Index: src/btree.c
==================================================================
--- src/btree.c
+++ src/btree.c
@@ -4733,11 +4733,11 @@
           c = xRecordCompare(nCell, pCellKey, pIdxKey, 0);
           sqlite3_free(pCellKey);
         }
         assert( 
             (pIdxKey->errCode!=SQLITE_CORRUPT || c==0)
-         && (pIdxKey->errCode!=SQLITE_NOMEM || !pCur->pBtree->db->mallocFailed)
+         && (pIdxKey->errCode!=SQLITE_NOMEM || pCur->pBtree->db->mallocFailed)
         );
         if( c<0 ){
           lwr = idx+1;
         }else if( c>0 ){
           upr = idx-1;

Index: src/vdbeaux.c
==================================================================
--- src/vdbeaux.c
+++ src/vdbeaux.c
@@ -3591,12 +3591,13 @@
   assert( mem1.zMalloc==0 );
 
   /* rc==0 here means that one or both of the keys ran out of fields and
   ** all the fields up to that point were equal. Return the the default_rc
   ** value.  */
-  assert( CORRUPT_DB 
+  assert( CORRUPT_DB || pKeyInfo->db==0
        || pPKey2->default_rc==vdbeRecordCompareDebug(nKey1, pKey1, pPKey2) 
+       || pKeyInfo->db->mallocFailed
   );
   return pPKey2->default_rc;
 }
 
 /*
@@ -3690,14 +3691,15 @@
     /* The first fields of the two keys are equal and there are no trailing
     ** fields. Return pPKey2->default_rc in this case. */
     res = pPKey2->default_rc;
   }
 
-  assert( (res==0 && vdbeRecordCompareDebug(nKey1, pKey1, pPKey2)==0)
+  assert( pPKey2->pKeyInfo->db==0
+       || (res==0 && vdbeRecordCompareDebug(nKey1, pKey1, pPKey2)==0)
        || (res<0 && vdbeRecordCompareDebug(nKey1, pKey1, pPKey2)<0)
        || (res>0 && vdbeRecordCompareDebug(nKey1, pKey1, pPKey2)>0)
-       || CORRUPT_DB
+       || CORRUPT_DB || pPKey2->pKeyInfo->db->mallocFailed
   );
   return res;
 }
 
 /*
@@ -3754,14 +3756,15 @@
     }else{
       res = pPKey2->r1;
     }
   }
 
-  assert( (res==0 && vdbeRecordCompareDebug(nKey1, pKey1, pPKey2)==0)
+  assert( pPKey2->pKeyInfo->db==0 
+       || (res==0 && vdbeRecordCompareDebug(nKey1, pKey1, pPKey2)==0)
        || (res<0 && vdbeRecordCompareDebug(nKey1, pKey1, pPKey2)<0)
        || (res>0 && vdbeRecordCompareDebug(nKey1, pKey1, pPKey2)>0)
-       || CORRUPT_DB
+       || CORRUPT_DB || pPKey2->pKeyInfo->db->mallocFailed
   );
   return res;
 }
 
 /*

Index: test/malloc.test
==================================================================
--- test/malloc.test
+++ test/malloc.test
@@ -899,14 +899,34 @@
   }
 } -test {
   faultsim_test_result {0 {abcde fghij klmno pqrst uvwxy}} 
   faultsim_integrity_check
 }
+
+reset_db
+add_test_utf16bin_collate db
+set big [string repeat x 200]
+do_execsql_test 41.1 {
+  DROP TABLE IF EXISTS t1;
+  CREATE TABLE t1(a COLLATE utf16bin);
+  INSERT INTO t1 VALUES('fghij' || $::big);
+  INSERT INTO t1 VALUES('pqrst' || $::big);
+  INSERT INTO t1 VALUES('abcde' || $::big);
+  INSERT INTO t1 VALUES('uvwxy' || $::big);
+  INSERT INTO t1 VALUES('klmno' || $::big);
+  CREATE INDEX i1 ON t1(a);
+}
+do_faultsim_test 41.2 -faults oom* -body {
+  execsql { SELECT * FROM t1 WHERE a = ('abcde' || $::big)}
+} -test {
+  faultsim_test_result [list 0 "abcde$::big"]
+  faultsim_integrity_check
+}
 
 # Ensure that no file descriptors were leaked.
 do_test malloc-99.X {
   catch {db close}
   set sqlite_open_file_count
 } {0}
 
 puts open-file-count=$sqlite_open_file_count
 finish_test