diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -5054,6 +5054,10 @@
 	for (int i = 0; i < pf_hashmask; i++) {
 		struct pf_idhash *ih = &V_pf_idhash[i];
 
+		/* Avoid taking the lock if there are no states in the row. */
+		if (LIST_EMPTY(&ih->states))
+			continue;
+
 		PF_HASHROW_LOCK(ih);
 		LIST_FOREACH(s, &ih->states, entry) {
 			if (s->timeout == PFTM_UNLINKED)