Proof

I used the numbers for ECC-detected correctable errors (which should be harmless) from https://research.google.com/pubs/pub35162.html , but that seems to indicate detectable uncorrectable errors are only ~40 times rarer. Presumably some undetectable multi-bit errors are possible in ECC too, though very much rarer again. But still astronomically more likely than an accidental hash collision.

The point is that you can't practically divide algorithms into "definitely correct" vs "probably correct but relies on being lucky" - everything running on hardware has some non-zero chance of giving the wrong result. Instead you need to look at how close to zero those chances are, and divide them into "absurdly unlikely to ever fail even if every computer in the world runs this algorithm for a million years" vs "might actually fail in practice", and a non-broken hash function fits into the first category. (memcmp on a system with ECC RAM probably goes in the first category too, but memcmp without ECC probably doesn't.)

(This is separate from the issue that non-broken hash functions have a tendency to become broken hash functions after a few decades. Any system that's designed to use a secure hash ought to be designed to migrate cleanly to a new hash function in the future.)