Comment 9 for bug 1989073

Once you are happy with the above test we can change the header to confine any qemu:

like:
/usr/bin/qemu-system-x86_64 flags=(attach_disconnected) {
$ sudo systemctl reload apparmor

That will confine qemu without aa-exec.

And with this commandline it does not mess up the console.
/usr/bin/qemu-system-x86_64 -machine pc-i440fx-kinetic -accel kvm -cpu host -kernel /boot/vmlinuz -nographic -serial file:myfile

$ gdb /usr/bin/qemu-system-x86_64
(gdb) handle SIGUSR1 pass nostop noprint
(gdb) set detach-on-fork off
(gdb) catch syscall openat
(gdb) run -machine pc-i440fx-kinetic -accel kvm -cpu host -kernel /boot/vmlinuz -nographic -serial file:myfile

This could have been done easier, but I was afraid (from past lessons learned) that it would elude me. I've found that it is the new libnuma that triggers this.

(gdb) bt
#0 __GI___open64_nocancel (file=file@entry=0x7feea05bd948 "/sys/devices/system/cpu/possible", oflag=oflag@entry=524288) at ../sysdeps/unix/sysv/linux/open64_nocancel.c:39
#1 0x00007feea0519a80 in read_sysfs_file (fname=fname@entry=0x7feea05bd948 "/sys/devices/system/cpu/possible") at ../sysdeps/unix/sysv/linux/getsysstats.c:148
#2 0x00007feea0519ee4 in __GI___get_nprocs_conf () at ../sysdeps/unix/sysv/linux/getsysstats.c:231
#3 0x00007feea04e5862 in posix_sysconf (name=<optimized out>) at ../sysdeps/posix/sysconf.c:626
#4 linux_sysconf (name=<optimized out>) at ../sysdeps/unix/sysv/linux/x86/../sysconf.c:121
#5 __GI___sysconf (name=<optimized out>) at ../sysdeps/unix/sysv/linux/x86/sysconf.c:36
#6 0x00007feea0eb5bdc in ?? () from /lib/x86_64-linux-gnu/libnuma.so.1
#7 0x00007feea12defbe in call_init (l=<optimized out>, argc=argc@entry=12, argv=argv@entry=0x7ffe12cbbec8, env=env@entry=0x7ffe12cbbf30) at ./elf/dl-init.c:70