diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c
index e6d3b87ed82a..2213944dbc47 100644
--- a/sys/kern/kern_ktrace.c
+++ b/sys/kern/kern_ktrace.c
@@ -1327,6 +1327,9 @@ ktrwrite(struct ktr_desc *ktd, struct ktrace_entry *kte)
 	struct ktr_header *kth;
 	file_t *fp = ktd->ktd_fp;
 	int error;
+
+	memset(&auio, 0, sizeof(auio));
+	memset(aiov, 0, sizeof(aiov));
 next:
 	auio.uio_iov = iov = &aiov[0];
 	auio.uio_offset = 0;
@@ -1361,11 +1364,15 @@ next:
 			    MAX(sizeof(kth->_v._v0), sizeof(kth->_v._v1));
 			break;
 		}
+		KASSERT(auio.uio_iovcnt < __arraycount(aiov));
+		KASSERT(iov < aiov + __arraycount(aiov));
 		iov->iov_base = (void *)kth;
 		iov++->iov_len = hlen;
 		auio.uio_resid += hlen;
 		auio.uio_iovcnt++;
 		if (kth->ktr_len > 0) {
+			KASSERT(auio.uio_iovcnt < __arraycount(aiov));
+			KASSERT(iov < aiov + __arraycount(aiov));
 			iov->iov_base = kte->kte_buf;
 			iov++->iov_len = kth->ktr_len;
 			auio.uio_resid += kth->ktr_len;
@@ -1375,6 +1382,7 @@ next:
 	    auio.uio_iovcnt < sizeof(aiov) / sizeof(aiov[0]) - 1);
 
 again:
+	KASSERT(auio.uio_iovcnt <= __arraycount(aiov));
 	error = (*fp->f_ops->fo_write)(fp, &fp->f_offset, &auio,
 	    fp->f_cred, FOF_UPDATE_OFFSET);
 	switch (error) {