semantic: 0.724
device: 0.695
graphic: 0.693
user-level: 0.673
network: 0.636
performance: 0.634
vnc: 0.624
files: 0.623
register: 0.618
ppc: 0.609
socket: 0.588
risc-v: 0.583
mistranslation: 0.580
architecture: 0.575
PID: 0.546
peripherals: 0.521
TCG: 0.521
hypervisor: 0.520
VMM: 0.496
kernel: 0.488
arm: 0.461
permissions: 0.460
debug: 0.454
KVM: 0.444
x86: 0.440
i386: 0.418
boot: 0.380
virtual: 0.370
assembly: 0.331

qemu/hw/scsi/scsi-disk.c:2741: possible missing break ?

qemu/hw/scsi/scsi-disk.c:2741] -> [qemu/hw/scsi/scsi-disk.c:2745]: (warning) Variable 'cdb1' is reassigned a value before the old one has been used. 'break;' missing?
qemu/hw/scsi/scsi-disk.c:2742] -> [qemu/hw/scsi/scsi-disk.c:2746]: (warning) Variable 'group_number' is reassigned a value before the old one has been used. 'break;' missing?

Source code is

    case 1:
        /* 10-byte CDB.  */
        r->cdb1 = req->cmd.buf[1];
        r->group_number = req->cmd.buf[6];
    case 4:
        /* 12-byte CDB.  */

Also,

[qemu/hw/scsi/scsi-disk.c:2063]: (warning) %lu in format string (no. 1) requires 'unsigned long' but the argument type is 'signed long'.
[qemu/hw/scsi/scsi-disk.c:2066]: (warning) %lu in format string (no. 1) requires 'unsigned long' but the argument type is 'signed long'.
[qemu/hw/scsi/scsi-disk.c:2069]: (warning) %lu in format string (no. 1) requires 'unsigned long' but the argument type is 'signed long'.
[qemu/hw/scsi/scsi-disk.c:2083]: (warning) %lu in format string (no. 2) requires 'unsigned long' but the argument type is 'signed long'.

The issue with the missing break has been fixed here:
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=ed45cae39117d41315541

I am currently not able to reproduce the problem with the format strings ... how did you get them? Which compiler (and version) did you use?

>I am currently not able to reproduce the problem with the format strings ... 
>how did you get them? Which compiler (and version) did you use?

I used a static analyser for C & C++ called cppcheck. It is available
from sourceforge. I find it very useful.

I think gcc might be able to reproduce these problems with one of the
higher warning levels. -Wformat=2 springs to mind, but a check of the gcc
documentation around -Wformat will give more accurate guidance.

The issue with the format strings should now be fixed, too:
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=142c21455bb2416b37f71b