The ContextualCompositeMethodExpression
is referencing the whole composite component as instance variable as consequence of a fix to issue 1462. An user has reported about exactly this memory leak problem as issue 1940. And then later on the instance variable was marked transient
as consequence of a fix to issue 1943. However, issue 1940 was for some reason been marked as duplicate of 1943. Two users have rightfully commented about exactly your problem in the bottom of issue 1940 that the memory leak issue is still open, but I'm not seeing any new issue reports related to that afterwards. The problem indeed only manifests when the composite component contains any method expression like a value change listener.
Theoretically, this problem can be workarounded by telling Mojarra to serialize the view state in session instead of keeping a reference to the view state. As the instance variable is marked transient
, it would be bypassed. You can achieve that by the following context parameter in web.xml
:
<context-param>
<param-name>com.sun.faces.serializeServerState</param-name>
<param-value>true</param-value>
</context-param>
Again, theoretically; I did not test that.
You might also want to try MyFaces instead, I can't tell that it would fix that, but I know that MyFaces 2.x is so far generally more careful than Mojarra as to state management, memory usage and performance.
In the meanwhile, I strongly recommend to create a new issue for Mojarra, referencing issue 1940, this Stack Overflow question and your findings. Referencing UI components in the view state is definitely not right. UI component instances are inherently request scoped, not view scoped.
Update: this was re-reported as issue 3198 which is fixed in Mojarra 2.2.8 and as per issue 3544 backported in Mojarra 2.1.29. So, if you upgrade to at least those versions, then this memory leak when you don't use com.sun.faces.serializeServerState=true
(or javax.faces.SERIALIZE_SERVER_STATE=true
as per JSF 2.2) should be fixed.