IMPALA-4497 and KUDU-1749 we discovered that Impala is not calling sasl_set_mutex to provide SASL with some mutex implementation. This may expose Impala to races in the sasl code which indicates it is not thread safe. This has likely always been missing, and we're not aware of any issues caused by it, but as Kudu is now using sasl as well this may be more important for the Impala daemon to protect itself (i.e. even if Impala's usage is safe, possibly Kudu client's usage of sasl may expose races more).
We may be able to use Kudu's implementation: