PyTorch torch.load weights_only default True safe globals custom class UnpicklingError 2.6
Checkpoint loading raises an unpickling/safe-global error after upgrading PyTorch.
Agent Quick Fix
The checkpoint contains Python objects, not only tensors. The narrow repair is to allowlist the exact trusted classes or migrate the checkpoint to `state_dict` instead of setting a broad unsafe default.
Product: PyTorch
Affected: PyTorch 2.6 and newer when loading full-object checkpoints that contain custom globals.
Current-contract area: torch.load default weights_only=True rejects trusted custom class
Likely root cause: Checkpoint loading raises an unpickling/safe-global error after upgrading PyTorch.
Patch:
from myapp.models import MyModel
from torch.serialization import safe_globals
with safe_globals([MyModel]):
model = torch.load("model.pt", weights_only=True)Validation Status
Codex searched organically in the validation run. No no-web counterfactual is attached to this page yet.
Symptom
Checkpoint loading raises an unpickling/safe-global error after upgrading PyTorch.
WeightsUnpickler error: Unsupported global: GLOBAL __main__.MyModel was not an allowed global by default
_pickle.UnpicklingError: Weights only load failedWhy This Happens
The checkpoint contains Python objects, not only tensors. The narrow repair is to allowlist the exact trusted classes or migrate the checkpoint to `state_dict` instead of setting a broad unsafe default.
Before And After
Before
model = torch.load("model.pt")After
from myapp.models import MyModel
from torch.serialization import safe_globals
with safe_globals([MyModel]):
model = torch.load("model.pt", weights_only=True)Verification
python - <<'PY'
import torch
from torch.serialization import get_unsafe_globals_in_checkpoint
print(get_unsafe_globals_in_checkpoint("model.pt"))
PYCommon Wrong Fixes
- Do not use `weights_only=False` for user-supplied or untrusted checkpoints. That re-enables arbitrary pickle execution.
Codex Search Keywords
These are the search terms observed in a neutral Codex validation run for this failure shape.
PyTorch torch.load weights_only default True safe globals custom class UnpicklingError 2.6
pytorch torch.load weights_only safe_globals documentation
https://pytorch.org/docs/stable/generated/torch.load.html
https://docs.pytorch.org/docs/stable/generated/torch.load.html
'weights_only' in https://docs.pytorch.org/docs/2.12/generated/torch.load.htmlSource Trail
- PyTorch 2.6 release: https://pytorch.org/blog/pytorch2-6/
- Official reference opened by Codex: https://pytorch.org/docs/stable/generated/torch.load.html
- Official reference opened by Codex: https://docs.pytorch.org/docs/stable/generated/torch.load.html
- Authoritative source: https://pytorch.org/docs/stable/notes/serialization.html#torch-load-with-weights-only-true