Software bloat leads to functional degradation and security vulnerabilities, yet existing debloating techniques struggle to simultaneously preserve functionality and ensure security. This paper proposes LEADER, a novel framework that first leverages large language models (LLMs) for documentation understanding and test generation to guarantee functional equivalence post-debloating; it then integrates neuro-symbolic program analysis with a multi-expert collaborative decision-making mechanism to achieve security-aware code reduction. Its key innovations include: (i) the first documentation-guided test augmentation strategy, and (ii) the pioneering use of LLMs as a core reasoning engine for joint functional-safety optimization—overcoming the overfitting limitations of traditional input-dependent approaches. Evaluated on mainstream benchmarks, LEADER achieves a 23.7% higher functionality retention rate and a 68.4% lower security vulnerability introduction rate compared to the state-of-the-art tool CovA, attaining a Pareto-optimal trade-off between functionality and security.

As software grows in complexity to accommodate diverse features and platforms, software bloating has emerged as a significant challenge, adversely affecting performance and security. However, existing approaches inadequately address the dual objectives of debloating: maintaining functionality by preserving essential features and enhancing security by reducing security issues. Specifically, current software debloating techniques often rely on input-based analysis, using user inputs as proxies for the specifications of desired features. However, these approaches frequently overfit provided inputs, leading to functionality loss and potential security vulnerabilities. To address these limitations, we propose LEADER, a program debloating framework enhanced by Large Language Models (LLMs), which leverages their semantic understanding, generative capabilities, and decision-making strengths. LEADER mainly consists of two modules: (1) a documentation-guided test augmentation module designed to preserve functionality, which leverages LLMs to comprehend program documentation and generates sufficient tests to cover the desired features comprehensively, and (2) a multi-advisor-aided program debloating module that employs a neuro-symbolic pipeline to ensure that the security of the software can be perceived during debloating. This module combines debloating and security advisors for analysis and employs an LLM as a decision-maker to eliminate undesired code securely. Extensive evaluations on widely used benchmarks demonstrate the efficacy of LEADER. These results demonstrate that LEADER surpasses the state-of-the-art tool CovA in functionality and security. These results underscore the potential of LEADER to set a new standard in program debloating by effectively balancing functionality and security.