diff --git a/ntoskrnl/mm/freelist.c b/ntoskrnl/mm/freelist.c
index ba16362f546..5cc22ce38b1 100644
--- a/ntoskrnl/mm/freelist.c
+++ b/ntoskrnl/mm/freelist.c
@@ -426,12 +426,10 @@ PMM_RMAP_ENTRY
 NTAPI
 MmGetRmapListHeadPage(PFN_NUMBER Pfn)
 {
-    KIRQL oldIrql;
-    PMM_RMAP_ENTRY ListHead;
     PMMPFN Pfn1;
 
-    /* Lock PFN database */
-    oldIrql = MiAcquirePfnLock();
+    /* PFN database must be locked */
+    MI_ASSERT_PFN_LOCK_HELD();
 
     /* Get the entry */
     Pfn1 = MiGetPfnEntry(Pfn);
@@ -439,19 +437,14 @@ MmGetRmapListHeadPage(PFN_NUMBER Pfn)
 
     if (!MI_IS_ROS_PFN(Pfn1))
     {
-        MiReleasePfnLock(oldIrql);
         return NULL;
     }
 
-    /* Get the list head */
-    ListHead = Pfn1->RmapListHead;
-
     /* Should not have an RMAP for a non-active page */
     ASSERT(MiIsPfnInUse(Pfn1) == TRUE);
 
-    /* Release PFN database and return rmap list head */
-    MiReleasePfnLock(oldIrql);
-    return ListHead;
+    /* Get the list head */
+    return Pfn1->RmapListHead;
 }
 
 VOID
diff --git a/ntoskrnl/mm/rmap.c b/ntoskrnl/mm/rmap.c
index 785539ea58d..f50e680e401 100644
--- a/ntoskrnl/mm/rmap.c
+++ b/ntoskrnl/mm/rmap.c
@@ -250,7 +250,11 @@ MmPageOutPhysicalAddress(PFN_NUMBER Page)
 
             /* We can finally let this page go */
             MmDeleteRmap(Page, Process, Address);
+#if DBG
+            OldIrql = MiAcquirePfnLock();
             ASSERT(MmGetRmapListHeadPage(Page) == NULL);
+            MiReleasePfnLock(OldIrql);
+#endif
             MmReleasePageMemoryConsumer(MC_USER, Page);
 
             if (Address < MmSystemRangeStart)