Geoff Chappell, Software Analyst
SKETCH OF HOW RESEARCH MIGHT CONTINUE AND RESULTS BE PRESENTED
The SUPERFETCH_INFORMATION structure is produced as output or expected as input by the functions
respectively, when given the information classes SystemPrefetcherInformation (0x38) and SystemSuperfetchInformation (0x4F).
The SUPERFETCH_INFORMATION structure is not documented. Microsoft’s name for it is known from symbol files for user-mode modules that use it, notably WDC.DLL and TASKMGR.EXE, and happen to have C++ names that show the structure’s name. Even these symbol files do not have type information for the structure.
The SUPERFETCH_INFORMATION is 0x14 or 0x20 bytes in 32-bit and 64-bit Windows, respectively.
|Offset (x86)||Offset (x64)||Size||Description|
|0x00||0x00||dword||0x01 for SystemPrefetcherInformation;
0x2D for SystemSuperfetchInformation
|0x04||0x04||dword||0x6B756843, presumably as signature|
|0x08||0x08||dword||Superfetch information class|
|0x0C||0x10||pointer||address of information|
|0x10||0x18||dword||size, in bytes, of information|
The structure is thus a carrier of information whose interpretation varies according to the information class. The many cases are presently beyond the scope of this review, which likely will never be anything but a placeholder.