okay, when would you need to purchase a 0day vulnerability from someone else to exploit thousands of other systems as part of legitimate system engineering?

Well, if they'd be considering to outlaw selling 0days on the black market, that'd be a whole different discussion.

My first intuition would be all for it, actually. Though there might be some consequences I haven't considered.

For all I know that could already be illegal? Anyone?

The problem is defining the black market.

Anyone with software affected by a 0-day is effectively a legitimate buyer of that bug.

Well, if working for a company where you are in charge of the security of thousands of systems, you might be asked to do exactly this.

If I was running a massive company, I would want my network security team to be buying up the latest cracking tech and checking it against as much of the corporate systems as possible.

Any corporation with any sense and lots of stuff they need to secure pays people to attack their corporate networks with anything and everything available, and then report back.

More like shooting a dummy in the foot? How is this even a valid comparison?

Huh? Same as what? We are talking about 0-day vulns. By definition if you think you have found a 0-day, you have little to compare it to.

Exploiting a bug on your system to verify that it is a bug that can be exploited would seem to be one of the very first things to do after verifying your backups, if you think you have found a 0-day vuln.

Otherwise, how would you know that it is what you think it is?

There is no general procedure you can run on code to check this for you other than actually checking it and seeing what it does.