If we do a replSetGetStatus with getLastStableRecoveryTimestamp, we can access storage with no lock; this races with shutdown. File Copy Based Initial Sync makes this much more likely to happen (by shutting down storage in times other than shutdown)

https://github.com/10gen/mongo/blob/02add56a2100bef135281938a0cadaf374279f03/src/mongo/db/repl/repl_set_commands.cpp#L138

We should fix by doing what we do in curop

http://morningstar/mongodb/source/src/mongo/db/curop.cpp#460

Try to take a global lock with a very short timeout; if we don't get it, just return that we have no stable recovery timestamp.

We might also consider dasserts or invariants in the storage interface for this and similar cases; however, some of the routines take ServiceContext and not OperationContext and so don't have access to the locker.