Hmm, it seems you actually agree with the OP:

OP says (your quote):

> [Most production incidents] are due to the code entering a state that should never have been possible.

You say:

> [...] it is more true that most production incidents are due to the system entering into one of thousands of unsafe states which were possible and latent in production potentially for years

I see you both agree that a broken system enters an "unsafe state" (your words) or a "state that should never have been possible" (OP's words).

"Unsafe state" and "state that should not have been possible" are, in practice in a real system, the same practical thing. I suspect you both would agree "system confuses a string for an integer and acts based on erroneous value" or "system acts on internal state that indicates the valve is both open and closed" would be states that a system should not be in. Outside pedantry, your descriptions are practically synonymous with each other.