1) The frequence of choosing a password is not within the end-user's control, and hence has no impact on whether or not the end-user chooses to include special characters vs several simple words.
The vast majority of passwords and resets are controlled by the user. Websites do not often force people to reset passwords. In a corporate environment people will be forced to change passwords more frequently, sure. But email, 20 social networking sites, shopping sites, and even banks will typically not force a reset unless they've been compromised.
2) Protecting against a brute force attack does not, in any way, break protection against "informed statistical" attacks.
XKCD's shitty advice is protecting against brute force attacks by using length (even though in many cases the effective length is still limited to something stupid like 16 characters). By following XKCD's shitty advice, you open yourself up to statistical attacks - your search space is just a combination of a few words. People generally only use a few thousand words, and when you want them to be random about it they'll likely pick common ones, fairly short ones, mostly nouns, etc.
3) End-users do not typically know how many other people have chosen that same password, but can protect themselves against accidentally choosing a common password by doing exactly what the XKCD comic recommends (picking four random words and juxtaposing them). Just don't use the specific password chosen in the comic.
Humans are terrible at being random. Any magician, con-artist, or statistician will tell you that. The most commonly-picked "random" cards are the ace of spades and the queen of hearts, for example. The 4 "random" words scenario will give you a search space many orders of magnitude smaller than a good, traditional password.
4) Disallowing common passwords is not within the end-user's control. It is a good practice, but does not in any way change the password-selection logic that end users should use as per the XKCD comic.
The only contradictory point mentioned is the "change password strength meters", which might mean "require special characters and numbers," which is exactly what the comic demonstrates to offer no value. The intent here seems to be the avoidance of common passwords, and that can be done without forcing special characters, which makes passwords hard to memorize.
Disallowing common passwords is within the user's control. Don't use a fucking password you've heard of before. If your password manager, or a site, tells you that the password is shitty, maybe don't use it.
The XKCD comic is fucking wrong. Symbols, numbers, and capitalization, all increase the search space exponentially. Special characters do not make passwords harder to memorize. I find they make it easier. They provide a cadence in may of the passwords I use. Instead of just a slurry of letters, a password with digits or symbols is less likely to get twisted about in someone's mind. alhysuidopmnah will be subject to transposition on shit like the ui, mn. alhys5idop#nah doesn't have that problem, and is much easier to compartmentalize (alhys5 idop# nah). This may or may not be true for all users for fixed length (and it certainly depends on the specific password itself). Beyond that, for passwords of a given strength those with symbols and shit will be easier to memorize than those without, if only because they'll be much shorter.