for this clear explanations and instructions, and thanks @claudioandre-br for the attention and answers.

[khabib227]

Sorry the off topic but just more one question, I'm wanting use JTR with CPU and GPU at same time, but I got a "Crash recovery file is locked: john.rec" in the second instance, I can do this job using two separated JTR folders, is possible use just one folder?

[solardiz]

@khabib227 Yes, you'd need to specify a different --session name for one or both of these invocations. Of course, you'll also need to ensure you run different attacks with them (e.g., different wordlists), so that they don't do the same thing twice.

[solardiz]

@magnumripper What do you think of adding a hack to remove PMKID test vectors at runtime if no PMKID is seen by valid as called during loading? Can be done from within the format?

[khabib227]

I have also some issues with image tearing with Freesync activated, and issues that Windows became slow, like windows animations 'n etc when using Potplayer, so, I tried update the Adrenalin again to latest version at the time, v23.7.2, but same issues, then I tried multiple versions, and downgrading to v21.6.1, JTR work with OpenCL without error (Self test failed), no need --skip-self-tests, but the "Device 1 probably invalid temp reading (-1°C)" still. And also this old driver fixed the strange slow MS Windows when using Potplayer. So, as the the friends said before here, seem that the OpenCL issue is a bug in some new video driver versions, and also is not only JTR that has issues with the driver, Potplayer has too.

Off Topic Note: Even with Adrenalin v21.6.1, the only way to remove Potplayer tearing with Freesync activated is using MadVR renderer, I tried literally everything.