diff -rb -U 10 kvm-66.orig/kernel/include/asm/kvm.h kvm-66/kernel/include/asm/kvm.h
--- kvm-66.orig/kernel/include/asm/kvm.h	2008-04-16 08:29:14.000000000 -0600
+++ kvm-66/kernel/include/asm/kvm.h	2008-04-18 12:41:07.000000000 -0600
@@ -221,12 +221,14 @@
 #define KVM_TRC_MSR_READ         (KVM_TRC_HANDLER + 0x0B)
 #define KVM_TRC_MSR_WRITE        (KVM_TRC_HANDLER + 0x0C)
 #define KVM_TRC_CPUID            (KVM_TRC_HANDLER + 0x0D)
 #define KVM_TRC_INTR             (KVM_TRC_HANDLER + 0x0E)
 #define KVM_TRC_NMI              (KVM_TRC_HANDLER + 0x0F)
 #define KVM_TRC_VMMCALL          (KVM_TRC_HANDLER + 0x10)
 #define KVM_TRC_HLT              (KVM_TRC_HANDLER + 0x11)
 #define KVM_TRC_CLTS             (KVM_TRC_HANDLER + 0x12)
 #define KVM_TRC_LMSW             (KVM_TRC_HANDLER + 0x13)
 #define KVM_TRC_APIC_ACCESS      (KVM_TRC_HANDLER + 0x14)
+#define KVM_TRC_PTE_WRITE        (KVM_TRC_HANDLER + 0x15)
+#define KVM_TRC_PTE_FLOODED      (KVM_TRC_HANDLER + 0x16)
 
 #endif
diff -rb -U 10 kvm-66.orig/kernel/include/asm-x86/kvm.h kvm-66/kernel/include/asm-x86/kvm.h
--- kvm-66.orig/kernel/include/asm-x86/kvm.h	2008-04-16 08:29:14.000000000 -0600
+++ kvm-66/kernel/include/asm-x86/kvm.h	2008-04-18 12:41:07.000000000 -0600
@@ -221,12 +221,14 @@
 #define KVM_TRC_MSR_READ         (KVM_TRC_HANDLER + 0x0B)
 #define KVM_TRC_MSR_WRITE        (KVM_TRC_HANDLER + 0x0C)
 #define KVM_TRC_CPUID            (KVM_TRC_HANDLER + 0x0D)
 #define KVM_TRC_INTR             (KVM_TRC_HANDLER + 0x0E)
 #define KVM_TRC_NMI              (KVM_TRC_HANDLER + 0x0F)
 #define KVM_TRC_VMMCALL          (KVM_TRC_HANDLER + 0x10)
 #define KVM_TRC_HLT              (KVM_TRC_HANDLER + 0x11)
 #define KVM_TRC_CLTS             (KVM_TRC_HANDLER + 0x12)
 #define KVM_TRC_LMSW             (KVM_TRC_HANDLER + 0x13)
 #define KVM_TRC_APIC_ACCESS      (KVM_TRC_HANDLER + 0x14)
+#define KVM_TRC_PTE_WRITE        (KVM_TRC_HANDLER + 0x15)
+#define KVM_TRC_PTE_FLOODED      (KVM_TRC_HANDLER + 0x16)
 
 #endif
diff -rb -U 10 kvm-66.orig/kernel/mmu.c kvm-66/kernel/mmu.c
--- kvm-66.orig/kernel/mmu.c	2008-04-16 08:29:14.000000000 -0600
+++ kvm-66/kernel/mmu.c	2008-04-18 11:50:16.000000000 -0600
@@ -1662,20 +1662,22 @@
 			if (r)
 				return;
 			memcpy((void *)&gpte + (gpa % 8), new, 4);
 		} else if ((bytes == 8) && (gpa % 8 == 0)) {
 			memcpy((void *)&gpte, new, 8);
 		}
 	} else {
 		if ((bytes == 4) && (gpa % 4 == 0))
 			memcpy((void *)&gpte, new, 4);
 	}
+	KVMTRACE_4D(PTE_WRITE, vcpu, (u32) gpa, (u32)(gpa>>32), 
+	            (u32) gpte, (u32)(gpte>>32), handler);
 	if (!is_present_pte(gpte))
 		return;
 	gfn = (gpte & PT64_BASE_ADDR_MASK) >> PAGE_SHIFT;
 
 	down_read(&current->mm->mmap_sem);
 	if (is_large_pte(gpte) && is_largepage_backed(vcpu, gfn)) {
 		gfn &= ~(KVM_PAGES_PER_HPAGE-1);
 		vcpu->arch.update_pte.largepage = 1;
 	}
 	pfn = gfn_to_pfn(vcpu->kvm, gfn);
@@ -1711,21 +1713,22 @@
 
 	pgprintk("%s: gpa %llx bytes %d\n", __func__, gpa, bytes);
 	mmu_guess_page_from_pte_write(vcpu, gpa, new, bytes);
 	spin_lock(&vcpu->kvm->mmu_lock);
 	kvm_mmu_free_some_pages(vcpu);
 	++vcpu->kvm->stat.mmu_pte_write;
 	kvm_mmu_audit(vcpu, "pre pte write");
 	if (gfn == vcpu->arch.last_pt_write_gfn
 	    && !last_updated_pte_accessed(vcpu)) {
 		++vcpu->arch.last_pt_write_count;
-		if (vcpu->arch.last_pt_write_count >= 3)
+		if (vcpu->arch.last_pt_write_count >= 4)
+			KVMTRACE_0D(PTE_FLOODED, vcpu, handler);
 			flooded = 1;
 	} else {
 		vcpu->arch.last_pt_write_gfn = gfn;
 		vcpu->arch.last_pt_write_count = 1;
 		vcpu->arch.last_pte_updated = NULL;
 	}
 	index = kvm_page_table_hashfn(gfn);
 	bucket = &vcpu->kvm->arch.mmu_page_hash[index];
 	hlist_for_each_entry_safe(sp, node, n, bucket, hash_link) {
 		if (sp->gfn != gfn || sp->role.metaphysical)
diff -rb -U 10 kvm-66.orig/user/formats kvm-66/user/formats
--- kvm-66.orig/user/formats	2008-04-15 07:35:58.000000000 -0600
+++ kvm-66/user/formats	2008-04-18 12:46:36.000000000 -0600
@@ -15,10 +15,12 @@
 0x0002000B  %(tsc)d (+%(reltsc)8d)  MSR_READ      vcpu = 0x%(vcpu)08x  pid = 0x%(pid)08x [ MSR# = 0x%(1)08x, data = 0x%(3)08x %(2)08x ]
 0x0002000C  %(tsc)d (+%(reltsc)8d)  MSR_WRITE     vcpu = 0x%(vcpu)08x  pid = 0x%(pid)08x [ MSR# = 0x%(1)08x, data = 0x%(3)08x %(2)08x ]
 0x0002000D  %(tsc)d (+%(reltsc)8d)  CPUID         vcpu = 0x%(vcpu)08x  pid = 0x%(pid)08x [ func = 0x%(1)08x, eax = 0x%(2)08x, ebx = 0x%(3)08x, ecx = 0x%(4)08x edx = 0x%(5)08x]
 0x0002000E  %(tsc)d (+%(reltsc)8d)  INTR          vcpu = 0x%(vcpu)08x  pid = 0x%(pid)08x [ vector = 0x%(1)02x ]
 0x0002000F  %(tsc)d (+%(reltsc)8d)  NMI           vcpu = 0x%(vcpu)08x  pid = 0x%(pid)08x
 0x00020010  %(tsc)d (+%(reltsc)8d)  VMMCALL       vcpu = 0x%(vcpu)08x  pid = 0x%(pid)08x [ func = 0x%(1)08x ]
 0x00020011  %(tsc)d (+%(reltsc)8d)  HLT           vcpu = 0x%(vcpu)08x  pid = 0x%(pid)08x
 0x00020012  %(tsc)d (+%(reltsc)8d)  CLTS          vcpu = 0x%(vcpu)08x  pid = 0x%(pid)08x
 0x00020013  %(tsc)d (+%(reltsc)8d)  LMSW          vcpu = 0x%(vcpu)08x  pid = 0x%(pid)08x [ value = 0x%(1)08x ]
 0x00020014  %(tsc)d (+%(reltsc)8d)  APIC_ACCESS   vcpu = 0x%(vcpu)08x  pid = 0x%(pid)08x [ offset = 0x%(1)08x ]
+0x00020015  %(tsc)d (+%(reltsc)8d)  PTE_FLOODED   vcpu = 0x%(vcpu)08x  pid = 0x%(pid)08x 
+0x00020016  %(tsc)d (+%(reltsc)8d)  PTE_WRITE     vcpu = 0x%(vcpu)08x  pid = 0x%(pid)08x [ gpa = 0x%(2)08x %(1)08x gpte = 0x%(4)08x %(3)08x ]