@clong I'm not really sure how you would get a python process into that state to test it, but I think it would look something like

SELECT p.* FROM processes p LEFT JOIN process_open_files pof USING (pid) WHERE cmdline LIKE '%python%' AND name = "Python" AND pof.path = '';

Thanks! I got it working with the help of this query — really appreciate it!