diff --git a/clang/lib/Checker/RegionStore.cpp b/clang/lib/Checker/RegionStore.cpp
index b333a5d2830e..c97da33aaac6 100644
--- a/clang/lib/Checker/RegionStore.cpp
+++ b/clang/lib/Checker/RegionStore.cpp
@@ -787,9 +787,12 @@ DefinedOrUnknownSVal RegionStoreManager::getSizeInElements(const GRState *state,
         return ValMgr.makeIntVal(CAT->getSize(), false);
       }
 
-      // Clients can use ordinary variables as if they were arrays.  These
-      // essentially are arrays of size 1.
-      return ValMgr.makeIntVal(1, false);
+      // Clients can reinterpret ordinary variables as arrays, possibly of
+      // another type. The width is rounded down to ensure that an access is
+      // entirely within bounds.
+      CharUnits VarSize = getContext().getTypeSizeInChars(T);
+      CharUnits EleSize = getContext().getTypeSizeInChars(EleTy);
+      return ValMgr.makeIntVal(VarSize / EleSize, false);
     }
   }
 
diff --git a/clang/test/Analysis/no-outofbounds.c b/clang/test/Analysis/no-outofbounds.c
index f9ac589797a8..771323b81114 100644
--- a/clang/test/Analysis/no-outofbounds.c
+++ b/clang/test/Analysis/no-outofbounds.c
@@ -1,6 +1,5 @@
 // RUN: %clang_cc1 -analyzer-check-objc-mem -analyze -analyzer-experimental-internal-checks -analyzer-store=basic -verify %s
 // RUN: %clang_cc1 -analyzer-check-objc-mem -analyze -analyzer-experimental-internal-checks -analyzer-store=region -verify %s
-// XFAIL: *
 
 //===----------------------------------------------------------------------===//
 // This file tests cases where we should not flag out-of-bounds warnings.
@@ -10,4 +9,6 @@ void f() {
   long x = 0;
   char *y = (char*) &x;
   char c = y[0] + y[1] + y[2]; // no-warning
+  short *z = (short*) &x;
+  short s = z[0] + z[1]; // no-warning
 }
diff --git a/clang/test/Analysis/outofbound.c b/clang/test/Analysis/outofbound.c
index 45325e92f376..e1ff66ccf4dc 100644
--- a/clang/test/Analysis/outofbound.c
+++ b/clang/test/Analysis/outofbound.c
@@ -13,3 +13,26 @@ void f2() {
   int *p = malloc(12);
   p[3] = 4; // expected-warning{{Access out-of-bound array element (buffer overflow)}}
 }
+
+struct three_words {
+  int c[3];
+};
+
+struct seven_words {
+  int c[7];
+};
+
+void f3() {
+  struct three_words a, *p;
+  p = &a;
+  p[0] = a; // no-warning
+  p[1] = a; // expected-warning{{Access out-of-bound array element (buffer overflow)}}
+}
+
+void f4() {
+  struct seven_words c;
+  struct three_words a, *p = (struct three_words *)&c;
+  p[0] = a; // no-warning
+  p[1] = a; // no-warning
+  p[2] = a; // expected-warning{{Access out-of-bound array element (buffer overflow)}}
+}