In dosbox.cpp you will find Normal_Loop(), and within that the line "ret = (*cpudecoder)();" which enters the run loop for the various cores. In cpu\core_normal.cpp, for example, CPU_Core_Normal_Run() has the expected fetch-increment-execute processing of instructions.

BTW, you may be interested to know that the CPU trap flag (i.e. single-stepping) will probably allow you to do what you want entirely within the DOS environment, real or emulated.

Hi ripsaw8080 thank you very much for your answer. 😊
I think the huge switch-statement in CPU_Core_Normal_Run() and the code in the "core_normal/prefix*.h" - files is the right place where to start for this.

I do know single-stepping, but currently I don't have a clue how to make use of it in order to manipulate the execution of a DOS-program.
It would be cool if you could give me some links.

Cheers
sabby

Single-stepping is somewhat fiddly in working with the stack, but otherwise not complicated. INT 1 is triggered after each instruction is executed, and INT 1 handler code can get the flags and return address off the stack. The return address points at the next instruction to be executed, so the handler can inspect that instruction, check flag bits and register values; and then, under the right conditions, choose to modify the next instruction, return to a different address, etc.

A potential difficulty with single-stepping is that programs can actively work to prevent it, meaning they have anti-debugging / anti-hacking protections in their code.