That's not how software works. Software is always buggy. Question is only how severely functionality is impacted and when those bugs will be found. Most bugs are never noticed since they only concern corner cases that you normally won't hit in the field or would even have a hard time driving the system into even if you tried on purpose.
The main issue is with security-related bugs. Especially with mobile phone software, which has an enormous attack surface and has really wide distribution, this is a constant issue. No mobile phone OS ever will be bug free and will always contain security flaws. Over time, more and more of them are discovered, and it's a race between the vendor fixing them and malicious actors exploiting them. That's why the OS (and all the apps) need to be constantly updated. The longer you skip updates, the more you fall behind and the more doors are open that better be closed once they are known.
> needs to be paired with an argument that they ship buggy or incomplete software.
That argument is an easy one to make and everybody familiar with software engineering should be intimately familiar with it. This is not about some button not working, it's about somebody pwning your phone.
Because the hardware can handle updates to the OS, and as the ecosystem evolves, apps start misbehaving or not even functioning on older versions of the OS. And then you've got vulnerabilities.
If it isn't buggy and the shipped features match the marketing, why would it ever need to be updated?
So it seems like any argument like "Vendor never updates it" needs to be paired with an argument that they ship buggy or incomplete software.