This seems to be another example of the race I found a couple of days ago, although it looks like it has very low probability of hitting.

In passdb/pdb_smbpasswd.c:do_file_lock we see:

static bool do_file_lock(int fd, int waitsecs, int type)
{
        SMB_STRUCT_FLOCK lock;
        int             ret;
        void (*oldsig_handler)(int);

        gotalarm = 0;
        oldsig_handler = CatchSignal(SIGALRM, SIGNAL_CAST gotalarm_sig);

        lock.l_type = type;
        lock.l_whence = SEEK_SET;
        lock.l_start = 0;
        lock.l_len = 1;
        lock.l_pid = 0;

        alarm(waitsecs);
        /* Note we must *NOT* use sys_fcntl here ! JRA */
        ret = fcntl(fd, SMB_F_SETLKW, &lock);
        alarm(0);
        CatchSignal(SIGALRM, SIGNAL_CAST oldsig_handler);

        if (gotalarm) {
                DEBUG(0, ("do_file_lock: failed to %s file.\n",
                        type == F_UNLCK ? "unlock" : "lock"));
                return False;
        }

        return (ret == 0);
}

The lock can be granted but if the timeout occurs before we are scheduled, we have the lock but think we don't.

This is in at least 3.2.0 and 3.0.21.

Solution seems to be to change:

-        if (gotalarm) {

to

+        if (gotalarm && (ret != 0)) {