There is a bug in kvm_getcmd(3) which occurs when the arguments for a command
contain an '=', or if an '=' in the environment is removed.  In user space,
command arguments are laid out like this:

a r g 0 '\0' a r g 1 '\0' ... e n v 1 = e n v '\0' e n v 2 = e n v ...

The only way to tell where the arguments end and the environment begins is to
look for arguments which contain '=', or environment strings which don't.  Most
programs used to use the first approach.  The libkvm library uses the latter,
and gets it wrong if it sees a '=' in any strings before the last string
which doesn't have one.  The korn shell nulls out some '=' in it's environment,
and if you have it, it's the most noticable tickler of this bug.  But even if
you don't, you can tickle it with "vi a=b c".

Here's the fix.  You could probably patch the binary to ignore the
"&& (argd.cnt == 0)" test, which will cause slightly incorrect results,
but ones a bit closer to the truth.  Just search for "\0=" in the
library, and look past it a bit.

*** /tmp/,RCSt1a01687	Wed Sep 28 01:50:36 1988
--- kvmgetcmd.c	Mon Aug 29 23:23:43 1988
***************
*** 141,150 ****
  			if (*cp == '=')
  				eqseen++;
  			if (*cp-- == '\0') {
! 				if (eqseen && (argd.cnt == 0)) {
  					envd.cnt++;
  					envd.sp = Uvaddr(cp+2);
  					eqseen = 0;
  				} else {
  					argd.cnt++;
  				}
--- 141,154 ----
  			if (*cp == '=')
  				eqseen++;
  			if (*cp-- == '\0') {
! 				if (eqseen) {
  					envd.cnt++;
  					envd.sp = Uvaddr(cp+2);
  					eqseen = 0;
+ 					if (argd.cnt != 0) {
+ 						envd.cnt += argd.cnt;
+ 						argd.cnt = 0;
+ 					}
  				} else {
  					argd.cnt++;
  				}
