DKIM: fail (body hash did not verify) but DMARC: pass

Question

I received an email (using Office365) which had the following:

spf=pass 
dkim=fail (body hash did not verify)
dmarc=pass action=none
compauth=pass reason=100

Should DMARC not fail when DKIM fails or?

Part of mail header (redacted):

Authentication-Results: spf=pass (sender IP is 185.XXX.XXX.XXX)
 smtp.mailfrom=xxxxx.com; yyyyy.com; dkim=fail (body hash did not verify)
 header.d=xxxxx.com;yyyyy.com; dmarc=pass action=none
 header.from=xxxxx.com;compauth=pass reason=100
Received-SPF: Pass (protection.outlook.com: domain of xxxxx.com designates
 185.XXX.XXX.XXX as permitted sender) receiver=protection.outlook.com;
 client-ip=185.XXX.XXX.XXX; helo=xxxxx.com;
Received: xxxxx.com (185.XXX.XXX.XXX) by
 XXXXT057.mail.protection.outlook.com (10.152.5.104) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.3370.16 via Frontend Transport; Tue, 15 Sep 2020 09:28:04 +0000
Received: from [10.244.53.49] (unknown [62.xxx.xxx.xxx])
    (Authenticated sender: [email protected])
    by xxxxx.com (Postfix) with ESMTPSA id 958xxxxxx
    for <[email protected]>; Tue, 15 Sep 2020 09:27:59 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 xxxxx.com 95811831E7
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=xxxxx.com;
    s=default; t=1600162079;
    bh=nuM3cWrinDLZjraJCy30WYG0ePetEpsDwkYbe7tHCOs=;
    h=Date:Subject:From:To:From;
    b=jJZ91ejcq4Tu3xV+PtcT1/pgwHbUXQRxFLbilFKFiYTnBi1Zn31vzAHbPe4o40HM0
     gi+7F9TdBu47MhNwTFIvY94M+uSx1U4B9Ci9hTSDwEaDGazONyB8ER1fFmD7LPRMvV
     oXdTEACywQrrYPPb15RkSUNg6m8+6AJjdMgDrRDU=

Answer 1

Short answer:

No, DMARC fails if and only if:

1. SPF or SPF Alignment has failed, and
2. DKIM or DKIM Alignment has failed

If only one of them fails and the other passes, DMARC will pass.

Some more details around DMARC failures and the protocol in general:

An important detail to keep in mind from the perspective of DMARC is that a failure for SPF or DKIM can mean 2 things:

1. The underlying SPF or DKIM authentication has failed, or
2. The underlying SPF or DKIM alignment has failed.

Authentication is probably clear since it is related to the underlying protocols themselves.

Alignment is an additional feature introduced by DMARC, which checks if the domains used for the SPF/DKIM authentication are in alignment with the domain portion of the RFC5322.From domain (which is the domain portion of the sender's email address, e.g. senderxyz@domain.com).
A successful SPF/DKIM alignment implies that the domains are either identical or that the SPF/DKIM domain is a subdomain of the RFC5321.From domain. This is called a strict or relaxed alignment respectively, and can be controlled via the aspf and adkim tags in your DMARC Record.