libbinder fuzzer driver: uid corpus continuity

I was looking at the coverage for some of our fuzzers, and I
noticed that some paths were only taken with specific UIDs. This
change allows an easily discoverable single bit flip to try a
UID which is guaranteed to exist.

Bug: N/A
Test: run servicemanager_fuzzer for a few minutes
Change-Id: Ib0d8c608ec1fc609fa69f1f5b76e8dc25d548f38