Description:
NOTE: This bug was found trough code analyzes under development.
As far as we know, this was never seen in production.

-----------------------------------------------

When the plugin is uninstalled look at the execution order on 

  int plugin_group_replication_deinit

See that the channel observation manager is deleted 

  if (channel_observation_manager != NULL)
  {
    delete channel_observation_manager;

And then the observer is unregistered 

  if (unregister_binlog_transmit_observer(&binlog_transmit_observer, p))
  {
    log_message(MY_ERROR_LEVEL,
                "Failure when unregistering the binlog state observers");

So, the problem is, that if hooks are being invoked from this observer, it can met a null pointer 
The code does offer basic protection with 

  if (channel_observation_manager == NULL)

but note that in concurrency scenarios this is not enough.  

How to repeat:
No information here, since this bug was seen trough code analyzes.

In theory one could devise a test where a slave event is triggered and it invokes the plugin hook 
The code should pass the 
  if (channel_observation_manager == NULL)
and block there

Now uninstall the plugin and unblock. In theory it should segfault.

Suggested fix:
Change the order:
Unregister first and then delete the observation manager

NOTE: this assumes that the unregister method guarantees that no observer is informed after it something that may no be true if the observer is already being called....
The developer should check this with servgen

Posted by developer:
 
Thanks for noting this was not seen in production. Closing without change log entry.

Fixed on 5.7.22/8.0.11

Reclosing.

Reclosing.