z.rebalMu.Lock()
	if len(r.PoolStats) == len(z.serverPools) {
		z.rebalMeta = r
	} else {
		z.updateRebalanceStats(ctx)
	}
	z.rebalMu.Unlock()

	return nil
}

// updates rebalance.bin from let's say 2 pool setup in the middle
// of a rebalance, was expanded can cause z.rebalMeta to be outdated
// due to a missing new pool. This function tries to handle this
// scenario, albeit rare it seems to have occurred in the wild.

				errFileCorrupt,
			) {
				missingBlocks++
			}
		}

		// if missing metadata can be reconstructed, attempt to reconstruct.
		// additionally do not heal delete markers inline, let them be
		// healed upon regular heal process.
		if missingBlocks > 0 && missingBlocks < fi.Erasure.DataBlocks {
			globalMRFState.addPartialOp(partialOperation{
				bucket:    fi.Volume,
				object:    fi.Name,

		haddrs, err := globalDNSCache.LookupHost(ctx, host)
		if err == nil {
			for _, addr := range haddrs {
				addrs.Add(net.JoinHostPort(addr, globalMinioPort))
			}
		} else {
			// Unable to lookup host in 2-secs, let it fail later anyways.
			addrs.Add(globalMinioAddr)
		}
	} else {
		addrs.Add(globalMinioAddr)
	}
	return addrs.ToSlice()
}

var globalLoggerOutput io.WriteCloser

		// is not inlined to make sure we return correct errors
		// during HeadObject().

		// Healing must not come here and return error, since healing
		// deals with dataDirs directly, let healing fix things automatically.
		if lerr := Access(pathJoin(volumeDir, path, fi.DataDir)); lerr != nil {
			if os.IsNotExist(lerr) {
				// Data dir is missing we must return errFileCorrupted

	// accounts), STS accounts, internal IDP accounts, etc) with the
	// policy.UpdateServiceAccountAdminAction permission can update any service
	// account.
	//
	// 2. We would like to let a user update their own access keys, however it
	// is currently blocked pending a re-design. Users are still able to delete
	// and re-create them.
	if !globalIAMSys.IsAllowed(policy.Args{
		AccountName:     cred.AccessKey,

		index := index
		g.Go(func() error {
			return z.serverPools[index].Shutdown(ctx)
		}, index)
	}

	for _, err := range g.Wait() {
		if err != nil {
			storageLogIf(ctx, err)
		}
		// let's the rest shutdown
	}
	return nil
}

// Legacy returns 'true' if distribution algo is CRCMOD
func (z *erasureServerPools) Legacy() (ok bool) {
	ok = true
	for _, set := range z.serverPools {

				saveMRFToDisk()
			}
		}
	}
}

func (p *ReplicationPool) queueMRFSave(entry MRFReplicateEntry) {
	if !p.initialized() {
		return
	}
	if entry.RetryCount > mrfRetryLimit { // let scanner catch up if retry count exceeded
		atomic.AddUint64(&globalReplicationStats.mrfStats.TotalDroppedCount, 1)
		atomic.AddUint64(&globalReplicationStats.mrfStats.TotalDroppedBytes, uint64(entry.sz))
		return
	}

This release also introduces several vulnerability fixes:

*   Fixes an FPE in TFLite in conv kernel [CVE-2023-27579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27579)