I have a case that seems to be a bug:
In a cat2950 switch with 12.1(22)EA10 image I am seing working with 802.1x this:
If I am correctly authenticaded the PC goes to a normal Vlan, the production vlan but if the PC connected is not authenticated, the port is assigned to the Guest-Vlan. In this case sometimes appears the mac address in the mac-address-table and sometimes not.
The IOS 12.1.22(EA8)release notes has a solved caveat that talks about a similar case solved.
When an IEEE 802.1x-enabled interface has MAC authentication bypass (MAB) and guest VLAN enabled and the multiple-host mode configured, the switch no longer reloads if it receives traffic that is not an Extensible Authentication Protocol (EAP) frame and has a MAC address that is not in the MAB profile.
For more info: