The opcode allows up to 20 signers (i.e. 20-of-20). So for native multisig (not commonly used over P2SH) you can create a 20 of 20 transaction. Native multisig larger than 3 of 3 are valid but not "standard" and thus won't be relayed by most nodes.
For P2SH however, the entire script must not exceed 520 bytes. This effectively limits you to 15 of 15 multisig (7 of 7 if using uncompressed keys).
See 520 byte limit. For the tx to be "Standard" the ScriptSig must be less than 500 bytes so that limits you to 7 signatures (i.e. 7 of 15 or 7 of 7). A larger "m" (i.e. 8 of 15) is still valid but it isn't standard and won't be relayed by most nodes.
FRIENDLY WARNING: With P2SH it is possible (actually easy) to create an invalid (unspendable) script. Since the address is a hash of the script and the script it unknown to the network, the network has no way to validate the script at the time of funding. You can fund an address which ultimately is unspendable. Always test on testnet.
