From 7df1c4fef4801e4adefde5c314a1f7fc49e432bf Mon Sep 17 00:00:00 2001
From: David Allison <62114487+david-allison@users.noreply.github.com>
Date: Sat, 30 May 2026 06:53:38 +0100
Subject: [PATCH] Kotlin: Fix findTopLevelPropertyOrWarn for K2

`Receiver::class.java` resolves differently from K1:

K1: getJavaClass(KClass) - value argument
K2: KClass.<get-java>() - property receiver

This caused the lookup to fail, so
`Intent(context, Receiver::class.java)` dropped the second argument.

log:
"Couldn't find JVM intrinsic property kotlin.jvm java in kotlin.jvm.JvmClassMappingKt"

This caused false positives in `java/android/implicit-pendingintents`

The fix mirrors 5c36e63dfe3fa2c582495d458f0201f5a408860a

Fixes #20153
Assisted-by: Claude Opus 4.8 - diagnostics & initial fix
---
 .../src/main/kotlin/KotlinFileExtractor.kt             |  7 ++++++-
 .../change-notes/2026-05-30-kclass-java-arg-k2-fix.md  |  4 ++++
 .../test-kotlin2/library-tests/kclass-java-arg/Test.kt | 10 ++++++++++
 .../test-kotlin2/library-tests/kclass-java-arg/options |  1 +
 .../library-tests/kclass-java-arg/test.expected        |  1 +
 .../test-kotlin2/library-tests/kclass-java-arg/test.ql |  5 +++++
 6 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100644 java/ql/lib/change-notes/2026-05-30-kclass-java-arg-k2-fix.md
 create mode 100644 java/ql/test-kotlin2/library-tests/kclass-java-arg/Test.kt
 create mode 100644 java/ql/test-kotlin2/library-tests/kclass-java-arg/options
 create mode 100644 java/ql/test-kotlin2/library-tests/kclass-java-arg/test.expected
 create mode 100644 java/ql/test-kotlin2/library-tests/kclass-java-arg/test.ql

diff --git a/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt b/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt
index 1c2ed959caf2..79e6ce731202 100644
--- a/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt
+++ b/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt
@@ -3903,7 +3903,12 @@ open class KotlinFileExtractor(
 
         val prop =
             getPropertiesByFqName(pluginContext, propertyPkg, propertyName)
-                .firstOrNull { it.owner.parentClassOrNull?.fqNameWhenAvailable?.asString() == type }
+                .firstOrNull {
+                    val owner = it.owner
+                    owner.parentClassOrNull?.fqNameWhenAvailable?.asString() == type ||
+                        (owner.parent is IrExternalPackageFragment &&
+                            getFileClassFqName(owner)?.asString() == type)
+                }
                 ?.owner
 
         if (prop != null) {
diff --git a/java/ql/lib/change-notes/2026-05-30-kclass-java-arg-k2-fix.md b/java/ql/lib/change-notes/2026-05-30-kclass-java-arg-k2-fix.md
new file mode 100644
index 000000000000..5a51d3919801
--- /dev/null
+++ b/java/ql/lib/change-notes/2026-05-30-kclass-java-arg-k2-fix.md
@@ -0,0 +1,4 @@
+---
+category: majorAnalysis
+---
+* Fixed an issue where `Foo::class.java` arguments were dropped during extraction under the Kotlin K2 compiler, which could cause false positives in queries such as `java/android/implicit-pendingintents`.
\ No newline at end of file
diff --git a/java/ql/test-kotlin2/library-tests/kclass-java-arg/Test.kt b/java/ql/test-kotlin2/library-tests/kclass-java-arg/Test.kt
new file mode 100644
index 000000000000..c3bfc80fd03e
--- /dev/null
+++ b/java/ql/test-kotlin2/library-tests/kclass-java-arg/Test.kt
@@ -0,0 +1,10 @@
+class Target
+
+class KClassJavaArg {
+    fun consume(c: Class<*>) {}
+
+    fun test() {
+        // `Target::class.java` must be extracted as the argument to `consume`.
+        consume(Target::class.java)
+    }
+}
diff --git a/java/ql/test-kotlin2/library-tests/kclass-java-arg/options b/java/ql/test-kotlin2/library-tests/kclass-java-arg/options
new file mode 100644
index 000000000000..fad4721475b7
--- /dev/null
+++ b/java/ql/test-kotlin2/library-tests/kclass-java-arg/options
@@ -0,0 +1 @@
+// codeql-extractor-kotlin-options: -language-version 2.0 -api-version 2.0
diff --git a/java/ql/test-kotlin2/library-tests/kclass-java-arg/test.expected b/java/ql/test-kotlin2/library-tests/kclass-java-arg/test.expected
new file mode 100644
index 000000000000..7410c1676f77
--- /dev/null
+++ b/java/ql/test-kotlin2/library-tests/kclass-java-arg/test.expected
@@ -0,0 +1 @@
+| consume | Class<Target> |
diff --git a/java/ql/test-kotlin2/library-tests/kclass-java-arg/test.ql b/java/ql/test-kotlin2/library-tests/kclass-java-arg/test.ql
new file mode 100644
index 000000000000..e4b98d76d1cd
--- /dev/null
+++ b/java/ql/test-kotlin2/library-tests/kclass-java-arg/test.ql
@@ -0,0 +1,5 @@
+import java
+
+from MethodCall mc, Argument arg
+where mc.getMethod().hasName("consume") and arg = mc.getAnArgument()
+select mc.getMethod().getName(), arg.getType().getName()