What

Add `GUARDED_BY(_mutex)` to the protected members of `RollbackChecker` and `OplogFetcher`, and `REQUIRES(_mutex)` to private helpers that access them without acquiring the lock themselves. `RollbackChecker` is already patched (`_baseRBID`, `_lastRBID`, `_checkForRollback`, `_setRBID`); verify the build is clean. Apply the same pattern to the three `OplogFetcher` findings.

Files: `rollback_checker.h/.cpp` (CIDs 175176, 175076), `oplog_fetcher.cpp` (lines 361, 507, 720).

Resolves: SERVER-110703, SERVER-110882, SERVER-110035, SERVER-111631, SERVER-112316

Why

Incorrect rollback detection can leave a node with a diverged oplog — a durability hazard that is silent under normal operation. Because Coverity cannot be run locally, verifying that a code change actually resolves the finding requires waiting for a full scan. `GUARDED_BY` / `REQUIRES` annotations give the compiler the information it needs to enforce the locking contract continuously: a clean build proves the fix is complete, and any future change that reintroduces an unguarded access on these variables is caught immediately.