Clarify CJALR operation order

Clarify that length violations are checked on the address after it has undergone invalid address conversion.

Also fix a typo in the title.

Fixes #9

src/insns/cjalr_jalr_32bit.adoc

@@ -6,7 +6,7 @@
 See <<JALR>>
 
 [#JALR,reftext="JALR"]
-==== CJAL, JALR
+==== CJALR, JALR
 
 Synopsis::
 Jump and link register
@@ -24,11 +24,20 @@ Capability Mode Description::
 CJALR allows unconditional, indirect jumps to a target capability. The
 target capability is obtained by unsealing `cs1` and incrementing its address by the
 sign-extended 12-bit immediate, and then setting the least-significant bit of the
-result to zero. The target capability may have
+result to zero. The target address may then have
 xref:section_invalid_addr_conv[xrefstyle=short]
-performed and is then installed in <<pcc>>. The <<pcc>>
-of the next instruction following the jump (<<pcc>> + 4) is sealed and written
-to `cd`.
+performed. The check for length violation is done next using the converted
+address and the original bounds.
+
+[NOTE]
+====
+When performing invalid address conversion the tag never needs to be cleared because
+the earlier length violation check is a stricter condition than the representability
+check, and the capability is always unsealed before invalid address conversion.
+====
+
+The capability is then installed in <<pcc>>. The <<pcc>> of the next instruction
+following the jump (<<pcc>> + 4) is sealed and written to `cd`.
 
 Legacy Mode Description::
 JALR allows unconditional, indirect jumps to a target address. The target
@@ -72,4 +81,3 @@ JALR Operation::
 --
 TBD
 --
-