Although I dont know the specifific of XEN implementation details, I can speak to the general requirements of VMM and CPUID. It may be of some use to you.
There are several things you may want to investigate.
1. Hardware configuration: Each Intel Xeon processor 5355 has 4 cores and no Hyperthreading (you assumption of two threads per core does not apply to 5355). If you have two physical processors, there are eight cores at the disposal of Xen's host and guest. So if Dom0 says it has subscribed 4 cores, your guest VM would have 4 other cores to be partitioned. Whether the 4 cores subscribed by Dom0 resides in the same physical package will require verification via APIC ID. The same goes to your guest's allocation of the other 4 cores, whether they reside in the same physical package or not.
2. I suspect the robustness requirement of Hypervisor will allow VCPUs to either time-share or have exclusive control of phyical core. So when you query inside DOM0 or DOMU with /proc/info, you probably want to examine the APIC ID associated with each VCPU and ensure configuration of each guest meets your expectation. If the configuration of each guest differs from your expectation, then correct them as needed. It sounds like the optimal partition for you is to have the 4 cores allocated to DOM0 residing in the same physical package. The relationship of sorting out unique APIC ID to distinguish physical package and where each core resides with respect to package is documented in the white paper. http://software.intel.com/en-us/articles/intel-64-architecture-processor-topology-enumeration/
3. The examples you give appears to have a couple of contradictions:
(a) it seems to suggest you had Xen console configured a DomU with one VCPU and when you ask the DomU to report its capability, it replies with 2 VCPU! Doesn't that suggest you found a bug in Xen?
(b) It also suggest when you try to run the 3rd party app on the DomU with one VCPU, the application was able to take control more CPU than the Xen conole allowed allocation (in order to detmined phycial package-based licensing was not in compliance), implying a breach of of virtualization premise?