Static Application Security Testing (SAST) Tools for Smart Contracts: How Far Are We?