I tracked down a problem that caused an oops in io_edgeport.c.

The oops is reliably reproduced by using an EdgePort USB serial
port in dosemu and then exiting dosemu.  When dosemu closed
the port the oops would occur.  (Tested in RH 7.3 2.4.18-10.)

The problem was that a USB cmd callback would come in after the
close with the tty struct freed, and the edge_bulk_out_cmd_callback
function would do a wakeup on the tty->write_wait queue.  The
tty struct was gone (I checked that tty->magic was bad) and the
wakeup would oops.

As you did in other places in io_edgeport.c, I added a check that
edge_port->open was true before using the edge_port->port->tty
struct.

I added a similar check in edge_bulk_out_data_callback, though
I never actually saw the problem here.

I notice that in 2.4.20 a check has been added to be sure that
edge_port->port->tty is not null--however, this is not enough
because the tty pointer is not set to null when the port is
closed.  An alternate solution in 2.4.20 would be to set the
usb_serial_port->tty pointer to null in usbserial.c serial_close().
This seems like a good thing to do in general, since the tty
struct should not be used after a close which frees it.  If
you would like I investigate this a bit more--it could affect
other usb serial drivers and reveal some hidden bugs.