pfSense

When Steve saw it, I think he had a routing loop of sorts -- the outer WireGuard traffic was attempting to go over the WireGuard tunnel, which was set as his default gateway accidentally at the time. Was that also the case for you?

That was not the case here, though I did have the gateway selection set to automatic. However, given that the WAN gateway is another pfSense firewall's LAN IP and given there were no gateway events, I don't believe the gateway ever changed to the WG interface. The only somewhat odd configuration I have is that it's a VM with only one interface (WAN).

If your gateway was set to automatic there is a high chance that wireguard took over as the default gateway. At least in my testing it's prone to doing that, which is why in all the docs I mention setting a specific gateway as default before assigning.

For completeness sake, this is confirmed to be WireGuard.

root@banshee:~/macy-freebsd-wg/sys/dev/if_wg# grep -ir printf module/crypto/zinc/chacha20poly1305.c 
        printf("src_len too short\n");
        printf("calculated: %16D\n", b.mac, "");
        printf("sent      : %16D\n", src + dst_len, "");

root@banshee:~/macy-freebsd-wg/sys/dev/if_wg# grep -ir -A3 -B3 'printf("calc' module/crypto/zinc/chacha20poly1305.c 
    if (likely(!ret))
        chacha20(&chacha20_state, dst, src, dst_len, simd_context);
    else {
        printf("calculated: %16D\n", b.mac, "");
        printf("sent      : %16D\n", src + dst_len, "");
    }
    memzero_explicit(&chacha20_state, sizeof(chacha20_state));

Not seeing this on the latest kmod code