diff --git a/tools/FunctionTracer.py b/tools/FunctionTracer.py
new file mode 100644
index 0000000..5a1c386
--- /dev/null
+++ b/tools/FunctionTracer.py
@@ -0,0 +1,20 @@
+import sys
+import mips32emu.DbgEngine
+
+
+
+dbg = mips32emu.DbgEngine.DbgEngine()
+
+if len(sys.argv) >= 2:
+    dbg.loadSystemMapFile(sys.argv[1])
+else:
+    raise Exception("function trace requires a system.map file")
+
+pfn = ""
+while 1:
+    dbg.step()
+    pc = dbg.readReg("PC")
+    fn = dbg.getFunctionName(pc)
+    if fn != pfn:
+        print(fn)
+        pfn = fn
diff --git a/tools/PCsampler.py b/tools/PCsampler.py
index 5ffd0e3..287bdfc 100644
--- a/tools/PCsampler.py
+++ b/tools/PCsampler.py
@@ -1,32 +1,16 @@
 import sys
 import time
 import mips32emu.DbgEngine
-import re
 
 
 
-lookup = {}
-
-def getFunctionName(pc):
-    distance = 0xffffffff
-    ret = "???"
-    for k in lookup.keys():
-        diff = pc - k
-        if  diff < distance and diff >= 0:
-            distance = diff
-            ret = lookup[k]
-    return ret
-
-if len(sys.argv) == 2:
-    for line in open(sys.argv[1]):
-        fields = line.split(" ")
-        addr = int(fields[0],16)
-        fn = fields[2].strip()
-        lookup[addr] = fn
-
 dbg = mips32emu.DbgEngine.DbgEngine()
 
+if len(sys.argv) >= 2:
+    dbg.loadSystemMapFile(sys.argv[1])
+    
+
 while 1:
     time.sleep(1)
     pc = dbg.readReg("PC")
-    print("PC: %08X  (%s)"%(pc,lookup.get(pc,getFunctionName(pc))))
+    print("PC: %08X  (%s)"%(pc,dbg.getFunctionName(pc)))
diff --git a/tools/mips32emu/DbgEngine.py b/tools/mips32emu/DbgEngine.py
index 05d5be9..b943c16 100644
--- a/tools/mips32emu/DbgEngine.py
+++ b/tools/mips32emu/DbgEngine.py
@@ -9,6 +9,7 @@ class DbgEngine(object):
     def __init__(self):
         self.s =  socket.socket(socket.AF_INET, socket.SOCK_STREAM)
         self.s.connect(('localhost', 8123))
+        self.pctofnLookup = {}
         self.disasmCache = util.Cache(50000)
     def disassemble(self,op):
         try:
@@ -22,6 +23,20 @@ def disassemble(self,op):
             dis = [l[6:] for l in dis.split("\n") if l.startswith("   0:\t") ].pop()
             self.disasmCache.put(op,dis)
             return dis
+    def dbgBreak(self):
+        self.s.send("break\n")
+        res = self.s.recv(1024)
+        if res.startswith('ok'):
+            return
+        else:
+            raise Exception("break failed")
+    def step(self):
+        self.s.send("step\n")
+        res = self.s.recv(1024)
+        if res.startswith('ok'):
+            return
+        else:
+            raise Exception("step failed") 
     def readByte(self,addr):
         self.s.send("readb "+hex(addr)+'\n')
         res = self.s.recv(1024)
@@ -68,3 +83,20 @@ def getPhysMemorySize(self):
             return int(res.split(' ')[1],16)
         else:
             raise Exception("reading physMemSize failed")
+            
+    def getFunctionName(self,pc):
+        distance = 0xffffffff
+        ret = "???"
+        for k in self.pctofnLookup.keys():
+            diff = pc - k
+            if  diff < distance and diff >= 0:
+                distance = diff
+                ret = self.pctofnLookup[k]
+        return ret
+    def loadSystemMapFile(self,mf):
+        self.pctofnLookup = {}
+        for line in open(mf):
+            fields = line.split(" ")
+            addr = int(fields[0],16)
+            fn = fields[2].strip()
+            self.pctofnLookup[addr] = fn
diff --git a/tools/srecLoader.py b/tools/srecLoader.py
index e99829e..5f1ab7d 100644
--- a/tools/srecLoader.py
+++ b/tools/srecLoader.py
@@ -3,6 +3,8 @@
 
 dbg = mips32emu.DbgEngine.DbgEngine()
 
+dbg.dbgBreak()
+
 for l in open(sys.argv[1]):
     t = l[1]
     if l[0] != 'S':