(setf fdefinition) and (setf symbol-function) are type-unsafe

CLHS for System Class FUNCTION says "Thus, an ftype declaration for a function describes calls to the function, not the actual definition of the function."

Earlier in the same page, it says "The list form of the function type-specifier can be used only for declaration and not for discrimination."

On the whole, the MOST that I would expect here is an error that (128) is not of type STRING, signaled from FOO, and that's more a matter of not intrinsically believing FTYPE declarations than (SETF FDEFINITION) or (SETF SYMBOL-FUNCTION) not being typesafe.

Actually, let's go a step further here: (lambda (x) (if (integerp x) (logand x 31) (car x))) has type (function ((or integer list)) (values t)). It may be used when a (function (integer) (values (mod 32))) is expected with no problem. But (lambda (x) (if (integerp x) (code-char x) (car x))) also has type (function ((or integer list)) (values t)), and clearly may NOT be used in such a situation. This is not the line of argument from CLHS, but does demonstrate the utter futility of expecting any serious level of "type safety" from (setf fdefinition) or (setf symbol-function) beyond simply ensuring that the value is a subtype of FUNCTION.

Can we redefine this in terms of the default policy and trust in FTYPE declarations at the call site, rather than in terms of the FDEFINITION and SYMBOL-FUNCTION accessors, or simply declare the bug to be invalid?

highly important but open for 9 years? Not really. Decreasing to "medium" importance.