This is a wrong interpretation of the obvious solution, enforcing sane standards for the typical imperative patterns used and assuming feasibility of static analysis.
Programmer as user just makes sense once you've moved past punch cards to interactive IDEs. Everyone should have stopped using punch cards by now, but lo-and-behold this is still basically the standard in some outfits.
Right, but they almost certainly have on-hand a skilled reviewer that verifies that good-faith programmers haven't done anything incorrectly that would bork a machine.
... that step wouldn't constitute introducing an abstraction either.
Programmer as user just makes sense once you've moved past punch cards to interactive IDEs. Everyone should have stopped using punch cards by now, but lo-and-behold this is still basically the standard in some outfits.