Tidb log redaction leaks raw keys to logs

[HaoW30]

Bug Report

When tidb log redaction turned on. There are still messages in the log that contains the raw region key information which should have been sanitized.

1. Minimal reproduce step (Required)

1. Turn on global log redaction
   mysql> SHOW VARIABLES LIKE 'tidb_redact_log';
   +-----------------+-------+
   | Variable_name | Value |
   +-----------------+-------+
   | tidb_redact_log | ON |
   +-----------------+-------+
   1 row in set (0.00 sec)

2. Create new table and add dummy data.

CREATE TABLE users (
    id INT PRIMARY KEY AUTO_INCREMENT,
    name VARCHAR(50),
    email VARCHAR(100),
    age INT,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

INSERT INTO users (name, email, age)
WITH RECURSIVE seq AS (SELECT 1 AS n UNION ALL SELECT n + 1 FROM seq WHERE n < 100)
SELECT CONCAT('User_', n), CONCAT('user', n, '@example.com'), FLOOR(18 + (RAND() * 42)) FROM seq;

3. Check tidb logs, you will see the raw data key printed in region split messages.

[2025/02/06 09:39:12.644 -08:00] [INFO] [split_region.go:85] ["split batch regions request"] ["split key count"=1] ["batch count"=1] ["first batch, region ID"=48] ["first split key"=74800000000000006e]
[2025/02/06 09:39:12.650 -08:00] [INFO] [split_region.go:187] ["batch split regions complete"] ["batch region ID"=48] ["first at"=74800000000000006e] ["first new region left"="{Id:287 StartKey:7480000000000000ff6c00000000000000f8 EndKey:7480000000000000ff6e00000000000000f8 RegionEpoch:{ConfVer:5 Version:65} Peers:[id:288 store_id:1  id:289 store_id:5  id:290 store_id:4 ] EncryptionMeta:<nil> IsInFlashback:false FlashbackStartTs:0}"] ["new region count"=1]

2. What did you expect to see? (Required)

All key values redacted.

3. What did you see instead (Required)

See the repro steps.

4. What is your TiDB version? (Required)

v6.5, v7.5, v8.1, v8.5