The BitcastWordToTagged operator is used for bump pointer allocation to
construct the actual HeapObject pointer. The input to this operator is
a naked pointer (derived from the allocation top). If this input value
is live across an allocation, then the resulting tagged pointer is
invalid because the GC might have scavenged new space in the meantime.

That means we must not allow Node splitting (in the Scheduler) for these
instructions, as that could extend the live range of the naked pointer
input across arbitrary code. As such, this operator must not be marked
as pure.

R=jarin@chromium.org
BUG=v8:6059

Review-Url: https://codereview.chromium.org/2739093002
Cr-Commit-Position: refs/heads/master@{#43683}