diff --git a/CHANGELOG.md b/CHANGELOG.md
index 068a09b8e..015ab3404 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,10 @@
 # SQLCipher Change Log
 Notable changes to this project are documented in this file.
 
+## [4.13.0] - (January 2026 - [4.13.0 changes])
+- Updates baseline to SQLite 3.51.2
+- Corrects encoding for `sqlcipher_export()` function registration
+
 ## [4.12.0] - (December 2025 - [4.12.0 changes])
 - Updates baseline to SQLite 3.51.1
 - Adds `PRAGMA cipher_status` so applications can verify a database handle is using encryption
@@ -318,6 +322,8 @@ Notable changes to this project are documented in this file.
 ### Security
 - Change KDF iteration length from 4,000 to 64,000
 
+[4.13.0]: https://github.com/sqlcipher/sqlcipher/tree/v4.13.0
+[4.13.0 changes]: https://github.com/sqlcipher/sqlcipher/compare/v4.12.0...v4.13.0
 [4.12.0]: https://github.com/sqlcipher/sqlcipher/tree/v4.12.0
 [4.12.0 changes]: https://github.com/sqlcipher/sqlcipher/compare/v4.11.0...v4.12.0
 [4.11.0]: https://github.com/sqlcipher/sqlcipher/tree/v4.11.0
diff --git a/Makefile.msc b/Makefile.msc
index aa5222135..d3fe57de6 100644
--- a/Makefile.msc
+++ b/Makefile.msc
@@ -805,17 +805,21 @@ BCC = $(BCC) /d2guard4 -D_ARM_WINAPI_PARTITION_DESKTOP_SDK_AVAILABLE
 !IF $(DEBUG)>1
 TCC = $(TCC) -MDd
 BCC = $(BCC) -MDd
+ZLIBCFLAGS = -nologo -MDd -W3 -O2 -Oy- -Zi
 !ELSE
 TCC = $(TCC) -MD
 BCC = $(BCC) -MD
+ZLIBCFLAGS = -nologo -MD -W3 -O2 -Oy- -Zi
 !ENDIF
 !ELSE
 !IF $(DEBUG)>1
 TCC = $(TCC) -MTd
 BCC = $(BCC) -MTd
+ZLIBCFLAGS = -nologo -MTd -W3 -O2 -Oy- -Zi
 !ELSE
 TCC = $(TCC) -MT
 BCC = $(BCC) -MT
+ZLIBCFLAGS = -nologo -MT -W3 -O2 -Oy- -Zi
 !ENDIF
 !ENDIF
 
@@ -2420,7 +2424,7 @@ shell.c:	$(SHELL_DEP) $(TOP)\tool\mkshellc.tcl $(JIM_TCLSH)
 	$(JIM_TCLSH) $(TOP)\tool\mkshellc.tcl shell.c
 
 zlib:
-	pushd $(ZLIBDIR) && $(MAKE) /f win32\Makefile.msc clean $(ZLIBLIB) && popd
+	pushd $(ZLIBDIR) && $(MAKE) /f win32\Makefile.msc clean $(ZLIBLIB) CFLAGS="$(ZLIBCFLAGS)" && popd
 
 # Rules to build the extension objects.
 #
@@ -2815,6 +2819,134 @@ tcl-env:
 	@echo JIM_TCLSH = $(JIM_TCLSH)
 	@echo VISUALSTUDIOVERSION = $(VISUALSTUDIOVERSION)
 
+env:
+	@echo ALL_TCL_TARGETS = $(ALL_TCL_TARGETS)
+	@echo API_ARMOR = $(API_ARMOR)
+	@echo ASAN = $(ASAN)
+	@echo BCC = $(BCC)
+	@echo BUILD_ZLIB = $(BUILD_ZLIB)
+	@echo CC = $(CC)
+	@echo CCOPTS = $(CCOPTS)
+	@echo CHECKER_DEPS = $(CHECKER_DEPS)
+	@echo CORE_CCONV_OPTS = $(CORE_CCONV_OPTS)
+	@echo CORE_COMPILE_OPTS = $(CORE_COMPILE_OPTS)
+	@echo CORE_LINK_DEP = $(CORE_LINK_DEP)
+	@echo CORE_LINK_OPTS = $(CORE_LINK_OPTS)
+	@echo CRTLIBPATH = $(CRTLIBPATH)
+	@echo CSC = $(CSC)
+	@echo DBFUZZ_COMPILE_OPTS = $(DBFUZZ_COMPILE_OPTS)
+	@echo DEBUG = $(DEBUG)
+	@echo DYNAMIC_SHELL = $(DYNAMIC_SHELL)
+	@echo EXT_FEATURE_FLAGS = $(EXT_FEATURE_FLAGS)
+	@echo EXTHDR = $(EXTHDR)
+	@echo EXTRA_SRC = $(EXTRA_SRC)
+	@echo FOR_UWP = $(FOR_UWP)
+	@echo FUZZCHECK_OPTS = $(FUZZCHECK_OPTS)
+	@echo FUZZCHECK_SRC = $(FUZZCHECK_SRC)
+	@echo FUZZDATA = $(FUZZDATA)
+	@echo FUZZERSHELL_COMPILE_OPTS = $(FUZZERSHELL_COMPILE_OPTS)
+	@echo HDR = $(HDR)
+	@echo ICUDIR = $(ICUDIR)
+	@echo ICUINCDIR = $(ICUINCDIR)
+	@echo ICULIBDIR = $(ICULIBDIR)
+	@echo JIM_TCLSH = $(JIM_TCLSH)
+	@echo KV_COMPILE_OPTS = $(KV_COMPILE_OPTS)
+	@echo LDFLAGS = $(LDFLAGS)
+	@echo LD = $(LD)
+	@echo LIBICU = $(LIBICU)
+	@echo LIBOBJ = $(LIBOBJ)
+	@echo LIBREADLINE = $(LIBREADLINE)
+	@echo LIBRESOBJS = $(LIBRESOBJS)
+	@echo LIBTCLPATH = $(LIBTCLPATH)
+	@echo LIBTCLSTUB = $(LIBTCLSTUB)
+	@echo LIBTCL = $(LIBTCL)
+	@echo LTCOMPILE = $(LTCOMPILE)
+	@echo LTLIB = $(LTLIB)
+	@echo LTLIBOPTS = $(LTLIBOPTS)
+	@echo LTLIBPATHS = $(LTLIBPATHS)
+	@echo LTLIBS = $(LTLIBS)
+	@echo LTLINK = $(LTLINK)
+	@echo LTLINKOPTS = $(LTLINKOPTS)
+	@echo LTRCOMPILE = $(LTRCOMPILE)
+	@echo MEMDEBUG = $(MEMDEBUG)
+	@echo MINIMAL_AMALGAMATION = $(MINIMAL_AMALGAMATION)
+	@echo MPTESTER_COMPILE_OPTS = $(MPTESTER_COMPILE_OPTS)
+	@echo NCC = $(NCC)
+	@echo NCRTLIBPATH = $(NCRTLIBPATH)
+	@echo NLTLIBPATHS = $(NLTLIBPATHS)
+	@echo NO_LINEMACROS = $(NO_LINEMACROS)
+	@echo NO_TCL = $(NO_TCL)
+	@echo NO_WARN = $(NO_WARN)
+	@echo NSDKLIBPATH = $(NSDKLIBPATH)
+	@echo NUCRTLIBPATH = $(NUCRTLIBPATH)
+	@echo OPT_FEATURE_FLAGS = $(OPT_FEATURE_FLAGS)
+	@echo OPTIMIZATIONS = $(OPTIMIZATIONS)
+	@echo OSSSHELL_SRC = $(OSSSHELL_SRC)
+	@echo OSTRACE = $(OSTRACE)
+	@echo RBU = $(RBU)
+	@echo RCC = $(RCC)
+	@echo RC = $(RC)
+	@echo READLINE_FLAGS = $(READLINE_FLAGS)
+	@echo REQ_FEATURE_FLAGS = $(REQ_FEATURE_FLAGS)
+	@echo RSYNC_OPT = $(RSYNC_OPT)
+	@echo RSYNC_SRC = $(RSYNC_SRC)
+	@echo SESSION = $(SESSION)
+	@echo SETLK_TIMEOUT = $(SETLK_TIMEOUT)
+	@echo SHELL_CCONV_OPTS = $(SHELL_CCONV_OPTS)
+	@echo SHELL_COMPILE_OPTS = $(SHELL_COMPILE_OPTS)
+	@echo SHELL_CORE_DEP = $(SHELL_CORE_DEP)
+	@echo SHELL_CORE_LIB = $(SHELL_CORE_LIB)
+	@echo SHELL_CORE_SRC = $(SHELL_CORE_SRC)
+	@echo SHELL_DEP = $(SHELL_DEP)
+	@echo SHELL_LINK_OPTS = $(SHELL_LINK_OPTS)
+	@echo SPLIT_AMALGAMATION = $(SPLIT_AMALGAMATION)
+	@echo SQLITETCLDECLSH = $(SQLITETCLDECLSH)
+	@echo SQLITE_TCL_DEP = $(SQLITE_TCL_DEP)
+	@echo SQLITETCLH = $(SQLITETCLH)
+	@echo SRC = $(SRC)
+	@echo STATICALLY_LINK_TCL = $(STATICALLY_LINK_TCL)
+	@echo ST_COMPILE_OPTS = $(ST_COMPILE_OPTS)
+	@echo STORELIBPATH = $(STORELIBPATH)
+	@echo SYMBOLS = $(SYMBOLS)
+	@echo TCC = $(TCC)
+	@echo TCLDIR = $(TCLDIR)
+	@echo TCLINCDIR = $(TCLINCDIR)
+	@echo TCLLIBDIR = $(TCLLIBDIR)
+	@echo TCLLIBPATHS = $(TCLLIBPATHS)
+	@echo TCLLIBS = $(TCLLIBS)
+	@echo TCLSH_CMD = $(TCLSH_CMD)
+	@echo TCLSQLITEEX = $(TCLSQLITEEX)
+	@echo TCLSUFFIX = $(TCLSUFFIX)
+	@echo TCLVERSION = $(TCLVERSION)
+	@echo TEST_CCONV_OPTS = $(TEST_CCONV_OPTS)
+	@echo TESTEXT = $(TESTEXT)
+	@echo TESTFIXTURE_DEP = $(TESTFIXTURE_DEP)
+	@echo TESTFIXTURE_FLAGS = $(TESTFIXTURE_FLAGS)
+	@echo TESTFIXTURE_SRC = $(TESTFIXTURE_SRC)
+	@echo TESTOPTS = $(TESTOPTS)
+	@echo TESTPROGS = $(TESTPROGS)
+	@echo TESTSRC = $(TESTSRC)
+	@echo TLIBS = $(TLIBS)
+	@echo TOP = $(TOP)
+	@echo UCRTLIBPATH = $(UCRTLIBPATH)
+	@echo USE_AMALGAMATION = $(USE_AMALGAMATION)
+	@echo USE_CRT_DLL = $(USE_CRT_DLL)
+	@echo USE_FATAL_WARN = $(USE_FATAL_WARN)
+	@echo USE_FULLWARN = $(USE_FULLWARN)
+	@echo USE_ICU = $(USE_ICU)
+	@echo USE_LISTINGS = $(USE_LISTINGS)
+	@echo USE_NATIVE_LIBPATHS = $(USE_NATIVE_LIBPATHS)
+	@echo USE_RC = $(USE_RC)
+	@echo USE_RUNTIME_CHECKS = $(USE_RUNTIME_CHECKS)
+	@echo USE_SEH = $(USE_SEH)
+	@echo USE_STDCALL = $(USE_STDCALL)
+	@echo USE_ZLIB = $(USE_ZLIB)
+	@echo XCOMPILE = $(XCOMPILE)
+	@echo ZLIBDIR = $(ZLIBDIR)
+	@echo ZLIBINCDIR = $(ZLIBINCDIR)
+	@echo ZLIBLIBDIR = $(ZLIBLIBDIR)
+	@echo ZLIBLIB = $(ZLIBLIB)
+
 moreclean:	clean
 	del /Q $(SQLITE3C) $(SQLITE3H) 2>NUL
 # <</mark>>
diff --git a/VERSION b/VERSION
index d1278a467..0306a564d 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-3.51.1
+3.51.2
diff --git a/autoconf/Makefile.msc b/autoconf/Makefile.msc
index 4f96e3b18..365e1f0fb 100644
--- a/autoconf/Makefile.msc
+++ b/autoconf/Makefile.msc
@@ -695,17 +695,21 @@ BCC = $(BCC) /d2guard4 -D_ARM_WINAPI_PARTITION_DESKTOP_SDK_AVAILABLE
 !IF $(DEBUG)>1
 TCC = $(TCC) -MDd
 BCC = $(BCC) -MDd
+ZLIBCFLAGS = -nologo -MDd -W3 -O2 -Oy- -Zi
 !ELSE
 TCC = $(TCC) -MD
 BCC = $(BCC) -MD
+ZLIBCFLAGS = -nologo -MD -W3 -O2 -Oy- -Zi
 !ENDIF
 !ELSE
 !IF $(DEBUG)>1
 TCC = $(TCC) -MTd
 BCC = $(BCC) -MTd
+ZLIBCFLAGS = -nologo -MTd -W3 -O2 -Oy- -Zi
 !ELSE
 TCC = $(TCC) -MT
 BCC = $(BCC) -MT
+ZLIBCFLAGS = -nologo -MT -W3 -O2 -Oy- -Zi
 !ENDIF
 !ENDIF
 
diff --git a/ext/fts5/fts5Int.h b/ext/fts5/fts5Int.h
index a13a65d3c..d5404535c 100644
--- a/ext/fts5/fts5Int.h
+++ b/ext/fts5/fts5Int.h
@@ -81,7 +81,13 @@ typedef sqlite3_uint64 u64;
 # define FLEXARRAY 1
 #endif
 
-#endif
+#endif /* SQLITE_AMALGAMATION */
+
+/*
+** Constants for the largest and smallest possible 32-bit signed integers.
+*/
+# define LARGEST_INT32  ((int)(0x7fffffff))
+# define SMALLEST_INT32 ((int)((-1) - LARGEST_INT32))
 
 /* Truncate very long tokens to this many bytes. Hard limit is 
 ** (65536-1-1-4-9)==65521 bytes. The limiting factor is the 16-bit offset
diff --git a/ext/fts5/fts5_index.c b/ext/fts5/fts5_index.c
index 7e25731ed..acd0570a5 100644
--- a/ext/fts5/fts5_index.c
+++ b/ext/fts5/fts5_index.c
@@ -5931,7 +5931,7 @@ int sqlite3Fts5IndexMerge(Fts5Index *p, int nMerge){
       fts5StructureRelease(pStruct);
       pStruct = pNew;
       nMin = 1;
-      nMerge = nMerge*-1;
+      nMerge = (nMerge==SMALLEST_INT32 ? LARGEST_INT32 : (nMerge*-1));
     }
     if( pStruct && pStruct->nLevel ){
       if( fts5IndexMerge(p, &pStruct, nMerge, nMin) ){
diff --git a/ext/fts5/test/fts5merge.test b/ext/fts5/test/fts5merge.test
index c57c21ded..09c18245f 100644
--- a/ext/fts5/test/fts5merge.test
+++ b/ext/fts5/test/fts5merge.test
@@ -238,6 +238,22 @@ do_execsql_test 6.3 {
   INSERT INTO g1(g1) VALUES('integrity-check');
 }
 
+#--------------------------------------------------------------------------
+# Check that passing -2147483648 as the parameter to a merge command
+# does not cause a signed integer overflow error.
+#
+reset_db
+do_execsql_test 7.0 {
+  CREATE VIRTUAL TABLE f1 USING fts5(a);
+}
+do_execsql_test 7.1 {
+  INSERT INTO f1 VALUES('one two three');
+  INSERT INTO f1 VALUES('four five six');
+  INSERT INTO f1 VALUES('seven eight nine');
+}
+do_execsql_test 7.2 {
+  INSERT INTO f1(f1, rank) VALUES('merge', -2147483648);
+}
 
 
 finish_test
diff --git a/ext/misc/compress.c b/ext/misc/compress.c
index 6b034eb45..48ea5182d 100644
--- a/ext/misc/compress.c
+++ b/ext/misc/compress.c
@@ -59,7 +59,7 @@ static void compressFunc(
   pIn = sqlite3_value_blob(argv[0]);
   nIn = sqlite3_value_bytes(argv[0]);
   nOut = 13 + nIn + (nIn+999)/1000;
-  pOut = sqlite3_malloc( nOut+5 );
+  pOut = sqlite3_malloc64( nOut+5 );
   for(i=4; i>=0; i--){
     x[i] = (nIn >> (7*(4-i)))&0x7f;
   }
@@ -98,7 +98,7 @@ static void uncompressFunc(
     nOut = (nOut<<7) | (pIn[i]&0x7f);
     if( (pIn[i]&0x80)!=0 ){ i++; break; }
   }
-  pOut = sqlite3_malloc( nOut+1 );
+  pOut = sqlite3_malloc64( nOut+1 );
   rc = uncompress(pOut, &nOut, &pIn[i], nIn-i);
   if( rc==Z_OK ){
     sqlite3_result_blob(context, pOut, nOut, sqlite3_free);
diff --git a/ext/misc/csv.c b/ext/misc/csv.c
index 8331265aa..1caaaec87 100644
--- a/ext/misc/csv.c
+++ b/ext/misc/csv.c
@@ -62,6 +62,9 @@ SQLITE_EXTENSION_INIT1
 #  define CSV_NOINLINE
 #endif
 
+#ifndef SQLITEINT_H
+typedef sqlite3_int64 i64;
+#endif
 
 /* Max size of the error message in a CsvReader */
 #define CSV_MXERR 200
@@ -74,9 +77,9 @@ typedef struct CsvReader CsvReader;
 struct CsvReader {
   FILE *in;              /* Read the CSV text from this input stream */
   char *z;               /* Accumulated text for a field */
-  int n;                 /* Number of bytes in z */
-  int nAlloc;            /* Space allocated for z[] */
-  int nLine;             /* Current line number */
+  i64 n;                 /* Number of bytes in z */
+  i64 nAlloc;            /* Space allocated for z[] */
+  i64 nLine;             /* Current line number */
   int bNotFirst;         /* True if prior text has been seen */
   int cTerm;             /* Character that terminated the most recent field */
   size_t iIn;            /* Next unread character in the input buffer */
@@ -174,7 +177,7 @@ static int csv_getc(CsvReader *p){
 ** Return 0 on success and non-zero if there is an OOM error */
 static CSV_NOINLINE int csv_resize_and_append(CsvReader *p, char c){
   char *zNew;
-  int nNew = p->nAlloc*2 + 100;
+  i64 nNew = p->nAlloc*2 + 100;
   zNew = sqlite3_realloc64(p->z, nNew);
   if( zNew ){
     p->z = zNew;
@@ -510,7 +513,6 @@ static int csvtabConnect(
 # define CSV_DATA     (azPValue[1])
 # define CSV_SCHEMA   (azPValue[2])
 
-
   assert( sizeof(azPValue)==sizeof(azParam) );
   memset(&sRdr, 0, sizeof(sRdr));
   memset(azPValue, 0, sizeof(azPValue));
diff --git a/ext/misc/fileio.c b/ext/misc/fileio.c
index d78b14877..6cc2ae008 100644
--- a/ext/misc/fileio.c
+++ b/ext/misc/fileio.c
@@ -329,6 +329,7 @@ static int fileStat(
   b1[sz] = 0;
   rc = _wstat(b1, pStatBuf);
   if( rc==0 ) statTimesToUtc(zPath, pStatBuf);
+  sqlite3_free(b1);
   return rc;
 #else
   return stat(zPath, pStatBuf);
diff --git a/ext/misc/zipfile.c b/ext/misc/zipfile.c
index 58cfba658..2f74906d9 100644
--- a/ext/misc/zipfile.c
+++ b/ext/misc/zipfile.c
@@ -875,7 +875,7 @@ static int zipfileGetEntry(
         );
       }else{
         aRead = (u8*)&aBlob[iOff + ZIPFILE_CDS_FIXED_SZ];
-        if( (iOff + ZIPFILE_LFH_FIXED_SZ + nFile + nExtra)>nBlob ){
+        if( (iOff + ZIPFILE_CDS_FIXED_SZ + nFile + nExtra)>nBlob ){
           rc = zipfileCorrupt(pzErr);
         }
       }
diff --git a/ext/rtree/rtree.c b/ext/rtree/rtree.c
index 8b913ef2d..b3d29283e 100644
--- a/ext/rtree/rtree.c
+++ b/ext/rtree/rtree.c
@@ -3775,7 +3775,7 @@ static void rtreenode(sqlite3_context *ctx, int nArg, sqlite3_value **apArg){
   if( node.zData==0 ) return;
   nData = sqlite3_value_bytes(apArg[1]);
   if( nData<4 ) return;
-  if( nData<NCELL(&node)*tree.nBytesPerCell ) return;
+  if( nData<4+NCELL(&node)*tree.nBytesPerCell ) return;
 
   pOut = sqlite3_str_new(0);
   for(ii=0; ii<NCELL(&node); ii++){
diff --git a/ext/rtree/rtreeB.test b/ext/rtree/rtreeB.test
index 6fc31042c..ec1b0d5aa 100644
--- a/ext/rtree/rtreeB.test
+++ b/ext/rtree/rtreeB.test
@@ -47,4 +47,14 @@ ifcapable rtree_int_only {
 
 do_rtree_integrity_test rtreeB-1.2 t1
 
+# https://sqlite.org/forum/forumpost/2026-01-08T23:32:19Z
+#
+db null NULL
+do_execsql_test rtreeB-2.1 {
+  SELECT rtreenode(1,x'00000001'||randomblob(15)) IS NULL;
+} {1}
+do_execsql_test rtreeB-2.2 {
+  SELECT rtreenode(1,x'00000001'||randomblob(16)) IS NOT NULL;
+} {1}
+
 finish_test
diff --git a/ext/wasm/api/sqlite3-api-oo1.c-pp.js b/ext/wasm/api/sqlite3-api-oo1.c-pp.js
index 8c2f35e67..f7a4e9ebd 100644
--- a/ext/wasm/api/sqlite3-api-oo1.c-pp.js
+++ b/ext/wasm/api/sqlite3-api-oo1.c-pp.js
@@ -1130,11 +1130,11 @@ globalThis.sqlite3ApiBootstrap.initializers.push(function(sqlite3){
         sqlite3.config.warn("DB.exec() is propagating exception",opt,e);
         throw e;
       }*/finally{
-        wasm.scopedAllocPop(stack);
         if(stmt){
           __execLock.delete(stmt);
           stmt.finalize();
         }
+        wasm.scopedAllocPop(stack);
       }
       return arg.returnVal();
     }/*exec()*/,
diff --git a/manifest b/manifest
index 264ad32c3..7be9b18d3 100644
--- a/manifest
+++ b/manifest
@@ -1,14 +1,14 @@
-C Version\s3.51.1
-D 2025-11-28T17:28:25.933
+C Version\s3.51.2
+D 2026-01-09T17:27:48.405
 F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md 6bc480fc673fb4acbc4094e77edb326267dd460162d7723c7f30bee2d3d9e97d
 F Makefile.in 3ce07126d7e87c7464301482e161fdae6a51d0a2aa06b200b8f0000ef4d6163b
 F Makefile.linux-generic bd3e3cacd369821a6241d4ea1967395c962dfe3057e38cb0a435cee0e8b789d0
-F Makefile.msc 8dd676302f3165984c046f81af14b6676a334418fa30255efaf439f8033042fa
+F Makefile.msc d4459fad28b388063698cbb7a73bfce8684da998a844a04b21d4b9b10291196a
 F README.md dae499194b75deed76a13a4a83c82493f2530331882d7dfe5754d63287d3f8f7
-F VERSION a3971cc92c03ff4c250d95d1ecf61e2433152c21926d8a7dd429b39218a6e4c7
+F VERSION 53fb08d314af314f884da9b33cabad229928aac28b53984a2c38fd4d7dc608ab
 F art/icon-243x273.gif 9750b734f82fdb3dc43127753d5e6fbf3b62c9f4e136c2fbf573b2f57ea87af5
 F art/icon-80x90.gif 65509ce3e5f86a9cd64fe7fca2d23954199f31fe44c1e09e208c80fb83d87031
 F art/sqlite370.eps aa97a671332b432a54e1d74ff5e8775be34200c2
@@ -18,7 +18,7 @@ F art/sqlite370.svg 40b7e2fe8aac3add5d56dd86ab8d427a4eca5bcb3fe4f8946cb3794e1821
 F auto.def 44a0d1bf09d78355fc88251ccbf8e64e6341fd89c11de68a01c3645e53a2bade
 F autoconf/Makefile.fallback 22fe523eb36dfce31e0f6349f782eb084e86a5620b2b0b4f84a2d6133f53f5ac
 F autoconf/Makefile.in 118aa2c4d49173672d065fdda19eb8a28642e2c684212d7a626d6db5e6762521
-F autoconf/Makefile.msc 803aa9e23b6a764751f6a91d0673620eefa46729fb80faf51391120e1d752966
+F autoconf/Makefile.msc 9c1ca648062fd5a4a83ba7590c4422090cccd6399002af0346b7572f086c7483
 F autoconf/README.first f1d3876e9a7852c22f275a6f06814e64934cecbc0b5b9617d64849094c1fd136
 F autoconf/README.txt b749816b8452b3af994dc6d607394bef3df1736d7e09359f1087de8439a52807
 F autoconf/auto.def 3d994f3a9cc9b712dbce92a5708570ddcf3b988141b6eb738f2ed16127a9f0ac
@@ -107,13 +107,13 @@ F ext/fts3/unicode/mkunicode.tcl cbf5f7b5c8ce8014bad731f246f2e520eece908465de477
 F ext/fts3/unicode/parseunicode.tcl a981bd6466d12dd17967515801c3ff23f74a281be1a03cf1e6f52a6959fc77eb
 F ext/fts5/extract_api_docs.tcl 009cf59c77afa86d137b0cca3e3b1a5efbe2264faa2df233f9a7aa8563926d15
 F ext/fts5/fts5.h ff5d3cc88b29e41612bfb29eb723e29e38973de62ca75ba3e8f94ccb67f5b5f2
-F ext/fts5/fts5Int.h 4bba2aeadbbd7378675b1fd2967c377fba3147c9a836350c437844b590068927
+F ext/fts5/fts5Int.h 8d98f8e180fe28d6067e240ed45b9011735d29d5cfb5bac194e1e376baa7c708
 F ext/fts5/fts5_aux.c da4a7a9a11ec15c6df0699d908915a209bcde48f0b04101461316b59f71abffb
 F ext/fts5/fts5_buffer.c f1e6d0324d7c55329d340673befc26681a372a4d36086caa8d1ec7d7c53066c7
 F ext/fts5/fts5_config.c e7d8dd062b44a66cd77e5a0f74f23a2354cd1f3f8575afb967b2773c3384f7f8
 F ext/fts5/fts5_expr.c b8c32da1127bafaf10d6b4768b0dcb92285798524bed2d87a8686f99a8e8d259
 F ext/fts5/fts5_hash.c a6266cedd801ab7964fa9e74ebcdda6d30ec6a96107fa24148ec6b7b5b80f6e0
-F ext/fts5/fts5_index.c 5e82963a6691ae519df1e018cc7971272a3da1fd47daca5029af0e9ce24f1a8b
+F ext/fts5/fts5_index.c 4e94cec64da9a61f8763f033fee310d3ce22805e1452fd4190e3f972ec60dfb0
 F ext/fts5/fts5_main.c 42025174a556257287071e90516d3ab8115daf1dd525a301883544469a260014
 F ext/fts5/fts5_storage.c 19bc7c4cbe1e6a2dd9849ef7d84b5ca1fcbf194cefc3e386b901e00e08bf05c2
 F ext/fts5/fts5_tcl.c 7fb5a3d3404099075aaa2457307cb459bbc257c0de3dbd52b1e80a5b503e0329
@@ -207,7 +207,7 @@ F ext/fts5/test/fts5leftjoin.test 1c14b51f4d1344a89e488160882f05a2246dd7e70c5cf0
 F ext/fts5/test/fts5limits.test 8ab67cf5d311c124b6ceb0062d0297767176df4572d955fce79fa43004dff01c
 F ext/fts5/test/fts5locale.test 83ba7ee12628b540d3098f39c39c1de0c0440eddff8f7512c8c698d0c4a3ae3c
 F ext/fts5/test/fts5matchinfo.test bc9e74157773db7f00aec1e85587f1145956ebdf1672c136f0f04323b2752aa0
-F ext/fts5/test/fts5merge.test 2654df0bcdb2d117c2d38b6aeb0168061be01c643f9e9194b36c43a2970e8082
+F ext/fts5/test/fts5merge.test 088133e135ef7dcd6701753c95b8b10be3c52fa1a99507933e00756d6437489e
 F ext/fts5/test/fts5merge2.test 3ebad1a59d6ad3fb66eff6523a09e95dc6367cbefb3cd73196801dea0425c8e2
 F ext/fts5/test/fts5misc.test 83d6c5101a092c5db8fb631cfdd69a6482e20528b2750427641ac9050d9d0381
 F ext/fts5/test/fts5multi.test a15bc91cdb717492e6e1b66fec1c356cb57386b980c7ba5af1915f97fe878581
@@ -366,13 +366,13 @@ F ext/misc/btreeinfo.c 8f5e6da2c82ec2f06ee0216e922370a436dafdbb06ffa7a552203515f
 F ext/misc/cksumvfs.c 9d7d0cf1a8893ac5d48922bfe9f3f217b4a61a6265f559263a02bb2001259913
 F ext/misc/closure.c 5559daf1daf742228431db929d1aa86dd535a4224cc634a81d2fd0d1e6ad7839
 F ext/misc/completion.c c27b64fdd0943c1b7f152376599814cee2641f7d67a7bb9bd2b957c2a64a5591
-F ext/misc/compress.c 2c79a74330e0e0ba6cb3f7397f8ba5af12d46377ef5d3ee075e12dd8a6ed57f0
-F ext/misc/csv.c 7cae8c2666a058a58fb8994ed2457339a06c97d31c251d9a8445cdd966629890
+F ext/misc/compress.c 8191118b9b73e7796c961790db62d35d9b0fb724b045e005a5713dc9e0795565
+F ext/misc/csv.c d9dab032420d81cdf0abc4b8523711d20a355704f82d958f963c86be48387dd9
 F ext/misc/dbdump.c 678f1b9ae2317b4473f65d03132a2482c3f4b08920799ed80feedd2941a06680
 F ext/misc/decimal.c d4883de142f6dcd36eda23da40b55e2b51374e7b01eb54a7173940191389fc5e
 F ext/misc/eval.c 04bc9aada78c888394204b4ed996ab834b99726fb59603b0ee3ed6e049755dc1
 F ext/misc/explain.c 606100185fb90d6a1eade1ed0414d53503c86820d8956a06e3b0a56291894f2b
-F ext/misc/fileio.c d4918ff3f59a26c447347b40ac5e5c41aef697dfa24ebb2ef61ebad3c32261f0
+F ext/misc/fileio.c d80268a5328fe839062a9d3103ea0fc7cacc6d42605959275675cb37867c84f7
 F ext/misc/fossildelta.c 2fc2dd4f34f478df674887db62586b1071c4cd3c9e73ee40f9ee669670e482d1
 F ext/misc/fuzzer.c 6b231352815304ba60d8e9ec2ee73d4918e74d9b76bda8940ba2b64e8777515e
 F ext/misc/ieee754.c 176c061c94857b543313959289cb60cf777c999fd002f82b53d194b95e9f347a
@@ -414,7 +414,7 @@ F ext/misc/vtablog.c 2d04386c2f5a3bb93bc9ae978f0b7dcd5a264e126abd640dd6d82aa9067
 F ext/misc/vtshim.c e5bce24ab8c532f4fdc600148718fe1802cb6ed57417f1c1032d8961f72b0e8f
 F ext/misc/wholenumber.c 0fa0c082676b7868bf2fa918e911133f2b349bcdceabd1198bba5f65b4fc0668
 F ext/misc/windirent.h 02211ce51f3034c675f2dbf4d228194d51b3ee05734678bad5106fff6292e60c
-F ext/misc/zipfile.c 09e6e3a3ff40a99677de3c0bc6569bd5f4709b1844ac3d1c1452a456c5a62f1c
+F ext/misc/zipfile.c 71d3fd3155ed5e738473e286e550cf0bcf346cc2fd63646eaf944e7b40531a1b
 F ext/misc/zorder.c bddff2e1b9661a90c95c2a9a9c7ecd8908afab5763256294dd12d609d4664eee
 F ext/rbu/rbu.c 801450b24eaf14440d8fd20385aacc751d5c9d6123398df41b1b5aa804bf4ce8
 F ext/rbu/rbu1.test 25870dd7db7eb5597e2b4d6e29e7a7e095abf332660f67d89959552ce8f8f255
@@ -493,7 +493,7 @@ F ext/repair/test/checkindex01.test b530f141413b587c9eb78ff734de6bb79bc3515c3350
 F ext/repair/test/test.tcl 686d76d888dffd021f64260abf29a55c57b2cedfa7fc69150b42b1d6119aac3c
 F ext/rtree/README 734aa36238bcd2dee91db5dba107d5fcbdb02396612811377a8ad50f1272b1c1
 F ext/rtree/geopoly.c f0573d5109fdc658a180db0db6eec86ab2a1cf5ce58ec66cbf3356167ea757eb
-F ext/rtree/rtree.c 95401e6812a399b5ef2e5de1249ab7e2844601cb4153ca2c3f14122ff3625569
+F ext/rtree/rtree.c 9331997a76b88a9bc04e156bdfd6e2fe35c0aa93bc338ebc6aa0ae470fe4a852
 F ext/rtree/rtree.h 4a690463901cb5e6127cf05eb8e642f127012fd5003830dbc974eca5802d9412
 F ext/rtree/rtree1.test e0608db762b2aadca0ecb6f97396cf66244490adc3ba88f2a292b27be3e1da3e
 F ext/rtree/rtree2.test 9d9deddbb16fd0c30c36e6b4fdc3ee3132d765567f0f9432ee71e1303d32603d
@@ -505,7 +505,7 @@ F ext/rtree/rtree7.test c8fb2e555b128dd0f0bdb520c61380014f497f8a23c40f2e820acc9f
 F ext/rtree/rtree8.test 4da84c7f328bbdca15052fa13da6e8b8d426433347bf75fc85574c2f5a411a02
 F ext/rtree/rtree9.test fd3c9384ef8aabbc127b3878764070398f136eebc551cd20484b570f2cc1956a
 F ext/rtree/rtreeA.test 14e67fccc5b41efbad7ea99d21d11aaa66d2067da7d5b296ee86e4de64391d82
-F ext/rtree/rtreeB.test 4cec297f8e5c588654bbf3c6ed0903f10612be8a2878055dd25faf8c71758bc9
+F ext/rtree/rtreeB.test ab93136c45cf25af78d22665c2a6d75068eef6bf3a710356e4ba8d5f37bed364
 F ext/rtree/rtreeC.test 2978b194d09b13e106bdb0e1c5b408b9d42eb338c1082bf43c87ef43bd626147
 F ext/rtree/rtreeD.test fe46aa7f012e137bd58294409b16c0d43976c3bb92c8f710481e577c4a1100dc
 F ext/rtree/rtreeE.test e65d3fc625da1800b412fc8785817327d43ccfec5f5973912d8c9e471928caa9
@@ -596,7 +596,7 @@ F ext/wasm/api/post-js-header.js 79d078aec33d93b640a19c574b504d88bb2446432f38e2f
 F ext/wasm/api/pre-js.c-pp.js a876c6399dff29b6fe9e434036beb89889164cc872334e184291723ecc7cb072
 F ext/wasm/api/sqlite3-api-cleanup.js a3d6b9e449aefbb8bba283c2ba9477e2333a0eeb94a7a26b5bf952736f65a6dd
 F ext/wasm/api/sqlite3-api-glue.c-pp.js d2b8263b3ce0cefc6c5a68d0a4d448a9770eda4bf9d9ded9d7eb0198e4ce4da1
-F ext/wasm/api/sqlite3-api-oo1.c-pp.js 31dbfd470c91ffd96d77399b749bab6b69e3ba9074188833f97ac13f087cf07b
+F ext/wasm/api/sqlite3-api-oo1.c-pp.js c4260f3fdc553c56ee530c20cc1119029067b503f0d6d7b472705536cb45aa1d
 F ext/wasm/api/sqlite3-api-prologue.js 307583ff39a978c897c4ef4ce53fe231dce5c73dc84785969c81c1ab5960a293
 F ext/wasm/api/sqlite3-api-worker1.c-pp.js 1041dd645e8e821c082b628cd8d9acf70c667430f9d45167569633ffc7567938
 F ext/wasm/api/sqlite3-license-version-header.js 0c807a421f0187e778dc1078f10d2994b915123c1223fe752b60afdcd1263f89
@@ -686,7 +686,7 @@ F src/date.c e19e0cfff9a41bfdd884c655755f6f00bca4c1a22272b56e0dd6667b7ea893a2
 F src/dbpage.c c9ea81c11727f27e02874611e92773e68e2a90a875ef2404b084564c235fd91f
 F src/dbstat.c 73362c0df0f40ad5523a6f5501224959d0976757b511299bf892313e79d14f5c
 F src/delete.c 03a77ba20e54f0f42ebd8eddf15411ed6bdb06a2c472ac4b6b336521bf7cea42
-F src/expr.c 17b0cbe08e004c1653030f5de9b6b050e84feaa112239f7f576af2dc5e53a5fb
+F src/expr.c 28b1cc3d2f147cc888703d5482f9581f17656d02abfa331c34370cb3350776be
 F src/fault.c 460f3e55994363812d9d60844b2a6de88826e007
 F src/fkey.c 928ed2517e8732113d2b9821aa37af639688d752f4ea9ac6e0e393d713eeb76f
 F src/func.c 0b802107498048d3dcac0b757720bcb8506507ce02159e213ab8161458eb293b
@@ -720,7 +720,7 @@ F src/os.h 1ff5ae51d339d0e30d8a9d814f4b8f8e448169304d83a7ed9db66a65732f3e63
 F src/os_common.h 6c0eb8dd40ef3e12fe585a13e709710267a258e2c8dd1c40b1948a1d14582e06
 F src/os_kv.c fb7ba8d6204197357f1eb7e1c7450d09c10043bf7e99aba602f4aa46b8fb11a3
 F src/os_setup.h 8efc64eda6a6c2f221387eefc2e7e45fd5a3d5c8337a7a83519ba4fbd2957ae2
-F src/os_unix.c 7945ede1e85b2d1b910e1b4af9ba342e964b1e30e79f4176480a60736445cb36
+F src/os_unix.c dcf7988ddbdd68619b821c9a722f9377abb46f1d26c9279eb5a50402fd43d749
 F src/os_win.c a89b501fc195085c7d6c9eec7f5bd782625e94bb2a96b000f4d009703df1083f
 F src/os_win.h 4c247cdb6d407c75186c94a1e84d5a22cbae4adcec93fcae8d2bc1f956fd1f19
 F src/pager.c cd562b878ea1b44d021ba199abc9d3b54f6b3347500a9fed03f66d6000620945
@@ -735,8 +735,8 @@ F src/printf.c 7297c2aeed4d90d80c5ba82920d9e57b7bfad04b3466be1d7e042db382fe296e
 F src/random.c 606b00941a1d7dd09c381d3279a058d771f406c5213c9932bbd93d5587be4b9c
 F src/resolve.c 5616fbcf3b833c7c705b24371828215ad0925d0c0073216c4f153348d5753f0a
 F src/rowset.c 8432130e6c344b3401a8874c3cb49fefe6873fec593294de077afea2dce5ec97
-F src/select.c ba9cd07ffa3277883c1986085f6ddc4320f4d35d5f212ab58df79a7ecc1a576a
-F src/shell.c.in 223e3703657f5e66c136521a32fc8cc9a7dbbe6b1ade6fd47457e78c38f33e6e
+F src/select.c fa67ce1dd60744c315791085897c1571ffe5554bf3e0410942b5fc9d7e0a4b56
+F src/shell.c.in 2c7e751795f38bb1855c35b556419cab5b8ba22e0f6758f5a629338065d6b79f
 F src/sqlite.h.in c0979f9ac1f5be887397dd2a0bb485636893a81b34d64df85123aae9650c42f2
 F src/sqlite3.rc 015537e6ac1eec6c7050e17b616c2ffe6f70fca241835a84a4f0d5937383c479
 F src/sqlite3ext.h 7f236ca1b175ffe03316d974ef57df79b3938466c28d2f95caef5e08c57f3a52
@@ -817,7 +817,7 @@ F src/vxworks.h 9d18819c5235b49c2340a8a4d48195ec5d5afb637b152406de95a9436beeaeab
 F src/wal.c 505a98fbc599a971d92cb90371cf54546c404cd61e04fd093e7b0c8ff978f9b6
 F src/wal.h ba252daaa94f889f4b2c17c027e823d9be47ce39da1d3799886bbd51f0490452
 F src/walker.c d5006d6b005e4ea7302ad390957a8d41ed83faa177e412f89bc5600a7462a014
-F src/where.c 1b554a868134cbc9ca2192385403c0b63e5073ff01a6cdd600a846c09f843165
+F src/where.c 287324fe73a0ae8e55b3be89bb2fe4148e3a8394e1e2f10ed2113713a037d8a3
 F src/whereInt.h 8d94cb116c9e06205c3d5ac87af065fc044f8cf08bfdccd94b6ea1c1308e65da
 F src/wherecode.c 71c5c6804b7f882dec8ec858758accae02fcfca13df3cc720f1f258e663ec7c5
 F src/whereexpr.c 403a44eeec1a0f0914fccc6a59376b6924bc00ef6728fe6ffce4cf3051b320fc
@@ -1093,7 +1093,7 @@ F test/exclusive.test 7ff63be7503990921838d5c9f77f6e33e68e48ed1a9d48cd28745bf650
 F test/exclusive2.test cd70b1d9c6fffd336f9795b711dcc5d9ceba133ad3f7001da3fda63615bdc91e
 F test/exec.test e949714dc127eaa5ecc7d723efec1ec27118fdd7
 F test/exists.test 79a75323c78f02bbe9c251ea502a092f9ef63dac
-F test/existsexpr.test e4674fb8d610e82540126ed252e6aa48922882e1bcec6522d7e5a44fe715be61
+F test/existsexpr.test 75c1c13cda18b53f68c135fe644afc034d72a6de5b0774b0219ca4a6dc4b96b0
 F test/existsexpr2.test dc23e76389eff3d29f6488ff733012a3560cd67ec8cfaecbecd52cced5d5af11
 F test/existsfault.test ff41c11f3052c1bbd4f8dd557802310026253d67d7c4e3a180c16d2f0862973e
 F test/expr.test db981f8a85520e99ae20aab7ad2e9b5b0437ed09159b57ced434c672075d2e61
@@ -1238,7 +1238,7 @@ F test/fuzz3.test 70ba57260364b83e964707b9d4b5625284239768ab907dd387c740c0370ce3
 F test/fuzz4.test c229bcdb45518a89e1d208a21343e061503460ac69fae1539320a89f572eb634
 F test/fuzz_common.tcl b7197de6ed1ee8250a4f82d67876f4561b42ee8cbbfc6160dcb66331bad3f830
 F test/fuzz_malloc.test f348276e732e814802e39f042b1f6da6362a610af73a528d8f76898fde6b22f2
-F test/fuzzcheck.c 02824a0a8d84242f616e4ffd249b75eade48ecb7d10c18d2ac19a38218ff9c13
+F test/fuzzcheck.c 34a025386f84d818cd3343e69e9d9083091af83153e226d71d4e1c126b5f1dd0
 F test/fuzzdata1.db 3e86d9cf5aea68ddb8e27c02d7dfdaa226347426c7eb814918e4d95475bf8517
 F test/fuzzdata2.db 128b3feeb78918d075c9b14b48610145a0dd4c8d6f1ca7c2870c7e425f5bf31f
 F test/fuzzdata3.db c6586d3e3cef0fbc18108f9bb649aa77bfc38aba
@@ -1664,7 +1664,7 @@ F test/strict1.test a7f9091603fe71cdc62baab0766684cba12a97ec69bfbb70be965532669c
 F test/strict2.test b22c7a98b5000aef937f1990776497f0e979b1a23bc4f63e2d53b00e59b20070
 F test/subjournal.test 8d4e2572c0ee9a15549f0d8e40863161295107e52f07a3e8012a2e1fdd093c49
 F test/subquery.test 23087f9b1c15ab9cc5231d04946bdebc51db527c95eb9d7434a2222127e17a84
-F test/subquery2.test 5f06ec2dbce42a3f595ab1b73b146592f9ce001cd4ff023d887d643d3560c281
+F test/subquery2.test ab96ff3fa9c4e3dce0d699f74e61c50250ed4335bc8f400e127707d552a8999e
 F test/subselect.test 0966aa8e720224dbd6a5e769a3ec2a723e332303
 F test/substr.test a673e3763e247e9b5e497a6cacbaf3da2bd8ec8921c0677145c109f2e633f36b
 F test/subtype1.test 96fd2a59bfc845c955b5f339d23b37ef4d50de5f8a04acd1450a68605fa2e3e7
@@ -2078,7 +2078,7 @@ F test/writecrash.test 13520af28f376bfc8c0bcd130efc1fff20bb165198e8b94cf153f1f75
 F test/zeroblob.test 7b74cefc7b281dfa2b07cd237987fbe94b4a2037a7771e9e83f2d5f608b1d99e
 F test/zeroblobfault.test 861d8191a0d944dfebb3cb4d2c5b4e46a5a119eaec5a63dd996c2389f8063441
 F test/zerodamage.test 9c41628db7e8d9e8a0181e59ea5f189df311a9f6ce99cc376dc461f66db6f8dc
-F test/zipfile.test 82d402903199d193073af2c3c56b3c6839d229160fdc9ba437fa959db8da3ecc
+F test/zipfile.test c52db63e31a66ae4245affa3e4e65e302442a87e5fd5f2ad29060bc849a83480
 F test/zipfile2.test a577e0775e32ef8972e7d5e9a45bc071a5ae061b5b965a08c9c4b709ad036a25
 F test/zipfilefault.test 44d4d7a7f7cca7521d569d7f71026b241d65a6b1757aa409c1a168827edbbc2c
 F tool/GetFile.cs 47852aa0d806fe47ed1ac5138bdce7f000fe87aaa7f28107d0cb1e26682aeb44
@@ -2171,10 +2171,10 @@ F tool/version-info.c 33d0390ef484b3b1cb685d59362be891ea162123cea181cb8e6d2cf6dd
 F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7
 F tool/warnings.sh d924598cf2f55a4ecbc2aeb055c10bd5f48114793e7ba25f9585435da29e7e98
 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
-P 40ddaca3fb752425c26570365a9f31820786d21d043c1c0a4b49746ff9bc0782
-R e6faec25512909b375a6de433bcc999d
+P 10e11b9c539a8be50fd93bdf7cf5afe97d9757ce8577cac58426a1b218063e47
+R ec4161915fdee7c9c786931b31f64669
 T +sym-release *
-T +sym-version-3.51.1 *
+T +sym-version-3.51.2 *
 U drh
-Z a5cb39bb0c202daa26ad87d8a3e3f169
+Z 6e3a819551f499011e2275a586e8d608
 # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.tags b/manifest.tags
index 1630d85a0..c644e06f9 100644
--- a/manifest.tags
+++ b/manifest.tags
@@ -1,4 +1,4 @@
 branch branch-3.51
 tag release
 tag branch-3.51
-tag version-3.51.1
+tag version-3.51.2
diff --git a/manifest.uuid b/manifest.uuid
index b5f89836b..75ccd2e60 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-281fc0e9afc38674b9b0991943b9e9d1e64c6cbdb133d35f6f5c87ff6af38a88
+b270f8339eb13b504d0b2ba154ebca966b7dde08e40c3ed7d559749818cb2075
diff --git a/src/expr.c b/src/expr.c
index 1a7b273fd..fdc05366c 100644
--- a/src/expr.c
+++ b/src/expr.c
@@ -3891,9 +3891,22 @@ int sqlite3CodeSubselect(Parse *pParse, Expr *pExpr){
   pParse->nMem += nReg;
   if( pExpr->op==TK_SELECT ){
     dest.eDest = SRT_Mem;
-    dest.iSdst = dest.iSDParm;
+    if( (pSel->selFlags&SF_Distinct) && pSel->pLimit && pSel->pLimit->pRight ){
+      /* If there is both a DISTINCT and an OFFSET clause, then allocate
+      ** a separate dest.iSdst array for sqlite3Select() and other
+      ** routines to populate. In this case results will be copied over
+      ** into the dest.iSDParm array only after OFFSET processing. This
+      ** ensures that in the case where OFFSET excludes all rows, the
+      ** dest.iSDParm array is not left populated with the contents of the
+      ** last row visited - it should be all NULLs if all rows were
+      ** excluded by OFFSET.  */ 
+      dest.iSdst = pParse->nMem+1;
+      pParse->nMem += nReg;
+    }else{
+      dest.iSdst = dest.iSDParm;
+    }
     dest.nSdst = nReg;
-    sqlite3VdbeAddOp3(v, OP_Null, 0, dest.iSDParm, dest.iSDParm+nReg-1);
+    sqlite3VdbeAddOp3(v, OP_Null, 0, dest.iSDParm, pParse->nMem);
     VdbeComment((v, "Init subquery result"));
   }else{
     dest.eDest = SRT_Exists;
diff --git a/src/os_unix.c b/src/os_unix.c
index 6b679c4dc..d73d89924 100644
--- a/src/os_unix.c
+++ b/src/os_unix.c
@@ -2027,12 +2027,18 @@ static int unixLock(sqlite3_file *id, int eFileLock){
       pInode->nLock++;
       pInode->nShared = 1;
     }
-  }else if( (eFileLock==EXCLUSIVE_LOCK && pInode->nShared>1)
-         || unixIsSharingShmNode(pFile)
-  ){
+  }else if( eFileLock==EXCLUSIVE_LOCK && pInode->nShared>1 ){
     /* We are trying for an exclusive lock but another thread in this
     ** same process is still holding a shared lock. */
     rc = SQLITE_BUSY;
+  }else if( unixIsSharingShmNode(pFile) ){
+    /* We are in WAL mode and attempting to delete the SHM and WAL
+    ** files due to closing the connection or changing out of WAL mode,
+    ** but another process still holds locks on the SHM file, thus
+    ** indicating that database locks have been broken, perhaps due
+    ** to a rogue close(open(dbFile)) or similar.
+    */
+    rc = SQLITE_BUSY;
   }else{
     /* The request was for a RESERVED or EXCLUSIVE lock.  It is
     ** assumed that there is a SHARED or greater lock on the file
@@ -4671,26 +4677,21 @@ static int unixFcntlExternalReader(unixFile *pFile, int *piOut){
 ** still not a disaster.
 */
 static int unixIsSharingShmNode(unixFile *pFile){
-  int rc;
   unixShmNode *pShmNode;
+  struct flock lock;
   if( pFile->pShm==0 ) return 0;
   if( pFile->ctrlFlags & UNIXFILE_EXCL ) return 0;
   pShmNode = pFile->pShm->pShmNode;
-  rc = 1;
-  unixEnterMutex();
-  if( ALWAYS(pShmNode->nRef==1) ){
-    struct flock lock;
-    lock.l_whence = SEEK_SET;
-    lock.l_start = UNIX_SHM_DMS;
-    lock.l_len = 1;
-    lock.l_type = F_WRLCK;
-    osFcntl(pShmNode->hShm, F_GETLK, &lock);
-    if( lock.l_type==F_UNLCK ){
-      rc = 0;
-    }
-  }
-  unixLeaveMutex();
-  return rc;
+#if SQLITE_ATOMIC_INTRINSICS
+  assert( AtomicLoad(&pShmNode->nRef)==1 );
+#endif
+  memset(&lock, 0, sizeof(lock));
+  lock.l_whence = SEEK_SET;
+  lock.l_start = UNIX_SHM_DMS;
+  lock.l_len = 1;
+  lock.l_type = F_WRLCK;
+  osFcntl(pShmNode->hShm, F_GETLK, &lock);
+  return (lock.l_type!=F_UNLCK);
 }
 
 /*
diff --git a/src/select.c b/src/select.c
index bec00ecb9..bc17ecf84 100644
--- a/src/select.c
+++ b/src/select.c
@@ -1445,9 +1445,14 @@ static void selectInnerLoop(
         assert( nResultCol<=pDest->nSdst );
         pushOntoSorter(
             pParse, pSort, p, regResult, regOrig, nResultCol, nPrefixReg);
+        pDest->iSDParm = regResult;
       }else{
         assert( nResultCol==pDest->nSdst );
-        assert( regResult==iParm );
+        if( regResult!=iParm ){
+          /* This occurs in cases where the SELECT had both a DISTINCT and
+          ** an OFFSET clause.  */
+          sqlite3VdbeAddOp3(v, OP_Copy, regResult, iParm, nResultCol-1);
+        }
         /* The LIMIT clause will jump out of the loop for us */
       }
       break;
@@ -7462,12 +7467,24 @@ static SQLITE_NOINLINE void existsToJoin(
        && (pSub->selFlags & SF_Aggregate)==0
        && !pSub->pSrc->a[0].fg.isSubquery
        && pSub->pLimit==0
+       && pSub->pPrior==0
       ){
+        /* Before combining the sub-select with the parent, renumber the 
+        ** cursor used by the subselect. This is because the EXISTS expression
+        ** might be a copy of another EXISTS expression from somewhere
+        ** else in the tree, and in this case it is important that it use
+        ** a unique cursor number.  */
+        sqlite3 *db = pParse->db;
+        int *aCsrMap = sqlite3DbMallocZero(db, (pParse->nTab+2)*sizeof(int));
+        if( aCsrMap==0 ) return;
+        aCsrMap[0] = (pParse->nTab+1);
+        renumberCursors(pParse, pSub, -1, aCsrMap);
+        sqlite3DbFree(db, aCsrMap);
+
         memset(pWhere, 0, sizeof(*pWhere));
         pWhere->op = TK_INTEGER;
         pWhere->u.iValue = 1;
         ExprSetProperty(pWhere, EP_IntValue);
-
         assert( p->pWhere!=0 );
         pSub->pSrc->a[0].fg.fromExists = 1;
         pSub->pSrc->a[0].fg.jointype |= JT_CROSS;
diff --git a/src/shell.c.in b/src/shell.c.in
index 6e86dde9d..042190c17 100644
--- a/src/shell.c.in
+++ b/src/shell.c.in
@@ -13841,7 +13841,8 @@ int SQLITE_CDECL wmain(int argc, wchar_t **wargv){
       if( nCmd>0 ){
         sqlite3_fprintf(stderr,"Error: cannot mix regular SQL or dot-commands"
               " with \"%s\"\n", z);
-        return 1;
+        rc = 1;
+        goto shell_main_exit;
       }
       open_db(&data, OPEN_DB_ZIPFILE);
       if( z[2] ){
diff --git a/src/sqlcipher.c b/src/sqlcipher.c
index ef9c57dab..889e0b725 100644
--- a/src/sqlcipher.c
+++ b/src/sqlcipher.c
@@ -95,7 +95,7 @@ void sqlite3pager_reset(Pager *pPager);
 #define CIPHER_STR(s) #s
 
 #ifndef CIPHER_VERSION_NUMBER
-#define CIPHER_VERSION_NUMBER 4.12.0
+#define CIPHER_VERSION_NUMBER 4.13.0
 #endif
 
 #ifndef CIPHER_VERSION_BUILD
@@ -412,7 +412,7 @@ static void (*const sqlcipher_fini_func)(void) __attribute__((used, section(".fi
 static void sqlcipher_exportFunc(sqlite3_context*, int, sqlite3_value**);
 
 static int sqlcipher_export_init(sqlite3* db, const char** errmsg, const struct sqlite3_api_routines* api) { 
-  sqlite3_create_function_v2(db, "sqlcipher_export", -1, SQLITE_TEXT, 0, sqlcipher_exportFunc, 0, 0, 0);
+  sqlite3_create_function_v2(db, "sqlcipher_export", -1, SQLITE_UTF8, 0, sqlcipher_exportFunc, 0, 0, 0);
   return SQLITE_OK;
 }
 
diff --git a/src/where.c b/src/where.c
index 6313b87ca..c4f2c5543 100644
--- a/src/where.c
+++ b/src/where.c
@@ -7380,6 +7380,9 @@ void sqlite3WhereEnd(WhereInfo *pWInfo){
   sqlite3 *db = pParse->db;
   int iEnd = sqlite3VdbeCurrentAddr(v);
   int nRJ = 0;
+#ifndef SQLITE_DISABLE_SKIPAHEAD_DISTINCT
+  int addrSeek = 0;
+#endif
 
   /* Generate loop termination code.
   */
@@ -7392,7 +7395,10 @@ void sqlite3WhereEnd(WhereInfo *pWInfo){
       ** the RIGHT JOIN table */
       WhereRightJoin *pRJ = pLevel->pRJ;
       sqlite3VdbeResolveLabel(v, pLevel->addrCont);
-      pLevel->addrCont = 0;
+      /* Replace addrCont with a new label that will never be used, just so
+      ** the subsequent call to resolve pLevel->addrCont will have something
+      ** to resolve. */
+      pLevel->addrCont = sqlite3VdbeMakeLabel(pParse);
       pRJ->endSubrtn = sqlite3VdbeCurrentAddr(v);
       sqlite3VdbeAddOp3(v, OP_Return, pRJ->regReturn, pRJ->addrSubrtn, 1);
       VdbeCoverage(v);
@@ -7401,7 +7407,6 @@ void sqlite3WhereEnd(WhereInfo *pWInfo){
     pLoop = pLevel->pWLoop;
     if( pLevel->op!=OP_Noop ){
 #ifndef SQLITE_DISABLE_SKIPAHEAD_DISTINCT
-      int addrSeek = 0;
       Index *pIdx;
       int n;
       if( pWInfo->eDistinct==WHERE_DISTINCT_ORDERED
@@ -7424,25 +7429,26 @@ void sqlite3WhereEnd(WhereInfo *pWInfo){
         sqlite3VdbeAddOp2(v, OP_Goto, 1, pLevel->p2);
       }
 #endif /* SQLITE_DISABLE_SKIPAHEAD_DISTINCT */
-      if( pTabList->a[pLevel->iFrom].fg.fromExists && i==pWInfo->nLevel-1 ){
-        /* If the EXISTS-to-JOIN optimization was applied, then the EXISTS
-        ** loop(s) will be the inner-most loops of the join. There might be
-        ** multiple EXISTS loops, but they will all be nested, and the join
-        ** order will not have been changed by the query planner.  If the
-        ** inner-most EXISTS loop sees a single successful row, it should
-        ** break out of *all* EXISTS loops.  But only the inner-most of the
-        ** nested EXISTS loops should do this breakout. */
-        int nOuter = 0; /* Nr of outer EXISTS that this one is nested within */
-        while( nOuter<i ){
-          if( !pTabList->a[pLevel[-nOuter-1].iFrom].fg.fromExists ) break;
-          nOuter++;
-        }
-        testcase( nOuter>0 );
-        sqlite3VdbeAddOp2(v, OP_Goto, 0, pLevel[-nOuter].addrBrk);
-        VdbeComment((v, "EXISTS break"));
+    }
+    if( pTabList->a[pLevel->iFrom].fg.fromExists && i==pWInfo->nLevel-1 ){
+      /* If the EXISTS-to-JOIN optimization was applied, then the EXISTS
+      ** loop(s) will be the inner-most loops of the join. There might be
+      ** multiple EXISTS loops, but they will all be nested, and the join
+      ** order will not have been changed by the query planner.  If the
+      ** inner-most EXISTS loop sees a single successful row, it should
+      ** break out of *all* EXISTS loops.  But only the inner-most of the
+      ** nested EXISTS loops should do this breakout. */
+      int nOuter = 0; /* Nr of outer EXISTS that this one is nested within */
+      while( nOuter<i ){
+        if( !pTabList->a[pLevel[-nOuter-1].iFrom].fg.fromExists ) break;
+        nOuter++;
       }
-      /* The common case: Advance to the next row */
-      if( pLevel->addrCont ) sqlite3VdbeResolveLabel(v, pLevel->addrCont);
+      testcase( nOuter>0 );
+      sqlite3VdbeAddOp2(v, OP_Goto, 0, pLevel[-nOuter].addrBrk);
+      VdbeComment((v, "EXISTS break"));
+    }
+    sqlite3VdbeResolveLabel(v, pLevel->addrCont);
+    if( pLevel->op!=OP_Noop ){
       sqlite3VdbeAddOp3(v, pLevel->op, pLevel->p1, pLevel->p2, pLevel->p3);
       sqlite3VdbeChangeP5(v, pLevel->p5);
       VdbeCoverage(v);
@@ -7455,10 +7461,11 @@ void sqlite3WhereEnd(WhereInfo *pWInfo){
         VdbeCoverage(v);
       }
 #ifndef SQLITE_DISABLE_SKIPAHEAD_DISTINCT
-      if( addrSeek ) sqlite3VdbeJumpHere(v, addrSeek);
+      if( addrSeek ){
+        sqlite3VdbeJumpHere(v, addrSeek);
+        addrSeek = 0;
+      }
 #endif
-    }else if( pLevel->addrCont ){
-      sqlite3VdbeResolveLabel(v, pLevel->addrCont);
     }
     if( (pLoop->wsFlags & WHERE_IN_ABLE)!=0 && pLevel->u.in.nIn>0 ){
       struct InLoop *pIn;
diff --git a/test/existsexpr.test b/test/existsexpr.test
index 38392b07f..28029359b 100644
--- a/test/existsexpr.test
+++ b/test/existsexpr.test
@@ -15,7 +15,6 @@ source $testdir/tester.tcl
 source $testdir/lock_common.tcl
 set testprefix existsexpr
 
-
 do_execsql_test 1.0 {
   CREATE TABLE x1(a, b, PRIMARY KEY(a)) WITHOUT ROWID;
   INSERT INTO x1 VALUES(1, 2), (3, 4), (5, 6);
@@ -477,4 +476,42 @@ catch { optimization_control db exists-to-join 0 }
 db cache flush
 do_execsql_test 9.6 $Q {{big string value}}
 
+#-------------------------------------------------------------------------
+reset_db
+
+do_execsql_test 10.0 {
+  CREATE TABLE t1(a);
+  CREATE TABLE x1(x);
+}
+
+do_execsql_test 10.1 {
+  SELECT EXISTS( SELECT 1 FROM t1 ) aaa FROM x1 WHERE aaa AND aaa
+}
+
+do_execsql_test 10.2 {
+  SELECT 
+    EXISTS( SELECT 1 FROM t1 ) aaa
+  WHERE (
+    SELECT 1 FROM x1 WHERE aaa AND aaa
+  );
+}
+
+# https://sqlite.org/forum/forumpost/2026-01-03T14:05:48z
+do_execsql_test 11.0 {
+  CREATE TABLE parent (id TEXT PRIMARY KEY);
+  CREATE TABLE child_a (id TEXT);
+  CREATE TABLE child_b (id TEXT);
+  INSERT INTO parent VALUES ('p1');
+  INSERT INTO child_a VALUES ('p1');
+}
+do_execsql_test 11.1 {
+  SELECT count(*), parent.id FROM parent
+   WHERE EXISTS (
+      SELECT 1 FROM child_a WHERE child_a.id = parent.id
+      UNION
+      SELECT 1 FROM child_b WHERE child_b.id = parent.id
+   )
+   GROUP BY id;
+} {1 p1}
+
 finish_test
diff --git a/test/fuzzcheck.c b/test/fuzzcheck.c
index d8dbf932d..a3377770a 100644
--- a/test/fuzzcheck.c
+++ b/test/fuzzcheck.c
@@ -1977,6 +1977,7 @@ int main(int argc, char **argv){
   int iSliceIdx = 0;           /* Only run the piece with this index */
 
   sqlite3_config(SQLITE_CONFIG_URI,1);
+  sqlite3_config(SQLITE_CONFIG_MEMSTATUS,1);
   registerOomSimulator();
   sqlite3_initialize();
   iBegin = timeOfDay();
diff --git a/test/sqlcipher-pragmas.test b/test/sqlcipher-pragmas.test
index 88cf71d5a..2ad946bd0 100644
--- a/test/sqlcipher-pragmas.test
+++ b/test/sqlcipher-pragmas.test
@@ -46,7 +46,7 @@ do_test verify-pragma-cipher-version {
     execsql {
         PRAGMA cipher_version;
     }
-} {{4.12.0 community}}
+} {{4.13.0 community}}
 db close
 file delete -force test.db
 
diff --git a/test/subquery2.test b/test/subquery2.test
index 8513dc75c..99a1e903f 100644
--- a/test/subquery2.test
+++ b/test/subquery2.test
@@ -215,4 +215,72 @@ do_execsql_test 5.1 {
   SELECT ( SELECT y FROM t2 WHERE x = y ORDER BY y, z) FROM t1;
 } {ALFKI ANATR}
 
+#-------------------------------------------------------------------------
+reset_db
+do_execsql_test 6.0 {
+  CREATE TABLE t1(x);
+  INSERT INTO t1 VALUES(1234);
+}
+
+do_execsql_test 6.1 {
+  SELECT DISTINCT 'string' FROM t1 LIMIT 1 OFFSET 5;
+}
+
+do_execsql_test 6.2 {
+  SELECT (
+      SELECT 'string' FROM t1 LIMIT 1 OFFSET 5
+  );
+} {{}}
+
+do_execsql_test 6.3 {
+  SELECT (
+      SELECT DISTINCT 'string' FROM t1 LIMIT 1 OFFSET 5
+  );
+} {{}}
+
+do_execsql_test 6.4 {
+  SELECT (
+      SELECT DISTINCT 'string' FROM t1 ORDER BY 1 LIMIT 1 OFFSET 5
+  );
+} {{}}
+
+do_execsql_test 6.5 {
+  SELECT (
+      SELECT 'string' FROM t1 ORDER BY 1 LIMIT 1 OFFSET 5
+  );
+} {{}}
+
+do_execsql_test 6.6 {
+  SELECT (SELECT DISTINCT x, x FROM t1 LIMIT 1 OFFSET 5)==(1234, 1234)
+} {{}}
+
+#-------------------------------------------------------------------------
+reset_db
+do_execsql_test 7.0 {
+  CREATE TABLE t1(x);
+  CREATE INDEX i1 ON t1(x);
+  INSERT INTO t1 VALUES(1234);
+}
+
+do_execsql_test 7.1 {
+  SELECT (
+    SELECT DISTINCT 'string' FROM t1 ORDER BY x LIMIT 1 OFFSET 5
+  );
+} {{}}
+
+do_execsql_test 7.2 {
+  DROP INDEX i1;
+  CREATE UNIQUE INDEX i1 ON t1(x);
+}
+
+do_execsql_test 7.3 {
+  SELECT (
+    SELECT DISTINCT x FROM t1 ORDER BY 1 LIMIT 1 OFFSET 5
+  );
+} {{}}
+
+do_execsql_test 7.4 {
+  SELECT (SELECT DISTINCT x FROM t1 ORDER BY +x LIMIT 1 OFFSET 0);
+} {1234}
+
 finish_test
diff --git a/test/zipfile.test b/test/zipfile.test
index 2b3be6278..9bb35ea5d 100644
--- a/test/zipfile.test
+++ b/test/zipfile.test
@@ -885,7 +885,10 @@ do_test 19.1 {
     INSERT INTO v0 DEFAULT VALUES;
   }
 } {}
+db close
 forcedelete zipfile19.zip
+sqlite3 db :memory:
+load_static_extension db zipfile
 
 #-------------------------------------------------------------------------
 do_catchsql_test 20.0 {
@@ -901,4 +904,8 @@ d42728f602000000020000000500ffff0000000000000000a4810000000068
 00000000',char(0x0a,0x0d)));
 } {1 {zip archive is corrupt}}
 
+# https://sqlite.org/forum/forumpost/2025-12-30T23:57:19z
+do_catchsql_test 20.2 {
+  SELECT * FROM zipfile(unhex('504b0304140000000000000000008b9ed9d30100000001000000010000007841504b01021e03140000000000000000008b9ed9d3010000000100000001001e000000000000000000a4810000000078504b050600000000010001002f000000200000000000'));
+} {1 {zip archive is corrupt}}
 finish_test