Index: sys/kern/kern_proc.c
===================================================================
RCS file: /cvsroot/src/sys/kern/kern_proc.c,v
retrieving revision 1.209
diff -u -r1.209 kern_proc.c
--- sys/kern/kern_proc.c	30 Nov 2017 18:44:16 -0000	1.209
+++ sys/kern/kern_proc.c	9 Mar 2018 19:03:15 -0000
@@ -1624,7 +1624,7 @@
 		struct kinfo_proc kproc;
 		struct kinfo_proc2 kproc2;
 	} *kbuf;
-	struct proc *p, *next, *marker;
+	struct proc *p, *next, *marker0, *marker;
 	char *where, *dp;
 	int type, op, arg, error;
 	u_int elem_size, kelem_size, elem_count;
@@ -1670,15 +1670,19 @@
 	sysctl_unlock();
 
 	kbuf = kmem_alloc(sizeof(*kbuf), KM_SLEEP);
+	marker0 = kmem_alloc(sizeof(*marker0), KM_SLEEP);
+	marker0->p_flag = PK_MARKER;
 	marker = kmem_alloc(sizeof(*marker), KM_SLEEP);
 	marker->p_flag = PK_MARKER;
 
 	mutex_enter(proc_lock);
 	mmmbrains = false;
+	LIST_INSERT_HEAD(&zombproc, marker0, p_list);
 	for (p = LIST_FIRST(&allproc);; p = next) {
 		if (p == NULL) {
 			if (!mmmbrains) {
-				p = LIST_FIRST(&zombproc);
+				p = LIST_NEXT(marker0, p_list);
+				LIST_REMOVE(marker0, p_list);
 				mmmbrains = true;
 			}
 			if (p == NULL)
@@ -1835,6 +1839,8 @@
 	}
 	if (kbuf)
 		kmem_free(kbuf, sizeof(*kbuf));
+	if (marker0)
+		kmem_free(marker0, sizeof(*marker0));
 	if (marker)
 		kmem_free(marker, sizeof(*marker));
 	sysctl_relock();
@@ -1845,10 +1851,14 @@
 	else
 		rw_exit(&p->p_reflock);
  cleanup:
+	if (!mmmbrains)
+		LIST_REMOVE(marker0, p_list);
 	mutex_exit(proc_lock);
  out:
 	if (kbuf)
 		kmem_free(kbuf, sizeof(*kbuf));
+	if (marker0)
+		kmem_free(marker0, sizeof(*marker0));
 	if (marker)
 		kmem_free(marker, sizeof(*marker));
 	sysctl_relock();