Some of the system call arguments have useful information; they're not just pointing to a memory address.
Some are necessary in order to determine what syscall was performed. For IPC syscalls, a0 indicates which of the IPC calls was executed.
linux-audit-bounces redhat com wrote on 03/25/2005 03:32:37 PM:
> System call arguments are pretty useless unless you're in a process where the
> memory addresses are still valid (like a testcase). Would it be useful to
> put an option in at a later date that allows you to dump arguments as human
> Linux-audit mailing list
> Linux-audit redhat com