SKETCH OF HOW RESEARCH MIGHT CONTINUE AND RESULTS BE PRESENTED

SUPERFETCH_INFORMATION

The SUPERFETCH_INFORMATION structure is produced as output or expected as input by the functions

respectively, when given the information classes SystemPrefetcherInformation (0x38) and SystemSuperfetchInformation (0x4F).

Documentation Status

The SUPERFETCH_INFORMATION structure is not documented. Microsoft’s name for it is known from symbol files for user-mode modules that use it, notably WDC.DLL and TASKMGR.EXE, and happen to have C++ names that show the structure’s name. Even these symbol files do not have type information for the structure.

Layout

The SUPERFETCH_INFORMATION is 0x14 or 0x20 bytes in 32-bit and 64-bit Windows, respectively.

Offset (x86) Offset (x64) Size Description
0x00 0x00 dword 0x01 for SystemPrefetcherInformation;
0x2D for SystemSuperfetchInformation
0x04 0x04 dword 0x6B756843, presumably as signature
0x08 0x08 dword Superfetch information class
0x0C 0x10 pointer address of information
0x10 0x18 dword size, in bytes, of information

The structure is thus a carrier of information whose interpretation varies according to the information class. The many cases are presently beyond the scope of this review, which likely will never be anything but a placeholder.

This page was created on 30th July 2016 but was not published until 25th October 2016.

Copyright © 2016. Geoff Chappell. All rights reserved. Conditions apply.