When doing a cross-certify, the master key is successfully signed by the signing subkey (the signature counter on the card increases); then, storing the signature fails:
gpg: secret key parts are not available
gpg: update_keysig_packet failed: general error
I think the secret key should not be needed for a cross-certify operation
How To Repeat
Create a secret keyring with a key that has a stub master key and a signing subkey. Using that keyring, try to cross-certify the master key.