- I would advice to configure a syslog server on the HA SSO pair on follow up on logs send to it and or related logs to the problem you are describing.

   2) Are the controllers any or both restarting too ? ; examine this for instance with : 
                         dir bootflash:/core/ | i core|system-report
                         show version | inc reload
     Make sure the commands can be executed  on both controllers  and or by enabling the standby console 

   3) Have   a checkup review of the (current active) controller configuration with the CLI command show tech wireless ; have the output analyzed with : https://cway.cisco.com/wireless-config-analyzer

   4) Test connectivity to the standby controller with the command : test wireless redundancy rping

   5) Have a test with increasing  https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/213915-configure-catalyst-9800-wireless-control.html#toc-hId-307825303
                 Verify changes with :  show chassis ha-status local

        6) A number of other related commands for  analyzing  and troubleshooting HA SSO :
show redundancy | i ptime|Location|Current Software state|Switchovers
show chassis
show chassis detail
show chassis ha-status local
show chassis ha-status active
show chassis ha-status standby
show chassis rmi
show redundancy
show redundancy history
show redundancy switchover history
show tech wireless redundancy
show redundancy states
show logging process stack_mgr internal to-file bootflash:

show platform hardware slot R0 ha_port interface stats
show platform hardware slot R0 ha_port sfp idprom (show details of SFP in SP , for fiber based redundancy link)

                Taking packet captures on the RP link
test wireless redundancy packetdump start
 or (test wireless redundancy packetdump start filter port <0-65535>)
test wireless redundancy packetdump stop
      
 show platform software stack-mgr chassis active R0 peer-timeout
show platform software stack-mgr chassis standby R0 peer-timeout
show platform software stack-mgr chassis active R0 sdp-counters
show platform software stack-mgr chassis standby R0 sdp-counters

show redundancy config-sync failures {bem|mcl|prc}
show redundancy config-sync historic mcl
show redundancy config-sync ignored failures historic mcl
show redundancy switchover history

 M.

how is your STP running, if the same Layer 2 working with 8540 controller, this is only issue Cat 9800 - then this could be the bug.

I have also seen this issue on 17.6.4, also ports go error disable randomly some time.

Post the complete output to the following command: 

1. dir
2. sh log on switch 1 up detail
3. dir flash-1:tracelogs/*.log

Not seeing this at all on 17.9.3 - 100% stable.
Look into why it's losing site of the gateway.  As per docs "The messages are sent at 1 second interval. If it takes 8 (or configured value) consecutive failures in reaching the gateway, the controller declares the gateway as non-reachable."
Check for control plane policing of ICMP/ARP or other QOS which might drop ARP/pings on gateway.
Check CPU on WLC and gateway.
Look for any packet drops on interfaces.

Hello there! where you able to solve this issue?