If someone can guess the first 72 characters of your password, they probably know the rest. e.g. They have access to your password manager or you are using a common phrase.
I still wouldn't limit a user from entering in a longer password. I'd display a warning if they attempt to enter in a 73+ character password to inform them that passwords longer than 72 characters offer no additional protection.
That's a bug. Bcrypt doesn't truncate, it simply doesn't handle longer passwords. And you can pretty safely use another hash before feeding it into bcrypt.
It's important to note that if you take the classical advice to "use bcrypt" (http://codahale.com/how-to-safely-store-a-password/), your password will be effectively truncated at 72 characters.