The original assert looks to be a valid use of assert, that code is a sanity check that should never occur, if it does occur something has gone wrong inside of getrights or setrights, this code can safely be compiled out.

This changes the flow of the code, the switch is now inside an if block that did not exist before. This also fail to abort in the failure case (ev.pl_state != PMCLOG_OK).

Could be fixed by changing this to
} else {

err(...

}

Agreed.

Reading the rest of the manpage, this assert is correct and appropriate. ev.pl_state is set to something other than PCMLOG_OK only when pmclog_read() returns -1.

But we can't ignore the possibility of users build it without NDBUG. How to handle that case then?

An API not behaving as documented is allowed to lead to undefined behavior. The assert() is there to document and (when enabled) validate a case that "can't happen", not to handle something we are expected to handle (e.g. resource allocation failure).

Sure, but in this specific case if ev.pl_state != PMCLOG_OK we probably can't get ev.pl_type, and the switch case will pass silently and there is no default there to deal with this behavior. Am I wrong?

Very likely we won't even have pl_state and the switch case will break.

Yes, because the rest of the manpage is clear path that a return of 0 from pmclog_read() means a record was successfully read. It is a bug in pmclog_read() if it returns 0 and sets ev.pl_state != PMCLOG_OK. This assert checks for such a bug.