Quite the contrary. Please make the distinction between actual metastability and other clock domain crossing issues, such as sampling the same async signal with two different flip flops.
In the rest of your post (snipped) you didn't even seem to acknowledge that there are other types of clock domain crossing issues that aren't related to metastability.
The first point of my post was that metastability is easy to deal with
- just add another flip flop and leave enough timing slack to get whatever MTBF you want. (I know from some of my designs that unless you have clock rates of more than a few hundred MHz, it isn't hard to get failure rates of < 1 metastability-related failure in the lifetime of the product.)
The other point of my post was that because everyone has heard of metastability and that it's usually easy to deal with - just add flip flops and some timing slack - it gets taken into account in designs and doesn't actually cause a lot of bugs. Instead, actual bugs related to clock domain crossings are mostly caused by things not related to metastability. (I'm sure you could list a few. I'll see if I can dig up a copy of the training material I wrote which describes the most common errors.)
Also, please bear in mind that I was quoting the results of actual research on fielded product designs.
Regards, Allan