为什么 Linux C 语言程序中的信号量会导致 SIGABRT 中止？

问：

我的开发环境是 CentOS 7.9-x86_64，编译器使用的是 gcc11。

[root@dev src]# uname -a
Linux dev 3.10.0-1160.24.1.el7.x86_64 #1 SMP Thu Apr 8 19:51:47 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
[root@dev src]# 
[root@dev src]# 
[root@dev src]# cat /etc/redhat-release 
CentOS Linux release 7.9.2009 (Core)
[root@dev src]# 
[root@dev src]# 
[root@dev src]# gcc --version
gcc (GCC) 11.2.1 20220127 (Red Hat 11.2.1-9)
Copyright (C) 2021 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
[root@dev src]#

下面是我的代码片段：

1. 这是一个定义结构 EuclidCommand 的头文件，此结构包含一个信号量。

#include <semaphore.h>

typedef struct euclid_command
{
    char *bytes;
    char *result;
    sem_t sem;
} EuclidCommand;

2. 以下是程序逻辑部分。

/**
* Allocate a piece of memory for the structure object EuclidCommand, and allocate 
* an additional 4 bytes as additional information for this structure object.
*/
int hidden = 4;
void *obj_head = malloc(hidden + sizeof(EuclidCommand));
memset(obj_head, 0, hidden + sizeof(EuclidCommand));
EuclidCommand *task = obj_head + hidden;
task->bytes = buf;

sem_init(&(task->sem), 0, 0);

/**
* Submit the task object to another thread for processing, that thread will increment 
* the value of the semaphore by 1 after execution is complete.
*/
submit_command(task);

sem_wait(&(task->sem));
sem_destroy(&(task->sem));

// do something

上面的代码可以正确执行。 接下来，我做了一个小改动，将额外内存的字节数从 4 改为 2。

/**
* Allocate a piece of memory for the structure object EuclidCommand, and allocate 
* an additional 2 bytes as additional information for this structure object.
*/
int hidden = 2;
void *obj_head = malloc(hidden + sizeof(EuclidCommand));
memset(obj_head, 0, hidden + sizeof(EuclidCommand));
EuclidCommand *task = obj_head + hidden;

重新编译代码后再次执行程序。当执行“sem_wait（&（task->sem））;”代码行时，程序将失败。使用 gdb 查看当时的程序栈，如下图所示：

我想这个问题的原因与字节对齐有关，但我不确定这个问题的真正原因。希望能遇到熟悉Linux C语言开发的朋友帮我解答。
谢谢