I think I maybe saw this or a similar fault exactly *once* when I was hunting for alignment bugs on armv7. I think it might be possible that there's still specific link orders that tickle a bug somewhere.
Grabbed the bad snapshot and verified that it does crash for me on beaglebone black. Initial analysis: Crash happens in memcpy_fdestul (unaligned destination memcpy) inside cpu_fork(). I believe it is the *pcb = p1->p_addr->u_pcb line. I might try my JTAG interface later and see if I can grab an actual stack and sniff around a bit.
