it's possible that someone uses the same ~/.gnupg with 1.4.x and 2.1.x.
if they use a secret key with 2.1.x then ~/.gnupg/.gpg-v21-migrated will be created.
if they subsequently generate new secret key material with 1.4.x, secring.gpg
will be updated, but subsequent uses of 2.1.x won't see that secret key material.
g10/migrate.c could improve this situation by comparing the timestamps between
.gpg-v21-migrated and secring.gpg, and re-attempting the migration if secring is
newer.