I can reproduce this easily with some newer versions' shells.
The problem seems to be that the newer versions supply a default scanner caching value of Integer.MAX_VALUE, which the older servers didn't have a checking guard against. When they receive such a numeric request, they try to construct a normal ArrayList of that arbitrary size in-memory which Java cannot do as the size exceeds the maximum allowed array size of a JVM. It therefore throws an OOME which combined with the configuration flag of 'Kill when OutOfMemory' destroys the RS with a kill -9 along with an OOME message in the RS's stdout file.
The enhancements of HBASE-11544 rearchitected around this by adding guards and other better ways of handling scanner requests. So if your server runs any release > CDH 5.5.0 which was the earliest to include this JIRA, it will not crash even if such a request came to it.
In your current situation, aside of a CDH upgrade, I think you can guard against a cascading automatic kill -9 from a rogue client request by disabling the check inside your CM -> HBase -> Configuration called "Kill When Out of Memory" for the RegionServers group. Save and restart all RegionServers after making this change.
If any fatal OOMEs occur in important threads within the RS it is already designed to go down, but a client-request OOME can be safely ignored with this flag unset.
Once you upgrade, you can revert it back to the default value of enabled, as the issue wouldn't occur on newer HBase versions.
Does this help?
