I expect the hash test is first is to avoid unnecessary resource consumption. If the hash of the public key doesn't match, it won't even try to verify the signature.

If two public keys can share an address, a signature from the respective private key is still required to actually spend funds, no?

P2SH might be worse off because of HASH160. P2PKH still requires an OP_CHECKSIG, whereas if you find a script tailored to you that collides with a script-hash address, you could spend those funds using your version of the script. Either case still requires a SHA256 collision however, making this prospect unlikely.