
Disassembling Sublime Text - trishume
http://thume.ca/2016/12/03/disassembling-sublime-text/
======
halotrope
Ah Sublime2 was my first binary-cracking project. After countless hours of
debugging with GDB and trying to understand assembly in Hopper I managed to
disable the nag and patch the binary. (Purely for fun. I bought a license
shortly after, of course I did not distribute this in any way). Will never
forget how proud and satisfied I felt when it finally worked.

While mostly using Jetbrains or Atom with VIM plugin for development these
days I still value Sublime for being able to handle really big files a million
times better than Java/Web based editors.

~~~
istareldritch
If you use Atom with VIM plugins why not use NeoVim or vim directly? It opens
huge files as fast as sublime does. You have plenty of plugins to adequate
your needs, definitely not as advanced as IntelliJ but I would say better than
Atom.

~~~
58028641
Atom has a better GUI than VIM.

~~~
seanp2k2
Another alternative: [http://spacemacs.org](http://spacemacs.org)

------
userbinator
_I also tried to figure out how some parts of the editor work and why they are
so fast, but I couldn’t figure out much from the assembly._

Those who are interested in text editor design may find this series and the
links therein useful:

[http://www.catch22.net/tuts/neatpad](http://www.catch22.net/tuts/neatpad)

~~~
trishume
Yah I'd read that, so I looked for signs of a piece table, but couldn't find
any. Which doesn't necessarily mean that it isn't using one.

I suspect that Sublime Text either doesn't use a piece table, or uses one that
only breaks pieces at line boundaries. The reason being that the highlighting
relies on running regexes on one line at a time, and it uses oniguruma for
this sometimes, and oniguruma requires the entire haystack to be in one array.
However, Sublime doesn't highlight super long lines because it would be too
slow, so it could break its piece table on incredibly long lines so that
editing them could still be fast.

I was also looking for fancy rendering and highlighting tricks, but couldn't
decipher any.

~~~
mfukar
Re: data structures, ST could also use ropes, or gap buffers.

------
khedoros1
> If I spent an entire day I might be able to reverse engineer one function

Yep, that's kind of the way it works, when you start out. Then you get used to
some of the patterns that the compiler uses, and you can get through several
in a day, if you're lucky!

------
Zaheer
I recently installed VSCode just to try and was pleasantly surprised. For
Sublime users there's a plugin to remap all keyboard shortcuts to Sublime ones
(when available ex. multi-line edit isn't just yet). VSCode is getting updates
on a monthly basis it seems and I have no doubt it'll catch up to Sublime in
the next 6-12 months.

~~~
ino
If I already have a Sublime license, and I'm happy and it fulfils my needs
perfectly, what would I gain in spending the time to try to get my workflow
working in VSCode if it still hasn't caught up, as you say?

~~~
bubersson
If it fulfills your needs perfectly then there's no need to change. It may be
still worth playing with a bit and doing tooling investigation to find out if
there are some super useful features for your case.

I switched to vscode from sublime recently, because it has much better
autocompletion and "goto definition" especially when working with JS and
TypeScript code, which is exactly what I need. Other than that I was able to
replicate all features from Sublime (e.g. multipoint editing) and I'm not
aware of any missing feature from what I used in Sublime. One con is that
vscode is slower to start and slower to open up a file.

------
yread
What is a modern disassembler on windows nowadays if I'm too cheap for IDA?

~~~
adamnemecek
I think that x64dbg is pretty good [http://x64dbg.com/](http://x64dbg.com/)

~~~
yread
That looks pretty good! It's really similar to OllyDbg. Is that just a UI
theme?

~~~
0xcoffee
>"I’m the main developer of x64dbg, which is heavily influenced by OllyDbg and
offers similar features but on the 64-bit platform."

Source:
[http://mrexodia.cf/x64dbg/2016/01/31/OllyDbg](http://mrexodia.cf/x64dbg/2016/01/31/OllyDbg)

------
jewbacca

        "draw_shadows": false
    

Fuck yes. I run into this as a (minor) problem all the time. Should be exposed
by default.

What a cool exercise in general.

~~~
jrochkind1
I don't understand what the 'shadow effect' is, I'm staring at my unmodified
ST window, and am not sure what to look for.

What I really want is to make ST3 sidebar menu look like it did in ST2!

~~~
jewbacca
`draw_shadows` effects the shadow cast by the Sublime "minimap" \-- the code
shape outline on the right side of the window.

You can see the effect of turning it off by comparing the right sides of the
single pair of (before/after) screenshots in the article.

before:
[http://thume.ca/assets/postassets/sublimesecrets/debug_rende...](http://thume.ca/assets/postassets/sublimesecrets/debug_render.png)

after:
[http://thume.ca/assets/postassets/sublimesecrets/configs.png](http://thume.ca/assets/postassets/sublimesecrets/configs.png)

~~~
jrochkind1
Aha, the first thing I do in ST is turn off the minimap completely, so that
explains that! Thanks!

------
Shugyousha
The sregex the page mentions is most likely this one:

[https://github.com/openresty/sregex](https://github.com/openresty/sregex)

Its distinguishing feature is that it's a regex library that matches streams
(hence 's'regex).

~~~
wbond
This is not the same library, although they do share a name.

------
nailer
> draw_debug

> A boolean that if true enables a special debugging text renderer. It seems
> to turn sections of the document either blue or red, and within the sections
> it turns tokens alternating light and dark shades of those colours. Note you
> have to set the setting to false to turn it off, not just delete it. These
> change sometimes when scrolling and editing but I can’t figure out when and
> why.

That sounds exactly like GPU layers in web development - green is GPU
accelerated, red is unaccelerated.

------
adamrezich
Slightly OT: I've never heard of Skia before, but a few years ago I was trying
to find a good vector graphics solution for realtime video games... can it be
used for that?

~~~
trishume
Depends how complex your video game is.

It has a GPU back end so it can be pretty fast, but it is still focused on
very high quality antialiased rendering so it isn't crazy fast. Apps like
Chrome and Sublime don't repaint the entire screen every frame or when
scrolling, only the parts that change, so they can afford high quality.

------
mungoid
About once a year I get a hankering to mess with disassembling something but
usually after countless screenshots, open tabs, notes, etc. I remember that I
am terribly slow with assembly.

------
mcpherrinm
> snappy: Fast compression, not sure what it is used for

Quite possibly leveldb, listed immediately above snappy, which can optionally
compress content with snappy.

------
hthh
Wow, in a happy coincidence syntect is exactly what I was looking for all last
week! Now I just need to figure out Rust.

~~~
trishume
Cool, email me if you need any help with it. In fact, email me regardless of
if you need help telling me what your project is and how syntect might help.

------
ncdr
Is this legal?

~~~
breul99
Most EULAs prohibit it, probably not.

~~~
creshal
Most EULAs aren't legally binding either.

~~~
bitwize
_Vernor v. Autodesk_. Look it up. EULAs are legally binding contracts in the
USA.

~~~
jtl999
And plenty of people don't live in the USA. :)

~~~
guitarbill
e.g. Sublime HQ Pty Ltd, which is Australian:
[https://www.sublimetext.com/buy?v=3](https://www.sublimetext.com/buy?v=3)

------
vuanotinb
Nice, but I wonder how much time has Sublime left now that VSCode, which is
better and free, is out.

~~~
kitsunesoba
VS Code is very good for what it is but there are still some telltale web app
cracks and gaps scattered about, and of course its resource usage is
considerably higher than Sublime's (I'm seeing ~240MB RAM usage on a fresh
install with no documents open). I suspect that until these two factors are
fixed there will still be those who prefer Sublime.

~~~
roywiggins
I've tried firing up VSCode in a VM and found it unusably slow, whereas
Sublime is fine.

~~~
MikusR
What OS are you using that has no native VS code support?

~~~
scott_karana
He could also be _working_ in a VM, when his host OS supports it but he's not
using the host at the time.

------
c-smile
I am wondering why someone even want to disassemble any editor these days...

There is no mystery in principle. Take Scintilla if you want to study editor
in source code. That is straightforward implementation but works well enough.

As of syntax highlighting ...

You can use either regexp'es or, which is better, some predefined tokenizers.

Pretty much all programming languages have concepts of NMTOKENs (keywords
variable names), string literals, numbers, comments. You can write very fast
tokeneizers/scanners that will give you basic blocks. If needed you can pass
these blocks to regexp for further processing. That will give you _very_ fast
processing.

If to deal with markup languages then use separate tokenizer. Almost 10 years
ago I've written this: [https://www.codeproject.com/Articles/14076/Fast-and-
Compact-...](https://www.codeproject.com/Articles/14076/Fast-and-Compact-HTML-
XML-Scanner-Tokenizer) , tens of megabytes of XML/HTML processing per
second...

~~~
trishume
If you look at the article, you'll see that I wrote a full clone of Sublime
Text's syntax highlighter before even opening a disassembler. I do in fact
know how to do syntax highlighting.

And yes I read lots of Scintilla's code years ago.

I did a couple hours of disassembly reading purely out of curiosity and to
find exactly the kind of hidden goodies that I ended up finding.

