krun.pro
 [ don’t_write_code_you_can’t_maintain ] [clean_code]
If you can't control the memory, you don't control the performance.

AI-Generated Kotlin: Semantic Drift and Production Risks

AI-generated Kotlin is a double-edged sword that mostly cuts the person holding it. In 2026, we have moved past simple syntax errors; models now spit out perfectly idiomatic code that compiles without a single lint warning. But this clean output is exactly where the danger lies.

 

Kotlins strong type system and null safety, designed to protect developers, now serve as camouflage for semantic drift. You get a repository layer that looks textbook-perfect, but beneath the surface, business invariants are being quietly slaughtered.

If you are merging AI-generated scaffolding without a deep dive into the logic, you are not accelerating—you are just accumulating invisible debt that will detonate during the first high-load event.

// Typical AI "Safe" Default that ruins domain logic
data class Order(val id: String, val amount: Double?, val currency: String?)

fun processOrder(order: Order) {
val total = order.amount ?: 0.0 // Corrupts state if amount is missing
val currency = order.currency ?: "USD" // Assumes intent, hides upstream bug
println("Charging $total $currency")
}

The most common trap is the Safe Default illusion. AI models hate returning errors. When they encounter a nullable field in a domain model, they instinctively fix it with a fallback value. It looks idiomatic, but it silently corrupts the data state.

You see a concise elvis operator; the production database sees a corrupted record where a missing price becomes zero, and a missing user ID becomes an empty string. This gives a false sense of security while business logic quietly breaks. Mid-level developers often merge this thinking it is clean, while the systems integrity slowly erodes.

Coroutine Hazards and Lifecycle Leaks

Kotlin Coroutines are the favorite playground for AI-generated disasters. Models have learned the syntax of suspend, but they completely fail to grasp structured concurrency and lifecycle contracts. It is common to see AI launching jobs in GlobalScope or using runBlocking in places that block the Dispatchers.Main. Syntactically, it is fine. In a small test, it works.

In a production KMP app, it leads to non-deterministic crashes and memory leaks that are a nightmare to debug. AI treats concurrency as a way to make things fast, ignoring the fact that unmanaged scopes are a one-way ticket to an unstable heap.

// AI-generated concurrency mess: No supervision, Main thread risk
fun syncDashboard(userId: String) = CoroutineScope(Dispatchers.Main).launch {
val profile = async { api.getProfile(userId) } // No supervisorScope
val settings = async { api.getSettings(userId) }

// If profile fails, settings is cancelled, and the whole scope dies
updateUI(profile.await(), settings.await()) 
}

The real mess happens with exception propagation. AI loves to use async/await without a supervisorScope. When one network call fails, it cancels the entire parent scope, taking down unrelated tasks and leaving the UI in a hung state. The compiler wont save you here—you need to know how the Coroutine stack behaves under pressure. If you are not manually enforcing supervision, your AI-generated concurrency is just a collection of race conditions waiting to happen.

Architectural Friction and Layer Lasagna

AI models are trained on textbook examples, which makes them obsessed with Clean Architecture to a fault. Ask an AI to implement a simple feature, and it will generate an interface, an implementation, a repository, a use case, and a DTO mapper. For a simple GET request, this is pure architectural friction.

This over-engineering adds zero functional value but increases cognitive load for every human developer who has to touch the code later. You end up with a Layer Lasagna where finding the actual business logic feels like an archeological dig.

// Over-engineered AI scaffolding for a simple fetch
interface UserFetcher { fun fetch(id: String): User? }
class UserRepoImpl(private val api: Api) : UserFetcher {
override fun fetch(id: String) = api.getUser(id)
}
// This indirection adds 0% value and 100% maintenance cost

The problem is that AI doesnt feel the pain of maintenance. It doesnt care that refactoring a single field now requires changing five different files. Senior developers should be pruning these redundant abstractions, but mid-levels often merge them because they look professional. If your use case just calls a repository which just calls an API, delete it. Your code should solve problems, not satisfy a pattern-matching algorithm that thinks more layers equals more quality.

Sealed Class Hallucinations

Sealed classes and when expressions are Kotlins crown jewels, but AI uses them like a blunt instrument. It often generates impossible states—branches that should never exist according to business rules. AI simply reproduces patterns seen in training sets. A developer sees neat and idiomatic code, but in reality, the domain logic is compromised. Impossible defaults or hallucinated states can lead to silent skips in processing, resulting in runtime inconsistencies that appear only under specific conditions.

sealed class OpResult {
data class Success(val data: String): OpResult()
data class Failure(val error: Throwable): OpResult()
object Loading: OpResult()
object Unknown: OpResult() // AI-added impossible default state
}

Using such hierarchies without rigorous manual review allows invalid states to trigger downstream failures. Business invariants are violated whenever these AI defaults execute, debugging such invisible issues consumes hours or days. The model does not understand the domain; it only understands the syntax of the sealed hierarchy. This gap is where high-severity bugs hide in plain sight.

Serialization and DTO Failures

When it comes to kotlinx.serialization or Moshi, AI frequently ignores the strictness of the configuration. It generates DTOs that assume every field is present, or it forgets to handle optionality correctly at the module boundary. This leads to runtime exceptions during JSON parsing that never showed up during local development. Because AI-generated tests usually focus on the happy path, the fragile nature of the serialization layer remains hidden until it hits a real-world API response with missing or unexpected fields.

// Fragile AI-generated DTO: missing @Serializable or optional handling
data class UserDto(val id: String, val email: String)

fun parseUser(json: String) {
// If 'email' is missing in JSON, this crashes at runtime
val user = Json.decodeFromString(json)
}

Every DTO generated by AI requires a check for field optionality and explicit default handling. Relying on the model to know which fields are nullable in the external API is a mistake that leads to production instability. The safety of Kotlin is negated when the boundary between the network and the domain is built on AI-generated assumptions.

Dependency Injection and Scope Mismatch

AI models often fail to grasp the nuances of DI scopes in Dagger, Hilt, or Koin. It is common to see the model suggest a Singleton scope for a stateful repository that should be tied to a specific session or ViewModel. This results in memory leaks and shared-state bugs that are incredibly difficult to reproduce. The code compiles and the dependency is injected, but the underlying lifecycle is completely broken. Without human oversight of the DI graph, AI output can quietly destabilize the entire application architecture.

// Koin example: AI might wrongly suggest 'single' for stateful components
val appModule = module {
single { UserSession() } // Should likely be 'scoped' or 'factory'
}

Mismatched scopes are silent killers in large Kotlin projects. They dont cause crashes immediately; instead, they create weird, non-deterministic behavior where data from one user session bleeds into another. Only rigorous human architectural review can ensure that the DI graph matches the actual project lifecycle requirements.

The Final Cost of Blind Trust

Senior developers ask how AI output can break systems; mid-level developers ask how to generate code faster. The difference defines technical maturity. AI accelerates scaffolding but magnifies the impact of hidden mistakes. Every unchecked elvis operator, unmanaged coroutine scope, or redundant interface is a piece of technical debt that you will eventually have to pay for with interest. High-quality Kotlin development in the age of AI requires more scrutiny, not less. If you merge without thinking, you own the inevitable failure.

fun executeOrderSafely(order: Order?) {
if(order == null) throw IllegalStateException("Order missing")
// Explicit validation is required to fix AI-generated drift
validate(order)
process(order)
}

Kotlins safety features are a tool, not a guarantee. They mitigate surface-level syntax issues, but domain logic, concurrency contracts, and architectural integrity remain the sole responsibility of the human developer. Rigorous review, targeted stress testing, and a healthy dose of skepticism are the only ways to make AI-generated Kotlin survive in a production environment. Use AI to draft, but use your brain to merge.

Written by: