diff --git a/boa_engine/src/vm/mod.rs b/boa_engine/src/vm/mod.rs
index b90ede4539..236bc86ced 100644
--- a/boa_engine/src/vm/mod.rs
+++ b/boa_engine/src/vm/mod.rs
@@ -10,7 +10,7 @@ use crate::{
     Context, JsResult, JsValue,
 };
 #[cfg(feature = "fuzz")]
-use crate::{JsError, JsNativeError};
+use crate::{JsError, JsNativeError, JsNativeErrorKind};
 use boa_interner::ToInternedString;
 use boa_profiler::Profiler;
 use std::{convert::TryInto, mem::size_of, time::Instant};
@@ -281,6 +281,14 @@ impl Context<'_> {
                     return Ok((result, ReturnType::Yield));
                 }
                 Err(e) => {
+                    #[cfg(feature = "fuzz")]
+                    if let Some(native_error) = e.as_native() {
+                        // If we hit the execution step limit, bubble up the error to the
+                        // (Rust) caller instead of trying to handle as an exception.
+                        if matches!(native_error.kind, JsNativeErrorKind::NoInstructionsRemain) {
+                            return Err(e);
+                        }
+                    }
                     if let Some(address) = self.vm.frame().catch.last() {
                         let address = address.next;
                         let try_stack_entry = self
diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
index bdd84c79cf..6a2f05bda8 100644
--- a/fuzz/Cargo.toml
+++ b/fuzz/Cargo.toml
@@ -10,9 +10,9 @@ cargo-fuzz = true
 [dependencies]
 libfuzzer-sys = "0.4"
 
-boa_ast = { path = "../boa_ast", features = ["fuzz"] }
+boa_ast = { path = "../boa_ast", features = ["arbitrary"] }
 boa_engine = { path = "../boa_engine", features = ["fuzz"] }
-boa_interner = { path = "../boa_interner", features = ["fuzz"] }
+boa_interner = { path = "../boa_interner", features = ["arbitrary"] }
 boa_parser = { path = "../boa_parser" }
 
 # Prevent this from interfering with workspaces