When I set opt_level to a very large value (such as 10000) in statement tvm.transform.PassContext(), TVM can run well and generated a compiled model without any warning messages. I think it should be a vulnerability.
Hackers can attack TVM by tampering with the unused internal code of opt_level. Due to the lack of warning information, it is difficult for users to notice that they have been attacked.
I think a warning message should be given to remind users when using invalid opt_level.
Thanks for bringing this up. Right now the API allows opt_level to be the threshold to toggle the passes being enabled. So the API right now also works for opt_level=10000 as intended.
While the exact API design can be discussed(e.g. whether or not we should bring more friendly message for recommended opt_level. The particular issue is more of an usabilty improvement rather than a security issue.