A blockchain records transactions among users on a public ledger. It has become front and center of the technology discussion in recent years. A piece of code deployed on a ledger and executed automatically by nodes on the network is a smart contract. While smart contracts have enabled a variety of applications on blockchain, they may contain security vulnerabilities, leading to massive research on smart contract analysis. This paper presents the first comprehensive survey over smart contract analysis by collecting 391 papers, extracting 67 analysis-related ones, and classifying them into three dominant topics: static analysis for vulnerability detection, static analysis for program correctness, and dynamic analysis. We further classify each topic and conclude with key insights in terms of unsolved challenges and directions in future research.