Description:
valgrind output from 5.1.36

Conditional jump or move depends on uninitialised value(s)
at: store_record_in_cache(st_join_cache*) (sql_select.cc:14031)
by: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:10961)
by: evaluate_join_record(JOIN*, st_join_table*, int) (sql_select.cc:11246)
by: sub_select(JOIN*, st_join_table*, bool) (sql_select.cc:11131)
by: do_select(JOIN*, List<Item>*, st_table*, Procedure*) (sql_select.cc:10887)
by: JOIN::exec() (sql_select.cc:2199)
by: mysql_select (sql_select.cc:2386)
by: handle_select (sql_select.cc:268)
by: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5011)
by: mysql_execute_command(THD*) (sql_parse.cc:2208)
by: mysql_parse(THD*, char const*, unsigned, char const**) (sql_parse.cc:5931)
by: dispatch_command (sql_parse.cc:1213)

sql_select:14031 is this code line:

for (str=copy->str,end= str+copy->length;
   end > str && end[-1] == ' ' ;
   end--) ;

How to repeat:
flush tables;
drop table if exists `t1`,`t2`,`mm1`;
create table `t1`(`a` char(9),`b` int,key(`b`),key(`a`))engine=myisam;
create table `t2`(`a` char(9),`b` int,key(`b`),key(`a`))engine=myisam;

insert into `t1` values ('1',null),(null,null);
insert into `t2` values ('1',null),(null,null);

create table `mm1`(`a` char(9),`b` int,key(`b`),key(`a`))
engine=merge  union=(`t1`,`t2`);

select `t1`.`a` from `mm1`,`t1`;

No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".

still repeatable in 5.1.39. I suggest you do this simply:

tar zxvf mysql-advanced-gpl-5.1.39-linux-i686-glibc23.tar.gz
cd mysql-advanced-gpl-5.1.39-linux-i686-glibc23
./scripts/mysql_install_db --no-defaults

valgrind --tool=memcheck --track-origins=yes -v --show-reachable=no ./bin/mysqld  --no-defaults  --basedir=./ --datadir=./data  --port=3306

Then login via a client and paste the testcase and watch the errors:
Conditional jump or move depends on uninitialised value(s)
at : store_record_in_cache (sql_select.cc:14060)
by : sub_select_cache (sql_select.cc:10965)
by : evaluate_join_record (sql_select.cc:11250)
by : sub_select) (sql_select.cc:11135)
by : do_select (sql_select.cc:10891)
by : JOIN::exec (sql_select.cc:2209)
by : mysql_select (sql_select.cc:2398)
by : handle_select (sql_select.cc:268)
by : execute_sqlcom_select (sql_parse.cc:5011)
by : mysql_execute_command (sql_parse.cc:2206)
by : mysql_parse (sql_parse.cc:5931)
by : dispatch_command (sql_parse.cc:1213)
 Uninitialised value was created by a heap allocation
at : malloc (vg_replace_malloc.c:195)
by : my_malloc (my_malloc.c:34)
by : alloc_root (my_alloc.c:201)
by : myisam_create_handler (sql_list.h:39)
by : get_new_handler (handler.cc:248)
by : open_table_from_share (table.cc:1670)
by : open_unireg_entry (sql_base.cc:3907)
by : open_table (sql_base.cc:2910)
by : open_tables (sql_base.cc:4575)
by : open_and_lock_tables_derived (sql_base.cc:4981)
by : execute_sqlcom_select (mysql_priv.h:1562)
by : mysql_execute_command (sql_parse.cc:2206)

The offending line is:

for (str=copy->str,end= str+copy->length;
    end > str && end[-1] == ' ' ;
    end--) ;

Verified as described with version 5.1 and next-mr

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/98615

3337 Sergey Glukhov	2010-01-29
      Bug#45195 valgrind warnings about uninitialized values in store_record_in_cache()
      The problem becomes apparent only if HAVE_purify is undefined.
      It related to the part of code placed in open_table_from_share() fuction
      where we initialize record buffer only if HAVE_purify is enabled.
      So in case of HAVE_purify=OFF record buffer is not initialized
      on open table stage.
      Next we read key, find NULL value and update appropriate null bit
      but do not update record buffer. After that the record is stored
      in the join cache(store_record_in_cache). For CHAR fields we
      strip trailing spaces and in our case this procedure uses
      uninitialized record buffer.
      The fix is to skip stripping space procedure in case of null values
      for CHAR fields(partially based on 6.0 JOIN_CACHE implementation).
     @ mysql-test/r/join.result
        test case
     @ mysql-test/t/join.test
        test case
     @ sql/field.cc
        code updated according to new CACHE_FIELD struct
     @ sql/sql_select.cc
        code updated according to new CACHE_FIELD struct
     @ sql/sql_select.h
        CACHE_FIELD struct:
        added new fields: Field *field, uint type;
        removed fields: Field_blob *blob_field, bool strip;

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/99837

3374 Sergey Glukhov	2010-02-10
      Bug#45195 valgrind warnings about uninitialized values in store_record_in_cache()
      The problem becomes apparent only if HAVE_purify is undefined.
      It related to the part of code placed in open_table_from_share() fuction
      where we initialize record buffer only if HAVE_purify is enabled.
      So in case of HAVE_purify=OFF record buffer is not initialized
      on open table stage.
      Next we read key, find NULL value and update appropriate null bit
      but do not update record buffer. After that the record is stored
      in the join cache(store_record_in_cache). For CHAR fields we
      strip trailing spaces and in our case this procedure uses
      uninitialized record buffer.
      The fix is to skip stripping space procedure in case of null values
      for CHAR fields(partially based on 6.0 JOIN_CACHE implementation).
     @ mysql-test/r/join.result
        test case
     @ mysql-test/t/join.test
        test case
     @ sql/field.cc
        code updated according to new CACHE_FIELD struct
     @ sql/sql_select.cc
        code updated according to new CACHE_FIELD struct
     @ sql/sql_select.h
        CACHE_FIELD struct:
        added new fields: Field *field, uint type;
        removed fields: Field_blob *blob_field, bool strip;

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/101491

3922 Alexey Kopytov	2010-02-25 [merge]
      Manual merge of the patch for bug #50335.
      Also picked the test case for bug #45195 that was previously
      null-merged to mysql-pe.

Pushed into 5.1.45 (revid:joro@sun.com-20100301083827-xnimmrjg6bh33o1o) (version source revid:joerg@mysql.com-20100212173307-ph563zr4wmoklgwd) (merge vers: 5.1.45) (pib:16)

Pushed into 6.0.14-alpha (revid:alik@sun.com-20100302142746-u1gxdf5yk2bjrq3e) (version source revid:alik@sun.com-20100301095421-4cz64ibem1h2quve) (merge vers: 6.0.14-alpha) (pib:16)

Pushed into 5.5.3-m2 (revid:alik@sun.com-20100302072233-t3uqgjzdukt1pyhe) (version source revid:alexey.kopytov@sun.com-20100221213311-xf5nyv391dsw9v6j) (merge vers: 5.5.2-m2) (pib:16)

Pushed into mysql-next-mr (revid:alik@sun.com-20100302072432-k8xvfkgcggkwgi94) (version source revid:alik@sun.com-20100224135227-rcqs9pe9b2in80pf) (pib:16)

Noted in 5.1.45, 5.5.3, 6.0.14 changelogs.

Valgrind warnings about uninitialized variables in optimizer code
were silenced.

Pushed into 5.1.47-ndb-7.0.16 (revid:martin.skold@mysql.com-20100617114014-bva0dy24yyd67697) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)

Pushed into 5.1.47-ndb-6.2.19 (revid:martin.skold@mysql.com-20100617115448-idrbic6gbki37h1c) (version source revid:martin.skold@mysql.com-20100609140708-52rvuyq4q500sxkq) (merge vers: 5.1.45-ndb-6.2.19) (pib:16)

Pushed into 5.1.47-ndb-6.3.35 (revid:martin.skold@mysql.com-20100617114611-61aqbb52j752y116) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)