There are only 5 general cases where a "500 Internal Server Error" should be generated when you use CGI::Carp.

1. The webserver experienced an error not actually caused by your script. This doesn't often happen, and isn't really related to your question.
2. Something in your script printed some sort of garbage before CGI::Carp prints the necessary headers. I don't know that this would actually cause an ISE but it might, so I included it.
3. The handler that CGI::Carp installs for $SIG{__DIE__} is not called for some reason. This could be because it has not yet been installed (some sort of syntax error before the use CGI::Carp ...; line has been compiled), or has been uninstalled or overwritten by some other piece of code.
4. Some code sets $CGI::Carp::WRAP to a false value. This probably won't happen but, again, it is possible.
5. Last minute addendum: Or, as dug points out, if some data has already been sent through mod_perl. This may be the same case as the second item I listed.

Obviously, the most likely issue is that the handler was not called for some reason.

Note that it is not called when inside an eval (well, it's called but just forwards the call onto realdie). That shouldn't matter, though, as the death will be trapped by the eval and, if it is propagated up, will be handled normally.

You should always put the use CGI::Carp ...; line before including any other modules and before any actual code. This greatly reduces the likelyhood of the handler not being installed before an error is generated.

There are ways to prevent (or trap) other code overwriting the $SIG{__DIE__} handler but it involves some possibly dicy magic and shouldn't be used in production code. You can see my Alarm::_TieSIG module to see how it would be done, and this discussion on why it is dicy.

bbfu
Black flowers blossum
Fearless on my breath