Is there a standard way to prohibit reading (via assignment) of a variable?

Question

It is known and useful features that:

• const type qualifier prohibits writing (modification) of a variable
• register storage-class specifier prohibits taking address of a variable

However, is there a standard way to prohibit reading (via assignment) of a variable?

For example, for such variable only writing and/or taking address is permitted.

Reason of the question: need to conditionally prohibit reading (via assignment) of some variable. Does the language provide any way to do it? If no, then why?

UPD. Readers may be interested as well: C: check at compile time or at run time that variable has static storage-class specifier.

Answer 1

No, not as far as I know.

I don't know why, one reason might be that it's something that is only fantastically rarely useful. You (in my opinion) don't actually explain why you want this, which further emphasizes that's a rather convoluted/weird thing to want.

Answer 2

It is known and useful features that:

• const type qualifier prohibits writing (modification) of a variable

Yes.

• register storage-class specifier prohibits taking address of a variable

True, but that's not the primary purpose of the register storage class.

However, is there a standard way to prohibit reading (via assignment) of a variable?

I take it that you want to forbid ...

_Write_only int x = 1;
int y = x;

... but no, there is no way to do that. If you have an lvalue expression designating an existing object, such as is required to set the value of that object, then that expression can be used to read the current value of the object, too.

Reason of the question: need to conditionally prohibit reading (via assignment) of some variable.

That's not much of a reason. You seem to just be saying, "I need it because I need it."

Does the language provide any way to do it? If no, then why?

If by "why" you are asking for us to support our answers, then I refer you to paragraph 6.3.2.1/2 of the standard, where you will find this:

Except when it is the operand of the sizeof operator, the _Alignof operator, the unary & operator, the ++ operator, the -- operator, or the left operand of the . operator or an assignment operator, an lvalue that does not have array type is converted to the value stored in the designated object (and is no longer an lvalue)

That does not leave any room for the kind of semantics you asked about.

If you mean something else by the "why" question then we can only speculate, but I don't personally find the situation in any way surprising. In particular, I don't find the existence of const and register as suggesting that there should be a qualifier with the effect you describe.

---

If you want an object that can only be written, not read, by a piece of code X then you can declare it outside the scope of X and with linkage that does not afford access from X, and provide a function that X can call to modify the object's value. For example, the object might be declared static at file scope in a different translation unit, with an external writer function declared in that unit:

static int protected;

void set_protected(int value) {
    protected = value;
}

Code in other translation units could then use the function to set the variable's value, but could not access the object directly to read its value.

Note well that that all goes out the window if you allow X to get the address of the protected object, as that can be dereferenced to gain access.

Answer 3

You need to hide your variables from the program code

#define CREATE_PROTECTED(var, type, val) type set_##var(type v){static type var = val; return var;}
#define GET(var) set_##var(val)

CREATE_PROTECTED(myvar, size_t, 500);

size_t foo(void)
{
    return GET(myvar)
}