diff --git a/lib/luks2/luks2_reencrypt.c b/lib/luks2/luks2_reencrypt.c
index a9682b0f..836747d5 100644
--- a/lib/luks2/luks2_reencrypt.c
+++ b/lib/luks2/luks2_reencrypt.c
@@ -1834,6 +1834,9 @@ static int reencrypt_make_targets(struct crypt_device *cd,
 			return -EINVAL;
 		}
 
+		if (reenc_seg)
+			segment_offset -= crypt_get_data_offset(cd);
+
 		if (!strcmp(json_segment_type(jobj), "crypt")) {
 			vk = crypt_volume_key_by_id(vks, reenc_seg ? LUKS2_reencrypt_digest_new(hdr) : LUKS2_digest_by_segment(hdr, s));
 			if (!vk) {
@@ -1841,9 +1844,6 @@ static int reencrypt_make_targets(struct crypt_device *cd,
 				return -EINVAL;
 			}
 
-			if (reenc_seg)
-				segment_offset -= crypt_get_data_offset(cd);
-
 			r = dm_crypt_target_set(result, segment_start, segment_size,
 						reenc_seg ? hz_device : crypt_data_device(cd),
 						vk,
diff --git a/tests/api-test-2.c b/tests/api-test-2.c
index d1f4b417..a01a7a72 100644
--- a/tests/api-test-2.c
+++ b/tests/api-test-2.c
@@ -4319,6 +4319,22 @@ static void Luks2Reencryption(void)
 	OK_(crypt_reencrypt_run(cd, NULL, NULL));
 	CRYPT_FREE(cd);
 
+	/* decryption forward (online) */
+	OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
+	params2.data_device = NULL;
+	OK_(crypt_format(cd, CRYPT_LUKS2, "aes", "cbc-essiv:sha256", NULL, NULL, 32, &params2));
+	OK_(crypt_set_pbkdf_type(cd, &pbkdf));
+	EQ_(crypt_keyslot_add_by_volume_key(cd, 6, NULL, 32, PASSPHRASE, strlen(PASSPHRASE)), 6);
+	EQ_(crypt_activate_by_passphrase(cd, CDEVICE_2, 6, PASSPHRASE, strlen(PASSPHRASE), 0), 6);
+	memset(&rparams, 0, sizeof(rparams));
+	rparams.mode = CRYPT_REENCRYPT_DECRYPT;
+	rparams.direction = CRYPT_REENCRYPT_FORWARD;
+	rparams.resilience = "none";
+	rparams.max_hotzone_size = 2048;
+	OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
+	OK_(crypt_reencrypt_run(cd, NULL, NULL));
+	CRYPT_FREE(cd);
+
 	/* decryption with data shift */
 	OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
 	params2.data_device = NULL;