ci: added fuzz centipede

.github/workflows/ci.yml

@@ -607,3 +607,93 @@ jobs:
             CIRRUS_PR_FLAG="-e CIRRUS_PR=1"
           fi
           docker run --rm $CIRRUS_PR_FLAG -v "$(pwd)":/bitcoin "$CONTAINER_NAME"
+
+  fuzz-centipede:
+    name: 'Centipede fuzzer'
+    needs: runners
+    runs-on: ${{ needs.runners.outputs.provider == 'cirrus' && 'ghcr.io/cirruslabs/ubuntu-runner-amd64:24.04-lg' || 'ubuntu-24.04' }}
+    timeout-minutes: 60
+    env:
+      FILE_ENV: './ci/test/00_setup_env_native_fuzz.sh'
+      DANGER_CI_ON_HOST_FOLDERS: 1
+    steps:
+      - *CHECKOUT
+      - name: Configure environment
+        uses: ./.github/actions/configure-environment
+      - name: Restore caches
+        uses: ./.github/actions/restore-caches
+      - name: Configure Docker
+        uses: ./.github/actions/configure-docker
+        with:
+          cache-provider: ${{ needs.runners.outputs.provider }}
+      - name: Install deps including Boost
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y \
+            clang-18 libc++-18-dev libc++abi-18-dev \
+            libboost-dev libboost-system-dev libboost-filesystem-dev \
+            libevent-dev libsqlite3-dev libzmq3-dev
+      - name: Install Centipede deps
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y curl gnupg
+          curl -fsSL https://bazel.build/bazel-release.pub.gpg | gpg --dearmor > /usr/share/keyrings/bazel.gpg
+          echo "deb [signed-by=/usr/share/keyrings/bazel.gpg] https://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel.list
+          sudo apt-get update
+          sudo apt-get install -y bazel clang-18 libc++-18-dev libc++abi-18-dev
+      - name: Build libFuzzer targets
+        run: |
+          cmake --preset=libfuzzer -DCMAKE_C_COMPILER=clang-18 -DCMAKE_CXX_COMPILER=clang++-18
+          cmake --build build_fuzz --parallel $(nproc --all)
+        env:
+          CMAKE_BUILD_PARALLEL_LEVEL: $(nproc --all)
+        timeout-minutes: 30
+      - name: Clone & build Centipede
+        run: |
+          git clone https://github.com/google/fuzztest.git "$RUNNER_TEMP/fuzztest"
+          cd "$RUNNER_TEMP/fuzztest"
+          bazel build //centipede:centipede
+      - name: Download corpus
+        run: |
+          git clone --depth=1 https://github.com/bitcoin-core/qa-assets "$RUNNER_TEMP/qa-assets"
+      - name: Run Centipede (all targets)
+        run: |
+          mkdir -p artifacts
+
+          # ---- discover every compiled fuzz target ---------------------------------
+          TARGETS=$(env PRINT_ALL_FUZZ_TARGETS_AND_ABORT=1 \
+                     build_fuzz/bin/fuzz 2>&1 \
+                     | sort -u)
+
+          if [ -z "$TARGETS" ]; then
+            echo "No fuzz targets found!"
+            exit 1
+          fi
+
+          echo "Found targets:"
+          echo "$TARGETS" | tr ' ' '\n'
+
+          # ---- run Centipede once per target ---------------------------------------
+          for t in $TARGETS; do
+            echo "=== Centipede on $t ==="
+            mkdir -p "artifacts/$t"
+            timeout 55s FUZZ="$t" \
+            "$RUNNER_TEMP/fuzztest/bazel-bin/centipede/centipede" \
+              --workdir="artifacts/$t" \
+              --corpus_dir="$RUNNER_TEMP/qa-assets/fuzz_corpora" \
+              --binary=build_fuzz/bin/fuzz \
+              --j=1 \
+              --num_runs=1 \
+              --timeout_per_input=30 \
+              --require_pc_table=false \
+              --fork_server=0
+          done
+        timeout-minutes: 120
+      - name: Upload artifacts
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: centipede-artifacts
+          path: artifacts/
+      - name: Save caches
+        uses: ./.github/actions/save-caches