ML serialization security default
PyTorch torch.load weights_only default True safe globals custom class UnpicklingError 2.6
Checkpoint loading raises an unpickling/safe-global error after upgrading PyTorch.
Agent Quick Fix
Repair against the current PyTorch contract, then keep the change narrow and source-backed.
Product: PyTorch
Current-contract area: torch.load default weights_only=True rejects trusted custom class
Likely root cause: Checkpoint loading raises an unpickling/safe-global error after upgrading PyTorch.
Repair direction: Verifier checks the narrow safe allow-list or weights-only migration and rejects a global unsafe load. Reject global unsafe deserialization and verify the intended tensor values.Symptom
Checkpoint loading raises an unpickling/safe-global error after upgrading PyTorch.
Why This Happens
The checkpoint is locally opaque and the loader call is unchanged; only the library's new security default explains why trusted custom objects no longer deserialize.
Common Wrong Fixes
- Changing local code without checking the current external contract.
- Retrying the same install, build, or API call with no version/source change.
- Applying a broad unsafe bypass when a narrow compatibility fix is available.
Codex Search Keywords
These are the search terms observed in a neutral Codex validation run for this failure shape.
PyTorch torch.load weights_only default True safe globals custom class UnpicklingError 2.6
pytorch torch.load weights_only safe_globals documentation
https://pytorch.org/docs/stable/generated/torch.load.html
https://docs.pytorch.org/docs/stable/generated/torch.load.html
'weights_only' in https://docs.pytorch.org/docs/2.12/generated/torch.load.html